Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

startupchecklibrary.dll Missing!

startupchecklibrary.dll missing help dll dll missing missing dll file file missing missing dll

  • Please log in to reply

#16
iMacg3

iMacg3

    Malware Removal

  • Malware Removal
  • 354 posts
Highlight the contents of the below code box and press Ctrl + C:
Start::
closeprocesses:
reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19539992-061C-4E8B-9053-07B175303AF4}"
reboot:
End::
Right-click on FRST/FRST64 and select Run as Administrator.
Click on Fix.
Note - there is no need to paste the contents of the code box anywhere.
If your computer restarts, allow it to do so.
When the fix is complete the tool will create a log (Fixlog.txt) in the same directory it was run from.
Copy and paste the contents of Fixlog.txt into your next reply.
  • 0

Advertisements


#17
HossamL

HossamL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 24.04.2019
Ran by Hossam (24-04-2019 22:54:03) Run:3
Running from C:\Users\Hossam\Downloads
Loaded Profiles: Hossam (Available Profiles: Hossam & Administratör)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
closeprocesses:
reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19539992-061C-4E8B-9053-07B175303AF4}"
reboot:
 
*****************
 
Processes closed successfully.
 
========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19539992-061C-4E8B-9053-07B175303AF4}" =========
 
Permanently delete the registry key HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19539992-061C-4E8B-9053-07B175303AF4} (Yes/No)? tg„rden har slutf”rts.
 
 
 
========= End of Reg: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 22:54:05 ====

  • 0

#18
HossamL

HossamL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Do you know any good free antivirus?


  • 0

#19
iMacg3

iMacg3

    Malware Removal

  • Malware Removal
  • 354 posts
Hi,

You are using Windows 10 which comes with Windows Defender built-in.
Currently, you have McAfee enabled as your antivirus program. There are many good free AV programs out there. If you prefer to use a different AV, you can just use Windows Defender which is sufficient protection.

-----------------------------------

Please do this:
  • Right-click FRST/FRST64 and select Run as Administrator.
  • Ensure Addition.txt is checked and click Scan.
  • Once the scan is complete, click OK to the "Scan Complete" message box and OK to the Addition.txt box.
  • Two reports will be open in Notepad.
  • Copy and paste their contents into your next reply.

  • 0

#20
HossamL

HossamL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.04.2019
Ran by Hossam (25-04-2019 14:49:53)
Running from C:\Users\Hossam\Downloads
Windows 10 Home Version 1809 17763.437 (X64) (2019-04-14 17:36:26)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administratör (S-1-5-21-561342403-3159581679-3982711157-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-561342403-3159581679-3982711157-503 - Limited - Disabled)
Gäst (S-1-5-21-561342403-3159581679-3982711157-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-561342403-3159581679-3982711157-1003 - Limited - Enabled)
Hossam (S-1-5-21-561342403-3159581679-3982711157-1001 - Administrator - Enabled) => C:\Users\Hossam
WDAGUtilityAccount (S-1-5-21-561342403-3159581679-3982711157-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
Ableton Live 9 Suite (HKLM\...\{7597F2DC-003A-476E-9281-774AB112B7BE}) (Version: 9.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Apple-programstöd (32-bitar) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple-programstöd (64-bitar) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Assassin's Creed: Odyssey (HKLM-x32\...\Assassin's Creed: Odyssey_is1) (Version:  - )
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Car Mechanic Simulator 2018 Ford (HKLM\...\Y2FybWVjaGFuaWNzaW11bGF0b3IyMDE4_is1) (Version: 1 - )
Chroma Clock version 1.0.3 (HKLM-x32\...\{05C726E4-E592-4078-B0CF-41E65FE313DD}_is1) (Version: 1.0.3 - Tim Gebauer)
Chroma Sync (HKLM-x32\...\{BC8D681E-1F5D-4C68-8E3E-A9A614D66C14}) (Version: 1.1.1 - Ultrabox Entertainment Limited)
Chroma Tic Tac Toe (HKLM-x32\...\Chroma Tic Tac Toe) (Version: 1.0.3 - VectorCraft Games)
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
Computer Security 17.215.129.0 (release) (HKLM-x32\...\{658FDBCA-B7A1-43E4-A849-9F0812473331}) (Version: 17.215.129.0 - F-Secure Corporation) Hidden
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - CSR Plc.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Discord (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
Epic Games Launcher (HKLM-x32\...\{9F55B4DA-23ED-44FA-910E-BDDBD6D942CF}) (Version: 1.1.123.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 (HKLM\...\Euro Truck Simulator 2_is1) (Version: 1.31.0.92 - )
f.lux (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Flux) (Version:  - f.lux Software LLC)
FamilySafetyGuide (HKLM-x32\...\{9A268503-5AB0-479E-9690-929BDEC55C00}) (Version: 1.00.0711 - lenovo)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.00 - Ubisoft)
Far Cry 4 version 1.10.0.0 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.10.0.0 - Mr DJ)
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version:  - Ubisoft)
Far Cry New Dawn (HKLM-x32\...\Far Cry New Dawn_is1) (Version:  - )
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version:  - Ubisoft)
Farming Simulator 19 (HKLM-x32\...\Farming Simulator 19_is1) (Version:  - )
File Identifier (HKLM-x32\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.11 - Sharpened Productions)
File Viewer Lite (HKLM-x32\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 1.4.1 - Sharpened Productions)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
F-Secure SAFE (HKLM-x32\...\{9F1F7158-62F9-45F8-8D35-346A0E2E683D}) (Version: 3.15.285.0 - F-Secure Corporation) Hidden
F-Secure Ultralight 1.1.24.0 (release) (HKLM-x32\...\{9FAE989F-A043-4017-B60F-9134E992BB55}) (Version: 1.1.24.0 - F-Secure Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Hello Neighbor (HKLM-x32\...\Hello Neighbor_is1) (Version:  - )
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.0.2 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
iTunes (HKLM\...\{69357E2A-A15B-44A1-956F-492E9DE3C0FB}) (Version: 12.9.3.3 - Apple Inc.)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 1.0.11.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.01.0429 - Lenovo)
Magic Bullet PhotoLooks (HKLM-x32\...\Magic Bullet PhotoLooks) (Version:  - )
Magic Bullet Suite 64-bit (HKLM\...\{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version: 11.4.4 - Red Giant) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version: 11.4.4 - Red Giant)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 365 - sv-se (HKLM\...\O365HomePremRetail - sv-se) (Version: 16.0.11425.20228 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Svenska (HKLM-x32\...\{90150000-001F-041D-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)
NVIDIA 3D Vision drivrutin 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA 3D Vision drivrutin för styrenhet 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Grafikdrivrutin 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Miracast virtuell audio 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 419.17 - NVIDIA Corporation)
NVIDIA PhysX systemprogramvara 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20228 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20228 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-041D-1000-0000000FF1CE}) (Version: 16.0.11425.20228 - Microsoft Corporation) Hidden
Online Safety 2.215.7452.4118 (HKLM-x32\...\{0DD64CD2-B23F-4A3D-A88D-EF6848A20167}) (Version: 2.215.7452.4118 - F-Secure Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.3 (HKLM-x32\...\{78EE7944-E65F-466C-A720-6410F432708D}) (Version: 4.13.9783 - Apache Software Foundation)
osu! (HKLM-x32\...\{af56a254-d039-4511-814c-5c6aa494c238}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.1.0.0 - Popcorn Time) <==== ATTENTION
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.22.3 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.0401.032710 - Razer Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010714 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0240 - REALTEK Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.8.1 - Red Giant, LLC)
ReelSmart Motion Blur 4, After Effects-compatible plugin set (HKLM-x32\...\ReelSmart Motion Blur 4, After Effects-compatible plugin set) (Version:  - )
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
RESIDENT EVIL 2 v.1.0 (HKLM-x32\...\RESIDENT EVIL 2_is1) (Version:  - )
Roblox Player for Hossam (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\roblox-player) (Version:  - Roblox Corporation)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Skype version 8.43 (HKLM-x32\...\Skype_is1) (Version: 8.43 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.9.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.9.1 - General Workings, Inc.)
The Long Dark Redux (HKLM-x32\...\The Long Dark Redux_is1) (Version:  - )
Thief Simulator (HKLM-x32\...\Thief Simulator_is1) (Version:  - )
Trapcode Suite 64-bit (HKLM\...\{9528F9CB-29E3-4E33-8BAA-181B336E24F8}) (Version: 12.1.1 - Red Giant) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{9528F9CB-29E3-4E33-8BAA-181B336E24F8}) (Version: 12.1.1 - Red Giant)
Trapcode Suite v13.1.0 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.1.0 - Red Giant, LLC)
Uninstall Chroma Discord App (Unofficial) (HKLM-x32\...\Chroma Discord App (Unofficial)_is1) (Version:  - Tim Graupmann)
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
WinRAR 5.40 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.2 - win.rar GmbH)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Games\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-05-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-05-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Games\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Games\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Games\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-05-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-05-30] (win.rar GmbH -> Alexander Roshal)
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\693605f3e4a93739\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) ==============
 
2019-04-14 19:45 - 2017-10-27 18:06 - 000874368 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2019-04-14 19:45 - 2017-10-27 18:06 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2013-08-27 23:32 - 2013-08-27 23:32 - 000747520 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2015-09-15 01:18 - 2011-08-17 05:46 - 000032768 _____ () [File not signed] C:\Windows\jmesoft\Service.exe
2017-03-05 02:25 - 2016-06-25 09:52 - 000018432 _____ () [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2017-03-05 02:25 - 2016-06-25 09:52 - 001531904 _____ (RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
2017-03-05 02:25 - 2016-06-25 09:52 - 002424320 _____ (RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
2016-09-29 14:05 - 2016-09-29 14:05 - 000518144 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll
2015-09-15 01:18 - 2013-07-24 22:15 - 000118784 _____ (Lenovo) [File not signed] C:\Windows\jmesoft\hotkey.exe
2015-09-15 01:18 - 2011-08-17 05:46 - 000024576 _____ () [File not signed] C:\Windows\jmesoft\JME_LOAD.exe
2017-03-05 02:25 - 2016-03-01 21:53 - 000135168 _____ (RBSoft) [File not signed] C:\Program Files (x86)\Remote Mouse\AutoUpdater.NET.dll
2017-03-05 02:25 - 2015-05-26 20:54 - 000152576 _____ () [File not signed] C:\Program Files (x86)\Remote Mouse\FileS.dll
2019-04-14 19:45 - 2017-10-27 18:06 - 000760032 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2015-09-15 01:18 - 2011-05-17 22:27 - 000028672 _____ () [File not signed] C:\Windows\jmesoft\hidhook.dll
2018-10-10 19:49 - 2018-08-09 15:16 - 004876800 _____ (Gracenote, Inc.) [File not signed] C:\WINDOWS\system32\GNSDK_FP.DLL
2015-09-15 01:24 - 2015-09-15 01:24 - 000348160 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll
2013-11-21 17:31 - 2013-11-21 17:31 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2013-11-21 17:31 - 2013-11-21 17:31 - 000499200 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\localhost -> localhost
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-02-20 01:19 - 2019-04-16 03:08 - 000000002 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
 
2016-11-20 02:27 - 2016-11-20 20:30 - 000000509 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\File Viewer Lite\lib\magick;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hossam\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles (2)\DesktopBackground\yosemite-4.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "CSRHarmonySkypePlugin"
HKLM\...\StartupApproved\Run: => "Fences"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "SaferVPN"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "RGSC"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "gflauncher"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Fences"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F7EE009B-C2EA-4710-83EA-47AD2754505E}] => (Allow) D:\Program\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C2671792-F32D-4EFA-9FE6-09ADD537C379}] => (Allow) D:\Program\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8349F32D-8D0D-4B19-A1B0-B547D0FF135A}] => (Allow) D:\Program\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{40E71CD2-8CAB-458B-84A9-BB65274B53FE}] => (Allow) D:\Program\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{8EF37271-C598-4EB0-83DC-2563707C2965}] => (Allow) D:\Program\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{00BD16F3-7040-4E95-9D73-3B9948F5326C}] => (Allow) D:\Program\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D8242725-BEEB-45B6-871E-1465D1F47EEA}] => (Allow) D:\Program\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{57D2A863-4CF4-4817-A6A3-9FA42EDD54B7}] => (Allow) D:\Program\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{F6894EFC-51EF-400A-8FA4-C78926903F19}] => (Allow) D:\Program\steamapps\common\PC Building Simulator\PCBS.exe () [File not signed]
FirewallRules: [{BEAC03EE-F1FF-4A3D-BEE3-4E67B1B948B0}] => (Allow) D:\Program\steamapps\common\PC Building Simulator\PCBS.exe () [File not signed]
FirewallRules: [{28C56425-D682-4856-AC73-ADF80183788A}] => (Allow) D:\Program\steamapps\common\Hacknet\Hacknet.exe () [File not signed]
FirewallRules: [{CDC4D372-1D1C-4A2A-A9E0-793780D28C25}] => (Allow) D:\Program\steamapps\common\Hacknet\Hacknet.exe () [File not signed]
FirewallRules: [{B26481C0-7DC7-4E2A-B066-9F2970720011}] => (Allow) D:\Program Files (x86)\Ubsoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{B9ECC6A3-49D9-46DC-9159-E559A86CD28D}] => (Allow) D:\Program Files (x86)\Ubsoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{04C90358-1AA2-4154-BEBB-A68B98524AC9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/25/2019 02:30:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b
, felet uppstod i modulen med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b
Undantagskod: 0xc0000005
Felförskjutning: 0x0000000000006f58
Process-ID: 0xfd4
Programmets starttid: 0x01d4fae345249994
Sökväg till program: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Sökväg till modul: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Rapport-ID: e65a0760-010a-4a73-89d8-8e14e3e443f6
Fullständigt namn på felaktigt paket: 
Program-ID relativt till felaktigt paket:
 
Error: (04/24/2019 11:18:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b
, felet uppstod i modulen med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b
Undantagskod: 0xc0000005
Felförskjutning: 0x0000000000006f58
Process-ID: 0xfe4
Programmets starttid: 0x01d4fadff1de774d
Sökväg till program: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Sökväg till modul: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Rapport-ID: 998b500d-e6c9-4b1b-ab9e-4bbf5384ea1c
Fullständigt namn på felaktigt paket: 
Program-ID relativt till felaktigt paket:
 
Error: (04/24/2019 10:58:50 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (04/23/2019 10:38:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: NVDisplay.Container.exe, version 1.2.0.0, tidsstämpel 0x59f35da7
, felet uppstod i modulen med namn: nvxdsyncplugin.dll_unloaded, version 8.17.13.8813, tidsstämpel 0x59f35207
Undantagskod: 0xc0000005
Felförskjutning: 0x000000000006513d
Process-ID: 0x9e4
Programmets starttid: 0x01d4fa0234bae8f0
Sökväg till program: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Sökväg till modul: nvxdsyncplugin.dll
Rapport-ID: 97b2809b-bb33-4676-bf5d-f81b55cf13de
Fullständigt namn på felaktigt paket: 
Program-ID relativt till felaktigt paket:
 
Error: (04/23/2019 10:38:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b
, felet uppstod i modulen med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b
Undantagskod: 0xc0000005
Felförskjutning: 0x0000000000006f58
Process-ID: 0x10c4
Programmets starttid: 0x01d4fa02358a9677
Sökväg till program: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Sökväg till modul: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Rapport-ID: 6eb2047b-cd3a-46ac-9a49-24b5e83dd171
Fullständigt namn på felaktigt paket: 
Program-ID relativt till felaktigt paket:
 
Error: (04/23/2019 07:32:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b
, felet uppstod i modulen med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b
Undantagskod: 0xc0000005
Felförskjutning: 0x0000000000006f58
Process-ID: 0x1218
Programmets starttid: 0x01d4f9f9e594bb7f
Sökväg till program: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Sökväg till modul: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Rapport-ID: e5855f2d-ea8f-4e42-b1e6-6c082f139de8
Fullständigt namn på felaktigt paket: 
Program-ID relativt till felaktigt paket:
 
Error: (04/23/2019 07:31:00 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (04/23/2019 01:20:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b
, felet uppstod i modulen med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b
Undantagskod: 0xc0000005
Felförskjutning: 0x0000000000006f58
Process-ID: 0xc38
Programmets starttid: 0x01d4f946caeaf032
Sökväg till program: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Sökväg till modul: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Rapport-ID: b7bdceef-9976-4221-b761-d0591ee77a10
Fullständigt namn på felaktigt paket: 
Program-ID relativt till felaktigt paket:
 
 
System errors:
=============
Error: (04/25/2019 02:48:49 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Starta för COM-serverprogrammet med CLSID 
Windows.SecurityCenter.SecurityAppBroker
 och APPID 
Inte tillgänglig
 till användaren NT instans\SYSTEM SID (S-1-5-18) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
 
Error: (04/25/2019 02:48:49 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Starta för COM-serverprogrammet med CLSID 
Windows.SecurityCenter.WscBrokerManager
 och APPID 
Inte tillgänglig
 till användaren NT instans\SYSTEM SID (S-1-5-18) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
 
Error: (04/25/2019 02:48:49 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Starta för COM-serverprogrammet med CLSID 
Windows.SecurityCenter.WscDataProtection
 och APPID 
Inte tillgänglig
 till användaren NT instans\SYSTEM SID (S-1-5-18) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
 
Error: (04/25/2019 02:47:22 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Starta för COM-serverprogrammet med CLSID 
Windows.SecurityCenter.WscCloudBackupProvider
 och APPID 
Inte tillgänglig
 till användaren Lenovo-PC\Hossam SID (S-1-5-21-561342403-3159581679-3982711157-1001) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
 
Error: (04/25/2019 02:47:03 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 och APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 till användaren Lenovo-PC\Hossam SID (S-1-5-21-561342403-3159581679-3982711157-1001) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
 
Error: (04/25/2019 02:46:47 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 och APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 till användaren NT instans\Lokal tjänst SID (S-1-5-19) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
 
Error: (04/25/2019 02:46:47 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 och APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 till användaren NT instans\Lokal tjänst SID (S-1-5-19) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
 
Error: (04/25/2019 02:30:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjänsten CSR OBEX Service avslutades oväntat. Detta har skett 1 gånger.
 
 
CodeIntegrity:
===================================
 
Date: 2019-04-23 21:16:07.959
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-04-23 21:16:07.958
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-04-23 21:16:07.956
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-04-23 21:15:07.374
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-04-23 21:15:07.372
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-04-23 21:15:07.370
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-04-15 21:46:40.189
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-04-15 21:46:40.185
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
==================== Memory info =========================== 
 
BIOS: LENOVO I1KT47AUS 03/06/2015
Motherboard: LENOVO 
Processor: Intel® Core™ i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 29%
Total physical RAM: 16316.16 MB
Available physical RAM: 11534.97 MB
Total Virtual: 17340.16 MB
Available Virtual: 12215.17 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:109.5 GB) (Free:19.82 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Lenovo) (Fixed) (Total:1838.6 GB) (Free:835.01 GB) NTFS
 
\\?\Volume{77fe8ff8-337a-4ffe-a2c5-376da0b5b6fe}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.7 GB) NTFS
\\?\Volume{9772911b-4763-4905-a655-333bd5f4b416}\ () (Fixed) (Total:0.44 GB) (Free:0.14 GB) NTFS
\\?\Volume{a6db99f2-20b2-4e7e-ae54-0a157bb91c55}\ (PBR_DRV) (Fixed) (Total:24.41 GB) (Free:14.91 GB) NTFS
\\?\Volume{cf69f787-6b58-4040-bdef-e9403b5c0ed7}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 3DA3A1E8)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 3DA3A1F6)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.04.2019
Ran by Hossam (administrator) on LENOVO-PC (LENOVO 10181) (25-04-2019 14:48:43)
Running from C:\Users\Hossam\Downloads
Loaded Profiles: Hossam (Available Profiles: Hossam & Administratör)
Platform: Windows 10 Home Version 1809 17763.437 (X64) Language: Svenska (Sverige)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() [File not signed] C:\Windows\jmesoft\Service.exe
() [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19032.731.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.402_none_7e502ee34cd6a6f5\TiWorker.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
(Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\Hossam\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Hossam\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Vincent Burel -> VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe
(Lenovo) [File not signed] C:\Windows\jmesoft\hotkey.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo\LVT\LJYZ.exe
() [File not signed] C:\Windows\jmesoft\JME_LOAD.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(OOO Lightshot -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Fences] => D:\Games\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo) [File not signed]
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-17] () [File not signed]
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo (Beijing) Limited -> Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Steam] => D:\Program\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Discord] => C:\Users\Hossam\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3482864 2019-03-27] (Razer USA Ltd. -> )
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [f.lux] => C:\Users\Hossam\AppData\Local\FluxSoftware\Flux\flux.exe [1376264 2019-04-03] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540416 2019-04-16] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Fences] => d:\games\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2012-06-11] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2012-06-11] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
Startup: C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter.LNK [2017-03-27]
ShortcutTarget: Voicemeeter.LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (Vincent Burel -> VB-AUDIO Software)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {266AE8B3-A3EF-422B-8934-12505A6124C3} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {27057069-7152-43F1-84D5-61F95CEF75E9} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe
Task: {2C5CA9E1-82C9-4074-99E4-4E9D8F50B65A} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3530CCB2-22E3-4040-9728-9EE36A8B8AD9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {3D39ABF1-CFB7-4324-A7F2-FD7FD2B1215B} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe <==== ATTENTION
Task: {3F3E55DA-7BFF-47DD-AF61-C3FE5FEF8F1D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-08-24] (LENOVO -> Lenovo)
Task: {471AFF3D-15BA-4E26-8D74-04C47B99A090} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2181768 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {491FA6E8-437E-42C4-8ADF-729FC64CC53F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D9458AF-6B07-4A0C-874F-1AE4774EA8E6} - System32\Tasks\update-S-1-5-21-561342403-3159581679-3982711157-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [105112 2016-07-11] (OOO Lightshot -> )
Task: {6DD4D36B-7453-4F12-A5B5-3E3D07BC6C00} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [148432 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {71241815-BE2A-4F50-85ED-3F08D1593A69} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [264016 2016-08-24] (LENOVO -> )
Task: {7799D3D1-AB9A-4884-A41F-0527A2E83326} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [148432 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {79198D8B-3C3F-4C04-BA2C-745CFA0B5DA4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25907200 2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {80FACC5B-3896-456E-A90B-B8312673FA6D} - System32\Tasks\Razer Synapse\Razer Synapse => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
Task: {84CE4EDE-8542-4478-94E2-E1481BC5A3B3} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10157392 2016-08-24] (LENOVO -> Lenovo)
Task: {8584065D-51C2-46DE-869D-0184F20ED690} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [33536 2014-05-22] (LENOVO -> )
Task: {8A6A834C-928F-4A7D-B00D-AD442731F14A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2181768 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B7216AD-38C3-4FA8-86FD-00BB3BD295E3} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10157392 2016-08-24] (LENOVO -> Lenovo)
Task: {8C8134A0-3C99-45D1-939D-3AD75367DFC3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25907200 2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B0F6DFE-DD99-4C7E-AA99-E0AF1187B2FB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {A30002F7-7B0D-454C-B2A2-1D2E10EF2EA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {AFDB3178-085E-488E-B6C0-4B5F9E07B04D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-24] (Google Inc -> Google Inc.)
Task: {B010C09D-2169-4084-BB4E-79953ADCE67F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1100400 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {B39B2B2A-7465-4AAC-B2B9-65462EB79F05} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [105112 2016-07-11] (OOO Lightshot -> )
Task: {BF4E405B-B2A7-4184-BDD0-6A9300978FF6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD930E8D-C782-42B8-BB1B-DD68935A364A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-24] (Google Inc -> Google Inc.)
Task: {D228733F-2332-49F1-9150-034E8096E799} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {DB0CCCC6-1CB3-4689-9FB8-2E650E0DF01B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [17256 2014-02-13] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo)
Task: {E1CE0FBB-2DAD-48E4-BC85-AE3B9BDF3AFD} - System32\Tasks\{24374C17-E411-49F6-9EEF-C6AB8679F3EC} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe" -c --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{147EC100-14BE-45EF-AB42-35BAEE7D02F0}"
Task: {E963842E-FB8E-4ABD-A4D9-215383F112F4} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E966C7BC-A552-425A-B029-79FDA416F3AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF9B914E-9465-4801-B894-BF34297F7232} - System32\Tasks\Microsoft\Windows\WCM\Provisioning\Purge.S-1-5-21-561342403-3159581679-3982711157-1001
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\update-S-1-5-21-561342403-3159581679-3982711157-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{06C59F79-FC2C-4714-84E0-AA7ADF2C1005}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{C5FAE918-2F73-424E-8B96-71CB940D466E}: [DhcpNameServer] 10.0.0.1
 
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-561342403-3159581679-3982711157-1001 -> {1D26B1F6-10C2-4A95-8CBD-172642C10A16} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies SA -> Skype Technologies)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
StartMenuInternet: FIREFOX.EXE - D:\Program\firefox.exe
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.funnysearching.com/
CHR StartupUrls: Default -> "hxxps://www.google.se/"
CHR Profile: C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default [2019-04-25]
CHR Extension: (Presentationer) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-04]
CHR Extension: (Dokument) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-04]
CHR Extension: (Google Drive) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-13]
CHR Extension: (YouTube) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-13]
CHR Extension: (ZenMate - IP & Browser Check) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchhalahcjpkabdgonjhoogdcipienhf [2017-02-13]
CHR Extension: (Netflix) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2018-02-04]
CHR Extension: (Tags for YouTube™) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggphokdgjikekfiakjcpidcclbmkfga [2019-03-27]
CHR Extension: (Kalkylark) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-04]
CHR Extension: (Studentkortets Rabattknapp) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkccpmgklfejhemeohopclkfeefonbda [2018-02-04]
CHR Extension: (Google Dokument Offline) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (AdBlock) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-22]
CHR Extension: (Grammarly for Chrome) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-04-18]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-13]
CHR Extension: (Chrome Media Router) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-26] (BattlEye Innovations e.K. -> )
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11082536 2019-04-16] (Microsoft Corporation -> Microsoft Corporation)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-17] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [532224 2014-04-23] (LENOVO -> Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO -> LENOVO INCORPORATED.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (LENOVO -> Lenovo)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449664 2018-08-29] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [942720 2018-09-12] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-02-21] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-03-27] (Razer USA Ltd. -> )
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [File not signed]
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [293352 2017-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-04-02] (Razer USA Ltd. -> Razer Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [627208 2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2018-03-08] (Power Technology -> Windows ® Win 7 DDK provider)
S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [29688 2018-03-08] (Power Technology -> Windows ® Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [65872 2018-08-07] (F-Secure Corporation -> )
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_0109a19b5125cb43\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [724968 2017-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [8169472 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [45960 2019-01-16] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0060; C:\WINDOWS\System32\drivers\RzDev_0060.sys [49648 2018-04-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0221; C:\WINDOWS\System32\drivers\RzDev_0221.sys [49648 2018-04-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0C00; C:\WINDOWS\System32\drivers\RzDev_0C00.sys [49648 2018-04-22] (Razer USA Ltd. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2017-07-19] (Razer USA Ltd. -> Razer Inc)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
S3 sparkocam; C:\WINDOWS\system32\DRIVERS\sparkocam.sys [37200 2016-09-01] (Sparkosoft Inc -> Sparkosoft)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [31392 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [31392 2017-07-21] (Valve Corp. -> )
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [36040 2015-09-11] (SaferSocial Ltd -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows ® Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2016-06-22] (Vincent Burel -> Windows ® Win 7 DDK provider)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [27136 2018-03-15] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-04-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-24] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S3 xb1usb; C:\WINDOWS\System32\drivers\xb1usb.sys [42760 2016-02-23] (Windows Central Build Account - X -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-04-25 14:47 - 2019-04-25 14:47 - 000000000 ___HD C:\OneDriveTemp
2019-04-23 19:28 - 2019-04-24 22:52 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2019-04-22 23:29 - 2019-04-22 23:29 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2019-04-22 00:08 - 2019-04-22 22:15 - 000029476 _____ C:\Users\Hossam\Downloads\SystemLook.txt
2019-04-22 00:08 - 2019-04-22 00:08 - 000165376 _____ C:\Users\Hossam\Downloads\SystemLook_x64.exe
2019-04-21 01:05 - 2019-04-21 01:18 - 000000000 ____D C:\Users\Hossam\Documents\Assassin's Creed Unity
2019-04-20 21:50 - 2019-04-20 21:50 - 006969340 _____ (cfx-collective) C:\Users\Hossam\Downloads\FiveM.exe
2019-04-20 21:50 - 2019-04-20 21:50 - 000002182 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM Singleplayer.lnk
2019-04-20 21:50 - 2019-04-20 21:50 - 000002174 _____ C:\Users\Hossam\Desktop\FiveM Singleplayer.lnk
2019-04-20 21:50 - 2019-04-20 21:50 - 000002174 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
2019-04-20 21:50 - 2019-04-20 21:50 - 000002166 _____ C:\Users\Hossam\Desktop\FiveM.lnk
2019-04-20 21:50 - 2019-04-20 21:50 - 000000000 ____D C:\Users\Hossam\Downloads\FiveM.app
2019-04-20 21:50 - 2019-04-20 21:50 - 000000000 ____D C:\Users\Hossam\AppData\Local\FiveM
2019-04-20 20:32 - 2019-04-20 20:32 - 000004233 _____ C:\Users\Hossam\Downloads\AdwCleaner[C00].txt
2019-04-20 20:25 - 2019-04-20 20:25 - 000000268 _____ C:\Users\Hossam\Downloads\ESETLog.txt
2019-04-20 18:44 - 2019-04-20 18:44 - 000000000 ____D C:\Users\Hossam\AppData\Local\ESET
2019-04-20 18:43 - 2019-04-20 18:43 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Hossam\Downloads\esetonlinescanner_enu.exe
2019-04-20 18:41 - 2019-04-20 18:42 - 000000000 ____D C:\AdwCleaner
2019-04-20 18:40 - 2019-04-20 18:41 - 007025360 _____ (Malwarebytes) C:\Users\Hossam\Downloads\AdwCleaner.exe
2019-04-20 05:24 - 2019-04-20 05:24 - 000000232 _____ C:\Users\Hossam\Desktop\Assassin’s Creed Unity.url
2019-04-20 05:24 - 2019-04-20 05:24 - 000000232 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Assassin’s Creed Unity.url
2019-04-20 05:12 - 2019-04-20 05:22 - 000000938 _____ C:\Users\Hossam\Desktop\Uplay.lnk
2019-04-20 05:12 - 2019-04-20 05:12 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-04-20 05:09 - 2019-04-20 05:10 - 088926808 _____ (Ubisoft) C:\Users\Hossam\Downloads\UplayInstaller.exe
2019-04-20 04:10 - 2019-04-20 04:10 - 000000201 _____ C:\Users\Hossam\Desktop\Left 4 Dead 2.url
2019-04-20 03:41 - 2019-04-24 22:54 - 000001014 _____ C:\Users\Hossam\Downloads\Fixlog.txt
2019-04-20 00:30 - 2019-04-20 00:30 - 000000201 _____ C:\Users\Hossam\Desktop\Left 4 Dead.url
2019-04-19 20:00 - 2019-04-20 20:31 - 000042962 _____ C:\Users\Hossam\Downloads\Addition.txt
2019-04-19 19:59 - 2019-04-25 14:49 - 000043075 _____ C:\Users\Hossam\Downloads\FRST.txt
2019-04-19 19:55 - 2019-04-25 14:48 - 000000000 ____D C:\FRST
2019-04-19 19:55 - 2019-04-24 22:53 - 000000000 ____D C:\Users\Hossam\Downloads\FRST-OlderVersion
2019-04-19 19:54 - 2019-04-24 22:53 - 002429952 _____ (Farbar) C:\Users\Hossam\Downloads\FRST64.exe
2019-04-19 16:56 - 2019-04-19 16:56 - 000014802 _____ C:\Users\Hossam\Downloads\api-ms-win-crt-string-l1-1-0.dll (64-Bit).zip
2019-04-16 03:08 - 2019-04-16 03:08 - 000000000 ____D C:\Users\Hossam\AppData\Local\OneDrive
2019-04-16 01:08 - 2019-04-16 01:08 - 000000037 _____ C:\Users\Hossam\AppData\Roaming\WB.CFG
2019-04-15 22:17 - 2019-04-21 01:06 - 000000000 ____D C:\Users\Hossam\AppData\Local\D3DSCache
2019-04-15 21:12 - 2019-04-15 21:12 - 000000000 ____D C:\Users\Hossam\AppData\Local\DBG
2019-04-15 03:05 - 2019-04-15 03:05 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign52ef1851f2ffab8f
2019-04-15 03:03 - 2019-04-15 03:03 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign498f61ed6d17f1f1
2019-04-15 03:03 - 2019-04-15 03:03 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign2e83ca98d94ef235
2019-04-15 03:03 - 2019-04-15 03:03 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign070108571ae4148f
2019-04-14 20:28 - 2019-04-14 19:36 - 000000000 ____D C:\Windows.old
2019-04-14 20:23 - 2019-04-14 20:28 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-04-14 20:23 - 2019-04-14 20:23 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-04-14 20:23 - 2019-04-14 20:23 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-04-14 20:22 - 2019-04-14 20:22 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 020815360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 019025408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 012843520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 012139008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 008898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 007919104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 007877120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 006071296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 004660224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 003904512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 003690496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 003421696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001459080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-04-14 20:22 - 2019-04-14 20:22 - 001072424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000263600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-04-14 20:21 - 2019-04-14 20:22 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 017513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 015223296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 007645608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 006544824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 005765120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 005205448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 004991112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 004704272 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 004527624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 004304896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003657728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003377976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 002842624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002720256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 002701304 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002627384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 002592816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002469376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 002438368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002017792 _____ C:\WINDOWS\system32\rdpnano.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001856000 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001697752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-14 20:21 - 2019-04-14 20:21 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001647632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001615872 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001590064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001478968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001468952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001458056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001370624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001360184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 001342400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-14 20:21 - 2019-04-14 20:21 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001311232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001191728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 001155072 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-04-14 20:21 - 2019-04-14 20:21 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 001053192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001044280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 001035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000998712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000984888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000982880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000974352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000909840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-04-14 20:21 - 2019-04-14 20:21 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000809784 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000793832 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000761280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000725928 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000653040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000620560 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000598544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-04-14 20:21 - 2019-04-14 20:21 - 000540448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000508208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000485192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000474928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-04-14 20:21 - 2019-04-14 20:21 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-04-14 20:21 - 2019-04-14 20:21 - 000408528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000407504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000386360 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000384312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000343984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000312632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000306488 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000283032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000257696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000255128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmBroker.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000159272 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000157496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000147496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000143880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000134456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000115360 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000098664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000097808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscdll.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscdll.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-04-14 20:19 - 2019-04-14 20:28 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-04-14 20:19 - 2019-04-14 20:19 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-04-14 20:19 - 2019-04-14 20:19 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-04-14 20:19 - 2019-04-14 20:19 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-04-14 20:19 - 2019-04-14 20:19 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-04-14 20:19 - 2019-04-14 20:19 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-04-14 20:19 - 2019-04-14 20:19 - 000000000 ____D C:\Program Files\MSBuild
2019-04-14 20:19 - 2019-04-14 20:19 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-04-14 20:19 - 2019-04-14 20:19 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-04-14 20:17 - 2019-04-14 20:36 - 000000000 ____D C:\ProgramData\Packages
2019-04-14 20:06 - 2019-04-15 03:11 - 000000000 ____D C:\Users\Hossam\AppData\Local\PlaceholderTileLogoFolder
2019-04-14 20:02 - 2019-04-14 20:02 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-04-14 20:01 - 2019-04-15 03:01 - 000000000 ____D C:\Users\Hossam\AppData\Local\Comms
2019-04-14 20:01 - 2019-04-14 20:37 - 000000000 ____D C:\Users\Hossam\AppData\Local\Publishers
2019-04-14 20:01 - 2019-04-14 20:01 - 000001446 _____ C:\Users\Hossam\Desktop\Microsoft Edge.lnk
2019-04-14 20:01 - 2019-04-14 20:01 - 000000000 ___RD C:\Users\Hossam\3D Objects
2019-04-14 20:01 - 2019-04-14 20:01 - 000000000 ___HD C:\Users\Hossam\MicrosoftEdgeBackups
2019-04-14 20:01 - 2019-04-14 20:01 - 000000000 ____D C:\Users\Hossam\AppData\Local\MicrosoftEdge
2019-04-14 20:00 - 2019-04-20 03:47 - 000000008 __RSH C:\Users\Hossam\ntuser.pol
2019-04-14 20:00 - 2019-04-15 16:01 - 000000000 ____D C:\Users\Hossam\AppData\Local\ConnectedDevicesPlatform
2019-04-14 20:00 - 2019-04-14 20:00 - 000000020 ___SH C:\Users\Hossam\ntuser.ini
2019-04-14 19:45 - 2017-11-09 05:39 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-04-14 19:45 - 2017-11-09 05:39 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-04-14 19:45 - 2017-10-27 18:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2019-04-14 19:45 - 2017-09-14 01:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-04-14 19:45 - 2017-09-14 01:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-04-14 19:45 - 2017-09-14 01:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-04-14 19:45 - 2017-09-14 01:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-04-14 19:39 - 2019-04-24 23:24 - 001760796 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-14 19:36 - 2019-04-25 14:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-14 19:36 - 2019-04-24 23:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-14 19:36 - 2019-04-24 23:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-04-14 19:36 - 2019-04-14 19:36 - 000003296 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-14 19:36 - 2019-04-14 19:36 - 000003074 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5C9DBA02-FBA0-450B-B43F-54C38254F680}
2019-04-14 19:36 - 2019-04-14 19:36 - 000003068 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-14 19:36 - 2019-04-14 19:36 - 000002868 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-04-14 19:36 - 2019-04-14 19:36 - 000002844 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-561342403-3159581679-3982711157-1001
2019-04-14 19:36 - 2019-04-14 19:36 - 000002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-561342403-3159581679-3982711157-1004
2019-04-14 19:36 - 2019-04-14 19:36 - 000002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-561342403-3159581679-3982711157-1001
2019-04-14 19:36 - 2019-04-14 19:36 - 000002720 _____ C:\WINDOWS\System32\Tasks\Red Giant Link
2019-04-14 19:36 - 2019-04-14 19:36 - 000002676 _____ C:\WINDOWS\System32\Tasks\update-sys
2019-04-14 19:36 - 2019-04-14 19:36 - 000002616 _____ C:\WINDOWS\System32\Tasks\[email protected]
2019-04-14 19:36 - 2019-04-14 19:36 - 000002610 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-561342403-3159581679-3982711157-1001
2019-04-14 19:36 - 2019-04-14 19:36 - 000002596 _____ C:\WINDOWS\System32\Tasks\[email protected]
2019-04-14 19:36 - 2019-04-14 19:36 - 000002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-561342403-3159581679-3982711157-500
2019-04-14 19:36 - 2019-04-14 19:36 - 000002314 _____ C:\WINDOWS\System32\Tasks\{24374C17-E411-49F6-9EEF-C6AB8679F3EC}
2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Razer Synapse
2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA
2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2019-04-14 19:36 - 2014-04-03 20:35 - 000003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1050727674-2070356693-977449066-500
2019-04-14 19:35 - 2019-04-14 19:36 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2019-04-14 19:35 - 2019-04-14 19:36 - 000011433 _____ C:\WINDOWS\diagerr.xml
2019-04-14 19:32 - 2019-04-20 03:47 - 000000000 ____D C:\Users\Hossam
2019-04-14 19:32 - 2019-04-14 20:06 - 000002417 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-14 19:32 - 2019-04-14 19:34 - 000000000 ____D C:\Users\Administrator
2019-04-14 19:32 - 2019-04-14 19:32 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Start-meny
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Skrivare
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Programdata
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Nätverket
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Mina dokument
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Mallar
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Lokala inställningar
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Documents\Mina videoklipp
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Documents\Mina bilder
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Documents\Min musik
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Program
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\AppData\Local\Tidigare
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\AppData\Local\Programdata
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Start-meny
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Skrivare
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Programdata
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Nätverket
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Mina dokument
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Mallar
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Lokala inställningar
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Documents\Mina videoklipp
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Documents\Mina bilder
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Documents\Min musik
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Program
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Tidigare
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Programdata
2019-04-14 19:32 - 2018-09-15 09:29 - 000001105 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-14 19:31 - 2019-04-14 19:31 - 000000000 ____D C:\ProgramData\USOShared
2019-04-14 19:31 - 2019-03-12 08:33 - 002865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-04-14 19:29 - 2019-04-25 02:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-14 19:29 - 2019-04-14 19:33 - 005338008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-14 18:51 - 2019-04-14 20:00 - 000000000 ___DC C:\WINDOWS\Panther
2019-04-14 18:12 - 2019-04-14 18:12 - 000000000 ___HD C:\$Windows.~WS
2019-04-14 04:50 - 2019-04-14 04:50 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsignd5338a945c03891a
2019-04-14 04:48 - 2019-04-14 04:48 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsignefdcdf7ed673ecd3
2019-04-14 04:48 - 2019-04-14 04:48 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign83eb3925791b9423
2019-04-14 04:48 - 2019-04-14 04:48 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign5ab814c6810e3614
2019-04-14 04:48 - 2019-04-14 04:48 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign19ae9b8758f7a92e
2019-04-14 04:45 - 2019-04-20 04:05 - 000000000 ____D C:\Users\Hossam\Desktop\Windows Installations
2019-04-14 04:44 - 2019-04-14 04:44 - 000043520 ___SH C:\Users\Hossam\Downloads\Thumbs.db
2019-04-14 03:19 - 2019-04-14 03:19 - 000000000 __SHD C:\Users\Hossam\AppData\LocalLow\EmieBrowserModeList
2019-04-14 03:19 - 2019-04-14 03:19 - 000000000 __SHD C:\Users\Hossam\AppData\Local\EmieBrowserModeList
2019-04-13 21:09 - 2019-04-20 03:47 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Start-meny
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Skrivare
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Programdata
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Nätverket
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Mina dokument
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Mallar
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Lokala inställningar
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Documents\Mina videoklipp
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Documents\Mina bilder
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Documents\Min musik
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Program
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\AppData\Local\Tidigare
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\AppData\Local\Programdata
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\Documents\Mina videoklipp
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\Documents\Mina bilder
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\Documents\Min musik
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Program
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Tidigare
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Programdata
2019-04-13 21:07 - 2019-04-14 19:35 - 000023004 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-04-13 21:02 - 2019-04-13 21:02 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2019-04-13 21:02 - 2019-04-13 21:02 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2019-04-13 20:59 - 2014-11-21 10:57 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2019-04-13 20:59 - 2014-11-21 10:57 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2019-04-13 20:56 - 2019-04-14 19:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-04-13 20:56 - 2017-10-27 18:36 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-04-13 20:56 - 2017-10-27 18:12 - 005960824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-04-13 20:56 - 2017-10-27 18:12 - 002587768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-04-13 20:56 - 2017-10-27 18:12 - 001766520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-04-13 20:56 - 2017-10-27 18:12 - 000607168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-04-13 20:56 - 2017-10-27 18:12 - 000449656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-04-13 20:56 - 2017-10-27 18:12 - 000123000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-04-13 20:56 - 2017-10-27 18:12 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-04-13 20:56 - 2017-10-25 12:33 - 007802921 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-04-13 20:55 - 2019-04-14 20:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-04-13 20:55 - 2019-04-14 20:24 - 000000000 ____D C:\Program Files\Realtek
2019-04-13 20:55 - 2019-04-14 19:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-04-13 20:55 - 2019-04-14 19:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-04-13 20:55 - 2019-04-14 19:30 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-04-13 20:55 - 2019-04-14 19:30 - 000000000 ____D C:\Program Files (x86)\Razer
2019-04-13 20:55 - 2019-04-13 21:01 - 000000000 ____D C:\ProgramData\Razer
2019-04-13 20:55 - 2019-04-13 20:55 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2019-04-13 20:55 - 2019-04-13 20:55 - 000000000 _____ C:\ProgramData\DP45977C.lfl
2019-04-13 02:06 - 2019-04-13 02:06 - 001640992 _____ C:\Users\Hossam\Downloads\Autoruns.zip
2019-04-12 22:08 - 2019-04-14 18:51 - 000000000 ____D C:\ESD
2019-04-11 23:39 - 2019-04-11 23:39 - 000000204 _____ C:\Users\Hossam\Desktop\UNO.url
2019-04-07 20:11 - 2019-04-07 20:12 - 000000000 ____D C:\Users\Hossam\AppData\Local\{62D85484-4670-383C-2BE8-1DD40F80E14C}
2019-04-05 04:13 - 2019-04-05 04:13 - 000000000 ____D C:\Users\Hossam\Documents\Need for Speed™ Payback
2019-03-31 18:58 - 2019-04-14 15:22 - 000000000 ____D C:\Users\Hossam\Documents\Outlook-filer
2019-03-30 23:56 - 2019-04-14 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-verktyg
2019-03-28 00:13 - 2019-03-28 00:13 - 000000000 ____D C:\Users\Hossam\AppData\LocalLow\Unknown Vendor
2019-03-26 02:04 - 2019-03-26 02:04 - 000000000 ____D C:\Users\Hossam\Documents\Need for Speed™ Payback 100% done story
2019-03-26 02:01 - 2019-04-14 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Payback
2019-03-26 02:01 - 2019-03-26 02:01 - 000000582 _____ C:\Users\Public\Desktop\Need for Speed™ Payback.lnk
2019-03-26 02:01 - 2019-03-26 02:01 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-03-26 00:29 - 2019-03-26 00:29 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsigna6d0830216ae8ed9
2019-03-26 00:29 - 2019-03-26 00:29 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign6fef7fd0825b2aae
2019-03-26 00:29 - 2019-03-26 00:29 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign34d0784bd2a84de9
2019-03-26 00:29 - 2019-03-26 00:29 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign073d22035447f1b1
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-04-25 14:47 - 2016-06-12 15:58 - 000000000 ___RD C:\Users\Hossam\OneDrive
2019-04-25 14:46 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-25 14:46 - 2015-09-15 01:17 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-25 02:30 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-25 02:30 - 2016-06-22 04:25 - 000004520 _____ C:\Users\Hossam\AppData\Roaming\VoiceMeeterDefault.xml
2019-04-25 02:00 - 2017-02-06 21:58 - 000000000 ____D C:\Users\Hossam\AppData\Local\Adobe
2019-04-24 23:28 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-24 23:24 - 2018-09-15 18:26 - 000713712 _____ C:\WINDOWS\system32\perfh01D.dat
2019-04-24 23:24 - 2018-09-15 18:26 - 000145586 _____ C:\WINDOWS\system32\perfc01D.dat
2019-04-24 23:24 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-04-24 23:19 - 2015-09-15 01:23 - 000000000 ____D C:\ProgramData\McAfee
2019-04-24 23:15 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-24 23:15 - 2018-09-15 08:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-04-24 23:12 - 2019-03-18 21:10 - 000000000 ____D C:\Users\HomeGroupUser$
2019-04-24 23:12 - 2019-03-18 21:10 - 000000000 ____D C:\Users\Gäst
2019-04-24 23:12 - 2019-03-18 21:10 - 000000000 ____D C:\Users\Administratör
2019-04-24 23:12 - 2016-10-23 21:46 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-04-24 23:12 - 2013-08-22 15:36 - 000000000 ____D C:\Users\Default.migrated
2019-04-24 23:01 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-24 23:01 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-22 23:29 - 2019-02-25 18:41 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2019-04-22 23:29 - 2019-02-25 18:40 - 000000000 ____D C:\Program Files\Java
2019-04-22 23:29 - 2017-02-19 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-04-22 23:29 - 2016-11-20 00:12 - 000000000 ____D C:\Program Files (x86)\Java
2019-04-22 23:28 - 2017-02-19 23:03 - 000099192 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-04-22 00:15 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-04-22 00:15 - 2018-08-08 00:55 - 000000000 ____D C:\Program Files\Microsoft Office
2019-04-21 04:19 - 2016-08-05 06:43 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\discord
2019-04-21 03:47 - 2018-09-07 19:05 - 000000000 ____D C:\Users\Hossam\AppData\Local\Ubisoft Game Launcher
2019-04-20 22:37 - 2018-11-23 01:37 - 000000000 ____D C:\Users\Hossam\AppData\Local\DigitalEntitlements
2019-04-20 19:00 - 2018-10-05 16:33 - 000000000 ____D C:\Users\Hossam\Desktop\GTA5 HK
2019-04-20 18:57 - 2017-02-03 19:05 - 000000000 ____D C:\Users\Hossam\AppData\Local\$ROEK5N8.tmp
2019-04-20 18:42 - 2016-12-11 03:35 - 000000000 ____D C:\WINDOWS\system32\log
2019-04-20 04:23 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-20 04:10 - 2019-02-25 21:53 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-04-20 03:42 - 2017-03-08 18:58 - 000000000 ____D C:\Users\Hossam\AppData\LocalLow\Temp
2019-04-20 03:41 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-04-19 19:47 - 2017-01-21 14:30 - 000001375 _____ C:\Users\Hossam\Desktop\Spotify.lnk
2019-04-18 22:53 - 2016-06-22 10:22 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\OBS
2019-04-18 22:41 - 2019-02-27 17:28 - 000001390 _____ C:\Users\Public\Desktop\Skype.lnk
2019-04-18 22:41 - 2019-02-27 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-04-15 19:02 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-15 03:59 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\appcompat
2019-04-15 03:05 - 2017-08-18 20:13 - 000000000 ____D C:\Users\Hossam\Desktop\Hossam
2019-04-14 22:06 - 2018-09-15 09:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-14 22:06 - 2018-09-15 09:36 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-14 22:06 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-14 22:01 - 2016-06-12 15:54 - 000000000 ____D C:\Users\Hossam\AppData\Local\Packages
2019-04-14 20:28 - 2019-03-25 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2019-04-14 20:28 - 2019-02-27 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark Redux
2019-04-14 20:28 - 2019-02-25 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry New Dawn
2019-04-14 20:28 - 2019-02-08 03:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-04-14 20:28 - 2018-12-19 06:23 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2019-04-14 20:28 - 2018-12-17 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil 7 Biohazard
2019-04-14 20:28 - 2018-11-22 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PosteRazor
2019-04-14 20:28 - 2018-10-29 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2019-04-14 20:28 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-04-14 20:28 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-04-14 20:28 - 2018-09-15 09:36 - 000000000 ____D C:\WINDOWS\Setup
2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 __RHD C:\Users\Public\Libraries
2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\spool
2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Help
2019-04-14 20:28 - 2018-09-15 09:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-04-14 20:28 - 2018-08-19 00:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 5
2019-04-14 20:28 - 2018-08-19 00:22 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2019-04-14 20:28 - 2018-08-19 00:22 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2019-04-14 20:28 - 2018-08-19 00:22 - 000000000 ____D C:\WINDOWS\system32\es-cl
2019-04-14 20:28 - 2018-08-19 00:22 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2019-04-14 20:28 - 2018-06-30 03:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hello Neighbor
2019-04-14 20:28 - 2018-06-08 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2019-04-14 20:28 - 2018-06-08 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2019-04-14 20:28 - 2018-04-08 02:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Viewer Lite
2019-04-14 20:28 - 2017-04-07 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\extensions
2019-04-14 20:28 - 2017-03-24 20:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-14 20:28 - 2017-02-01 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2019-04-14 20:28 - 2017-01-03 00:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2019-04-14 20:28 - 2016-11-28 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2019-04-14 20:28 - 2016-11-06 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2019-04-14 20:28 - 2016-11-05 14:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet PhotoLooks
2019-04-14 20:28 - 2016-11-05 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2019-04-14 20:28 - 2016-10-31 19:19 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2019-04-14 20:28 - 2016-10-23 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
2019-04-14 20:28 - 2016-07-26 02:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2019-04-14 20:28 - 2016-07-15 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-04-14 20:28 - 2016-07-04 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2019-04-14 20:28 - 2016-06-29 04:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReelSmart Motion Blur 4, After Effects-compatible plugin set
2019-04-14 20:28 - 2016-06-17 19:53 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-04-14 20:28 - 2016-06-17 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-14 20:28 - 2015-09-15 01:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-04-14 20:28 - 2015-09-15 01:19 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-04-14 20:28 - 2015-09-15 01:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-04-14 20:28 - 2015-09-15 01:17 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-04-14 20:28 - 2014-11-21 18:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
2019-04-14 20:28 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-04-14 20:24 - 2019-02-25 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-04-14 20:24 - 2018-09-15 18:27 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-04-14 20:24 - 2018-09-15 18:27 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\system32\winrm
2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\system32\slmgr
2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\InputMethod
2019-04-14 20:24 - 2018-08-02 01:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2019-04-14 20:24 - 2016-06-22 04:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio
2019-04-14 20:24 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2019-04-14 20:24 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2019-04-14 20:22 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-04-14 20:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-04-14 20:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-14 20:22 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-04-14 20:19 - 2019-03-12 08:34 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-04-14 20:19 - 2018-09-15 09:41 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2019-04-14 20:19 - 2018-09-15 09:41 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2019-04-14 20:19 - 2018-09-15 09:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2019-04-14 20:19 - 2018-09-15 09:37 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2019-04-14 20:19 - 2018-09-15 09:37 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2019-04-14 20:19 - 2018-09-15 09:37 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2019-04-14 20:19 - 2018-09-15 09:37 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2019-04-14 20:19 - 2018-09-15 09:37 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2019-04-14 20:19 - 2018-09-15 09:37 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2019-04-14 20:19 - 2018-09-15 09:37 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2019-04-14 20:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-04-14 20:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-04-14 20:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-04-14 20:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-04-14 20:18 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-04-14 20:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-04-14 20:04 - 2018-02-09 03:12 - 000000000 ____D C:\Users\Hossam\Desktop\Min Dator
2019-04-14 20:01 - 2016-06-13 00:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-04-14 19:45 - 2018-10-29 02:33 - 000000000 ____D C:\temp
2019-04-14 19:45 - 2018-09-09 01:22 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-04-14 19:36 - 2019-03-24 23:24 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-14 19:36 - 2019-03-24 23:24 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-14 19:36 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Registration
2019-04-14 19:36 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\windows nt
2019-04-14 19:33 - 2018-08-31 22:07 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-04-14 19:33 - 2016-06-22 10:21 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2019-04-14 19:33 - 2016-06-17 01:45 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-14 19:32 - 2018-11-20 19:07 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VectorCraft Games
2019-04-14 19:32 - 2018-10-29 23:28 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultrabox
2019-04-14 19:32 - 2016-08-05 06:43 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2019-04-14 19:32 - 2016-06-22 04:20 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio
2019-04-14 19:32 - 2014-04-03 20:18 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2019-04-14 19:31 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\USOPrivate
2019-04-14 19:30 - 2018-09-15 09:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-04-14 19:30 - 2018-09-15 09:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-04-14 18:25 - 2016-07-26 02:12 - 000000410 _____ C:\WINDOWS\Tasks\update-S-1-5-21-561342403-3159581679-3982711157-1001.job
2019-04-14 15:22 - 2019-02-07 03:39 - 000002147 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2019-04-14 15:21 - 2016-07-26 02:12 - 000000410 _____ C:\WINDOWS\Tasks\update-sys.job
2019-04-14 04:50 - 2016-07-05 19:50 - 000000000 ____D C:\Users\Hossam\Desktop\Bilder
2019-04-14 03:19 - 2016-06-17 01:13 - 000000000 __SHD C:\Users\Hossam\AppData\Local\EmieUserList
2019-04-14 03:19 - 2016-06-17 01:13 - 000000000 __SHD C:\Users\Hossam\AppData\Local\EmieSiteList
2019-04-14 03:19 - 2016-06-12 16:02 - 000000000 __SHD C:\Users\Hossam\AppData\LocalLow\EmieUserList
2019-04-14 03:19 - 2016-06-12 16:02 - 000000000 __SHD C:\Users\Hossam\AppData\LocalLow\EmieSiteList
2019-04-14 01:57 - 2018-10-29 22:02 - 000000000 ____D C:\Users\Hossam\Downloads\Youtube
2019-04-13 02:49 - 2017-03-16 16:42 - 000000000 ____D C:\Users\Hossa_000
2019-04-12 23:54 - 2016-11-05 14:02 - 000000000 ____D C:\Users\Hossam\AppData\Local\ElevatedDiagnostics
2019-04-12 15:50 - 2016-10-29 20:05 - 000000000 ____D C:\Users\Hossam\AppData\Local\CrashDumps
2019-03-30 23:56 - 2018-08-08 01:07 - 000002367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-30 23:56 - 2018-08-08 01:07 - 000002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-30 23:56 - 2018-08-08 01:07 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-30 23:56 - 2018-08-08 01:07 - 000002339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-30 23:56 - 2018-08-08 01:07 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-30 23:56 - 2018-08-08 01:07 - 000002317 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-30 23:56 - 2018-08-08 01:07 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-30 23:53 - 2018-08-08 01:08 - 000002312 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive för företag.lnk
2019-03-27 15:16 - 2015-09-15 01:19 - 001856382 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2019-03-26 03:20 - 2019-03-24 23:25 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\uTorrent
2019-03-26 02:01 - 2015-09-15 01:19 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-26 00:09 - 2019-03-25 23:50 - 000000000 ____D C:\Users\Hossam\Desktop\Pics and docs
 
==================== Files in the root of some directories =======
 
2017-04-12 21:35 - 2017-04-12 21:35 - 143054765 _____ () C:\Program Files\Common Files\Adobe.rar
2016-06-21 04:53 - 2016-06-24 23:26 - 000000132 _____ () C:\Users\Hossam\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-10-05 23:21 - 2018-01-31 19:48 - 000000033 _____ () C:\Users\Hossam\AppData\Roaming\AdobeWLCMCache.dat
2019-03-24 01:52 - 2019-03-24 02:02 - 000000043 _____ () C:\Users\Hossam\AppData\Roaming\MCVi2UserDetail.ini
2016-06-22 04:25 - 2019-04-25 02:30 - 000004520 _____ () C:\Users\Hossam\AppData\Roaming\VoiceMeeterDefault.xml
2019-04-16 01:08 - 2019-04-16 01:08 - 000000037 _____ () C:\Users\Hossam\AppData\Roaming\WB.CFG
2017-02-06 22:10 - 2019-04-14 19:09 - 002785478 _____ () C:\Users\Hossam\AppData\Local\BTServer.log
2018-09-28 17:48 - 2018-09-28 17:48 - 000000000 _____ () C:\Users\Hossam\AppData\Local\oobelibMkey.log
2017-04-12 16:31 - 2017-04-12 16:41 - 000007625 _____ () C:\Users\Hossam\AppData\Local\Resmon.ResmonCfg
2017-02-06 23:25 - 2017-02-06 23:25 - 000000003 _____ () C:\Users\Hossam\AppData\Local\updater.log
2018-02-04 05:11 - 2018-02-04 05:11 - 000000003 _____ () C:\Users\Hossam\AppData\Local\wbem.ini
 
==================== Files in the root of some directories =======
 
 
Some files in TEMP:
====================
2019-04-22 22:11 - 2019-04-22 22:11 - 002048352 _____ (Oracle Corporation) C:\Users\Hossam\AppData\Local\Temp\jre-8u211-windows-au.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ============================

  • 0

#21
iMacg3

iMacg3

    Malware Removal

  • Malware Removal
  • 354 posts
Hi,

Looks like there is only a remnant of the malware left (potentially unwanted browser settings modification).

Follow the instructions in the below article.
Chrome Secure Preferences detection always comes back.
https://forums.malwa...ays-comes-back/

Once you have completed the steps in the above article please run a new FRST scan and copy/paste both reports in your reply.
  • 0






Similar Topics


Also tagged with one or more of these keywords: startupchecklibrary.dll, missing, help, dll, dll missing, missing dll file, file missing, missing dll

1 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


    Bing (1)

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP