Hello! sorry, I didn't reply earlier I had a lot of work.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.04.2019
Ran by Hossam (administrator) on LENOVO-PC (LENOVO 10181) (29-04-2019 00:52:18)
Running from C:\Users\Hossam\Downloads
Loaded Profiles: Hossam (Available Profiles: Hossam & Administratör)
Platform: Windows 10 Home Version 1809 17763.437 (X64) Language: Svenska (Sverige)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.26.28001.0_x64__8wekyb3d8bbwe\GameBar.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19032.731.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Windows\jmesoft\JME_LOAD.exe
() [File not signed] C:\Windows\jmesoft\Service.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\Hossam\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) [File not signed] C:\Windows\jmesoft\hotkey.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Hossam\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(OOO Lightshot -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(Vincent Burel -> VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Fences] => D:\Games\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo) [File not signed]
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-17] () [File not signed]
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo (Beijing) Limited -> Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Steam] => D:\Program\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Discord] => C:\Users\Hossam\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3482864 2019-03-27] (Razer USA Ltd. -> )
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [f.lux] => C:\Users\Hossam\AppData\Local\FluxSoftware\Flux\flux.exe [1376264 2019-04-03] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540416 2019-04-16] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Fences] => d:\games\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2012-06-11] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2012-06-11] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
Startup: C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter.LNK [2017-03-27]
ShortcutTarget: Voicemeeter.LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (Vincent Burel -> VB-AUDIO Software)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B31379F-138B-46E8-BEE3-310E28A299A8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [148008 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {1DAFDE17-D6EA-4B77-AA2F-73CCC0F51DC7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [148008 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {266AE8B3-A3EF-422B-8934-12505A6124C3} - System32\Tasks\
[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {27057069-7152-43F1-84D5-61F95CEF75E9} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe
Task: {2C5CA9E1-82C9-4074-99E4-4E9D8F50B65A} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3530CCB2-22E3-4040-9728-9EE36A8B8AD9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {36EF0856-9A02-4133-90BB-6DEDD47E2B86} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2181768 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D39ABF1-CFB7-4324-A7F2-FD7FD2B1215B} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {3F3E55DA-7BFF-47DD-AF61-C3FE5FEF8F1D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-08-24] (LENOVO -> Lenovo)
Task: {491FA6E8-437E-42C4-8ADF-729FC64CC53F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D9458AF-6B07-4A0C-874F-1AE4774EA8E6} - System32\Tasks\update-S-1-5-21-561342403-3159581679-3982711157-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [105112 2016-07-11] (OOO Lightshot -> )
Task: {71241815-BE2A-4F50-85ED-3F08D1593A69} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [264016 2016-08-24] (LENOVO -> )
Task: {80FACC5B-3896-456E-A90B-B8312673FA6D} - System32\Tasks\Razer Synapse\Razer Synapse => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
Task: {82C7A483-2CCF-44EC-B7D6-9CD68F793678} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25906688 2019-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {84CE4EDE-8542-4478-94E2-E1481BC5A3B3} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10157392 2016-08-24] (LENOVO -> Lenovo)
Task: {8584065D-51C2-46DE-869D-0184F20ED690} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [33536 2014-05-22] (LENOVO -> )
Task: {8B7216AD-38C3-4FA8-86FD-00BB3BD295E3} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10157392 2016-08-24] (LENOVO -> Lenovo)
Task: {9B0F6DFE-DD99-4C7E-AA99-E0AF1187B2FB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {A30002F7-7B0D-454C-B2A2-1D2E10EF2EA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {AFDB3178-085E-488E-B6C0-4B5F9E07B04D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-24] (Google Inc -> Google Inc.)
Task: {B010C09D-2169-4084-BB4E-79953ADCE67F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1100400 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {B39B2B2A-7465-4AAC-B2B9-65462EB79F05} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [105112 2016-07-11] (OOO Lightshot -> )
Task: {BF4E405B-B2A7-4184-BDD0-6A9300978FF6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD930E8D-C782-42B8-BB1B-DD68935A364A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-24] (Google Inc -> Google Inc.)
Task: {D228733F-2332-49F1-9150-034E8096E799} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {DB0CCCC6-1CB3-4689-9FB8-2E650E0DF01B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [17256 2014-02-13] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo)
Task: {E1CE0FBB-2DAD-48E4-BC85-AE3B9BDF3AFD} - System32\Tasks\{24374C17-E411-49F6-9EEF-C6AB8679F3EC} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe" -c --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{147EC100-14BE-45EF-AB42-35BAEE7D02F0}"
Task: {E963842E-FB8E-4ABD-A4D9-215383F112F4} - System32\Tasks\
[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E966C7BC-A552-425A-B029-79FDA416F3AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {E998B884-D5B9-48B1-B361-C46175CB639C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25906688 2019-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF9B914E-9465-4801-B894-BF34297F7232} - System32\Tasks\Microsoft\Windows\WCM\Provisioning\Purge.S-1-5-21-561342403-3159581679-3982711157-1001
Task: {FCC3CA55-AC13-49CD-96AC-52E8F2509B37} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2181768 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-561342403-3159581679-3982711157-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{06C59F79-FC2C-4714-84E0-AA7ADF2C1005}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{C5FAE918-2F73-424E-8B96-71CB940D466E}: [DhcpNameServer] 10.0.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-561342403-3159581679-3982711157-1001 -> {1D26B1F6-10C2-4A95-8CBD-172642C10A16} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies SA -> Skype Technologies)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
StartMenuInternet: FIREFOX.EXE - D:\Program\firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.funnysearching.com/
CHR StartupUrls: Default -> "hxxps://www.google.se/"
CHR Profile: C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default [2019-04-29]
CHR Extension: (Presentationer) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-04]
CHR Extension: (Dokument) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-04]
CHR Extension: (Google Drive) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-13]
CHR Extension: (YouTube) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-13]
CHR Extension: (ZenMate - IP & Browser Check) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchhalahcjpkabdgonjhoogdcipienhf [2017-02-13]
CHR Extension: (Netflix) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2018-02-04]
CHR Extension: (Tags for YouTube™) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggphokdgjikekfiakjcpidcclbmkfga [2019-03-27]
CHR Extension: (Kalkylark) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-04]
CHR Extension: (Studentkortets Rabattknapp) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkccpmgklfejhemeohopclkfeefonbda [2018-02-04]
CHR Extension: (Google Dokument Offline) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (AdBlock) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-22]
CHR Extension: (Grammarly for Chrome) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-04-26]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-13]
CHR Extension: (Chrome Media Router) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-26] (BattlEye Innovations e.K. -> )
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11084584 2019-04-19] (Microsoft Corporation -> Microsoft Corporation)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-17] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [532224 2014-04-23] (LENOVO -> Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO -> LENOVO INCORPORATED.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (LENOVO -> Lenovo)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449664 2018-08-29] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [942720 2018-09-12] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-02-21] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-03-27] (Razer USA Ltd. -> )
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [File not signed]
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [293352 2017-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-04-02] (Razer USA Ltd. -> Razer Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [627208 2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2018-03-08] (Power Technology -> Windows ® Win 7 DDK provider)
S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [29688 2018-03-08] (Power Technology -> Windows ® Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [65872 2018-08-07] (F-Secure Corporation -> )
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_0109a19b5125cb43\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [724968 2017-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [8169472 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [45960 2019-01-16] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0060; C:\WINDOWS\System32\drivers\RzDev_0060.sys [49648 2018-04-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0221; C:\WINDOWS\System32\drivers\RzDev_0221.sys [49648 2018-04-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0C00; C:\WINDOWS\System32\drivers\RzDev_0C00.sys [49648 2018-04-22] (Razer USA Ltd. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2017-07-19] (Razer USA Ltd. -> Razer Inc)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
S3 sparkocam; C:\WINDOWS\system32\DRIVERS\sparkocam.sys [37200 2016-09-01] (Sparkosoft Inc -> Sparkosoft)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [31392 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [31392 2017-07-21] (Valve Corp. -> )
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [36040 2015-09-11] (SaferSocial Ltd -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows ® Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2016-06-22] (Vincent Burel -> Windows ® Win 7 DDK provider)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [27136 2018-03-15] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-04-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-24] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S3 xb1usb; C:\WINDOWS\System32\drivers\xb1usb.sys [42760 2016-02-23] (Windows Central Build Account - X -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-28 22:16 - 2019-04-28 22:16 - 000000000 ___HD C:\OneDriveTemp
2019-04-27 00:27 - 2019-04-27 00:27 - 000000000 ___HD C:\$WINDOWS.~BT
2019-04-26 23:34 - 2019-04-26 23:34 - 000000060 _____ C:\Users\Hossam\Downloads\fixlist.txt
2019-04-26 23:33 - 2019-04-26 23:33 - 000000002 _____ C:\Users\Hossam\Downloads\rbtgpyepzcgtwrk.txt
2019-04-22 23:29 - 2019-04-22 23:29 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2019-04-22 00:08 - 2019-04-22 22:15 - 000029476 _____ C:\Users\Hossam\Downloads\SystemLook.txt
2019-04-22 00:08 - 2019-04-22 00:08 - 000165376 _____ C:\Users\Hossam\Downloads\SystemLook_x64.exe
2019-04-21 01:05 - 2019-04-21 01:18 - 000000000 ____D C:\Users\Hossam\Documents\Assassin's Creed Unity
2019-04-20 21:50 - 2019-04-20 21:50 - 006969340 _____ (cfx-collective) C:\Users\Hossam\Downloads\FiveM.exe
2019-04-20 21:50 - 2019-04-20 21:50 - 000002182 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM Singleplayer.lnk
2019-04-20 21:50 - 2019-04-20 21:50 - 000002174 _____ C:\Users\Hossam\Desktop\FiveM Singleplayer.lnk
2019-04-20 21:50 - 2019-04-20 21:50 - 000002174 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
2019-04-20 21:50 - 2019-04-20 21:50 - 000002166 _____ C:\Users\Hossam\Desktop\FiveM.lnk
2019-04-20 21:50 - 2019-04-20 21:50 - 000000000 ____D C:\Users\Hossam\Downloads\FiveM.app
2019-04-20 21:50 - 2019-04-20 21:50 - 000000000 ____D C:\Users\Hossam\AppData\Local\FiveM
2019-04-20 20:32 - 2019-04-20 20:32 - 000004233 _____ C:\Users\Hossam\Downloads\AdwCleaner[C00].txt
2019-04-20 20:25 - 2019-04-20 20:25 - 000000268 _____ C:\Users\Hossam\Downloads\ESETLog.txt
2019-04-20 18:44 - 2019-04-20 18:44 - 000000000 ____D C:\Users\Hossam\AppData\Local\ESET
2019-04-20 18:43 - 2019-04-20 18:43 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Hossam\Downloads\esetonlinescanner_enu.exe
2019-04-20 18:41 - 2019-04-20 18:42 - 000000000 ____D C:\AdwCleaner
2019-04-20 18:40 - 2019-04-20 18:41 - 007025360 _____ (Malwarebytes) C:\Users\Hossam\Downloads\AdwCleaner.exe
2019-04-20 05:24 - 2019-04-20 05:24 - 000000232 _____ C:\Users\Hossam\Desktop\Assassin’s Creed Unity.url
2019-04-20 05:24 - 2019-04-20 05:24 - 000000232 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Assassin’s Creed Unity.url
2019-04-20 05:12 - 2019-04-20 05:22 - 000000938 _____ C:\Users\Hossam\Desktop\Uplay.lnk
2019-04-20 05:12 - 2019-04-20 05:12 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-04-20 05:09 - 2019-04-20 05:10 - 088926808 _____ (Ubisoft) C:\Users\Hossam\Downloads\UplayInstaller.exe
2019-04-20 04:10 - 2019-04-20 04:10 - 000000201 _____ C:\Users\Hossam\Desktop\Left 4 Dead 2.url
2019-04-20 03:41 - 2019-04-26 23:35 - 000000482 _____ C:\Users\Hossam\Downloads\Fixlog.txt
2019-04-20 00:30 - 2019-04-20 00:30 - 000000201 _____ C:\Users\Hossam\Desktop\Left 4 Dead.url
2019-04-19 20:00 - 2019-04-26 00:20 - 000045693 _____ C:\Users\Hossam\Downloads\Addition.txt
2019-04-19 19:59 - 2019-04-29 00:53 - 000043703 _____ C:\Users\Hossam\Downloads\FRST.txt
2019-04-19 19:55 - 2019-04-29 00:52 - 000000000 ____D C:\Users\Hossam\Downloads\FRST-OlderVersion
2019-04-19 19:55 - 2019-04-29 00:52 - 000000000 ____D C:\FRST
2019-04-19 19:54 - 2019-04-29 00:52 - 002429952 _____ (Farbar) C:\Users\Hossam\Downloads\FRST64.exe
2019-04-19 16:56 - 2019-04-19 16:56 - 000014802 _____ C:\Users\Hossam\Downloads\api-ms-win-crt-string-l1-1-0.dll (64-Bit).zip
2019-04-16 03:08 - 2019-04-16 03:08 - 000000000 ____D C:\Users\Hossam\AppData\Local\OneDrive
2019-04-16 01:08 - 2019-04-16 01:08 - 000000037 _____ C:\Users\Hossam\AppData\Roaming\WB.CFG
2019-04-15 22:17 - 2019-04-21 01:06 - 000000000 ____D C:\Users\Hossam\AppData\Local\D3DSCache
2019-04-15 21:12 - 2019-04-15 21:12 - 000000000 ____D C:\Users\Hossam\AppData\Local\DBG
2019-04-15 03:05 - 2019-04-15 03:05 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign52ef1851f2ffab8f
2019-04-15 03:03 - 2019-04-15 03:03 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign498f61ed6d17f1f1
2019-04-15 03:03 - 2019-04-15 03:03 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign2e83ca98d94ef235
2019-04-15 03:03 - 2019-04-15 03:03 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign070108571ae4148f
2019-04-14 20:23 - 2019-04-14 20:28 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-04-14 20:23 - 2019-04-14 20:23 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-04-14 20:23 - 2019-04-14 20:23 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-04-14 20:22 - 2019-04-14 20:22 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 020815360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 019025408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 012843520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 012139008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 008898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 007919104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 007877120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 006071296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 004660224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 003904512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 003690496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 003421696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001459080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-04-14 20:22 - 2019-04-14 20:22 - 001072424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000263600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-04-14 20:22 - 2019-04-14 20:22 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2019-04-14 20:22 - 2019-04-14 20:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-04-14 20:21 - 2019-04-14 20:22 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 017513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 015223296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 007645608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 006544824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 005765120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 005205448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 004991112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 004704272 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 004527624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 004304896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003657728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003377976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 002842624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002720256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 002701304 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002627384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 002592816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002469376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 002438368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 002017792 _____ C:\WINDOWS\system32\rdpnano.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001856000 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001697752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-14 20:21 - 2019-04-14 20:21 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001647632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001615872 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001590064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001478968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001468952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001458056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001370624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001360184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 001342400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-14 20:21 - 2019-04-14 20:21 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001311232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001191728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 001155072 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-04-14 20:21 - 2019-04-14 20:21 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 001053192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001044280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 001035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000998712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000984888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000982880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000974352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000909840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-04-14 20:21 - 2019-04-14 20:21 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000809784 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000793832 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000761280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000725928 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000653040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000620560 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000598544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-04-14 20:21 - 2019-04-14 20:21 - 000540448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000508208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000485192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000474928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-04-14 20:21 - 2019-04-14 20:21 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-04-14 20:21 - 2019-04-14 20:21 - 000408528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000407504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000386360 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000384312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000343984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000312632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000306488 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000283032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000257696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000255128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmBroker.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000159272 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000157496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000147496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000143880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000134456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000115360 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000098664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000097808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscapi.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys
2019-04-14 20:21 - 2019-04-14 20:21 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscdll.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-14 20:21 - 2019-04-14 20:21 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscdll.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-04-14 20:19 - 2019-04-14 20:28 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-04-14 20:19 - 2019-04-14 20:19 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-04-14 20:19 - 2019-04-14 20:19 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-04-14 20:19 - 2019-04-14 20:19 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-04-14 20:19 - 2019-04-14 20:19 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-04-14 20:19 - 2019-04-14 20:19 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-04-14 20:19 - 2019-04-14 20:19 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-04-14 20:19 - 2019-04-14 20:19 - 000000000 ____D C:\Program Files\MSBuild
2019-04-14 20:19 - 2019-04-14 20:19 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-04-14 20:19 - 2019-04-14 20:19 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-04-14 20:17 - 2019-04-14 20:36 - 000000000 ____D C:\ProgramData\Packages
2019-04-14 20:06 - 2019-04-15 03:11 - 000000000 ____D C:\Users\Hossam\AppData\Local\PlaceholderTileLogoFolder
2019-04-14 20:02 - 2019-04-14 20:02 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-04-14 20:01 - 2019-04-15 03:01 - 000000000 ____D C:\Users\Hossam\AppData\Local\Comms
2019-04-14 20:01 - 2019-04-14 20:37 - 000000000 ____D C:\Users\Hossam\AppData\Local\Publishers
2019-04-14 20:01 - 2019-04-14 20:01 - 000001446 _____ C:\Users\Hossam\Desktop\Microsoft Edge.lnk
2019-04-14 20:01 - 2019-04-14 20:01 - 000000000 ___RD C:\Users\Hossam\3D Objects
2019-04-14 20:01 - 2019-04-14 20:01 - 000000000 ___HD C:\Users\Hossam\MicrosoftEdgeBackups
2019-04-14 20:01 - 2019-04-14 20:01 - 000000000 ____D C:\Users\Hossam\AppData\Local\MicrosoftEdge
2019-04-14 20:00 - 2019-04-20 03:47 - 000000008 __RSH C:\Users\Hossam\ntuser.pol
2019-04-14 20:00 - 2019-04-15 16:01 - 000000000 ____D C:\Users\Hossam\AppData\Local\ConnectedDevicesPlatform
2019-04-14 20:00 - 2019-04-14 20:00 - 000000020 ___SH C:\Users\Hossam\ntuser.ini
2019-04-14 19:45 - 2017-11-09 05:39 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-04-14 19:45 - 2017-11-09 05:39 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-04-14 19:45 - 2017-10-27 18:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2019-04-14 19:45 - 2017-09-14 01:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-04-14 19:45 - 2017-09-14 01:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-04-14 19:45 - 2017-09-14 01:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-04-14 19:45 - 2017-09-14 01:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-04-14 19:39 - 2019-04-28 22:22 - 001760796 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-14 19:36 - 2019-04-28 22:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-14 19:36 - 2019-04-24 23:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-14 19:36 - 2019-04-24 23:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-04-14 19:36 - 2019-04-14 19:36 - 000003296 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-14 19:36 - 2019-04-14 19:36 - 000003074 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5C9DBA02-FBA0-450B-B43F-54C38254F680}
2019-04-14 19:36 - 2019-04-14 19:36 - 000003068 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-14 19:36 - 2019-04-14 19:36 - 000002868 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-04-14 19:36 - 2019-04-14 19:36 - 000002844 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-561342403-3159581679-3982711157-1001
2019-04-14 19:36 - 2019-04-14 19:36 - 000002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-561342403-3159581679-3982711157-1004
2019-04-14 19:36 - 2019-04-14 19:36 - 000002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-561342403-3159581679-3982711157-1001
2019-04-14 19:36 - 2019-04-14 19:36 - 000002720 _____ C:\WINDOWS\System32\Tasks\Red Giant Link
2019-04-14 19:36 - 2019-04-14 19:36 - 000002676 _____ C:\WINDOWS\System32\Tasks\update-sys
2019-04-14 19:36 - 2019-04-14 19:36 - 000002616 _____ C:\WINDOWS\System32\Tasks\
[email protected]
2019-04-14 19:36 - 2019-04-14 19:36 - 000002610 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-561342403-3159581679-3982711157-1001
2019-04-14 19:36 - 2019-04-14 19:36 - 000002596 _____ C:\WINDOWS\System32\Tasks\
[email protected]
2019-04-14 19:36 - 2019-04-14 19:36 - 000002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-561342403-3159581679-3982711157-500
2019-04-14 19:36 - 2019-04-14 19:36 - 000002314 _____ C:\WINDOWS\System32\Tasks\{24374C17-E411-49F6-9EEF-C6AB8679F3EC}
2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Razer Synapse
2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA
2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2019-04-14 19:36 - 2014-04-03 20:35 - 000003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1050727674-2070356693-977449066-500
2019-04-14 19:35 - 2019-04-27 00:27 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2019-04-14 19:35 - 2019-04-27 00:27 - 000001908 _____ C:\WINDOWS\diagerr.xml
2019-04-14 19:32 - 2019-04-20 03:47 - 000000000 ____D C:\Users\Hossam
2019-04-14 19:32 - 2019-04-14 20:06 - 000002417 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-14 19:32 - 2019-04-14 19:34 - 000000000 ____D C:\Users\Administrator
2019-04-14 19:32 - 2019-04-14 19:32 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Start-meny
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Skrivare
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Programdata
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Nätverket
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Mina dokument
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Mallar
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Lokala inställningar
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Documents\Mina videoklipp
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Documents\Mina bilder
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Documents\Min musik
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Program
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\AppData\Local\Tidigare
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\AppData\Local\Programdata
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Start-meny
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Skrivare
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Programdata
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Nätverket
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Mina dokument
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Mallar
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Lokala inställningar
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Documents\Mina videoklipp
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Documents\Mina bilder
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Documents\Min musik
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Program
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Tidigare
2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Programdata
2019-04-14 19:32 - 2018-09-15 09:29 - 000001105 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-14 19:31 - 2019-04-14 19:31 - 000000000 ____D C:\ProgramData\USOShared
2019-04-14 19:31 - 2019-03-12 08:33 - 002865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-04-14 19:29 - 2019-04-28 23:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-14 19:29 - 2019-04-14 19:33 - 005338008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-14 18:51 - 2019-04-14 20:00 - 000000000 ___DC C:\WINDOWS\Panther
2019-04-14 18:12 - 2019-04-14 18:12 - 000000000 ___HD C:\$Windows.~WS
2019-04-14 04:50 - 2019-04-14 04:50 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsignd5338a945c03891a
2019-04-14 04:48 - 2019-04-14 04:48 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsignefdcdf7ed673ecd3
2019-04-14 04:48 - 2019-04-14 04:48 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign83eb3925791b9423
2019-04-14 04:48 - 2019-04-14 04:48 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign5ab814c6810e3614
2019-04-14 04:48 - 2019-04-14 04:48 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign19ae9b8758f7a92e
2019-04-14 04:45 - 2019-04-20 04:05 - 000000000 ____D C:\Users\Hossam\Desktop\Windows Installations
2019-04-14 04:44 - 2019-04-14 04:44 - 000043520 ___SH C:\Users\Hossam\Downloads\Thumbs.db
2019-04-14 03:19 - 2019-04-14 03:19 - 000000000 __SHD C:\Users\Hossam\AppData\LocalLow\EmieBrowserModeList
2019-04-14 03:19 - 2019-04-14 03:19 - 000000000 __SHD C:\Users\Hossam\AppData\Local\EmieBrowserModeList
2019-04-13 21:09 - 2019-04-20 03:47 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Start-meny
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Skrivare
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Programdata
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Nätverket
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Mina dokument
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Mallar
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Lokala inställningar
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Documents\Mina videoklipp
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Documents\Mina bilder
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Documents\Min musik
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Program
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\AppData\Local\Tidigare
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\AppData\Local\Programdata
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\Documents\Mina videoklipp
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\Documents\Mina bilder
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\Documents\Min musik
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Program
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Tidigare
2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Programdata
2019-04-13 21:07 - 2019-04-14 19:35 - 000023004 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-04-13 21:02 - 2019-04-13 21:02 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2019-04-13 21:02 - 2019-04-13 21:02 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2019-04-13 20:59 - 2014-11-21 10:57 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2019-04-13 20:59 - 2014-11-21 10:57 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2019-04-13 20:56 - 2019-04-14 19:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-04-13 20:56 - 2017-10-27 18:36 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-04-13 20:56 - 2017-10-27 18:12 - 005960824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-04-13 20:56 - 2017-10-27 18:12 - 002587768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-04-13 20:56 - 2017-10-27 18:12 - 001766520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-04-13 20:56 - 2017-10-27 18:12 - 000607168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-04-13 20:56 - 2017-10-27 18:12 - 000449656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-04-13 20:56 - 2017-10-27 18:12 - 000123000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-04-13 20:56 - 2017-10-27 18:12 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-04-13 20:56 - 2017-10-25 12:33 - 007802921 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-04-13 20:55 - 2019-04-14 20:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-04-13 20:55 - 2019-04-14 20:24 - 000000000 ____D C:\Program Files\Realtek
2019-04-13 20:55 - 2019-04-14 19:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-04-13 20:55 - 2019-04-14 19:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-04-13 20:55 - 2019-04-14 19:30 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-04-13 20:55 - 2019-04-14 19:30 - 000000000 ____D C:\Program Files (x86)\Razer
2019-04-13 20:55 - 2019-04-13 21:01 - 000000000 ____D C:\ProgramData\Razer
2019-04-13 20:55 - 2019-04-13 20:55 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2019-04-13 20:55 - 2019-04-13 20:55 - 000000000 _____ C:\ProgramData\DP45977C.lfl
2019-04-13 02:06 - 2019-04-13 02:06 - 001640992 _____ C:\Users\Hossam\Downloads\Autoruns.zip
2019-04-12 22:08 - 2019-04-14 18:51 - 000000000 ____D C:\ESD
2019-04-11 23:39 - 2019-04-11 23:39 - 000000204 _____ C:\Users\Hossam\Desktop\UNO.url
2019-04-07 20:11 - 2019-04-07 20:12 - 000000000 ____D C:\Users\Hossam\AppData\Local\{62D85484-4670-383C-2BE8-1DD40F80E14C}
2019-04-05 04:13 - 2019-04-05 04:13 - 000000000 ____D C:\Users\Hossam\Documents\Need for Speed Payback
2019-03-31 18:58 - 2019-04-14 15:22 - 000000000 ____D C:\Users\Hossam\Documents\Outlook-filer
2019-03-30 23:56 - 2019-04-14 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-verktyg
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-29 00:49 - 2016-06-17 01:47 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\.minecraft
2019-04-29 00:46 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-28 22:22 - 2018-09-15 18:26 - 000713712 _____ C:\WINDOWS\system32\perfh01D.dat
2019-04-28 22:22 - 2018-09-15 18:26 - 000145586 _____ C:\WINDOWS\system32\perfc01D.dat
2019-04-28 22:22 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-04-28 22:16 - 2016-06-12 15:58 - 000000000 ___RD C:\Users\Hossam\OneDrive
2019-04-28 22:16 - 2015-09-15 01:17 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-28 03:13 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-28 03:13 - 2016-06-22 04:25 - 000004520 _____ C:\Users\Hossam\AppData\Roaming\VoiceMeeterDefault.xml
2019-04-28 02:00 - 2017-02-06 21:58 - 000000000 ____D C:\Users\Hossam\AppData\Local\Adobe
2019-04-27 20:06 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-04-27 20:06 - 2018-08-08 00:55 - 000000000 ____D C:\Program Files\Microsoft Office
2019-04-26 01:47 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-26 01:32 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-24 23:28 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-24 23:19 - 2015-09-15 01:23 - 000000000 ____D C:\ProgramData\McAfee
2019-04-24 23:15 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-24 23:15 - 2018-09-15 08:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-04-24 23:12 - 2019-03-18 21:10 - 000000000 ____D C:\Users\HomeGroupUser$
2019-04-24 23:12 - 2019-03-18 21:10 - 000000000 ____D C:\Users\Gäst
2019-04-24 23:12 - 2019-03-18 21:10 - 000000000 ____D C:\Users\Administratör
2019-04-24 23:12 - 2016-10-23 21:46 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-04-24 23:12 - 2013-08-22 15:36 - 000000000 ____D C:\Users\Default.migrated
2019-04-24 23:01 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-22 23:29 - 2019-02-25 18:41 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2019-04-22 23:29 - 2019-02-25 18:40 - 000000000 ____D C:\Program Files\Java
2019-04-22 23:29 - 2017-02-19 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-04-22 23:29 - 2016-11-20 00:12 - 000000000 ____D C:\Program Files (x86)\Java
2019-04-22 23:28 - 2017-02-19 23:03 - 000099192 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-04-21 04:19 - 2016-08-05 06:43 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\discord
2019-04-21 03:47 - 2018-09-07 19:05 - 000000000 ____D C:\Users\Hossam\AppData\Local\Ubisoft Game Launcher
2019-04-20 22:37 - 2018-11-23 01:37 - 000000000 ____D C:\Users\Hossam\AppData\Local\DigitalEntitlements
2019-04-20 19:00 - 2018-10-05 16:33 - 000000000 ____D C:\Users\Hossam\Desktop\GTA5 HK
2019-04-20 18:57 - 2017-02-03 19:05 - 000000000 ____D C:\Users\Hossam\AppData\Local\$ROEK5N8.tmp
2019-04-20 18:42 - 2016-12-11 03:35 - 000000000 ____D C:\WINDOWS\system32\log
2019-04-20 04:23 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-20 04:10 - 2019-02-25 21:53 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-04-20 03:42 - 2017-03-08 18:58 - 000000000 ____D C:\Users\Hossam\AppData\LocalLow\Temp
2019-04-20 03:41 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-04-19 19:47 - 2017-01-21 14:30 - 000001375 _____ C:\Users\Hossam\Desktop\Spotify.lnk
2019-04-18 22:53 - 2016-06-22 10:22 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\OBS
2019-04-18 22:41 - 2019-02-27 17:28 - 000001390 _____ C:\Users\Public\Desktop\Skype.lnk
2019-04-18 22:41 - 2019-02-27 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-04-15 19:02 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-15 03:59 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\appcompat
2019-04-15 03:05 - 2017-08-18 20:13 - 000000000 ____D C:\Users\Hossam\Desktop\Hossam
2019-04-14 22:06 - 2018-09-15 09:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-14 22:06 - 2018-09-15 09:36 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-14 22:01 - 2016-06-12 15:54 - 000000000 ____D C:\Users\Hossam\AppData\Local\Packages
2019-04-14 20:28 - 2019-03-26 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Payback
2019-04-14 20:28 - 2019-03-25 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2019-04-14 20:28 - 2019-02-27 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark Redux
2019-04-14 20:28 - 2019-02-25 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry New Dawn
2019-04-14 20:28 - 2019-02-08 03:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-04-14 20:28 - 2018-12-19 06:23 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2019-04-14 20:28 - 2018-12-17 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil 7 Biohazard
2019-04-14 20:28 - 2018-11-22 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PosteRazor
2019-04-14 20:28 - 2018-10-29 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2019-04-14 20:28 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-04-14 20:28 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-04-14 20:28 - 2018-09-15 09:36 - 000000000 ____D C:\WINDOWS\Setup
2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 __RHD C:\Users\Public\Libraries
2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\spool
2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Help
2019-04-14 20:28 - 2018-09-15 09:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-04-14 20:28 - 2018-08-19 00:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 5
2019-04-14 20:28 - 2018-08-19 00:22 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2019-04-14 20:28 - 2018-08-19 00:22 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2019-04-14 20:28 - 2018-08-19 00:22 - 000000000 ____D C:\WINDOWS\system32\es-cl
2019-04-14 20:28 - 2018-08-19 00:22 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2019-04-14 20:28 - 2018-06-30 03:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hello Neighbor
2019-04-14 20:28 - 2018-06-08 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2019-04-14 20:28 - 2018-06-08 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2019-04-14 20:28 - 2018-04-08 02:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Viewer Lite
2019-04-14 20:28 - 2017-04-07 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\extensions
2019-04-14 20:28 - 2017-03-24 20:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-14 20:28 - 2017-02-01 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2019-04-14 20:28 - 2017-01-03 00:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2019-04-14 20:28 - 2016-11-28 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2019-04-14 20:28 - 2016-11-06 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2019-04-14 20:28 - 2016-11-05 14:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet PhotoLooks
2019-04-14 20:28 - 2016-11-05 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2019-04-14 20:28 - 2016-10-31 19:19 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2019-04-14 20:28 - 2016-10-23 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
2019-04-14 20:28 - 2016-07-26 02:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2019-04-14 20:28 - 2016-07-15 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-04-14 20:28 - 2016-07-04 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2019-04-14 20:28 - 2016-06-29 04:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReelSmart Motion Blur 4, After Effects-compatible plugin set
2019-04-14 20:28 - 2016-06-17 19:53 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-04-14 20:28 - 2016-06-17 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-14 20:28 - 2015-09-15 01:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-04-14 20:28 - 2015-09-15 01:19 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-04-14 20:28 - 2015-09-15 01:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-04-14 20:28 - 2015-09-15 01:17 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-04-14 20:28 - 2014-11-21 18:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
2019-04-14 20:28 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-04-14 20:24 - 2019-02-25 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-04-14 20:24 - 2018-09-15 18:27 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-04-14 20:24 - 2018-09-15 18:27 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\system32\winrm
2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\system32\slmgr
2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\InputMethod
2019-04-14 20:24 - 2018-08-02 01:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2019-04-14 20:24 - 2016-06-22 04:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio
2019-04-14 20:24 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2019-04-14 20:24 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2019-04-14 20:22 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-04-14 20:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-04-14 20:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-14 20:22 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-04-14 20:19 - 2019-03-12 08:34 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-04-14 20:19 - 2018-09-15 09:41 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2019-04-14 20:19 - 2018-09-15 09:41 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2019-04-14 20:19 - 2018-09-15 09:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2019-04-14 20:19 - 2018-09-15 09:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2019-04-14 20:19 - 2018-09-15 09:37 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2019-04-14 20:19 - 2018-09-15 09:37 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2019-04-14 20:19 - 2018-09-15 09:37 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2019-04-14 20:19 - 2018-09-15 09:37 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2019-04-14 20:19 - 2018-09-15 09:37 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2019-04-14 20:19 - 2018-09-15 09:37 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2019-04-14 20:19 - 2018-09-15 09:37 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2019-04-14 20:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-04-14 20:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-04-14 20:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-04-14 20:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-04-14 20:18 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-04-14 20:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-04-14 20:04 - 2018-02-09 03:12 - 000000000 ____D C:\Users\Hossam\Desktop\Min Dator
2019-04-14 20:01 - 2016-06-13 00:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-04-14 19:45 - 2018-10-29 02:33 - 000000000 ____D C:\temp
2019-04-14 19:45 - 2018-09-09 01:22 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-04-14 19:36 - 2019-03-24 23:24 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-14 19:36 - 2019-03-24 23:24 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-14 19:36 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Registration
2019-04-14 19:36 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\windows nt
2019-04-14 19:33 - 2018-08-31 22:07 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-04-14 19:33 - 2016-06-22 10:21 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2019-04-14 19:33 - 2016-06-17 01:45 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-14 19:32 - 2018-11-20 19:07 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VectorCraft Games
2019-04-14 19:32 - 2018-10-29 23:28 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultrabox
2019-04-14 19:32 - 2016-08-05 06:43 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2019-04-14 19:32 - 2016-06-22 04:20 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio
2019-04-14 19:32 - 2014-04-03 20:18 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2019-04-14 19:31 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\USOPrivate
2019-04-14 19:30 - 2018-09-15 09:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-04-14 19:30 - 2018-09-15 09:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-04-14 18:25 - 2016-07-26 02:12 - 000000410 _____ C:\WINDOWS\Tasks\update-S-1-5-21-561342403-3159581679-3982711157-1001.job
2019-04-14 15:22 - 2019-02-07 03:39 - 000002147 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2019-04-14 15:21 - 2016-07-26 02:12 - 000000410 _____ C:\WINDOWS\Tasks\update-sys.job
2019-04-14 04:50 - 2016-07-05 19:50 - 000000000 ____D C:\Users\Hossam\Desktop\Bilder
2019-04-14 03:19 - 2016-06-17 01:13 - 000000000 __SHD C:\Users\Hossam\AppData\Local\EmieUserList
2019-04-14 03:19 - 2016-06-17 01:13 - 000000000 __SHD C:\Users\Hossam\AppData\Local\EmieSiteList
2019-04-14 03:19 - 2016-06-12 16:02 - 000000000 __SHD C:\Users\Hossam\AppData\LocalLow\EmieUserList
2019-04-14 03:19 - 2016-06-12 16:02 - 000000000 __SHD C:\Users\Hossam\AppData\LocalLow\EmieSiteList
2019-04-14 01:57 - 2018-10-29 22:02 - 000000000 ____D C:\Users\Hossam\Downloads\Youtube
2019-04-13 02:49 - 2017-03-16 16:42 - 000000000 ____D C:\Users\Hossa_000
2019-04-12 23:54 - 2016-11-05 14:02 - 000000000 ____D C:\Users\Hossam\AppData\Local\ElevatedDiagnostics
2019-04-12 15:50 - 2016-10-29 20:05 - 000000000 ____D C:\Users\Hossam\AppData\Local\CrashDumps
2019-03-30 23:56 - 2018-08-08 01:07 - 000002367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-30 23:56 - 2018-08-08 01:07 - 000002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-30 23:56 - 2018-08-08 01:07 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-30 23:56 - 2018-08-08 01:07 - 000002339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-30 23:56 - 2018-08-08 01:07 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-30 23:56 - 2018-08-08 01:07 - 000002317 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-30 23:56 - 2018-08-08 01:07 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-30 23:53 - 2018-08-08 01:08 - 000002312 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive för företag.lnk
==================== Files in the root of some directories =======
2017-04-12 21:35 - 2017-04-12 21:35 - 143054765 _____ () C:\Program Files\Common Files\Adobe.rar
2016-06-21 04:53 - 2016-06-24 23:26 - 000000132 _____ () C:\Users\Hossam\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-10-05 23:21 - 2018-01-31 19:48 - 000000033 _____ () C:\Users\Hossam\AppData\Roaming\AdobeWLCMCache.dat
2019-03-24 01:52 - 2019-03-24 02:02 - 000000043 _____ () C:\Users\Hossam\AppData\Roaming\MCVi2UserDetail.ini
2016-06-22 04:25 - 2019-04-28 03:13 - 000004520 _____ () C:\Users\Hossam\AppData\Roaming\VoiceMeeterDefault.xml
2019-04-16 01:08 - 2019-04-16 01:08 - 000000037 _____ () C:\Users\Hossam\AppData\Roaming\WB.CFG
2017-02-06 22:10 - 2019-04-14 19:09 - 002785478 _____ () C:\Users\Hossam\AppData\Local\BTServer.log
2018-09-28 17:48 - 2018-09-28 17:48 - 000000000 _____ () C:\Users\Hossam\AppData\Local\oobelibMkey.log
2017-04-12 16:31 - 2017-04-12 16:41 - 000007625 _____ () C:\Users\Hossam\AppData\Local\Resmon.ResmonCfg
2017-02-06 23:25 - 2017-02-06 23:25 - 000000003 _____ () C:\Users\Hossam\AppData\Local\updater.log
2018-02-04 05:11 - 2018-02-04 05:11 - 000000003 _____ () C:\Users\Hossam\AppData\Local\wbem.ini
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.04.2019
Ran by Hossam (29-04-2019 00:53:20)
Running from C:\Users\Hossam\Downloads
Windows 10 Home Version 1809 17763.437 (X64) (2019-04-14 17:36:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administratör (S-1-5-21-561342403-3159581679-3982711157-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-561342403-3159581679-3982711157-503 - Limited - Disabled)
Gäst (S-1-5-21-561342403-3159581679-3982711157-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-561342403-3159581679-3982711157-1003 - Limited - Enabled)
Hossam (S-1-5-21-561342403-3159581679-3982711157-1001 - Administrator - Enabled) => C:\Users\Hossam
WDAGUtilityAccount (S-1-5-21-561342403-3159581679-3982711157-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
Ableton Live 9 Suite (HKLM\...\{7597F2DC-003A-476E-9281-774AB112B7BE}) (Version: 9.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Apple-programstöd (32-bitar) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple-programstöd (64-bitar) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Assassin's Creed: Odyssey (HKLM-x32\...\Assassin's Creed: Odyssey_is1) (Version: - )
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Car Mechanic Simulator 2018 Ford (HKLM\...\Y2FybWVjaGFuaWNzaW11bGF0b3IyMDE4_is1) (Version: 1 - )
Chroma Clock version 1.0.3 (HKLM-x32\...\{05C726E4-E592-4078-B0CF-41E65FE313DD}_is1) (Version: 1.0.3 - Tim Gebauer)
Chroma Sync (HKLM-x32\...\{BC8D681E-1F5D-4C68-8E3E-A9A614D66C14}) (Version: 1.1.1 - Ultrabox Entertainment Limited)
Chroma Tic Tac Toe (HKLM-x32\...\Chroma Tic Tac Toe) (Version: 1.0.3 - VectorCraft Games)
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
Computer Security 17.215.129.0 (release) (HKLM-x32\...\{658FDBCA-B7A1-43E4-A849-9F0812473331}) (Version: 17.215.129.0 - F-Secure Corporation) Hidden
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - CSR Plc.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Discord (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
Epic Games Launcher (HKLM-x32\...\{9F55B4DA-23ED-44FA-910E-BDDBD6D942CF}) (Version: 1.1.123.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 (HKLM\...\Euro Truck Simulator 2_is1) (Version: 1.31.0.92 - )
f.lux (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Flux) (Version: - f.lux Software LLC)
FamilySafetyGuide (HKLM-x32\...\{9A268503-5AB0-479E-9690-929BDEC55C00}) (Version: 1.00.0711 - lenovo)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.00 - Ubisoft)
Far Cry 4 version 1.10.0.0 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.10.0.0 - Mr DJ)
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)
Far Cry New Dawn (HKLM-x32\...\Far Cry New Dawn_is1) (Version: - )
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)
Farming Simulator 19 (HKLM-x32\...\Farming Simulator 19_is1) (Version: - )
File Identifier (HKLM-x32\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.11 - Sharpened Productions)
File Viewer Lite (HKLM-x32\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 1.4.1 - Sharpened Productions)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
F-Secure SAFE (HKLM-x32\...\{9F1F7158-62F9-45F8-8D35-346A0E2E683D}) (Version: 3.15.285.0 - F-Secure Corporation) Hidden
F-Secure Ultralight 1.1.24.0 (release) (HKLM-x32\...\{9FAE989F-A043-4017-B60F-9134E992BB55}) (Version: 1.1.24.0 - F-Secure Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Hello Neighbor (HKLM-x32\...\Hello Neighbor_is1) (Version: - )
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.0.2 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
iTunes (HKLM\...\{69357E2A-A15B-44A1-956F-492E9DE3C0FB}) (Version: 12.9.3.3 - Apple Inc.)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 1.0.11.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.01.0429 - Lenovo)
Magic Bullet PhotoLooks (HKLM-x32\...\Magic Bullet PhotoLooks) (Version: - )
Magic Bullet Suite 64-bit (HKLM\...\{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version: 11.4.4 - Red Giant) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version: 11.4.4 - Red Giant)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 365 - sv-se (HKLM\...\O365HomePremRetail - sv-se) (Version: 16.0.11425.20244 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Svenska (HKLM-x32\...\{90150000-001F-041D-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)
NVIDIA 3D Vision drivrutin 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA 3D Vision drivrutin för styrenhet 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Grafikdrivrutin 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Miracast virtuell audio 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 419.17 - NVIDIA Corporation)
NVIDIA PhysX systemprogramvara 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-041D-1000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
Online Safety 2.215.7452.4118 (HKLM-x32\...\{0DD64CD2-B23F-4A3D-A88D-EF6848A20167}) (Version: 2.215.7452.4118 - F-Secure Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{78EE7944-E65F-466C-A720-6410F432708D}) (Version: 4.13.9783 - Apache Software Foundation)
osu! (HKLM-x32\...\{af56a254-d039-4511-814c-5c6aa494c238}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.1.0.0 - Popcorn Time) <==== ATTENTION
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.22.3 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.0401.032710 - Razer Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010714 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0240 - REALTEK Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.8.1 - Red Giant, LLC)
ReelSmart Motion Blur 4, After Effects-compatible plugin set (HKLM-x32\...\ReelSmart Motion Blur 4, After Effects-compatible plugin set) (Version: - )
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
RESIDENT EVIL 2 v.1.0 (HKLM-x32\...\RESIDENT EVIL 2_is1) (Version: - )
Roblox Player for Hossam (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Skype version 8.43 (HKLM-x32\...\Skype_is1) (Version: 8.43 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.9.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.9.1 - General Workings, Inc.)
The Long Dark Redux (HKLM-x32\...\The Long Dark Redux_is1) (Version: - )
Thief Simulator (HKLM-x32\...\Thief Simulator_is1) (Version: - )
Trapcode Suite 64-bit (HKLM\...\{9528F9CB-29E3-4E33-8BAA-181B336E24F8}) (Version: 12.1.1 - Red Giant) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{9528F9CB-29E3-4E33-8BAA-181B336E24F8}) (Version: 12.1.1 - Red Giant)
Trapcode Suite v13.1.0 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.1.0 - Red Giant, LLC)
Uninstall Chroma Discord App (Unofficial) (HKLM-x32\...\Chroma Discord App (Unofficial)_is1) (Version: - Tim Graupmann)
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
WinRAR 5.40 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.2 - win.rar GmbH)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Games\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-05-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-05-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Games\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Games\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Games\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-05-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-05-30] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\693605f3e4a93739\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2019-04-14 19:45 - 2017-10-27 18:06 - 000874368 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2019-04-14 19:45 - 2017-10-27 18:06 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2013-08-27 23:32 - 2013-08-27 23:32 - 000747520 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2015-09-15 01:18 - 2011-08-17 05:46 - 000032768 _____ () [File not signed] C:\Windows\jmesoft\Service.exe
2017-03-05 02:25 - 2016-06-25 09:52 - 000018432 _____ () [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2017-03-05 02:25 - 2016-06-25 09:52 - 001531904 _____ (RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
2017-03-05 02:25 - 2016-06-25 09:52 - 002424320 _____ (RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
2015-09-15 01:18 - 2013-07-24 22:15 - 000118784 _____ (Lenovo) [File not signed] C:\Windows\jmesoft\hotkey.exe
2015-09-15 01:18 - 2011-08-17 05:46 - 000024576 _____ () [File not signed] C:\Windows\jmesoft\JME_LOAD.exe
2017-03-05 02:25 - 2016-03-01 21:53 - 000135168 _____ (RBSoft) [File not signed] C:\Program Files (x86)\Remote Mouse\AutoUpdater.NET.dll
2017-03-05 02:25 - 2015-05-26 20:54 - 000152576 _____ () [File not signed] C:\Program Files (x86)\Remote Mouse\FileS.dll
2019-04-14 19:45 - 2017-10-27 18:06 - 000760032 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2015-09-15 01:18 - 2011-05-17 22:27 - 000028672 _____ () [File not signed] C:\Windows\jmesoft\hidhook.dll
2018-10-10 19:49 - 2018-08-09 15:16 - 004876800 _____ (Gracenote, Inc.) [File not signed] C:\WINDOWS\system32\GNSDK_FP.DLL
2015-09-15 01:24 - 2015-09-15 01:24 - 000348160 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll
2013-11-21 17:31 - 2013-11-21 17:31 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2013-11-21 17:31 - 2013-11-21 17:31 - 000499200 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-02-20 01:19 - 2019-04-16 03:08 - 000000002 _____ C:\WINDOWS\system32\drivers\etc\hosts
2016-11-20 02:27 - 2016-11-20 20:30 - 000000509 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\File Viewer Lite\lib\magick;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hossam\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles (2)\DesktopBackground\yosemite-4.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "CSRHarmonySkypePlugin"
HKLM\...\StartupApproved\Run: => "Fences"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "SaferVPN"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "RGSC"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "gflauncher"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Fences"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F7EE009B-C2EA-4710-83EA-47AD2754505E}] => (Allow) D:\Program\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C2671792-F32D-4EFA-9FE6-09ADD537C379}] => (Allow) D:\Program\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8349F32D-8D0D-4B19-A1B0-B547D0FF135A}] => (Allow) D:\Program\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{40E71CD2-8CAB-458B-84A9-BB65274B53FE}] => (Allow) D:\Program\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{8EF37271-C598-4EB0-83DC-2563707C2965}] => (Allow) D:\Program\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{00BD16F3-7040-4E95-9D73-3B9948F5326C}] => (Allow) D:\Program\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D8242725-BEEB-45B6-871E-1465D1F47EEA}] => (Allow) D:\Program\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{57D2A863-4CF4-4817-A6A3-9FA42EDD54B7}] => (Allow) D:\Program\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{F6894EFC-51EF-400A-8FA4-C78926903F19}] => (Allow) D:\Program\steamapps\common\PC Building Simulator\PCBS.exe () [File not signed]
FirewallRules: [{BEAC03EE-F1FF-4A3D-BEE3-4E67B1B948B0}] => (Allow) D:\Program\steamapps\common\PC Building Simulator\PCBS.exe () [File not signed]
FirewallRules: [{28C56425-D682-4856-AC73-ADF80183788A}] => (Allow) D:\Program\steamapps\common\Hacknet\Hacknet.exe () [File not signed]
FirewallRules: [{CDC4D372-1D1C-4A2A-A9E0-793780D28C25}] => (Allow) D:\Program\steamapps\common\Hacknet\Hacknet.exe () [File not signed]
FirewallRules: [{B26481C0-7DC7-4E2A-B066-9F2970720011}] => (Allow) D:\Program Files (x86)\Ubsoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{B9ECC6A3-49D9-46DC-9159-E559A86CD28D}] => (Allow) D:\Program Files (x86)\Ubsoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{04C90358-1AA2-4154-BEBB-A68B98524AC9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4928F9AE-71AA-4A78-A48F-697DB704D34F}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{2926E786-CFCF-4640-8E8D-D3AF899188AA}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/28/2019 10:19:08 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/28/2019 03:13:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b
, felet uppstod i modulen med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b
Undantagskod: 0xc0000005
Felförskjutning: 0x0000000000006f58
Process-ID: 0xf88
Programmets starttid: 0x01d4fd223b54bad3
Sökväg till program: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Sökväg till modul: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Rapport-ID: 5bc339c9-cb5a-48e6-b843-9100628f230d
Fullständigt namn på felaktigt paket:
Program-ID relativt till felaktigt paket:
Error: (04/28/2019 03:12:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4578
Error: (04/28/2019 03:12:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4578
Error: (04/28/2019 03:12:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/28/2019 03:12:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2938
Error: (04/28/2019 03:12:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2938
Error: (04/28/2019 03:12:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (04/28/2019 10:18:11 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Starta för COM-serverprogrammet med CLSID
Windows.SecurityCenter.SecurityAppBroker
och APPID
Inte tillgänglig
till användaren NT instans\SYSTEM SID (S-1-5-18) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
Error: (04/28/2019 10:18:11 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Starta för COM-serverprogrammet med CLSID
Windows.SecurityCenter.WscDataProtection
och APPID
Inte tillgänglig
till användaren NT instans\SYSTEM SID (S-1-5-18) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
Error: (04/28/2019 10:18:11 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Starta för COM-serverprogrammet med CLSID
Windows.SecurityCenter.WscBrokerManager
och APPID
Inte tillgänglig
till användaren NT instans\SYSTEM SID (S-1-5-18) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
Error: (04/28/2019 10:16:52 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
och APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
till användaren Lenovo-PC\Hossam SID (S-1-5-21-561342403-3159581679-3982711157-1001) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
Error: (04/28/2019 10:16:43 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Starta för COM-serverprogrammet med CLSID
Windows.SecurityCenter.WscCloudBackupProvider
och APPID
Inte tillgänglig
till användaren Lenovo-PC\Hossam SID (S-1-5-21-561342403-3159581679-3982711157-1001) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
Error: (04/28/2019 10:16:09 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
och APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
till användaren NT instans\Lokal tjänst SID (S-1-5-19) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
Error: (04/28/2019 10:16:09 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
och APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
till användaren NT instans\Lokal tjänst SID (S-1-5-19) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.
Error: (04/28/2019 03:13:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjänsten CSR OBEX Service avslutades oväntat. Detta har skett 1 gånger.
Windows Defender:
===================================
Date: 2019-04-29 00:30:09.770
Description:
Windows Defender Antivirus-sökningen stoppades innan den slutfördes.
Söknings-ID: {B7369874-ECF8-49A2-8B2F-08EF9B645A73}
Sökningstyp: Antimalware
Sökningsparametrar: Snabbsökning
Användare: NT instans\SYSTEM
Date: 2019-04-29 00:04:48.025
Description:
Windows Defender Antivirus-sökningen stoppades innan den slutfördes.
Söknings-ID: {4900FDDD-AA88-47CE-91D9-1C65DF870518}
Sökningstyp: Antimalware
Sökningsparametrar: Snabbsökning
Användare: NT instans\SYSTEM
Date: 2019-04-28 23:14:54.899
Description:
Windows Defender Antivirus-sökningen stoppades innan den slutfördes.
Söknings-ID: {7EAFB07A-C802-4C24-9B5F-49E61F92CFA8}
Sökningstyp: Antimalware
Sökningsparametrar: Snabbsökning
Användare: NT instans\SYSTEM
Date: 2019-04-27 23:25:02.523
Description:
Windows Defender Antivirus-sökningen stoppades innan den slutfördes.
Söknings-ID: {31A85793-0471-4A84-8B65-41B153CBCD74}
Sökningstyp: Antimalware
Sökningsparametrar: Snabbsökning
Användare: NT instans\SYSTEM
Date: 2019-04-27 22:58:52.711
Description:
Windows Defender Antivirus-sökningen stoppades innan den slutfördes.
Söknings-ID: {8DAD565C-D910-4BF6-AF40-F2FA90AE416D}
Sökningstyp: Antimalware
Sökningsparametrar: Snabbsökning
Användare: NT instans\SYSTEM
CodeIntegrity:
===================================
Date: 2019-04-23 21:16:07.959
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-23 21:16:07.958
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-23 21:16:07.956
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-23 21:15:07.374
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-23 21:15:07.372
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-23 21:15:07.370
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-15 21:46:40.189
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-15 21:46:40.185
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO I1KT47AUS 03/06/2015
Motherboard: LENOVO
Processor: Intel® Core i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 34%
Total physical RAM: 16316.16 MB
Available physical RAM: 10608.91 MB
Total Virtual: 17340.16 MB
Available Virtual: 11095.8 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:109.5 GB) (Free:25.99 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Lenovo) (Fixed) (Total:1838.6 GB) (Free:835.01 GB) NTFS
\\?\Volume{77fe8ff8-337a-4ffe-a2c5-376da0b5b6fe}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.7 GB) NTFS
\\?\Volume{9772911b-4763-4905-a655-333bd5f4b416}\ () (Fixed) (Total:0.44 GB) (Free:0.14 GB) NTFS
\\?\Volume{a6db99f2-20b2-4e7e-ae54-0a157bb91c55}\ (PBR_DRV) (Fixed) (Total:24.41 GB) (Free:14.91 GB) NTFS
\\?\Volume{cf69f787-6b58-4040-bdef-e9403b5c0ed7}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 3DA3A1E8)
Partition: GPT.
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 3DA3A1F6)
Partition: GPT.
==================== End of Addition.txt ============================