Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trouble launching Opera browser - Error 0xc0000022 [Solved]


  • This topic is locked This topic is locked

#1
getdealtwith

getdealtwith

    Member

  • Member
  • PipPip
  • 19 posts

Hello all!

 

All of a sudden Opera fails to launch. I have tried uninstalling and reinstalling to no avail. I have no idea what happened. Everything else seems to be running just fine.

 

Does anyone know what to do? Any help would be super appreciated! I miss my Opera

 

I have run the  Farbar Recovery Scan Tool. Here are the results:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.03.2019
Ran by steph (administrator) on DESKTOP-2C5MEQG (02-03-2019 08:51:21)
Running from C:\Users\steph\Downloads
Loaded Profiles: steph (Available Profiles: steph)
Platform: Windows 10 Home Version 1809 17763.348 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Webroot Inc. -> Webroot) C:\Program Files\Webroot\WRSA.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0338455.inf_amd64_819aa0406bf36af7\B338454\atiesrxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0338455.inf_amd64_819aa0406bf36af7\B338454\atieclxx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Nitro Software, Inc. -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\updater-ws.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\ws.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRAgent.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Webroot Inc. -> Webroot) C:\Program Files\Webroot\WRSA.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20453.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\steph\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Sonic Studio 3] => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1234432 2017-12-29] (ASUSTeK COMPUTER INC.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4190016 2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [3956368 2019-02-04] (Webroot Inc. -> Webroot)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405032 2019-02-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3144480 2019-02-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Run: [BraveSoftware Update] => C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\BraveUpdateCore.exe [607688 2019-02-15] (Brave Software, Inc. -> BraveSoftware Inc.)
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Run: [GoogleChromeAutoLaunch_F93EFB3DD44213C0D4E7C2DEA6F95C5C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1708016 2019-02-19] (Google LLC -> Google Inc.)
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [189952 2018-09-15] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\...\AppCompatFlags\Custom\UnrealTournament.exe: [{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb] -> GOG.com Unreal Tournament GOTY
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fa491d91-322c-4059-a1f7-4a79782edee8}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb [2013-01-03]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-03-01] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{97E1814E-5601-41c8-9971-10C319EF61CC}] -> C:\Windows\system32\SRCredentialProvider.dll [2019-01-16] (Splashtop Inc. -> Splashtop Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2019-01-25]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Inc. -> Webroot Software, Inc.)
Startup: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\[email protected] [2019-02-08]
ShortcutTarget: [email protected] -> C:\Program Files (x86)\FAHClient\HideConsole.exe (No File)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 1.0.0.1 192.168.2.1
Tcpip\..\Interfaces\{3bba500e-f493-4cd6-882c-1268d898d81a}: [DhcpNameServer] 1.1.1.1 1.0.0.1 192.168.2.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
BHO: Soda PDF Desktop 11 Helper -> {9703de71-ce0d-11e8-9c83-40167e6e7313} -> C:\Program Files\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll [2019-02-05] (LULU Software -> LULU Software)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\PKG\LPBar64.dll [2019-01-25] (Webroot Inc. -> Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2019-01-25] (Webroot Inc. -> Webroot)
BHO-x32: Soda PDF Desktop 11 Helper -> {9703de71-ce0d-11e8-9c83-40167e6e7313} -> C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll [2019-02-05] (LULU Software -> LULU Software)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\PKG\LPBar.dll [2019-01-25] (Webroot Inc. -> Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2019-01-25] (Webroot Inc. -> Webroot)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll [2019-01-25] (Webroot Inc. -> Webroot)
Toolbar: HKLM - Soda PDF Desktop 11 Toolbar - {970516f0-ce0d-11e8-8baa-40167e6e7313} - C:\Program Files\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-02-05] (LULU Software -> LULU Software)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll [2019-01-25] (Webroot Inc. -> Webroot)
Toolbar: HKLM-x32 - Soda PDF Desktop 11 Toolbar - {970516f0-ce0d-11e8-8baa-40167e6e7313} - C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-02-05] (LULU Software -> LULU Software)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: dpu2go2i.default
FF ProfilePath: C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\dpu2go2i.default [2019-03-02]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\WRData\PKG\FF_XPI\wts_ff_extension.xpi
FF Extension: (Webroot Filtering Extension) - C:\ProgramData\WRData\PKG\FF_XPI\wts_ff_extension.xpi [2019-01-25]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\[email protected]
FF Extension: (Soda PDF Desktop 11 Creator) - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\[email protected] [2019-01-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\[email protected]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-03-01] (Adobe Systems Incorporated -> )
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-03-01] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-03-01] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-03-01] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-3657392865-4282527132-3450529356-1001: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-02-15] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin HKU\S-1-5-21-3657392865-4282527132-3450529356-1001: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-02-15] (Brave Software, Inc. -> BraveSoftware Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default [2019-03-02]
CHR Extension: (Slides) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-01]
CHR Extension: (Docs) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-01]
CHR Extension: (Google Drive) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-01]
CHR Extension: (YouTube) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-01]
CHR Extension: (Dropbox for Gmail) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2019-03-01]
CHR Extension: (Dashlane - Password Manager) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2019-03-01]
CHR Extension: (Sheets) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-01]
CHR Extension: (Audio Downloader Prime) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\flainkeonkoanoijnkojmiiihnfdhipd [2019-03-01]
CHR Extension: (Google Docs Offline) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-02]
CHR Extension: (Google Keep - notes and lists) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2019-03-01]
CHR Extension: (Podio) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikfhmmbhaifchbdlhlfcoildocgmbleb [2019-03-01]
CHR Extension: (Email Extractor) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdianbbpnakhcmfkcckaboohfgnngfcc [2019-03-01]
CHR Extension: (Webroot Filtering Extension) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2019-03-01]
CHR Extension: (Evernote Web) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2019-03-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-01]
CHR Extension: (Data Scraper - Easy Web Scraping) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndknepjnldbdbepjfgmncbggmopgden [2019-03-01]
CHR Extension: (Evernote Web Clipper) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2019-03-01]
CHR Extension: (Gmail) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-01]
CHR Extension: (Chrome Media Router) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-01]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0338455.inf_amd64_819aa0406bf36af7\B338454\atiesrxx.exe [508320 2019-01-24] (Advanced Micro Devices, Inc. -> AMD)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe [419264 2018-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8348064 2019-01-24] (BattlEye Innovations e.K. -> )
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11013280 2019-02-07] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [49704 2019-02-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-24] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [1326016 2019-01-04] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [70752 2019-02-08] (Nitro Software, Inc. -> Nalpeiron Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-02-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-02-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 RtkBtManServ; C:\Windows\RtkBtManServ.exe [713816 2018-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 Soda PDF Desktop 11; C:\Program Files\Soda PDF Desktop 11\ws.exe [2463560 2019-02-05] (LULU Software -> LULU Software)
R2 Soda PDF Desktop 11 Creator; C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe [720200 2019-02-05] (LULU Software -> LULU Software)
R2 Soda PDF Desktop 11 Update Service; C:\Program Files\Soda PDF Desktop 11\updater-ws.exe [1778504 2019-02-05] (LULU Software -> LULU Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [3956368 2019-02-04] (Webroot Inc. -> Webroot)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Wondershare Video Converter Ultimate (Desktop)\Transfer\DriverInstall.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [43400 2017-03-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\Windows\System32\drivers\atikmdag-patched\atikmdag.sys [52785728 2012-06-26] (Edgard Roberto Viera -> Advanced Micro Devices, Inc.) [File not signed]
R3 amdkmdag; C:\Windows\SysWOW64\drivers\atikmdag-patched\atikmdag.sys [52785728 2012-06-26] (Edgard Roberto Viera -> Advanced Micro Devices, Inc.) [File not signed]
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0338455.inf_amd64_819aa0406bf36af7\B338454\atikmpag.sys [589216 2019-01-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [101568 2019-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33504 2019-01-01] (ASUSTeK Computer Inc. -> )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [46944 2018-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [23392 2018-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz148; C:\Windows\temp\cpuz148\cpuz148_x64.sys [44648 2019-03-02] (CPUID S.A.R.L.U. -> CPUID)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [65320 2019-01-24] (Martin Malik - REALiX -> REALiX™)
R3 MSIO; C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
R3 RtkBtFilter; C:\Windows\System32\drivers\RtkBtfilter.sys [758312 2018-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [8009040 2017-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R0 secnvme; C:\Windows\System32\drivers\secnvme.sys [134120 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [128216 2019-01-25] (Webroot Inc. -> Webroot)
R3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [68416 2019-01-25] (Webroot Inc. -> Webroot)
S3 ALSysIO; \??\C:\Users\steph\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite Titanium.SP2c\WNt600x64\Sandra.sys [X]
U0 SR; no ImagePath
U2 srservice; no ImagePath
S3 VGAOCTool; \??\C:\Users\steph\AppData\Local\Temp\VGAOCTool.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-02 08:45 - 2019-03-02 08:45 - 007316688 _____ (Malwarebytes) C:\Users\steph\Downloads\adwcleaner_7.2.7.0.exe
2019-03-02 08:45 - 2019-03-02 08:45 - 000000000 ____D C:\AdwCleaner
2019-03-02 08:39 - 2019-03-02 08:51 - 000038060 _____ C:\Users\steph\Downloads\FRST.txt
2019-03-02 08:39 - 2019-03-02 08:51 - 000000000 ____D C:\FRST
2019-03-02 08:39 - 2019-03-02 08:40 - 000073211 _____ C:\Users\steph\Downloads\Addition.txt
2019-03-02 08:38 - 2019-03-02 08:38 - 002434048 _____ (Farbar) C:\Users\steph\Downloads\FRST64.exe
2019-03-02 08:29 - 2019-03-02 08:29 - 000000000 ___HD C:\OneDriveTemp
2019-03-01 21:01 - 2019-03-01 21:01 - 026807296 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 024616960 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 023439360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 020812288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 019284480 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 019023872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 017520640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 015224832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 012858368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 012150784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 009683256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 009670656 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 008875008 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007897088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007688088 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007647256 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007556392 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007251456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 006544584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 006440960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 006309040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005915936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005588184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005566464 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005436184 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005296640 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 004920832 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 004688896 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 004245280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 003983872 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003923456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003761664 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003729808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 003660288 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003652656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003566080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003551408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003504128 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003427840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003399168 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003381760 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003378488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 003108864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002871312 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 002842112 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002766648 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002752360 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002720768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 002700792 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002637312 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 002630656 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002626360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 002485760 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002447360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002278240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002187264 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002127360 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002073240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002044416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002013696 _____ C:\Windows\system32\rdpnano.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002001408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001994760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001969464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 001931264 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001893888 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001844448 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001830200 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001782272 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001742104 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001715712 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001711616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001697744 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-01 21:01 - 2019-03-01 21:01 - 001672704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001656832 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001644048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001604096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001590072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001572176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001563336 _____ (Microsoft Corporation) C:\Windows\system32\ttdrecordcpu.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001481488 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001479480 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001468440 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001457544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001360696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 001341880 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-01 21:01 - 2019-03-01 21:01 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001307648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001296576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001294856 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001289192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001272552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdrecordcpu.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001267712 _____ (Microsoft Corporation) C:\Windows\system32\APMon.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001259320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 001258808 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-03-01 21:01 - 2019-03-01 21:01 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001255736 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001221944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001221120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001191512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001179168 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001176064 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001131520 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001098128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001087800 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001078072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Services.TargetedContent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001077912 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001072720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001056272 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001054200 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001052160 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001050936 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001047040 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001022616 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001001472 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2019-03-01 21:01 - 2019-03-01 21:01 - 000955392 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000926208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000918032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000908800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2019-03-01 21:01 - 2019-03-01 21:01 - 000902144 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000888320 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000888120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pidgenx.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000871792 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000866152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000865568 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000860160 _____ C:\Windows\system32\MBR2GPT.EXE
2019-03-01 21:01 - 2019-03-01 21:01 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000836096 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000833064 _____ C:\Windows\system32\InputHost.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000823296 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000808464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000790328 _____ (Microsoft Corporation) C:\Windows\system32\upshared.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000775168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000772608 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000772408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Services.TargetedContent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000764216 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000757664 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000745984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000735760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000714240 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000691712 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000652824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000646656 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000646632 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000622080 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000621568 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000619832 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000605496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000604336 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000599040 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000591832 _____ C:\Windows\SysWOW64\InputHost.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000549376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000548864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000525312 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000519992 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000511800 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000505656 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\ResourceMapper.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000484976 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000479232 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000460304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000453944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000449368 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000435712 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000421688 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000387832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000383288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageHandlers.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000359424 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000355360 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000336744 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000330464 _____ (Microsoft Corporation) C:\Windows\system32\ttdwriter.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000322576 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000279376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000272648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdwriter.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000262456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000246584 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\ptpprov.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\SecureTimeAggregator.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000202552 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000195896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\winbio.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\ngctasks.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000169784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000147256 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SpatialAudioLicenseSrv.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000138960 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000134144 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageLiveTileTask.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbio.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000115152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000071184 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000035640 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\SecureBioSysprep.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-03-01 13:32 - 2019-03-01 13:32 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-01 13:32 - 2019-03-01 13:32 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-01 13:32 - 2019-03-01 13:32 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2019-03-01 13:32 - 2019-03-01 13:32 - 000000000 ____D C:\Users\steph\AppData\Roaming\Google
2019-03-01 13:31 - 2019-03-01 13:40 - 000000000 ____D C:\Users\steph\AppData\Local\Google
2019-03-01 13:31 - 2019-03-01 13:32 - 000000000 ____D C:\Program Files (x86)\Google
2019-03-01 13:31 - 2019-03-01 13:31 - 001136176 _____ (Google Inc.) C:\Users\steph\Downloads\ChromeSetup.exe
2019-03-01 13:31 - 2019-03-01 13:31 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-01 13:31 - 2019-03-01 13:31 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-01 13:28 - 2019-03-01 14:15 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-01 13:28 - 2019-03-01 13:28 - 000004578 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-01 13:28 - 2019-03-01 13:28 - 000000000 ____D C:\Users\steph\AppData\Roaming\Macromedia
2019-02-26 17:31 - 2019-02-26 17:31 - 000318040 _____ C:\Users\steph\Downloads\NS_LBP_.pdf
2019-02-26 11:23 - 2019-02-26 11:23 - 000019719 _____ C:\Users\steph\Downloads\190222GACHEROKEE.csv
2019-02-26 11:23 - 2019-02-26 11:23 - 000019719 _____ C:\Users\steph\Desktop\190222GACHEROKEE.csv
2019-02-26 11:23 - 2019-02-26 11:23 - 000007684 _____ C:\Users\steph\Downloads\190225GAPAULDING.csv
2019-02-26 11:23 - 2019-02-26 11:23 - 000007684 _____ C:\Users\steph\Desktop\190225GAPAULDING.csv
2019-02-26 11:15 - 2019-02-26 11:15 - 000370212 _____ C:\Users\steph\Downloads\209186_2019-02-26_16-14_Stephen_Richardson.csv
2019-02-26 10:39 - 2019-02-26 11:24 - 000001422 _____ C:\Users\steph\Desktop\Opera Browser.lnk
2019-02-26 10:39 - 2019-02-26 10:39 - 002161680 _____ (Opera Software) C:\Users\steph\Downloads\OperaSetup(1).exe
2019-02-26 10:39 - 2019-02-26 10:39 - 000004208 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1551195594
2019-02-26 10:39 - 2019-02-26 10:39 - 000001406 _____ C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-02-26 10:25 - 2019-02-26 10:25 - 002161680 _____ (Opera Software) C:\Users\steph\Downloads\OperaSetup.exe
2019-02-25 19:12 - 2019-02-25 19:12 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (6).pages
2019-02-25 19:12 - 2019-02-25 19:12 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (5).pages
2019-02-25 19:12 - 2019-02-25 19:12 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (4).pages
2019-02-25 19:12 - 2019-02-25 19:12 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (3).pages
2019-02-25 19:11 - 2019-02-25 19:11 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3).pages
2019-02-25 19:11 - 2019-02-25 19:11 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (2).pages
2019-02-25 19:11 - 2019-02-25 19:11 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (1).pages
2019-02-25 17:38 - 2019-02-25 17:38 - 014209518 _____ C:\Users\steph\Downloads\MM1000_QSG.pdf
2019-02-25 17:35 - 2019-02-25 17:35 - 000001199 _____ C:\Users\Public\Desktop\iCUE.lnk
2019-02-25 17:35 - 2019-02-25 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-02-25 17:35 - 2019-02-25 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2019-02-25 17:35 - 2019-02-25 17:35 - 000000000 ____D C:\Program Files (x86)\Corsair
2019-02-20 22:15 - 2019-02-20 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-02-20 08:55 - 2019-02-20 08:55 - 000006247 _____ C:\Users\steph\Downloads\Coop.and.Cami.Ask.the.World.S01E04.720p.HEVC.x265-MeGusta [TD] (1).torrent
2019-02-20 08:43 - 2019-02-20 08:43 - 000006747 _____ C:\Users\steph\Downloads\Coop.and.Cami.Ask.the.World.S01E10.720p.HEVC.x265-MeGusta [TD].torrent
2019-02-20 08:43 - 2019-02-20 08:43 - 000002276 _____ C:\Users\steph\Downloads\Coop.and.Cami.Ask.the.World.S01E09.HDTV.x264-W4F [TD].torrent
2019-02-20 08:42 - 2019-02-20 08:42 - 000006247 _____ C:\Users\steph\Downloads\Coop.and.Cami.Ask.the.World.S01E04.720p.HEVC.x265-MeGusta [TD].torrent
2019-02-20 08:42 - 2019-02-20 08:42 - 000002776 _____ C:\Users\steph\Downloads\Coop.and.Cami.Ask.the.World.S01E06.HDTV.x264-W4F [TD] (1).torrent
2019-02-20 08:42 - 2019-02-20 08:42 - 000002434 _____ C:\Users\steph\Downloads\Coop.and.Cami.Ask.the.World.S01E05.HDTV.x264-W4F [TD].torrent
2019-02-20 08:41 - 2019-02-20 08:41 - 000006227 _____ C:\Users\steph\Downloads\Coop.and.Cami.Ask.the.World.S01E03.720p.HEVC.x265-MeGusta [TD].torrent
2019-02-20 08:41 - 2019-02-20 08:41 - 000002776 _____ C:\Users\steph\Downloads\Coop.and.Cami.Ask.the.World.S01E06.HDTV.x264-W4F [TD].torrent
2019-02-19 18:19 - 2019-02-19 18:19 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-02-19 18:19 - 2019-02-19 18:19 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-02-19 18:19 - 2019-02-19 18:19 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-02-19 18:19 - 2019-02-19 18:19 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-02-19 11:47 - 2019-02-19 11:50 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
2019-02-19 11:47 - 2019-02-19 11:50 - 000000000 ____D C:\Program Files (x86)\WonderFox Soft
2019-02-19 11:47 - 2019-02-19 11:47 - 000000000 ____D C:\Users\steph\Documents\WonderFox Soft
2019-02-19 11:45 - 2019-02-19 11:45 - 000002147 _____ C:\Users\steph\Downloads\WonderFox.DVD.Video.Converter.v14.7.Incl.Keygen-AMPED [TD].torrent
2019-02-19 11:38 - 2019-02-19 11:38 - 000002074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro.lnk
2019-02-19 11:38 - 2019-02-19 11:38 - 000002062 _____ C:\Users\Public\Desktop\Nitro Pro.lnk
2019-02-19 11:38 - 2019-02-19 11:38 - 000000000 ____D C:\Users\steph\AppData\Roaming\Nitro
2019-02-19 11:38 - 2019-02-19 11:38 - 000000000 ____D C:\ProgramData\Nitro
2019-02-19 11:38 - 2019-02-19 11:38 - 000000000 ____D C:\Program Files\Nitro
2019-02-19 11:38 - 2019-02-19 11:38 - 000000000 ____D C:\Program Files (x86)\Nitro
2019-02-19 11:38 - 2019-02-08 14:43 - 000222816 _____ (Nitro Software, Inc.) C:\Windows\system32\NxPrinterMonitor12.dll
2019-02-19 11:38 - 2019-02-08 14:43 - 000131168 _____ (Nitro Software, Inc.) C:\Windows\system32\NxPrinterMonitorUI12.dll
2019-02-19 11:36 - 2019-02-19 11:36 - 000003436 _____ C:\Users\steph\Downloads\Nitro.Software.Nitro.Pro.v12.9.1.474.x64.Incl.Keymaker-CORE [TD].torrent
2019-02-19 11:33 - 2019-02-19 11:33 - 000000000 ____D C:\Users\Public\Documents\CyberLink
2019-02-19 11:31 - 2019-02-19 11:34 - 000000000 ____D C:\Users\steph\Documents\CyberLink
2019-02-19 11:31 - 2019-02-19 11:34 - 000000000 ____D C:\Users\steph\AppData\Roaming\CyberLink
2019-02-19 11:31 - 2019-02-19 11:31 - 000000000 ____D C:\Users\Public\CyberLink
2019-02-19 11:27 - 2019-02-19 11:27 - 000000000 ____D C:\Windows\system32\Drivers\CLFCL5.18
2019-02-19 11:26 - 2019-02-19 11:35 - 000000000 ____D C:\ProgramData\install_clap
2019-02-19 11:26 - 2019-02-19 11:34 - 000000000 ____D C:\Users\steph\AppData\Local\CyberLink
2019-02-19 11:26 - 2019-02-19 11:34 - 000000000 ____D C:\ProgramData\CyberLink
2019-02-19 11:26 - 2019-02-19 11:27 - 000000000 ____D C:\ProgramData\PDVD
2019-02-19 11:26 - 2019-02-19 11:26 - 000000000 ____D C:\ProgramData\CLSK
2019-02-19 11:24 - 2019-02-19 11:24 - 000004993 _____ C:\Users\steph\Downloads\Cyberlink.PowerDVD.Ultra.v18.0.1529.62.Multilingual.Incl.Keymaker-CORE [TD].torrent
2019-02-19 11:20 - 2019-02-19 11:46 - 000000000 ____D C:\Program Files (x86)\Wondershare
2019-02-19 11:20 - 2019-02-19 11:20 - 000000000 ____D C:\Wondershare Video Converter Ultimate
2019-02-19 11:20 - 2019-02-19 11:20 - 000000000 ____D C:\ProgramData\Wondershare MediaServer
2019-02-19 11:20 - 2019-02-19 11:20 - 000000000 ____D C:\ProgramData\GraphicsType
2019-02-19 11:20 - 2019-02-19 11:20 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2019-02-17 22:12 - 2019-02-17 22:12 - 000000000 ____D C:\Program Files (x86)\dvdfab
2019-02-17 22:06 - 2019-02-17 22:06 - 000000000 ____D C:\ProgramData\Canneverbe Limited
2019-02-17 22:05 - 2019-03-01 15:10 - 000007619 _____ C:\Users\steph\AppData\Local\Resmon.ResmonCfg
2019-02-17 22:05 - 2019-02-17 22:05 - 000000000 ____D C:\Users\steph\AppData\Roaming\Canneverbe Limited
2019-02-17 21:57 - 2019-02-17 21:57 - 000000000 ____D C:\Users\steph\AppData\Roaming\DVDFab11
2019-02-17 21:54 - 2019-02-17 21:54 - 000000000 ____D C:\Users\steph\AppData\Roaming\30080
2019-02-17 21:53 - 2019-02-17 21:53 - 000001057 _____ C:\Users\steph\AppData\Roaming\88e9dc3a-641c-4dc2-9204-9ba65cc42265
2019-02-17 21:53 - 2019-02-17 21:53 - 000000171 _____ C:\Users\steph\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-02-17 21:53 - 2019-02-17 21:53 - 000000000 ____D C:\Users\steph\Documents\DVDFabCommon
2019-02-17 21:53 - 2019-02-17 21:53 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-02-17 21:52 - 2019-02-17 21:53 - 000000000 ____D C:\Users\steph\Downloads\DVDFab 11
2019-02-17 21:52 - 2019-02-17 21:53 - 000000000 ____D C:\Users\steph\Documents\DVDFab11
2019-02-17 21:40 - 2019-02-17 21:50 - 000000000 ____D C:\Temp
2019-02-17 21:38 - 2019-02-17 21:38 - 000000000 ____D C:\Users\steph\AppData\Roaming\Digiarty
2019-02-17 21:32 - 2019-02-17 21:49 - 000000000 ____D C:\Users\steph\AppData\Local\cdrtfe
2019-02-17 20:44 - 2019-02-21 08:49 - 000000000 ____D C:\Users\steph\AppData\Roaming\vlc
2019-02-17 20:44 - 2019-02-19 11:17 - 000000000 ____D C:\Users\steph\AppData\Roaming\dvdcss
2019-02-17 20:36 - 2019-02-21 08:50 - 000000000 ____D C:\Users\steph\Documents\ConvertXToDVD
2019-02-17 20:36 - 2019-02-21 08:47 - 000000000 ____D C:\Users\steph\Documents\ConvertXtoDVD_Resources
2019-02-17 20:36 - 2019-02-17 21:10 - 000000000 ____D C:\ProgramData\VSO
2019-02-17 20:36 - 2019-02-17 20:43 - 000000000 ____D C:\Users\steph\AppData\Roaming\VSO
2019-02-17 20:36 - 2019-02-17 20:36 - 000099384 _____ C:\Users\steph\AppData\Roaming\inst.exe
2019-02-17 20:36 - 2019-02-17 20:36 - 000082816 _____ (VSO Software) C:\Users\steph\AppData\Roaming\pcouffin.sys
2019-02-17 20:36 - 2019-02-17 20:36 - 000007859 _____ C:\Users\steph\AppData\Roaming\pcouffin.cat
2019-02-17 20:36 - 2019-02-17 20:36 - 000001309 _____ C:\Users\steph\Desktop\ConvertXToDVD 7.lnk
2019-02-17 20:36 - 2019-02-17 20:36 - 000000000 ____D C:\Users\steph\Documents\PcSetup
2019-02-17 20:36 - 2019-02-17 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2019-02-17 20:36 - 2019-02-17 20:36 - 000000000 ____D C:\Program Files (x86)\VSO
2019-02-17 20:29 - 2019-02-17 20:30 - 000000000 ____D C:\Users\steph\Documents\dvd
2019-02-17 20:28 - 2019-02-17 20:31 - 000000000 ____D C:\Program Files (x86)\DVD Flick
2019-02-17 20:28 - 2007-08-31 18:36 - 000036864 _____ (Robdogg Inc.) C:\Windows\SysWOW64\trayicon_handler.ocx
2019-02-17 20:28 - 2003-01-26 13:41 - 000040960 _____ (vbAccelerator) C:\Windows\SysWOW64\ssubtmr6.dll
2019-02-17 20:16 - 2019-02-17 20:28 - 000000000 ____D C:\Windows\System32\Tasks\NCH Software
2019-02-17 20:07 - 2019-02-17 20:07 - 000018701 _____ C:\Users\steph\Downloads\Tinker.Bell.and.the.Legend.of.the.NeverBeast.2014.DVDRip.XviD-EVO [TD].torrent
2019-02-17 20:00 - 2019-02-20 15:38 - 000000000 ____D C:\Users\steph\Desktop\movies
2019-02-15 13:35 - 2019-03-01 14:41 - 000002623 _____ C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2019-02-15 13:35 - 2019-02-15 13:35 - 000003700 _____ C:\Windows\System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3657392865-4282527132-3450529356-1001UA
2019-02-15 13:35 - 2019-02-15 13:35 - 000003432 _____ C:\Windows\System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3657392865-4282527132-3450529356-1001Core
2019-02-15 13:35 - 2019-02-15 13:35 - 000000000 ____D C:\Users\steph\AppData\Local\BraveSoftware
2019-02-15 13:02 - 2019-02-15 13:02 - 000069677 _____ C:\Users\steph\Downloads\209100_2019-02-15_18-01_Stephen_Richardson.csv
2019-02-15 12:57 - 2019-02-15 12:57 - 000017202 _____ C:\Users\steph\Desktop\CherokeeDelinq.csv
2019-02-15 11:39 - 2019-02-15 11:39 - 000000000 ____D C:\Users\steph\AppData\Local\KutoolsforExcel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\Users\steph\Documents\Kutools for Excel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\Users\steph\AppData\Roaming\Kutools for Excel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\Users\Public\Documents\Kutools for Excel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kutools for Excel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\Program Files (x86)\Kutools for Excel
2019-02-13 20:01 - 2019-02-13 20:01 - 000032429 _____ C:\Users\steph\Downloads\dgreadiness_v3.6.zip
2019-02-13 12:17 - 2019-02-13 12:17 - 000000000 ____D C:\Users\steph\AppData\Roaming\PDF Producer
2019-02-13 12:11 - 2019-02-15 13:05 - 000084745 _____ C:\Users\steph\Desktop\Copy of delinq2819.xlsx
2019-02-13 09:55 - 2019-02-13 09:57 - 389029260 _____ C:\Users\steph\Downloads\DRV_Chipset_AMD_AM4_RS5_VGA_TP_W10_64_VER512038_20190122R.zip
2019-02-13 08:24 - 2019-02-13 08:24 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 006070272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 004885504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 002927120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 002437552 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 002021584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001700864 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001671864 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001467560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000982576 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000982032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000765960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000475152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-02-13 08:24 - 2019-02-13 08:24 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000461824 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000419128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000387384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000047136 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2019-02-13 08:24 - 2019-02-13 08:24 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000039304 _____ (Microsoft Corporation) C:\Windows\system32\NtlmShared.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NtlmShared.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000000072 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2019-02-12 19:13 - 2019-02-13 22:07 - 000000000 ____D C:\Users\steph\AppData\Roaming\Soda PDF Desktop 11
2019-02-12 19:13 - 2019-02-12 19:14 - 000000000 ____D C:\ProgramData\Soda PDF Desktop 11
2019-02-12 19:13 - 2019-02-12 19:13 - 000001143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop 11.lnk
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\Users\steph\Documents\Soda PDF Files
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop 11
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\Program Files\Soda PDF Desktop 11
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\Program Files (x86)\Soda PDF Desktop Manager
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\Program Files (x86)\Soda PDF Desktop 11
2019-02-12 10:12 - 2019-02-12 10:12 - 027349554 _____ C:\Users\steph\Downloads\ResizedPhotos.0.zip
2019-02-11 16:01 - 2019-02-11 16:01 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-02-10 18:14 - 2019-02-10 18:14 - 000000000 ____D C:\Users\steph\AppData\Roaming\EasyAntiCheat
2019-02-10 18:13 - 2019-02-19 12:30 - 000001199 _____ C:\Users\Public\Desktop\Apex Legends.lnk
2019-02-10 18:13 - 2019-02-10 18:13 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-02-10 18:13 - 2019-02-10 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2019-02-10 18:13 - 2019-02-10 18:13 - 000000000 ____D C:\ProgramData\Electronic Arts
2019-02-10 17:59 - 2019-02-18 14:19 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-02-10 17:57 - 2019-02-10 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2019-02-10 17:57 - 2019-02-10 17:57 - 000000000 ____D C:\Program Files (x86)\Origin
2019-02-10 17:54 - 2019-02-20 22:23 - 000000000 ____D C:\ProgramData\Origin
2019-02-10 17:54 - 2019-02-19 12:30 - 000000000 ____D C:\Users\steph\AppData\Roaming\Origin
2019-02-10 17:54 - 2019-02-10 18:14 - 000000000 ____D C:\Users\steph\AppData\Local\Origin
2019-02-10 17:54 - 2019-02-10 17:54 - 000000000 ____D C:\Users\steph\.QtWebEngineProcess
2019-02-10 17:54 - 2019-02-10 17:54 - 000000000 ____D C:\Users\steph\.Origin
2019-02-08 14:43 - 2019-02-08 14:43 - 000070752 _____ (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
2019-02-08 13:33 - 2019-02-08 13:36 - 000461980 _____ C:\Users\steph\Downloads\209040_2019-02-08_18-33_Stephen_Richardson.csv
2019-02-08 12:24 - 2019-02-08 12:24 - 000277808 _____ C:\Users\steph\Downloads\call_recording_download_02-08-2019 11_24.zip
2019-02-08 12:16 - 2019-02-08 12:18 - 000000000 ____D C:\ProgramData\TEMP
2019-02-06 14:59 - 2019-02-06 14:59 - 000000112 _____ C:\Users\steph\Downloads\contact000000.vcf
2019-02-06 13:15 - 2019-02-06 13:15 - 000073393 _____ C:\Users\steph\Downloads\190206GACOBB.csv
2019-02-06 13:00 - 2019-02-06 13:00 - 000230251 _____ C:\Users\steph\Downloads\contract-for-laura-lloyd-signed.pdf
2019-02-06 12:41 - 2019-02-06 12:41 - 000131544 _____ C:\Users\steph\AppData\Local\GDIPFONTCACHEV1.DAT
2019-02-06 12:41 - 2019-02-06 12:41 - 000000000 ____D C:\Users\steph\AppData\Roaming\PDF Software
2019-02-06 12:29 - 2019-02-19 11:20 - 000000000 ____D C:\ProgramData\Wondershare
2019-02-06 12:28 - 2019-02-19 11:20 - 000000000 ____D C:\Users\steph\AppData\Local\Wondershare
2019-02-06 12:27 - 2019-02-19 11:20 - 000000000 ____D C:\Users\steph\AppData\Roaming\Wondershare
2019-02-06 12:27 - 2019-02-19 11:20 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2019-02-06 11:48 - 2019-02-06 11:48 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-05 10:57 - 2019-02-05 10:57 - 000024836 _____ C:\Users\steph\Downloads\members_REI_Live_opened_Feb_5_2019.csv
2019-02-05 10:42 - 2019-02-05 10:42 - 000207073 _____ C:\Users\steph\Documents\assignment-for-260-cottonwood-loop.pdf
2019-02-04 15:54 - 2019-02-04 15:54 - 000000000 ____D C:\Users\steph\AppData\Local\DBG
2019-02-04 10:08 - 2019-02-04 10:08 - 000000000 ____D C:\Users\steph\Documents\Shadow of the Tomb Raider
2019-02-04 10:08 - 2019-02-04 10:08 - 000000000 ____D C:\Users\steph\AppData\Roaming\Eidos Montreal
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-02 08:47 - 2019-01-24 16:53 - 000000000 ___RD C:\Users\steph\Dropbox
2019-03-02 08:47 - 2019-01-24 14:45 - 000000000 ____D C:\Program Files (x86)\Steam
2019-03-02 08:47 - 2019-01-24 13:42 - 000000000 ___RD C:\Users\steph\OneDrive
2019-03-02 08:46 - 2019-01-25 13:26 - 000273688 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2019-03-02 08:46 - 2019-01-25 13:26 - 000231104 _____ (Webroot) C:\Windows\system32\WRusr.dll
2019-03-02 08:46 - 2019-01-25 04:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-02 08:46 - 2019-01-24 13:46 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-03-02 08:46 - 2019-01-24 13:46 - 000003112 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-03-02 08:46 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-02 08:46 - 2018-09-15 01:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-03-02 08:37 - 2018-09-15 02:31 - 000000000 ____D C:\Windows\INF
2019-03-02 08:34 - 2019-01-24 13:42 - 000795988 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-02 08:30 - 2019-01-27 09:57 - 000000000 ____D C:\Users\steph\AppData\LocalLow\Mozilla
2019-03-02 08:30 - 2019-01-24 13:48 - 000000000 ____D C:\Users\steph\AppData\Local\D3DSCache
2019-03-02 08:29 - 2019-01-25 13:26 - 000000000 ____D C:\ProgramData\WRData
2019-03-02 08:29 - 2019-01-24 13:40 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-03-02 08:29 - 2019-01-24 13:40 - 000000000 ___RD C:\Users\steph\3D Objects
2019-03-02 08:29 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-02 08:29 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\AppReadiness
2019-03-02 08:28 - 2019-01-27 09:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-03-02 08:28 - 2019-01-27 09:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-02 08:28 - 2019-01-25 04:36 - 000649224 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\TextInput
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\oobe
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\bcastdvr
2019-03-01 21:02 - 2018-09-15 02:23 - 000000000 ____D C:\Windows\CbsTemp
2019-03-01 21:01 - 2019-01-24 13:38 - 002865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-03-01 20:58 - 2019-01-25 04:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-03-01 16:42 - 2019-01-24 14:42 - 000000000 ____D C:\Users\steph\AppData\Roaming\Telegram Desktop
2019-03-01 16:38 - 2019-01-24 14:43 - 000000000 ____D C:\Users\steph\Downloads\Telegram Desktop
2019-03-01 16:02 - 2019-01-25 14:28 - 000000000 ____D C:\Users\steph\AppData\Roaming\WhatsApp
2019-03-01 14:15 - 2019-01-24 19:48 - 000004600 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-01 14:15 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-01 14:15 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-01 13:28 - 2019-01-27 09:57 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-01 13:28 - 2019-01-24 19:48 - 000000000 ____D C:\Users\steph\AppData\Local\Adobe
2019-02-26 11:32 - 2019-01-25 14:28 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-02-26 11:32 - 2019-01-25 14:28 - 000000000 ____D C:\Users\steph\AppData\Local\WhatsApp
2019-02-26 10:39 - 2019-01-24 14:02 - 000000000 ____D C:\Users\steph\AppData\Roaming\Opera Software
2019-02-26 10:39 - 2019-01-24 14:02 - 000000000 ____D C:\Users\steph\AppData\Local\Opera Software
2019-02-26 10:31 - 2018-09-15 02:41 - 000385536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2019-02-26 10:31 - 2018-09-15 02:41 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2019-02-26 10:31 - 2018-09-15 02:41 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000472576 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2019-02-26 10:31 - 2018-09-15 02:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2019-02-25 19:13 - 2019-01-29 10:13 - 000000000 ____D C:\Users\steph\AppData\Roaming\Psiphon3
2019-02-25 19:13 - 2019-01-24 13:40 - 000000000 ____D C:\Users\steph\AppData\Local\Packages
2019-02-25 17:35 - 2019-01-24 15:08 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-02-25 17:28 - 2019-01-24 15:08 - 000000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-02-25 17:28 - 2019-01-24 15:08 - 000000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-02-20 22:15 - 2019-01-24 14:21 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-02-20 22:15 - 2019-01-24 14:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-20 10:44 - 2019-01-25 15:28 - 000000000 ____D C:\Users\steph\AppData\Roaming\qBittorrent
2019-02-19 11:38 - 2019-01-24 14:48 - 000000000 ____D C:\Users\steph\AppData\Local\Downloaded Installations
2019-02-19 11:35 - 2019-01-24 13:44 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-19 11:30 - 2019-01-24 13:40 - 000000000 ____D C:\Users\steph\AppData\Local\VirtualStore
2019-02-19 11:26 - 2019-01-24 13:46 - 000000000 ____D C:\ProgramData\Package Cache
2019-02-13 18:59 - 2019-01-24 15:08 - 000003998 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2019-02-13 18:59 - 2019-01-24 15:08 - 000003766 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2019-02-13 13:39 - 2019-01-24 17:11 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-02-13 09:47 - 2019-01-25 11:07 - 000000000 ____D C:\Users\steph\Desktop\Games
2019-02-13 08:23 - 2019-01-24 14:36 - 000000000 ____D C:\Windows\system32\MRT
2019-02-13 08:22 - 2019-01-24 14:36 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-10 18:14 - 2019-01-24 19:21 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-02-10 17:54 - 2019-01-24 13:39 - 000000000 ____D C:\Users\steph
2019-02-08 13:52 - 2019-01-24 13:42 - 000000000 ____D C:\Users\steph\AppData\Local\PlaceholderTileLogoFolder
2019-02-06 09:26 - 2019-01-24 13:42 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3657392865-4282527132-3450529356-1001
2019-02-06 09:26 - 2019-01-24 13:39 - 000002367 _____ C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-04 15:51 - 2019-01-25 14:28 - 000000000 ____D C:\Users\steph\AppData\Local\SquirrelTemp
2019-02-04 09:16 - 2019-01-24 13:52 - 000000000 ____D C:\Users\steph\AppData\Local\Comms
2019-02-01 17:31 - 2018-09-15 02:36 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-02-01 17:31 - 2018-09-15 02:36 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2019-01-25 13:27 - 2019-01-25 13:27 - 018102328 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
2019-02-17 21:53 - 2019-02-17 21:53 - 000000171 _____ () C:\Users\steph\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-02-17 21:53 - 2019-02-17 21:53 - 000001057 _____ () C:\Users\steph\AppData\Roaming\88e9dc3a-641c-4dc2-9204-9ba65cc42265
2019-02-17 20:36 - 2019-02-17 20:36 - 000099384 _____ () C:\Users\steph\AppData\Roaming\inst.exe
2019-02-17 20:36 - 2019-02-17 20:36 - 000007859 _____ () C:\Users\steph\AppData\Roaming\pcouffin.cat
2019-02-17 20:36 - 2019-02-17 20:36 - 000001167 _____ () C:\Users\steph\AppData\Roaming\pcouffin.inf
2019-02-17 20:36 - 2019-02-17 20:36 - 000000055 _____ () C:\Users\steph\AppData\Roaming\pcouffin.log
2019-02-17 20:36 - 2019-02-17 20:36 - 000082816 _____ (VSO Software) C:\Users\steph\AppData\Roaming\pcouffin.sys
2019-01-25 16:02 - 2019-01-25 16:07 - 001065984 _____ () C:\Users\steph\AppData\Local\file__0.localstorage
2019-01-29 12:02 - 2019-01-29 12:02 - 000000796 _____ () C:\Users\steph\AppData\Local\recently-used.xbel
2019-02-17 22:05 - 2019-03-01 15:10 - 000007619 _____ () C:\Users\steph\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
2019-02-17 19:59 - 2019-02-25 19:13 - 012622960 _____ () C:\Users\steph\AppData\Local\Temp\psiphon-tunnel-core.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End of FRST.txt ============================

  • 0

Advertisements


#2
getdealtwith

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Forgot to include the Addition text file:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.03.2019
Ran by steph (02-03-2019 08:51:56)
Running from C:\Users\steph\Downloads
Windows 10 Home Version 1809 17763.348 (X64) (2019-01-25 09:37:43)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3657392865-4282527132-3450529356-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3657392865-4282527132-3450529356-503 - Limited - Disabled)
Guest (S-1-5-21-3657392865-4282527132-3450529356-501 - Limited - Disabled)
steph (S-1-5-21-3657392865-4282527132-3450529356-1001 - Administrator - Enabled) => C:\Users\steph
WDAGUtilityAccount (S-1-5-21-3657392865-4282527132-3450529356-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Webroot SecureAnywhere (Enabled - Up to date) {4646A877-74EB-CD3B-8FDB-210DB94FA61A}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Webroot SecureAnywhere (Enabled - Up to date) {FD274993-52D1-C2B5-B56B-1A7FC2C8ECA7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 1.5.3.0902 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.1.2 - Advanced Micro Devices, Inc.)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.3 - Electronic Arts, Inc.)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{71667bbb-81ab-429c-aeb4-e43c31e8fe14}) (Version: 2.2.12.0 - ASUSTek COMPUTER INC.) Hidden
Asus ApoDispatchConfigurator (HKLM\...\{4FEB3307-A0EF-4385-9C8F-4B4C1503311C}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
Asus AudioCaptureNotificationConfigurator (HKLM\...\{04C5CE55-7F32-4D2D-AEA2-FDC03E8F65CC}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{36aa03d4-9606-4f04-bf3e-a70ebe6650f3}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.9 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{2d85b111-aee4-468b-874b-a9272712f69b}) (Version: 1.0.9 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.1.16 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{ac3dc320-7e5e-4f22-9572-4c2119fcdf85}) (Version: 1.1.16 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.31 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{b31aaf98-0562-411d-a962-0c3d16a3527a}) (Version: 1.0.31 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{a29279dc-f417-4442-8225-4db77f7d35b5}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.08 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.1.7 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{4f18ae01-4390-4b41-be3a-54ef4eacdd91}) (Version: 0.0.1.7 - ASUSTek COMPUTER INC. ) Hidden
Asus DeviceRoutingConfigurator (HKLM\...\{AC306567-A1B7-4208-8FED-97CF535050BC}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.27 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{210cdd08-c947-43a2-9378-bc288f651e41}) (Version: 1.0.27 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{3e9b91eb-5bb0-4272-8670-f88d353eb68b}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{add3bacc-578f-4bf9-97e3-a0f0c3ae3323}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.0.6 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{cc37f609-4db9-4ce3-9e37-9cb1b432452e}) (Version: 1.0.0.6 - ASUSTek COMPUTER INC.) Hidden
Asus NahimicSettingsConfigurator (HKLM\...\{B028B8A0-36BD-4A96-8F28-5E95C0D68679}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
Asus ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
Asus ProfileSwitcherCleanup (HKLM\...\{C7E4F981-F94E-4007-9E78-07DF3178BE6C}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC) Hidden
Asus Sonic Radar 3 (HKLM-x32\...\{5a6fe0f0-37f2-4f35-9480-6e98ced96fba}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC)
Asus Sonic Studio 3 (HKLM-x32\...\{7c3c8060-12d4-4bea-aea1-ce0478a148fc}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC)
Asus SonicMapperConfigurator (HKLM\...\{02632F10-EFA1-4B62-9982-9BCDE65F995B}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC) Hidden
Asus SonicRadar3Setup (HKLM\...\{8F9191B4-D834-485C-85C3-7A931585311E}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC) Hidden
Asus SonicStudio3Setup (HKLM\...\{520F73ED-BAA5-4933-9C6A-CC04425D6214}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC) Hidden
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.07.35 - ASUSTeK Computer Inc.)
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.26 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{dded177f-c7b2-4212-9c64-74884f3fd53b}) (Version: 1.0.26 - ASUS) Hidden
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.03.16 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{69e3ed08-553c-4647-86e2-6bc40f7ab682}) (Version: 3.03.16 - ASUSTeK Computer Inc.)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Brave (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\BraveSoftware Brave-Browser) (Version: 72.0.60.47 - Brave Software Inc)
Brother MFL-Pro Suite HL-L2380DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Core Temp 1.13 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.13 - ALCPU)
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.6 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{da7ebf10-b0be-494e-a79d-568546795a51}) (Version: 1.0.6 - CORSAIR COMPONENTS INC.) Hidden
CORSAIR iCUE Software (HKLM-x32\...\{37E2CEEA-E7E8-44C4-B3E6-D214543D9DA9}) (Version: 3.13.94 - Corsair)
Dropbox (HKLM-x32\...\Dropbox) (Version: 67.4.83 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Energi Core (64-bit) (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Energi Core (64-bit)) (Version: 2.0.2 - Energi Core project)
GALAX GAMER RGB (HKLM\...\{06A16AA8-BBA7-4362-962E-16651962D87C}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Hidden
GALAX GAMER RGB (HKLM-x32\...\{1257fdeb-ffa3-4e17-9d4b-189075ea3656}) (Version: 1.00.02 - Galaxy Microsystems Ltd.)
GOG.com Unreal Tournament GOTY (HKLM\...\{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HWiNFO64 Version 6.00 (HKLM\...\HWiNFO64_is1) (Version: 6.00 - Martin Malík - REALiX)
Inkscape 0.92.4 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.92.4.0 - Inkscape project)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.9 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{d6cac989-7570-43fd-b147-e31d6280a3a6}) (Version: 1.0.9 - KINGSTON COMPONENTS INC.) Hidden
Kutools for Excel 18.00 (HKLM-x32\...\{A095BA43-4A97-4D55-8E25-A0BC46F10765}_is1) (Version: 18.00 - Addin Technology Inc.)
LibreOffice 6.1.4.2 (HKLM\...\{080C0C39-B1B5-48BB-85AB-4F9A8768CD10}) (Version: 6.1.4.2 - The Document Foundation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11231.20174 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 65.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-US)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.2 - Mozilla)
Nitro Pro (HKLM\...\{68DCC836-006C-4EAB-8D72-01635EFEDDE0}) (Version: 12.9.1.474 - Nitro)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Opera Stable 58.0.3135.79 (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Opera 58.0.3135.79) (Version: 58.0.3135.79 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.05 - Patriot Memory) Hidden
Patriot Viper RGB (HKLM-x32\...\{0ea44351-5397-43b0-a9c7-c4c53d9948ef}) (Version: 1.00.05 - Patriot Memory)
Python 3.6.6 (32-bit) (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\{b43c5985-05a6-4dc7-be5f-85f504d498d0}) (Version: 3.6.6150.0 - Python Software Foundation)
Python 3.6.6 Core Interpreter (32-bit) (HKLM-x32\...\{D9D74228-D4AC-4877-9950-8FDFE485D1A5}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Development Libraries (32-bit) (HKLM-x32\...\{C7844709-AB1D-459E-9C09-E62811844B52}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Documentation (32-bit) (HKLM-x32\...\{A619A9AA-65E2-485A-960E-456327A4787C}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Executables (32-bit) (HKLM-x32\...\{BB82E3E8-BB03-41F1-8C13-9540188BB592}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 pip Bootstrap (32-bit) (HKLM-x32\...\{46D96E6F-3747-4E02-B95E-E1D1C9F7226D}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Standard Library (32-bit) (HKLM-x32\...\{D40EACD0-CC67-4D18-BDB5-D1D81D73DCF6}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F64435CF-E0D6-409D-B07B-958C8DEB84E5}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Test Suite (32-bit) (HKLM-x32\...\{387AB42E-1FCC-4FB6-A32C-2295E221A2BB}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Utility Scripts (32-bit) (HKLM-x32\...\{9F328F30-55B0-4055-BBB1-AB577ED16D63}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{A9DED8BE-05DF-45D5-81A0-3743A44CC0C9}) (Version: 3.6.6386.0 - Python Software Foundation)
qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.5.1006.171124 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0019 - REALTEK Semiconductor Corp.)
RivaTuner Statistics Server 7.2.1 Beta 4 (HKLM-x32\...\RTSS) (Version: 7.2.1 Beta 4 - Unwinder)
Samsung NVM Express Driver (HKLM-x32\...\{bfb0503a-76b9-415a-b0a3-dd55d2a01ebe}) (Version: 3.0.0.1802 - Samsung Electronics)
Samsung NVM Express Driver 3.0.0.1802 (HKLM\...\{92729760-681A-42A2-A101-1098CAB4DEC1}) (Version: 3.0.0.1802 - Samsung Electronics Co., Ltd) Hidden
Sapphire TRIXX 6.4.0 (HKLM-x32\...\{54CE6A44-8553-4B78-9B07-AC88A9D581E8}_is1) (Version: 6.4.0 - Sapphire Technology)
Soda PDF Desktop 11 (HKLM-x32\...\SodaDesktop11) (Version: 11.0.15.1455 - LULU Software)
Soda PDF Desktop 11 Asian Fonts Pack (HKLM\...\{BB4DC24B-7F35-4B84-A6C2-241933C45628}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Convert Module (HKLM\...\{B5CDE8A3-4BF5-4AAB-B169-FD6BE4690EDF}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Create Module (HKLM\...\{FBDAE9BD-1B2E-4244-800A-A593DC95C28A}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Edit Module (HKLM\...\{984153FE-9ADC-45D6-A119-8807B4B5389A}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Forms Module (HKLM\...\{51710932-1AEA-4227-A562-6CA445EE1586}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Insert Module (HKLM\...\{FD1BBF97-1C5A-4F27-A9DB-E752D2F12189}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 OCR TESS Module (HKLM\...\{5C066B6B-335B-4303-A5BD-A2E8BE2571A5}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Review Module (HKLM\...\{890A08AF-7844-4AAB-9951-B00A32B761EA}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Secure Module (HKLM\...\{6558C36A-BBD0-45B8-AE2C-A215F6E62E1B}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 View Module (HKLM\...\{D3570F36-3E34-41C0-AFE1-753F0B272651}) (Version: 11.0.15.2796 - LULU Software) Hidden
Splashtop Personal (HKLM-x32\...\{E7CF0F14-8C1D-41F3-85ED-579C108262C7}) (Version: 2.6.4.0 - Splashtop Inc.)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.3.0.0 - Splashtop Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop version 1.5.15 (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.5.15 - Telegram Messenger LLP)
Unreal Tournament GOTY (HKLM-x32\...\GOGPACKUT_is1) (Version: 2.0.0.5 - GOG.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.64 - VSO Software)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.24.49 - Webroot)
WhatsApp (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\WhatsApp) (Version: 0.3.2276 - WhatsApp)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{06B74C04-E813-4DD4-A972-172836EFA8D6}\InprocServer32 -> C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{06C9646D-2807-44C0-97D2-6DA0DB623DB4}\localserver32 -> C:\Users\steph\AppData\Local\BraveSoftware\Brave-Browser\Application\72.0.60.47\notification_helper.exe (Brave Software, Inc. -> Brave Software, Inc.)
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{8DE224FD-6370-47FA-A864-FDF45A05112F}\InprocServer32 -> C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\steph\Dropbox [2019-01-24 16:53]
ShellIconOverlayIdentifiers: [ ] -> {1914B27A-33C8-46F8-A1C2-F993268D4564} => C:\Windows\system32\WRusr.dll [2019-03-02] (Webroot Inc. -> Webroot)
ShellIconOverlayIdentifiers: [  ] -> {C14874EA-ACE4-4A47-8A81-18C4D1C40868} => C:\Windows\system32\WRusr.dll [2019-03-02] (Webroot Inc. -> Webroot)
ShellIconOverlayIdentifiers: [   ] -> {6DA1ED92-315E-4D0B-B354-9D5F519DBA95} => C:\Windows\system32\WRusr.dll [2019-03-02] (Webroot Inc. -> Webroot)
ShellIconOverlayIdentifiers: [    ] -> {8D7FC74C-E409-42DF-8EEE-69D45FAE2F30} => C:\Windows\system32\WRusr.dll [2019-03-02] (Webroot Inc. -> Webroot)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro\12\NitroProShellExtensionShim.dll [2019-02-08] (Nitro Software, Inc. -> )
ContextMenuHandlers1: [SodaPDFDesktop11_ManagerExt] -> {95288ec1-ce0d-11e8-b453-40167e6e7313} => C:\Program Files\Soda PDF Desktop 11\context-menu.dll [2019-02-05] (LULU Software -> LULU Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\Windows\system32\WRusr.dll [2019-03-02] (Webroot Inc. -> Webroot)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-01-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\Windows\system32\WRusr.dll [2019-03-02] (Webroot Inc. -> Webroot)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2A523F72-2DB2-43AA-B2B8-0CFD15086B4D} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3657392865-4282527132-3450529356-1001UA => C:\Users\steph\AppData\Local\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {393EF620-E312-486F-BE1C-FF2B91E078E4} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3F497AA2-1BDF-49D2-9941-0CE89B246F46} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {46FB6455-25C3-49AC-B211-32519B0F1293} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {4DEFCE24-B2AF-4535-BA7F-53F8838DDB84} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {56736D88-3B37-43A9-9806-50CFC04E260E} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {6A21F591-F081-4BF4-A58D-47F5C137FB11} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3657392865-4282527132-3450529356-1001Core => C:\Users\steph\AppData\Local\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {745A82B5-64B3-450C-92BB-3147B96E9EC2} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {82E88759-E2AC-43DF-B374-C1B2C7B93E1F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {878344B9-1103-4C62-A35D-F5D21099BDA6} - System32\Tasks\SS3svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe (ASUSTeK COMPUTER INC.) [File not signed]
Task: {9425C4F4-F875-4300-8A59-B6292E48EA13} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {980193A7-9C42-4FE0-9D0C-11B4E7CFF562} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {9AC9B2AA-ED2A-4A2A-B250-57BD26765E59} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A9E3D338-C023-41DD-97ED-BB01D3FAF3EF} - System32\Tasks\Opera scheduled Autoupdate 1551195594 => C:\Users\steph\AppData\Local\Programs\Opera2\launcher.exe (Opera Software AS -> Opera Software)
Task: {AB1FA68B-DC14-4061-BD22-DFE04D816A12} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B34B8487-2D38-480F-B068-6BD11DBE8E03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {BAFFA189-21FB-4FC7-935B-A7989242127A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C1FED2B9-749F-467B-86CE-BE1F857DA561} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C5B5393E-C83D-44AD-9809-38A651610B9C} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe (Advanced Micro Devices Inc. -> )
Task: {C86B7A9F-35E7-4EC2-9A9A-3253BEAEC1C2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D4414CED-D32A-4A78-80DF-D5450DFF462C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DA03E1EB-0D73-49CE-B304-681A9F74AA2E} - System32\Tasks\SS3svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe (ASUSTeK COMPUTER INC.) [File not signed]
Task: {F91A96AD-4362-4E7B-90B4-3D5BA2B0F779} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {FF39B522-8F35-4FD0-93AB-56A68A2C9A4D} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
 
==================== Loaded Modules (Whitelisted) ==============
 
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiuxp64.dll
2018-12-10 09:29 - 2018-12-10 09:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\Soda PDF Desktop 11\libcurl.dll
2019-01-28 09:54 - 2013-03-08 01:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2019-01-28 09:54 - 2005-04-21 23:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2017-12-29 17:13 - 2017-12-29 17:13 - 001234432 _____ (ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe
2017-12-29 17:17 - 2017-12-29 17:17 - 000811520 _____ (ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiumd6a.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 005590528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 076171264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 006303232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-22 19:34 - 2019-01-22 19:34 - 005786112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000189952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atig6txx.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiu9p64.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\amduve64.dll
2019-01-28 09:54 - 2014-06-16 16:02 - 000579584 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
2019-01-28 09:54 - 2014-06-16 15:59 - 001537536 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
2019-01-10 10:44 - 2019-01-10 10:44 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2018-04-17 21:39 - 2018-04-17 21:39 - 000018432 _____ () [File not signed] C:\Program Files (x86)\LightingService\Log4cxxWrapper.dll
2018-04-17 21:39 - 2018-04-17 21:39 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2018-12-27 16:18 - 2018-12-27 16:18 - 000861184 _____ () [File not signed] C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.dll
2018-05-16 10:54 - 2018-05-16 10:54 - 000156672 _____ () [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\AacHal_x86.dll
2018-05-16 10:46 - 2018-05-16 10:46 - 000053248 _____ (MS) [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\MsIo32.dll
2018-09-20 09:39 - 2018-09-20 09:39 - 000156672 _____ () [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\AacHal_x86.dll
2018-09-20 09:08 - 2018-09-20 09:08 - 000053760 _____ (MS) [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\MsIo32_Galax.dll
2018-10-22 17:21 - 2018-10-22 17:21 - 000076288 _____ (ASUSTek) [File not signed] C:\Program Files\ASUS\AacVGAHal\AacVgaHal.dll
2018-10-22 16:40 - 2018-10-22 16:40 - 001932800 _____ (ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUS\AacVGAHal\LED_DLL_forMB.dll
2018-10-22 16:38 - 2018-10-22 16:38 - 001629184 _____ (TODO: <Company name>) [File not signed] C:\Program Files\ASUS\AacVGAHal\VGA_Extra.dll
2018-10-22 16:37 - 2018-10-22 16:37 - 001779712 _____ () [File not signed] C:\Program Files\ASUS\AacVGAHal\Vender.dll
2018-08-29 16:19 - 2018-08-29 16:19 - 000223232 _____ () [File not signed] C:\Program Files\ASUS\AacOdd\AacOddHal_x86.dll
2018-12-27 16:31 - 2018-12-27 16:31 - 000225280 _____ () [File not signed] C:\Program Files\ASUS\CORSAIR_Aac_DRAM\AacCosairDramHal_x86.dll
2018-12-27 16:26 - 2018-12-27 16:26 - 000237568 _____ () [File not signed] C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.dll
2018-09-07 00:29 - 2018-09-07 00:29 - 000202752 _____ () [File not signed] C:\Program Files\ASUS\AacTerminalHal\AacStripBusHal_x86.dll
2018-04-12 16:55 - 2018-04-12 16:55 - 000053248 _____ () [File not signed] C:\Program Files (x86)\LightingService\cpuutil.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-12-29 17:13 - 2017-12-29 17:13 - 000367616 _____ () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\NSConfiguratorDaemonModule.dll
2017-12-29 17:30 - 2017-12-29 17:30 - 000230400 _____ () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\ProfileSwitcherDaemonModule.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiuxpag.dll
2019-01-28 09:54 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2019-01-28 09:54 - 2014-06-16 15:45 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2019-01-28 09:54 - 2014-06-16 16:04 - 000080384 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2019-01-28 09:54 - 2014-06-16 16:03 - 000083968 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2019-01-28 09:54 - 2014-06-16 16:03 - 017955328 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2019-02-06 12:28 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2019-02-06 12:28 - 2017-03-23 09:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2019-02-06 12:28 - 2017-03-23 09:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
2019-02-15 16:09 - 2019-02-15 16:09 - 000204800 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2018-12-03 16:59 - 2018-12-03 16:59 - 000444416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5WinExtras.dll
2018-12-03 13:30 - 2018-12-03 13:30 - 000147456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Xml.dll
2018-12-03 16:48 - 2018-12-03 16:48 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Scxml.dll
2018-12-03 13:31 - 2018-12-03 13:31 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Concurrent.dll
2018-12-03 16:48 - 2018-12-03 16:48 - 000576512 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Multimedia.dll
2018-12-03 13:35 - 2018-12-03 13:35 - 001043968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Network.dll
2018-12-03 16:31 - 2018-12-03 16:31 - 003169792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Quick.dll
2018-12-03 16:39 - 2018-12-03 16:39 - 003348480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Qml.dll
2018-12-03 13:36 - 2018-12-03 13:36 - 005337600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Gui.dll
2018-12-03 13:40 - 2018-12-03 13:40 - 004525568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Widgets.dll
2019-02-15 16:38 - 2019-02-15 16:38 - 005086208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll
2019-02-15 16:04 - 2019-02-15 16:04 - 000098816 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2018-12-03 13:44 - 2018-12-03 13:44 - 001196032 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\platforms\qwindows.dll
2018-12-03 13:43 - 2018-12-03 13:43 - 000122368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\styles\qwindowsvistastyle.dll
2018-12-03 13:41 - 2018-12-03 13:41 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qico.dll
2018-12-03 13:42 - 2018-12-03 13:42 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qgif.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000034816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qicns.dll
2018-12-03 13:43 - 2018-12-03 13:43 - 000364032 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qjpeg.dll
2018-12-03 16:19 - 2018-12-03 16:19 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qsvg.dll
2018-12-03 16:19 - 2018-12-03 16:19 - 000263680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Svg.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qtga.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qtiff.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qwbmp.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000411648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qwebp.dll
2018-12-03 13:29 - 2018-12-03 13:29 - 000015872 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libEGL.DLL
2018-12-03 13:29 - 2018-12-03 13:29 - 002786816 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libGLESv2.dll
2018-12-03 16:36 - 2018-12-03 16:36 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick.2\qtquick2plugin.dll
2018-12-03 16:37 - 2018-12-03 16:37 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Window.2\windowplugin.dll
2018-12-03 16:45 - 2018-12-03 16:45 - 000056320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-12-03 16:37 - 2018-12-03 16:37 - 000072192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-12-03 16:45 - 2018-12-03 16:45 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-12-03 16:52 - 2018-12-03 16:52 - 000269312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-12-03 16:57 - 2018-12-03 16:57 - 000446976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2018-12-03 16:51 - 2018-12-03 16:51 - 000142336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5QuickControls2.dll
2018-12-03 16:51 - 2018-12-03 16:51 - 000847872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5QuickTemplates2.dll
2018-12-03 16:52 - 2018-12-03 16:52 - 000260608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-01-04 20:02 - 2019-01-04 20:02 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ssleay32.dll
2019-01-04 20:02 - 2019-01-04 20:02 - 001277952 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LIBEAY32.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:76650B61 [103]
AlternateDataStreams: C:\Users\steph\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\steph\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-09-15 02:31 - 2018-09-15 02:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKCU\Environment\\Path: %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\steph\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\amd-ryzen-8k-hw-2560x1080 (1).jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{37B26839-9779-422D-B349-113093A8D6BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{51BBFC0A-06C8-4167-B828-4F0E45D2B41C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9B1A0BF4-9016-4996-9FDF-77FFA402FA46}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{36613DE6-1B4D-47ED-8EC4-C0F1D41D4383}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C5AD289B-BB2F-4842-A0E3-216921F76BF8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E3BBA3A4-B8FB-480D-A625-5AC68D3505AE}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{84291FD6-94D0-4D8A-9AC2-B5FC3AA493F3}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{304A85E8-B5C0-45FB-8B8A-202162A5C1D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{B0ADF072-3CF2-4ECF-9417-D61D8F87697B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{6C0F9A6D-59E7-44E3-9836-4D893CF61173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overload\Overload.exe () [File not signed]
FirewallRules: [{3FE3B7F8-7529-4C35-AD4E-BB3E028EF88F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overload\Overload.exe () [File not signed]
FirewallRules: [TCP Query User{130D65FE-76BC-49AA-90B1-5B498C4EF5A7}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{015C8A14-AFE8-46A3-B7BA-3180D8194D91}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{8F965F1D-1BD3-49E4-BF46-B715F280DADC}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite Titanium.SP2c\WNt600x64\RpcSandraSrv.exe No File
FirewallRules: [{55173C2C-0421-4DD5-A399-2935E4F1FBBF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3361CE68-1FE5-4541-AC90-779E84784A0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{19E16029-AF3B-4D01-A1B3-F06948EE99DE}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{4C811218-3755-4FE3-9143-634BA5984B0A}C:\program files\energicore\energi-qt.exe] => (Allow) C:\program files\energicore\energi-qt.exe () [File not signed]
FirewallRules: [UDP Query User{1C4B8625-8960-47E2-B4D8-C77ACFA79438}C:\program files\energicore\energi-qt.exe] => (Allow) C:\program files\energicore\energi-qt.exe () [File not signed]
FirewallRules: [TCP Query User{947ADF80-73E0-494A-B124-42C7AED29F5B}C:\gog games\unreal tournament goty\system\unrealtournament.exe] => (Allow) C:\gog games\unreal tournament goty\system\unrealtournament.exe () [File not signed]
FirewallRules: [UDP Query User{D62D993E-D193-4DCA-90B3-A42820E7A7E7}C:\gog games\unreal tournament goty\system\unrealtournament.exe] => (Allow) C:\gog games\unreal tournament goty\system\unrealtournament.exe () [File not signed]
FirewallRules: [{EC3A78C5-CB1B-4A3F-B1ED-971F8312FDF1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B13886ED-C4F9-4B25-B244-A5D4AE60DCAA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{10EC5035-779F-40CC-B695-106702638904}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe No File
FirewallRules: [UDP Query User{B4726148-0480-47E5-8337-9033A14CEEC6}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe No File
FirewallRules: [TCP Query User{75FAF6F2-3C81-4A09-99D5-535E85F563BA}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{88B5173A-AB35-415A-92AA-90B934D88A3A}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{ECBF9C20-5FD9-4BCA-9595-1CE1A1214E59}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe No File
FirewallRules: [UDP Query User{C5293B1D-DC51-4D28-BA69-95DD53C395E4}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe No File
FirewallRules: [{DC06B8C2-F5B9-4028-99FF-3EA805E8B5ED}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe No File
FirewallRules: [{AB62C6F7-1FED-4A27-8BC0-69ED9744451E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe No File
FirewallRules: [{D907F4F9-C915-4483-8CBC-9FB2B09D7945}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe No File
FirewallRules: [{420C0F7C-8A84-49CE-867C-C9F600C9D276}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe No File
FirewallRules: [{E39FC96C-D6E8-4D96-B2F9-66251B2AB896}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe No File
FirewallRules: [{3EC95904-E607-4C35-A82A-9BC5277E64A0}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{BAA76AD3-FA39-4903-8F41-D04DB8351983}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{31C426CB-9ED4-4B9B-BB1E-BD6EA127B8A8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{817DE918-AC1E-4813-A987-FDB5877B0B4A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{7095197F-DBF7-4A79-8BF8-C7D30068433C}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe (Splashtop Inc. -> Splashtop Inc.)
 
==================== Restore Points =========================
 
13-02-2019 20:28:55 Installed DirectX
19-02-2019 11:26:32 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
25-02-2019 17:32:41 Installed CORSAIR iCUE Software
01-03-2019 20:59:58 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/02/2019 08:48:37 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (03/02/2019 08:30:52 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (02/27/2019 12:41:46 PM) (Source: Microsoft Office 16) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook couldn't start last time. Safe mode could help you troubleshoot the problem, but some features might not be available in this mode.
 
Do you want to start in safe mode?.
Rejected Safe Mode action : Microsoft Outlook.
 
Error: (02/27/2019 12:41:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program OUTLOOK.EXE version 16.0.11231.20174 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 3dbc
 
Start Time: 01d4ceba206ed2a3
 
Termination Time: 0
 
Application Path: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
 
Report Id: 948c640b-89b7-4314-9f3c-20cb21a65de3
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Unknown
 
Error: (02/27/2019 11:35:45 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (02/26/2019 10:37:25 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (02/26/2019 10:35:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LightingService.exe, version: 0.0.0.0, time stamp: 0x5c2ed438
Faulting module name: LightingService.exe, version: 0.0.0.0, time stamp: 0x5c2ed438
Exception code: 0xc000041d
Fault offset: 0x000c2740
Faulting process id: 0xf7c
Faulting application start time: 0x01d4cde8e23f4478
Faulting application path: C:\Program Files (x86)\LightingService\LightingService.exe
Faulting module path: C:\Program Files (x86)\LightingService\LightingService.exe
Report Id: a2d1b81f-f4e4-473e-8f80-ca656af169e8
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (02/26/2019 10:35:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LightingService.exe, version: 0.0.0.0, time stamp: 0x5c2ed438
Faulting module name: LightingService.exe, version: 0.0.0.0, time stamp: 0x5c2ed438
Exception code: 0xc0000005
Fault offset: 0x000c2740
Faulting process id: 0xf7c
Faulting application start time: 0x01d4cde8e23f4478
Faulting application path: C:\Program Files (x86)\LightingService\LightingService.exe
Faulting module path: C:\Program Files (x86)\LightingService\LightingService.exe
Report Id: 0ebbfb80-9fcf-4fa5-bf1b-58213e553d71
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (03/02/2019 08:48:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/02/2019 08:48:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.SecurityAppBroker
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/02/2019 08:47:03 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscCloudBackupProvider
 and APPID 
Unavailable
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/02/2019 08:47:02 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscCloudBackupProvider
 and APPID 
Unavailable
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/02/2019 08:47:01 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscCloudBackupProvider
 and APPID 
Unavailable
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/02/2019 08:47:01 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscCloudBackupProvider
 and APPID 
Unavailable
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/02/2019 08:46:58 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/02/2019 08:46:57 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
CodeIntegrity:
===================================
 
Date: 2019-03-02 08:47:48.743
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-02 08:30:52.730
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-01 08:44:50.761
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-02-28 09:37:16.575
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-02-27 11:34:38.866
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-02-26 10:43:32.986
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-02-26 10:40:46.170
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-02-26 10:36:32.528
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
==================== Memory info =========================== 
 
Processor: AMD Ryzen 7 2700X Eight-Core Processor 
Percentage of memory in use: 27%
Total physical RAM: 16315.14 MB
Available physical RAM: 11749.64 MB
Total Virtual: 18747.14 MB
Available Virtual: 11375.41 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.22 GB) (Free:286.37 GB) NTFS
 
\\?\Volume{0b53f0fb-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.13 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0B53F0FB)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#3
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 479 posts

Welcome to the Geeks To Go malware removal forum.
I'm iMacg3 and will be helping you.

Please keep the following information in mind before we begin:

  • Do not run any fixes or tools on your system unless I request that you do so.
  • Please read all instructions completely before you complete them.
  • If your computer seems to start working normally, please don't abandon the topic. Just because your computer doesn't seem to have a problem doesn't mean that it isn't infected.
  • If you have pirated or illegal software on your computer, uninstall it before proceeding.
  • If you don't respond to your topic in 4 days, it will be closed. You can have it reopened by contacting me or any staff member by pm with the address of the thread.
  • If you have questions about anything, please ask.

--------------------

We'll uninstall Opera using Revo Uninstaller, then re-install it.

Note: Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.
Note: If the program you want to uninstall is not listed by Revo, let me know and we will try an alternate method of removal.

 

  • Please download and install Revo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:
    Opera Browser
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check all the remnants that are listed
  • note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish

 

---------------------

 

Download and install Opera from here: https://www.opera.com/

 

Let me know if the problem persists.


  • 0

#4
getdealtwith

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

@imacg3 Thank you so much for your willingness to help. I really appreciate it! 

 

I followed the steps above precisely twice to no avail. As soon as I reinstall Opera I immediately get the same error!


Edited by getdealtwith, 04 March 2019 - 06:55 PM.

  • 0

#5
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 479 posts
Hi,
  • Download CKScanner by askey127 and save it to your desktop
  • Right-click CKScanner.exe and select Run as administrator.
  • When the tool opens click Search For Files.
  • When the cursor loading icon disappears, click Save List To File.
  • A message box will verify the file is saved. Please run the program only once.
  • The tool will create a log on your desktop called CKFiles.txt. Open it, then copy and paste its contents into your next reply.

  • 0

#6
getdealtwith

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Here you go:
 
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files\inkscape\lib\python2.7\site-packages\numpy\f2py\crackfortran.py
c:\program files\inkscape\lib\python2.7\site-packages\numpy\f2py\crackfortran.pyc
c:\program files\inkscape\lib\python2.7\site-packages\numpy\f2py\crackfortran.pyo
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.17763.1_none_ad6c66b207e8c478\ssh-keygen.exe
scanner sequence 3.CE.11.FGNAJZ
 ----- EOF ----- 

  • 0

#7
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 479 posts
Hi,

Please run CKScanner once more, and post the CKFiles.txt in your reply.
  • 0

#8
getdealtwith

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files\inkscape\lib\python2.7\site-packages\numpy\f2py\crackfortran.py
c:\program files\inkscape\lib\python2.7\site-packages\numpy\f2py\crackfortran.pyc
c:\program files\inkscape\lib\python2.7\site-packages\numpy\f2py\crackfortran.pyo
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.17763.1_none_ad6c66b207e8c478\ssh-keygen.exe
scanner sequence 3.CA.11.IGAAFA
 ----- EOF ----- 

  • 0

#9
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 479 posts
Hi,

Thanks for the CKScanner log.

Please run a new scan with FRST and copy/paste both reports into your reply. (FRST.txt and Addition.txt)

Additionally, can you provide a screenshot of the error message?
  • 0

#10
getdealtwith

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Yes sir! Thank you!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by steph (administrator) on DESKTOP-2C5MEQG (05-03-2019 11:08:35)
Running from C:\Users\steph\Downloads
Loaded Profiles: steph (Available Profiles: steph)
Platform: Windows 10 Home Version 1809 17763.348 (X64) Language: English (United States)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Webroot Inc. -> Webroot) C:\Program Files\Webroot\WRSA.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0338455.inf_amd64_819aa0406bf36af7\B338454\atiesrxx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Nitro Software, Inc. -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\updater-ws.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\ws.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Failed to access process -> LightingService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0338455.inf_amd64_819aa0406bf36af7\B338454\atieclxx.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRAgent.exe
(Webroot Inc. -> Webroot) C:\Program Files\Webroot\WRSA.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20453.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
() [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5118.0_x86__71ef4824z52ta\Todoist.Universal.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
(ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\steph\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Payist Payments Inc. -> Doist Ltd.) C:\Users\steph\AppData\Local\Todoist\WindowsDesktopApp\Todoist.exe
(Payist Payments Inc. -> Doist Ltd.) C:\Users\steph\AppData\Local\Todoist\WindowsDesktopApp\Todoist.exe
(Payist Payments Inc. -> Doist Ltd.) C:\Users\steph\AppData\Local\Todoist\WindowsDesktopApp\Todoist.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Telegram Messenger LLP -> Telegram Messenger LLP) C:\Users\steph\AppData\Roaming\Telegram Desktop\Telegram.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Sonic Studio 3] => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1234432 2017-12-29] (ASUSTeK COMPUTER INC.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4190016 2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [3956368 2019-02-04] (Webroot Inc. -> Webroot)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405032 2019-02-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3144480 2019-02-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Run: [BraveSoftware Update] => C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\BraveUpdateCore.exe [607688 2019-02-15] (Brave Software, Inc. -> BraveSoftware Inc.)
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Run: [GoogleChromeAutoLaunch_F93EFB3DD44213C0D4E7C2DEA6F95C5C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1708016 2019-02-28] (Google LLC -> Google Inc.)
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [189952 2018-09-15] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\...\AppCompatFlags\Custom\UnrealTournament.exe: [{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb] -> GOG.com Unreal Tournament GOTY
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fa491d91-322c-4059-a1f7-4a79782edee8}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb [2013-01-03]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-04] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{97E1814E-5601-41c8-9971-10C319EF61CC}] -> C:\Windows\system32\SRCredentialProvider.dll [2019-01-16] (Splashtop Inc. -> Splashtop Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2019-01-25]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Inc. -> Webroot Software, Inc.)
Startup: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\[email protected] [2019-02-08]
ShortcutTarget: [email protected] -> C:\Program Files (x86)\FAHClient\HideConsole.exe (No File)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 1.0.0.1 192.168.2.1
Tcpip\..\Interfaces\{3bba500e-f493-4cd6-882c-1268d898d81a}: [DhcpNameServer] 1.1.1.1 1.0.0.1 192.168.2.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
BHO: Soda PDF Desktop 11 Helper -> {9703de71-ce0d-11e8-9c83-40167e6e7313} -> C:\Program Files\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll [2019-02-05] (LULU Software -> LULU Software)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\PKG\LPBar64.dll [2019-01-25] (Webroot Inc. -> Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2019-01-25] (Webroot Inc. -> Webroot)
BHO-x32: Soda PDF Desktop 11 Helper -> {9703de71-ce0d-11e8-9c83-40167e6e7313} -> C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll [2019-02-05] (LULU Software -> LULU Software)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\PKG\LPBar.dll [2019-01-25] (Webroot Inc. -> Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2019-01-25] (Webroot Inc. -> Webroot)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll [2019-01-25] (Webroot Inc. -> Webroot)
Toolbar: HKLM - Soda PDF Desktop 11 Toolbar - {970516f0-ce0d-11e8-8baa-40167e6e7313} - C:\Program Files\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-02-05] (LULU Software -> LULU Software)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll [2019-01-25] (Webroot Inc. -> Webroot)
Toolbar: HKLM-x32 - Soda PDF Desktop 11 Toolbar - {970516f0-ce0d-11e8-8baa-40167e6e7313} - C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-02-05] (LULU Software -> LULU Software)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: dpu2go2i.default
FF ProfilePath: C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\dpu2go2i.default [2019-03-05]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\WRData\PKG\FF_XPI\wts_ff_extension.xpi
FF Extension: (Webroot Filtering Extension) - C:\ProgramData\WRData\PKG\FF_XPI\wts_ff_extension.xpi [2019-01-25]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\[email protected]
FF Extension: (Soda PDF Desktop 11 Creator) - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\[email protected] [2019-01-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\[email protected]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-03-01] (Adobe Systems Incorporated -> )
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-03-01] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-03-01] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-03-01] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-3657392865-4282527132-3450529356-1001: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-02-15] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin HKU\S-1-5-21-3657392865-4282527132-3450529356-1001: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-02-15] (Brave Software, Inc. -> BraveSoftware Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default [2019-03-05]
CHR Extension: (Slides) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-01]
CHR Extension: (Docs) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-01]
CHR Extension: (Google Drive) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-01]
CHR Extension: (YouTube) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-01]
CHR Extension: (Dropbox for Gmail) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2019-03-01]
CHR Extension: (Dashlane - Password Manager) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2019-03-01]
CHR Extension: (Sheets) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-01]
CHR Extension: (Audio Downloader Prime) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\flainkeonkoanoijnkojmiiihnfdhipd [2019-03-01]
CHR Extension: (Google Docs Offline) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-02]
CHR Extension: (Google Keep - notes and lists) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2019-03-05]
CHR Extension: (Podio) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikfhmmbhaifchbdlhlfcoildocgmbleb [2019-03-01]
CHR Extension: (Email Extractor) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdianbbpnakhcmfkcckaboohfgnngfcc [2019-03-01]
CHR Extension: (Webroot Filtering Extension) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2019-03-01]
CHR Extension: (Evernote Web) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2019-03-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-01]
CHR Extension: (Data Scraper - Easy Web Scraping) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndknepjnldbdbepjfgmncbggmopgden [2019-03-01]
CHR Extension: (Evernote Web Clipper) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2019-03-01]
CHR Extension: (Gmail) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-01]
CHR Extension: (Chrome Media Router) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-01]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0338455.inf_amd64_819aa0406bf36af7\B338454\atiesrxx.exe [508320 2019-01-24] (Advanced Micro Devices, Inc. -> AMD)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe [419264 2018-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8348064 2019-01-24] (BattlEye Innovations e.K. -> )
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11013280 2019-02-07] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [49704 2019-02-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-24] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [1326016 2019-01-04] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [70752 2019-02-08] (Nitro Software, Inc. -> Nalpeiron Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 RtkBtManServ; C:\Windows\RtkBtManServ.exe [713816 2018-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 Soda PDF Desktop 11; C:\Program Files\Soda PDF Desktop 11\ws.exe [2463560 2019-02-05] (LULU Software -> LULU Software)
R2 Soda PDF Desktop 11 Creator; C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe [720200 2019-02-05] (LULU Software -> LULU Software)
R2 Soda PDF Desktop 11 Update Service; C:\Program Files\Soda PDF Desktop 11\updater-ws.exe [1778504 2019-02-05] (LULU Software -> LULU Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [3956368 2019-02-04] (Webroot Inc. -> Webroot)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Wondershare Video Converter Ultimate (Desktop)\Transfer\DriverInstall.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ALSysIO; C:\Users\steph\AppData\Local\Temp\ALSysIO64.sys [46384 2019-03-03] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [43400 2017-03-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\Windows\System32\drivers\atikmdag-patched\atikmdag.sys [52785728 2012-06-26] (Edgard Roberto Viera -> Advanced Micro Devices, Inc.) [File not signed]
R3 amdkmdag; C:\Windows\SysWOW64\drivers\atikmdag-patched\atikmdag.sys [52785728 2012-06-26] (Edgard Roberto Viera -> Advanced Micro Devices, Inc.) [File not signed]
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0338455.inf_amd64_819aa0406bf36af7\B338454\atikmpag.sys [589216 2019-01-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [101568 2019-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33504 2019-01-01] (ASUSTeK Computer Inc. -> )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [46944 2018-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [23392 2018-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz148; C:\Windows\temp\cpuz148\cpuz148_x64.sys [44648 2019-03-03] (CPUID S.A.R.L.U. -> CPUID)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [65320 2019-01-24] (Martin Malik - REALiX -> REALiX™)
R3 MSIO; C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
R3 RtkBtFilter; C:\Windows\System32\drivers\RtkBtfilter.sys [758312 2018-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [8009040 2017-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R0 secnvme; C:\Windows\System32\drivers\secnvme.sys [134120 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [128216 2019-01-25] (Webroot Inc. -> Webroot)
R3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [68416 2019-01-25] (Webroot Inc. -> Webroot)
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite Titanium.SP2c\WNt600x64\Sandra.sys [X]
U0 SR; no ImagePath
U2 srservice; no ImagePath
S3 VGAOCTool; \??\C:\Users\steph\AppData\Local\Temp\VGAOCTool.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-05 11:08 - 2019-03-05 11:08 - 000000000 ____D C:\Users\steph\Downloads\FRST-OlderVersion
2019-03-05 10:53 - 2019-03-05 10:53 - 000103833 _____ C:\Users\steph\Desktop\Low Priorty Leads - All Low Priorty Leads.xlsx
2019-03-05 10:51 - 2019-03-05 10:51 - 000094317 _____ C:\Users\steph\Downloads\Low Priorty Leads - All Low Priorty Leads.xlsx
2019-03-05 10:43 - 2019-03-05 10:43 - 000001311 _____ C:\Users\steph\Desktop\Todoist.lnk
2019-03-05 10:43 - 2019-03-05 10:43 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Todoist
2019-03-05 10:43 - 2019-03-05 10:43 - 000000000 ____D C:\Users\steph\AppData\Local\Todoist
2019-03-05 10:43 - 2019-03-05 10:43 - 000000000 ____D C:\Users\steph\AppData\Local\Doist_Ltd
2019-03-05 10:41 - 2019-03-05 10:41 - 027704576 _____ (Doist Ltd. ) C:\Users\steph\Downloads\Todoist_for_Windows_Desktop_2_7_6.exe
2019-03-05 10:31 - 2019-03-05 10:31 - 000468480 _____ () C:\Users\steph\Downloads\CKScanner (2).exe
2019-03-05 10:31 - 2019-03-05 10:31 - 000000000 ___HD C:\OneDriveTemp
2019-03-04 21:13 - 2019-03-05 10:32 - 000000501 _____ C:\Users\steph\Downloads\ckfiles.txt
2019-03-04 21:09 - 2019-03-04 21:09 - 000468480 _____ () C:\Users\steph\Downloads\CKScanner.exe
2019-03-04 21:09 - 2019-03-04 21:09 - 000468480 _____ () C:\Users\steph\Downloads\CKScanner (1).exe
2019-03-04 19:51 - 2019-03-04 19:51 - 000004206 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1551747080
2019-03-04 19:51 - 2019-03-04 19:51 - 000001397 _____ C:\Users\steph\Desktop\Opera Browser.lnk
2019-03-04 19:51 - 2019-03-04 19:51 - 000001397 _____ C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-03-04 17:30 - 2019-03-04 17:30 - 002162056 _____ (Opera Software) C:\Users\steph\Downloads\OperaSetup.exe
2019-03-04 17:27 - 2019-03-04 17:27 - 016008384 _____ (VS Revo Group ) C:\Users\steph\Downloads\RevoUninProSetup.exe
2019-03-04 17:27 - 2019-03-04 17:27 - 000001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2019-03-04 17:27 - 2019-03-04 17:27 - 000000000 ____D C:\Users\steph\AppData\Local\VS Revo Group
2019-03-04 17:27 - 2019-03-04 17:27 - 000000000 ____D C:\ProgramData\VS Revo Group
2019-03-04 17:27 - 2019-03-04 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2019-03-04 17:27 - 2019-03-04 17:27 - 000000000 ____D C:\Program Files\VS Revo Group
2019-03-04 17:27 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2019-03-03 21:57 - 2019-03-03 21:59 - 007895087 _____ C:\Users\steph\Desktop\stephenandkristiancompressed.pdf
2019-03-03 13:53 - 2019-03-03 13:53 - 000002805 _____ C:\Users\steph\Unigine_Heaven_Benchmark_4.0_20190303_1353.html
2019-03-03 13:47 - 2019-03-03 13:47 - 000002194 _____ C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
2019-03-03 13:47 - 2019-03-03 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2019-03-03 13:47 - 2019-03-03 13:47 - 000000000 ____D C:\Program Files (x86)\Unigine
2019-03-02 12:23 - 2019-03-02 12:23 - 002751394 _____ C:\Users\steph\Downloads\NewList03-01-19a-postcards.csv
2019-03-02 08:45 - 2019-03-02 08:45 - 000000000 ____D C:\AdwCleaner
2019-03-02 08:39 - 2019-03-05 11:09 - 000040010 _____ C:\Users\steph\Downloads\FRST.txt
2019-03-02 08:39 - 2019-03-05 11:08 - 000000000 ____D C:\FRST
2019-03-02 08:39 - 2019-03-02 08:52 - 000069844 _____ C:\Users\steph\Downloads\Addition.txt
2019-03-02 08:38 - 2019-03-05 11:08 - 002434560 _____ (Farbar) C:\Users\steph\Downloads\FRST64.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 026807296 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 024616960 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 023439360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 020812288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 019284480 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 019023872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 017520640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 015224832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 012858368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 012150784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 009683256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 009670656 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 008875008 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007897088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007688088 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007647256 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007556392 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007251456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 006544584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 006440960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 006309040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005915936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005588184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005566464 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005436184 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005296640 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 004920832 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 004688896 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 004245280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 003983872 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003923456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003761664 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003729808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 003660288 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003652656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003566080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003551408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003504128 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003427840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003399168 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003381760 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003378488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 003108864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002871312 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 002842112 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002766648 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002752360 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002720768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 002700792 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002637312 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 002630656 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002626360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 002485760 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002447360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002278240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002187264 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002127360 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002073240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002044416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002013696 _____ C:\Windows\system32\rdpnano.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002001408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001994760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001969464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 001931264 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001893888 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001844448 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001830200 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001782272 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001742104 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001715712 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001711616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001697744 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-01 21:01 - 2019-03-01 21:01 - 001672704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001656832 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001644048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001604096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001590072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001572176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001563336 _____ (Microsoft Corporation) C:\Windows\system32\ttdrecordcpu.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001481488 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001479480 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001468440 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001457544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001360696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 001341880 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-01 21:01 - 2019-03-01 21:01 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001307648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001296576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001294856 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001289192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001272552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdrecordcpu.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001267712 _____ (Microsoft Corporation) C:\Windows\system32\APMon.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001259320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 001258808 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-03-01 21:01 - 2019-03-01 21:01 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001255736 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001221944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001221120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001191512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001179168 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001176064 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001131520 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001098128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001087800 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001078072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Services.TargetedContent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001077912 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001072720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001056272 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001054200 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001052160 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001050936 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001047040 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001022616 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001001472 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2019-03-01 21:01 - 2019-03-01 21:01 - 000955392 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000926208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000918032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000908800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2019-03-01 21:01 - 2019-03-01 21:01 - 000902144 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000888320 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000888120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pidgenx.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000871792 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000866152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000865568 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000860160 _____ C:\Windows\system32\MBR2GPT.EXE
2019-03-01 21:01 - 2019-03-01 21:01 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000836096 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000833064 _____ C:\Windows\system32\InputHost.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000823296 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000808464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000790328 _____ (Microsoft Corporation) C:\Windows\system32\upshared.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000775168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000772608 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000772408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Services.TargetedContent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000764216 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000757664 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000745984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000735760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000714240 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000691712 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000652824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000646656 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000646632 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000622080 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000621568 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000619832 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000605496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000604336 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000599040 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000591832 _____ C:\Windows\SysWOW64\InputHost.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000549376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000548864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000525312 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000519992 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000511800 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000505656 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\ResourceMapper.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000484976 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000479232 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000460304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000453944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000449368 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000435712 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000421688 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000387832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000383288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageHandlers.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000359424 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000355360 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000336744 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000330464 _____ (Microsoft Corporation) C:\Windows\system32\ttdwriter.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000322576 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000279376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000272648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdwriter.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000262456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000246584 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\ptpprov.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\SecureTimeAggregator.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000202552 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000195896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\winbio.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\ngctasks.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000169784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000147256 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SpatialAudioLicenseSrv.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000138960 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000134144 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageLiveTileTask.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbio.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000115152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000071184 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000035640 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\SecureBioSysprep.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-03-01 13:32 - 2019-03-04 18:37 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-01 13:32 - 2019-03-04 18:37 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-01 13:32 - 2019-03-01 13:32 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2019-03-01 13:32 - 2019-03-01 13:32 - 000000000 ____D C:\Users\steph\AppData\Roaming\Google
2019-03-01 13:31 - 2019-03-01 13:40 - 000000000 ____D C:\Users\steph\AppData\Local\Google
2019-03-01 13:31 - 2019-03-01 13:32 - 000000000 ____D C:\Program Files (x86)\Google
2019-03-01 13:31 - 2019-03-01 13:31 - 001136176 _____ (Google Inc.) C:\Users\steph\Downloads\ChromeSetup.exe
2019-03-01 13:31 - 2019-03-01 13:31 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-01 13:31 - 2019-03-01 13:31 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-01 13:28 - 2019-03-01 14:15 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-01 13:28 - 2019-03-01 13:28 - 000004578 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-01 13:28 - 2019-03-01 13:28 - 000000000 ____D C:\Users\steph\AppData\Roaming\Macromedia
2019-02-26 17:31 - 2019-02-26 17:31 - 000318040 _____ C:\Users\steph\Downloads\NS_LBP_.pdf
2019-02-26 11:23 - 2019-02-26 11:23 - 000019719 _____ C:\Users\steph\Downloads\190222GACHEROKEE.csv
2019-02-26 11:23 - 2019-02-26 11:23 - 000007684 _____ C:\Users\steph\Downloads\190225GAPAULDING.csv
2019-02-26 11:15 - 2019-02-26 11:15 - 000370212 _____ C:\Users\steph\Downloads\209186_2019-02-26_16-14_Stephen_Richardson.csv
2019-02-25 19:12 - 2019-02-25 19:12 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (6).pages
2019-02-25 19:12 - 2019-02-25 19:12 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (5).pages
2019-02-25 19:12 - 2019-02-25 19:12 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (4).pages
2019-02-25 19:12 - 2019-02-25 19:12 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (3).pages
2019-02-25 19:11 - 2019-02-25 19:11 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3).pages
2019-02-25 19:11 - 2019-02-25 19:11 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (2).pages
2019-02-25 19:11 - 2019-02-25 19:11 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (1).pages
2019-02-25 17:38 - 2019-02-25 17:38 - 014209518 _____ C:\Users\steph\Downloads\MM1000_QSG.pdf
2019-02-25 17:35 - 2019-02-25 17:35 - 000001199 _____ C:\Users\Public\Desktop\iCUE.lnk
2019-02-25 17:35 - 2019-02-25 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-02-25 17:35 - 2019-02-25 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2019-02-25 17:35 - 2019-02-25 17:35 - 000000000 ____D C:\Program Files (x86)\Corsair
2019-02-20 22:15 - 2019-02-20 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-02-19 18:19 - 2019-02-19 18:19 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-02-19 18:19 - 2019-02-19 18:19 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-02-19 18:19 - 2019-02-19 18:19 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-02-19 18:19 - 2019-02-19 18:19 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-02-19 11:47 - 2019-02-19 11:50 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
2019-02-19 11:47 - 2019-02-19 11:50 - 000000000 ____D C:\Program Files (x86)\WonderFox Soft
2019-02-19 11:47 - 2019-02-19 11:47 - 000000000 ____D C:\Users\steph\Documents\WonderFox Soft
2019-02-19 11:38 - 2019-02-19 11:38 - 000002074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro.lnk
2019-02-19 11:38 - 2019-02-19 11:38 - 000002062 _____ C:\Users\Public\Desktop\Nitro Pro.lnk
2019-02-19 11:38 - 2019-02-19 11:38 - 000000000 ____D C:\Users\steph\AppData\Roaming\Nitro
2019-02-19 11:38 - 2019-02-19 11:38 - 000000000 ____D C:\ProgramData\Nitro
2019-02-19 11:38 - 2019-02-19 11:38 - 000000000 ____D C:\Program Files\Nitro
2019-02-19 11:38 - 2019-02-19 11:38 - 000000000 ____D C:\Program Files (x86)\Nitro
2019-02-19 11:38 - 2019-02-08 14:43 - 000222816 _____ (Nitro Software, Inc.) C:\Windows\system32\NxPrinterMonitor12.dll
2019-02-19 11:38 - 2019-02-08 14:43 - 000131168 _____ (Nitro Software, Inc.) C:\Windows\system32\NxPrinterMonitorUI12.dll
2019-02-19 11:33 - 2019-02-19 11:33 - 000000000 ____D C:\Users\Public\Documents\CyberLink
2019-02-19 11:31 - 2019-02-19 11:34 - 000000000 ____D C:\Users\steph\Documents\CyberLink
2019-02-19 11:31 - 2019-02-19 11:34 - 000000000 ____D C:\Users\steph\AppData\Roaming\CyberLink
2019-02-19 11:31 - 2019-02-19 11:31 - 000000000 ____D C:\Users\Public\CyberLink
2019-02-19 11:27 - 2019-02-19 11:27 - 000000000 ____D C:\Windows\system32\Drivers\CLFCL5.18
2019-02-19 11:26 - 2019-02-19 11:35 - 000000000 ____D C:\ProgramData\install_clap
2019-02-19 11:26 - 2019-02-19 11:34 - 000000000 ____D C:\Users\steph\AppData\Local\CyberLink
2019-02-19 11:26 - 2019-02-19 11:34 - 000000000 ____D C:\ProgramData\CyberLink
2019-02-19 11:26 - 2019-02-19 11:27 - 000000000 ____D C:\ProgramData\PDVD
2019-02-19 11:26 - 2019-02-19 11:26 - 000000000 ____D C:\ProgramData\CLSK
2019-02-19 11:20 - 2019-02-19 11:46 - 000000000 ____D C:\Program Files (x86)\Wondershare
2019-02-19 11:20 - 2019-02-19 11:20 - 000000000 ____D C:\Wondershare Video Converter Ultimate
2019-02-19 11:20 - 2019-02-19 11:20 - 000000000 ____D C:\ProgramData\Wondershare MediaServer
2019-02-19 11:20 - 2019-02-19 11:20 - 000000000 ____D C:\ProgramData\GraphicsType
2019-02-19 11:20 - 2019-02-19 11:20 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2019-02-17 22:12 - 2019-02-17 22:12 - 000000000 ____D C:\Program Files (x86)\dvdfab
2019-02-17 22:06 - 2019-02-17 22:06 - 000000000 ____D C:\ProgramData\Canneverbe Limited
2019-02-17 22:05 - 2019-03-01 15:10 - 000007619 _____ C:\Users\steph\AppData\Local\Resmon.ResmonCfg
2019-02-17 22:05 - 2019-02-17 22:05 - 000000000 ____D C:\Users\steph\AppData\Roaming\Canneverbe Limited
2019-02-17 21:57 - 2019-02-17 21:57 - 000000000 ____D C:\Users\steph\AppData\Roaming\DVDFab11
2019-02-17 21:54 - 2019-02-17 21:54 - 000000000 ____D C:\Users\steph\AppData\Roaming\30080
2019-02-17 21:53 - 2019-02-17 21:53 - 000001057 _____ C:\Users\steph\AppData\Roaming\88e9dc3a-641c-4dc2-9204-9ba65cc42265
2019-02-17 21:53 - 2019-02-17 21:53 - 000000171 _____ C:\Users\steph\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-02-17 21:53 - 2019-02-17 21:53 - 000000000 ____D C:\Users\steph\Documents\DVDFabCommon
2019-02-17 21:53 - 2019-02-17 21:53 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-02-17 21:52 - 2019-02-17 21:53 - 000000000 ____D C:\Users\steph\Downloads\DVDFab 11
2019-02-17 21:52 - 2019-02-17 21:53 - 000000000 ____D C:\Users\steph\Documents\DVDFab11
2019-02-17 21:40 - 2019-02-17 21:50 - 000000000 ____D C:\Temp
2019-02-17 21:38 - 2019-02-17 21:38 - 000000000 ____D C:\Users\steph\AppData\Roaming\Digiarty
2019-02-17 21:32 - 2019-02-17 21:49 - 000000000 ____D C:\Users\steph\AppData\Local\cdrtfe
2019-02-17 20:44 - 2019-02-21 08:49 - 000000000 ____D C:\Users\steph\AppData\Roaming\vlc
2019-02-17 20:44 - 2019-02-19 11:17 - 000000000 ____D C:\Users\steph\AppData\Roaming\dvdcss
2019-02-17 20:36 - 2019-02-21 08:50 - 000000000 ____D C:\Users\steph\Documents\ConvertXToDVD
2019-02-17 20:36 - 2019-02-21 08:47 - 000000000 ____D C:\Users\steph\Documents\ConvertXtoDVD_Resources
2019-02-17 20:36 - 2019-02-17 21:10 - 000000000 ____D C:\ProgramData\VSO
2019-02-17 20:36 - 2019-02-17 20:43 - 000000000 ____D C:\Users\steph\AppData\Roaming\VSO
2019-02-17 20:36 - 2019-02-17 20:36 - 000099384 _____ C:\Users\steph\AppData\Roaming\inst.exe
2019-02-17 20:36 - 2019-02-17 20:36 - 000082816 _____ (VSO Software) C:\Users\steph\AppData\Roaming\pcouffin.sys
2019-02-17 20:36 - 2019-02-17 20:36 - 000007859 _____ C:\Users\steph\AppData\Roaming\pcouffin.cat
2019-02-17 20:36 - 2019-02-17 20:36 - 000001309 _____ C:\Users\steph\Desktop\ConvertXToDVD 7.lnk
2019-02-17 20:36 - 2019-02-17 20:36 - 000000000 ____D C:\Users\steph\Documents\PcSetup
2019-02-17 20:36 - 2019-02-17 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2019-02-17 20:36 - 2019-02-17 20:36 - 000000000 ____D C:\Program Files (x86)\VSO
2019-02-17 20:29 - 2019-02-17 20:30 - 000000000 ____D C:\Users\steph\Documents\dvd
2019-02-17 20:28 - 2019-02-17 20:31 - 000000000 ____D C:\Program Files (x86)\DVD Flick
2019-02-17 20:28 - 2007-08-31 18:36 - 000036864 _____ (Robdogg Inc.) C:\Windows\SysWOW64\trayicon_handler.ocx
2019-02-17 20:28 - 2003-01-26 13:41 - 000040960 _____ (vbAccelerator) C:\Windows\SysWOW64\ssubtmr6.dll
2019-02-17 20:16 - 2019-02-17 20:28 - 000000000 ____D C:\Windows\System32\Tasks\NCH Software
2019-02-15 13:35 - 2019-03-01 14:41 - 000002623 _____ C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2019-02-15 13:35 - 2019-02-15 13:35 - 000003700 _____ C:\Windows\System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3657392865-4282527132-3450529356-1001UA
2019-02-15 13:35 - 2019-02-15 13:35 - 000003432 _____ C:\Windows\System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3657392865-4282527132-3450529356-1001Core
2019-02-15 13:35 - 2019-02-15 13:35 - 000000000 ____D C:\Users\steph\AppData\Local\BraveSoftware
2019-02-15 13:02 - 2019-02-15 13:02 - 000069677 _____ C:\Users\steph\Downloads\209100_2019-02-15_18-01_Stephen_Richardson.csv
2019-02-15 12:57 - 2019-02-15 12:57 - 000017202 _____ C:\Users\steph\Desktop\CherokeeDelinq.csv
2019-02-15 11:39 - 2019-02-15 11:39 - 000000000 ____D C:\Users\steph\AppData\Local\KutoolsforExcel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\Users\steph\Documents\Kutools for Excel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\Users\steph\AppData\Roaming\Kutools for Excel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\Users\Public\Documents\Kutools for Excel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kutools for Excel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\Program Files (x86)\Kutools for Excel
2019-02-13 20:01 - 2019-02-13 20:01 - 000032429 _____ C:\Users\steph\Downloads\dgreadiness_v3.6.zip
2019-02-13 12:17 - 2019-02-13 12:17 - 000000000 ____D C:\Users\steph\AppData\Roaming\PDF Producer
2019-02-13 12:11 - 2019-02-15 13:05 - 000084745 _____ C:\Users\steph\Desktop\Copy of delinq2819.xlsx
2019-02-13 08:24 - 2019-02-13 08:24 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 006070272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 004885504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 002927120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 002437552 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 002021584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001700864 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001671864 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001467560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000982576 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000982032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000765960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000475152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-02-13 08:24 - 2019-02-13 08:24 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000461824 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000419128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000387384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000047136 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2019-02-13 08:24 - 2019-02-13 08:24 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000039304 _____ (Microsoft Corporation) C:\Windows\system32\NtlmShared.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NtlmShared.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000000072 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2019-02-12 19:13 - 2019-02-13 22:07 - 000000000 ____D C:\Users\steph\AppData\Roaming\Soda PDF Desktop 11
2019-02-12 19:13 - 2019-02-12 19:14 - 000000000 ____D C:\ProgramData\Soda PDF Desktop 11
2019-02-12 19:13 - 2019-02-12 19:13 - 000001143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop 11.lnk
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\Users\steph\Documents\Soda PDF Files
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop 11
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\Program Files\Soda PDF Desktop 11
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\Program Files (x86)\Soda PDF Desktop Manager
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\Program Files (x86)\Soda PDF Desktop 11
2019-02-11 16:01 - 2019-02-11 16:01 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-02-10 18:14 - 2019-02-10 18:14 - 000000000 ____D C:\Users\steph\AppData\Roaming\EasyAntiCheat
2019-02-10 18:13 - 2019-03-02 09:54 - 000001199 _____ C:\Users\Public\Desktop\Apex Legends.lnk
2019-02-10 18:13 - 2019-02-10 18:13 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-02-10 18:13 - 2019-02-10 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2019-02-10 18:13 - 2019-02-10 18:13 - 000000000 ____D C:\ProgramData\Electronic Arts
2019-02-10 17:59 - 2019-03-02 09:53 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-02-10 17:57 - 2019-03-04 20:02 - 000000000 ____D C:\Program Files (x86)\Origin
2019-02-10 17:57 - 2019-02-10 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2019-02-10 17:54 - 2019-03-02 22:43 - 000000000 ____D C:\ProgramData\Origin
2019-02-10 17:54 - 2019-03-02 09:54 - 000000000 ____D C:\Users\steph\AppData\Roaming\Origin
2019-02-10 17:54 - 2019-02-10 18:14 - 000000000 ____D C:\Users\steph\AppData\Local\Origin
2019-02-10 17:54 - 2019-02-10 17:54 - 000000000 ____D C:\Users\steph\.QtWebEngineProcess
2019-02-10 17:54 - 2019-02-10 17:54 - 000000000 ____D C:\Users\steph\.Origin
2019-02-08 14:43 - 2019-02-08 14:43 - 000070752 _____ (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
2019-02-08 13:33 - 2019-02-08 13:36 - 000461980 _____ C:\Users\steph\Downloads\209040_2019-02-08_18-33_Stephen_Richardson.csv
2019-02-08 12:24 - 2019-02-08 12:24 - 000277808 _____ C:\Users\steph\Downloads\call_recording_download_02-08-2019 11_24.zip
2019-02-08 12:16 - 2019-02-08 12:18 - 000000000 ____D C:\ProgramData\TEMP
2019-02-06 14:59 - 2019-02-06 14:59 - 000000112 _____ C:\Users\steph\Downloads\contact000000.vcf
2019-02-06 13:15 - 2019-02-06 13:15 - 000073393 _____ C:\Users\steph\Downloads\190206GACOBB.csv
2019-02-06 13:00 - 2019-02-06 13:00 - 000230251 _____ C:\Users\steph\Downloads\contract-for-laura-lloyd-signed.pdf
2019-02-06 12:41 - 2019-02-06 12:41 - 000131544 _____ C:\Users\steph\AppData\Local\GDIPFONTCACHEV1.DAT
2019-02-06 12:41 - 2019-02-06 12:41 - 000000000 ____D C:\Users\steph\AppData\Roaming\PDF Software
2019-02-06 12:29 - 2019-02-19 11:20 - 000000000 ____D C:\ProgramData\Wondershare
2019-02-06 12:28 - 2019-02-19 11:20 - 000000000 ____D C:\Users\steph\AppData\Local\Wondershare
2019-02-06 12:27 - 2019-02-19 11:20 - 000000000 ____D C:\Users\steph\AppData\Roaming\Wondershare
2019-02-06 12:27 - 2019-02-19 11:20 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2019-02-06 11:48 - 2019-02-06 11:48 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-05 10:57 - 2019-02-05 10:57 - 000024836 _____ C:\Users\steph\Downloads\members_REI_Live_opened_Feb_5_2019.csv
2019-02-05 10:42 - 2019-02-05 10:42 - 000207073 _____ C:\Users\steph\Documents\assignment-for-260-cottonwood-loop.pdf
2019-02-04 15:54 - 2019-02-04 15:54 - 000000000 ____D C:\Users\steph\AppData\Local\DBG
2019-02-04 10:08 - 2019-02-04 10:08 - 000000000 ____D C:\Users\steph\Documents\Shadow of the Tomb Raider
2019-02-04 10:08 - 2019-02-04 10:08 - 000000000 ____D C:\Users\steph\AppData\Roaming\Eidos Montreal
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-05 11:03 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-05 11:01 - 2019-01-24 14:42 - 000000000 ____D C:\Users\steph\AppData\Roaming\Telegram Desktop
2019-03-05 10:52 - 2019-01-24 13:40 - 000000000 ____D C:\Users\steph\AppData\Local\Packages
2019-03-05 10:45 - 2019-01-24 13:48 - 000000000 ____D C:\Users\steph\AppData\Local\D3DSCache
2019-03-05 10:36 - 2019-01-29 12:01 - 000000000 ____D C:\Program Files\Inkscape
2019-03-05 10:31 - 2019-01-27 09:57 - 000000000 ____D C:\Users\steph\AppData\LocalLow\Mozilla
2019-03-05 10:31 - 2019-01-24 16:53 - 000000000 ___RD C:\Users\steph\Dropbox
2019-03-05 10:31 - 2019-01-24 14:45 - 000000000 ____D C:\Program Files (x86)\Steam
2019-03-05 10:31 - 2019-01-24 13:42 - 000000000 ___RD C:\Users\steph\OneDrive
2019-03-05 10:30 - 2019-01-24 13:46 - 000003112 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-03-04 21:09 - 2019-01-25 13:26 - 000000000 ____D C:\ProgramData\WRData
2019-03-04 21:09 - 2019-01-25 04:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-03-04 19:50 - 2019-01-24 14:02 - 000000000 ____D C:\Users\steph\AppData\Roaming\Opera Software
2019-03-03 22:01 - 2019-01-24 14:43 - 000000000 ____D C:\Users\steph\Downloads\Telegram Desktop
2019-03-03 18:53 - 2019-01-24 13:42 - 000795988 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-03 18:53 - 2018-09-15 02:31 - 000000000 ____D C:\Windows\INF
2019-03-03 18:47 - 2019-01-25 14:28 - 000000000 ____D C:\Users\steph\AppData\Roaming\WhatsApp
2019-03-03 18:47 - 2019-01-25 13:26 - 000273688 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2019-03-03 18:47 - 2019-01-25 13:26 - 000231104 _____ (Webroot) C:\Windows\system32\WRusr.dll
2019-03-03 18:47 - 2019-01-25 04:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-03 18:47 - 2019-01-24 13:46 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-03-03 18:47 - 2018-09-15 01:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-03-03 18:37 - 2018-09-15 02:23 - 000000000 ____D C:\Windows\CbsTemp
2019-03-03 13:53 - 2019-01-24 13:39 - 000000000 ____D C:\Users\steph
2019-03-03 13:47 - 2019-01-25 16:02 - 001065984 _____ C:\Users\steph\AppData\Local\file__0.localstorage
2019-03-03 13:47 - 2019-01-25 16:02 - 000000000 ____D C:\Users\steph\Heaven
2019-03-03 13:47 - 2019-01-25 15:28 - 000000000 ____D C:\Users\steph\AppData\Roaming\qBittorrent
2019-03-02 09:02 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-02 09:02 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\AppReadiness
2019-03-02 08:29 - 2019-01-24 13:40 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-03-02 08:29 - 2019-01-24 13:40 - 000000000 ___RD C:\Users\steph\3D Objects
2019-03-02 08:28 - 2019-01-27 09:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-03-02 08:28 - 2019-01-27 09:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-02 08:28 - 2019-01-25 04:36 - 000649224 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\TextInput
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\oobe
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\bcastdvr
2019-03-01 21:01 - 2019-01-24 13:38 - 002865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-03-01 14:15 - 2019-01-24 19:48 - 000004600 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-01 14:15 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-01 14:15 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-01 13:28 - 2019-01-27 09:57 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-01 13:28 - 2019-01-24 19:48 - 000000000 ____D C:\Users\steph\AppData\Local\Adobe
2019-02-26 11:32 - 2019-01-25 14:28 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-02-26 11:32 - 2019-01-25 14:28 - 000000000 ____D C:\Users\steph\AppData\Local\WhatsApp
2019-02-26 10:39 - 2019-01-24 14:02 - 000000000 ____D C:\Users\steph\AppData\Local\Opera Software
2019-02-26 10:31 - 2018-09-15 02:41 - 000385536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2019-02-26 10:31 - 2018-09-15 02:41 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2019-02-26 10:31 - 2018-09-15 02:41 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000472576 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2019-02-26 10:31 - 2018-09-15 02:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2019-02-25 19:13 - 2019-01-29 10:13 - 000000000 ____D C:\Users\steph\AppData\Roaming\Psiphon3
2019-02-25 17:35 - 2019-01-24 15:08 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-02-25 17:28 - 2019-01-24 15:08 - 000000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-02-25 17:28 - 2019-01-24 15:08 - 000000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-02-20 22:15 - 2019-01-24 14:21 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-02-20 22:15 - 2019-01-24 14:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-19 11:38 - 2019-01-24 14:48 - 000000000 ____D C:\Users\steph\AppData\Local\Downloaded Installations
2019-02-19 11:35 - 2019-01-24 13:44 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-19 11:30 - 2019-01-24 13:40 - 000000000 ____D C:\Users\steph\AppData\Local\VirtualStore
2019-02-19 11:26 - 2019-01-24 13:46 - 000000000 ____D C:\ProgramData\Package Cache
2019-02-13 18:59 - 2019-01-24 15:08 - 000003998 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2019-02-13 18:59 - 2019-01-24 15:08 - 000003766 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2019-02-13 13:39 - 2019-01-24 17:11 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-02-13 09:47 - 2019-01-25 11:07 - 000000000 ____D C:\Users\steph\Desktop\Games
2019-02-13 08:23 - 2019-01-24 14:36 - 000000000 ____D C:\Windows\system32\MRT
2019-02-13 08:22 - 2019-01-24 14:36 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-10 18:14 - 2019-01-24 19:21 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-02-08 13:52 - 2019-01-24 13:42 - 000000000 ____D C:\Users\steph\AppData\Local\PlaceholderTileLogoFolder
2019-02-06 09:26 - 2019-01-24 13:42 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3657392865-4282527132-3450529356-1001
2019-02-06 09:26 - 2019-01-24 13:39 - 000002367 _____ C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-04 15:51 - 2019-01-25 14:28 - 000000000 ____D C:\Users\steph\AppData\Local\SquirrelTemp
2019-02-04 09:16 - 2019-01-24 13:52 - 000000000 ____D C:\Users\steph\AppData\Local\Comms
 
==================== Files in the root of some directories =======
 
2019-01-25 13:27 - 2019-01-25 13:27 - 018102328 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
2019-02-17 21:53 - 2019-02-17 21:53 - 000000171 _____ () C:\Users\steph\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-02-17 21:53 - 2019-02-17 21:53 - 000001057 _____ () C:\Users\steph\AppData\Roaming\88e9dc3a-641c-4dc2-9204-9ba65cc42265
2019-02-17 20:36 - 2019-02-17 20:36 - 000099384 _____ () C:\Users\steph\AppData\Roaming\inst.exe
2019-02-17 20:36 - 2019-02-17 20:36 - 000007859 _____ () C:\Users\steph\AppData\Roaming\pcouffin.cat
2019-02-17 20:36 - 2019-02-17 20:36 - 000001167 _____ () C:\Users\steph\AppData\Roaming\pcouffin.inf
2019-02-17 20:36 - 2019-02-17 20:36 - 000000055 _____ () C:\Users\steph\AppData\Roaming\pcouffin.log
2019-02-17 20:36 - 2019-02-17 20:36 - 000082816 _____ (VSO Software) C:\Users\steph\AppData\Roaming\pcouffin.sys
2019-01-25 16:02 - 2019-03-03 13:47 - 001065984 _____ () C:\Users\steph\AppData\Local\file__0.localstorage
2019-01-29 12:02 - 2019-01-29 12:02 - 000000796 _____ () C:\Users\steph\AppData\Local\recently-used.xbel
2019-02-17 22:05 - 2019-03-01 15:10 - 000007619 _____ () C:\Users\steph\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
2019-02-17 19:59 - 2019-02-25 19:13 - 012622960 _____ () C:\Users\steph\AppData\Local\Temp\psiphon-tunnel-core.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by steph (05-03-2019 11:09:21)
Running from C:\Users\steph\Downloads
Windows 10 Home Version 1809 17763.348 (X64) (2019-01-25 09:37:43)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3657392865-4282527132-3450529356-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3657392865-4282527132-3450529356-503 - Limited - Disabled)
Guest (S-1-5-21-3657392865-4282527132-3450529356-501 - Limited - Disabled)
steph (S-1-5-21-3657392865-4282527132-3450529356-1001 - Administrator - Enabled) => C:\Users\steph
WDAGUtilityAccount (S-1-5-21-3657392865-4282527132-3450529356-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Webroot SecureAnywhere (Enabled - Up to date) {4646A877-74EB-CD3B-8FDB-210DB94FA61A}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Webroot SecureAnywhere (Enabled - Up to date) {FD274993-52D1-C2B5-B56B-1A7FC2C8ECA7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 1.5.3.0902 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.1.2 - Advanced Micro Devices, Inc.)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.4 - Electronic Arts, Inc.)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{71667bbb-81ab-429c-aeb4-e43c31e8fe14}) (Version: 2.2.12.0 - ASUSTek COMPUTER INC.) Hidden
Asus ApoDispatchConfigurator (HKLM\...\{4FEB3307-A0EF-4385-9C8F-4B4C1503311C}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
Asus AudioCaptureNotificationConfigurator (HKLM\...\{04C5CE55-7F32-4D2D-AEA2-FDC03E8F65CC}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{36aa03d4-9606-4f04-bf3e-a70ebe6650f3}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.9 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{2d85b111-aee4-468b-874b-a9272712f69b}) (Version: 1.0.9 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.1.16 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{ac3dc320-7e5e-4f22-9572-4c2119fcdf85}) (Version: 1.1.16 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.31 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{b31aaf98-0562-411d-a962-0c3d16a3527a}) (Version: 1.0.31 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{a29279dc-f417-4442-8225-4db77f7d35b5}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.08 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.1.7 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{4f18ae01-4390-4b41-be3a-54ef4eacdd91}) (Version: 0.0.1.7 - ASUSTek COMPUTER INC. ) Hidden
Asus DeviceRoutingConfigurator (HKLM\...\{AC306567-A1B7-4208-8FED-97CF535050BC}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.27 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{210cdd08-c947-43a2-9378-bc288f651e41}) (Version: 1.0.27 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{3e9b91eb-5bb0-4272-8670-f88d353eb68b}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{add3bacc-578f-4bf9-97e3-a0f0c3ae3323}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.0.6 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{cc37f609-4db9-4ce3-9e37-9cb1b432452e}) (Version: 1.0.0.6 - ASUSTek COMPUTER INC.) Hidden
Asus NahimicSettingsConfigurator (HKLM\...\{B028B8A0-36BD-4A96-8F28-5E95C0D68679}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
Asus ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
Asus ProfileSwitcherCleanup (HKLM\...\{C7E4F981-F94E-4007-9E78-07DF3178BE6C}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC) Hidden
Asus Sonic Radar 3 (HKLM-x32\...\{5a6fe0f0-37f2-4f35-9480-6e98ced96fba}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC)
Asus Sonic Studio 3 (HKLM-x32\...\{7c3c8060-12d4-4bea-aea1-ce0478a148fc}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC)
Asus SonicMapperConfigurator (HKLM\...\{02632F10-EFA1-4B62-9982-9BCDE65F995B}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC) Hidden
Asus SonicRadar3Setup (HKLM\...\{8F9191B4-D834-485C-85C3-7A931585311E}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC) Hidden
Asus SonicStudio3Setup (HKLM\...\{520F73ED-BAA5-4933-9C6A-CC04425D6214}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC) Hidden
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.07.35 - ASUSTeK Computer Inc.)
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.26 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{dded177f-c7b2-4212-9c64-74884f3fd53b}) (Version: 1.0.26 - ASUS) Hidden
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.03.16 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{69e3ed08-553c-4647-86e2-6bc40f7ab682}) (Version: 3.03.16 - ASUSTeK Computer Inc.)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Brave (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\BraveSoftware Brave-Browser) (Version: 72.0.60.47 - Brave Software Inc)
Brother MFL-Pro Suite HL-L2380DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Core Temp 1.13 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.13 - ALCPU)
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.6 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{da7ebf10-b0be-494e-a79d-568546795a51}) (Version: 1.0.6 - CORSAIR COMPONENTS INC.) Hidden
CORSAIR iCUE Software (HKLM-x32\...\{37E2CEEA-E7E8-44C4-B3E6-D214543D9DA9}) (Version: 3.13.94 - Corsair)
Dropbox (HKLM-x32\...\Dropbox) (Version: 67.4.83 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Energi Core (64-bit) (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Energi Core (64-bit)) (Version: 2.0.2 - Energi Core project)
GALAX GAMER RGB (HKLM\...\{06A16AA8-BBA7-4362-962E-16651962D87C}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Hidden
GALAX GAMER RGB (HKLM-x32\...\{1257fdeb-ffa3-4e17-9d4b-189075ea3656}) (Version: 1.00.02 - Galaxy Microsystems Ltd.)
GOG.com Unreal Tournament GOTY (HKLM\...\{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HWiNFO64 Version 6.00 (HKLM\...\HWiNFO64_is1) (Version: 6.00 - Martin Malík - REALiX)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.9 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{d6cac989-7570-43fd-b147-e31d6280a3a6}) (Version: 1.0.9 - KINGSTON COMPONENTS INC.) Hidden
Kutools for Excel 18.00 (HKLM-x32\...\{A095BA43-4A97-4D55-8E25-A0BC46F10765}_is1) (Version: 18.00 - Addin Technology Inc.)
LibreOffice 6.1.4.2 (HKLM\...\{080C0C39-B1B5-48BB-85AB-4F9A8768CD10}) (Version: 6.1.4.2 - The Document Foundation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11231.20174 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 65.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-US)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.2 - Mozilla)
Nitro Pro (HKLM\...\{68DCC836-006C-4EAB-8D72-01635EFEDDE0}) (Version: 12.9.1.474 - Nitro)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Opera Stable 58.0.3135.79 (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Opera 58.0.3135.79) (Version: 58.0.3135.79 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.35.22222 - Electronic Arts, Inc.)
Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.05 - Patriot Memory) Hidden
Patriot Viper RGB (HKLM-x32\...\{0ea44351-5397-43b0-a9c7-c4c53d9948ef}) (Version: 1.00.05 - Patriot Memory)
Python 3.6.6 (32-bit) (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\{b43c5985-05a6-4dc7-be5f-85f504d498d0}) (Version: 3.6.6150.0 - Python Software Foundation)
Python 3.6.6 Core Interpreter (32-bit) (HKLM-x32\...\{D9D74228-D4AC-4877-9950-8FDFE485D1A5}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Development Libraries (32-bit) (HKLM-x32\...\{C7844709-AB1D-459E-9C09-E62811844B52}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Documentation (32-bit) (HKLM-x32\...\{A619A9AA-65E2-485A-960E-456327A4787C}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Executables (32-bit) (HKLM-x32\...\{BB82E3E8-BB03-41F1-8C13-9540188BB592}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 pip Bootstrap (32-bit) (HKLM-x32\...\{46D96E6F-3747-4E02-B95E-E1D1C9F7226D}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Standard Library (32-bit) (HKLM-x32\...\{D40EACD0-CC67-4D18-BDB5-D1D81D73DCF6}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F64435CF-E0D6-409D-B07B-958C8DEB84E5}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Test Suite (32-bit) (HKLM-x32\...\{387AB42E-1FCC-4FB6-A32C-2295E221A2BB}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Utility Scripts (32-bit) (HKLM-x32\...\{9F328F30-55B0-4055-BBB1-AB577ED16D63}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{A9DED8BE-05DF-45D5-81A0-3743A44CC0C9}) (Version: 3.6.6386.0 - Python Software Foundation)
qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.5.1006.171124 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0019 - REALTEK Semiconductor Corp.)
Revo Uninstaller Pro 4.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.1 Beta 4 (HKLM-x32\...\RTSS) (Version: 7.2.1 Beta 4 - Unwinder)
Samsung NVM Express Driver (HKLM-x32\...\{bfb0503a-76b9-415a-b0a3-dd55d2a01ebe}) (Version: 3.0.0.1802 - Samsung Electronics)
Samsung NVM Express Driver 3.0.0.1802 (HKLM\...\{92729760-681A-42A2-A101-1098CAB4DEC1}) (Version: 3.0.0.1802 - Samsung Electronics Co., Ltd) Hidden
Sapphire TRIXX 6.4.0 (HKLM-x32\...\{54CE6A44-8553-4B78-9B07-AC88A9D581E8}_is1) (Version: 6.4.0 - Sapphire Technology)
Soda PDF Desktop 11 (HKLM-x32\...\SodaDesktop11) (Version: 11.0.15.1455 - LULU Software)
Soda PDF Desktop 11 Asian Fonts Pack (HKLM\...\{BB4DC24B-7F35-4B84-A6C2-241933C45628}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Convert Module (HKLM\...\{B5CDE8A3-4BF5-4AAB-B169-FD6BE4690EDF}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Create Module (HKLM\...\{FBDAE9BD-1B2E-4244-800A-A593DC95C28A}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Edit Module (HKLM\...\{984153FE-9ADC-45D6-A119-8807B4B5389A}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Forms Module (HKLM\...\{51710932-1AEA-4227-A562-6CA445EE1586}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Insert Module (HKLM\...\{FD1BBF97-1C5A-4F27-A9DB-E752D2F12189}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 OCR TESS Module (HKLM\...\{5C066B6B-335B-4303-A5BD-A2E8BE2571A5}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Review Module (HKLM\...\{890A08AF-7844-4AAB-9951-B00A32B761EA}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Secure Module (HKLM\...\{6558C36A-BBD0-45B8-AE2C-A215F6E62E1B}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 View Module (HKLM\...\{D3570F36-3E34-41C0-AFE1-753F0B272651}) (Version: 11.0.15.2796 - LULU Software) Hidden
Splashtop Personal (HKLM-x32\...\{E7CF0F14-8C1D-41F3-85ED-579C108262C7}) (Version: 2.6.4.0 - Splashtop Inc.)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.3.0.0 - Splashtop Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop version 1.5.15 (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.5.15 - Telegram Messenger LLP)
Todoist (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\{B1B3C79A-FFD9-4B28-A456-62B6E55E2A5C}_is1) (Version: 2.7.6.0 - Doist Ltd.)
Unreal Tournament GOTY (HKLM-x32\...\GOGPACKUT_is1) (Version: 2.0.0.5 - GOG.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.64 - VSO Software)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.24.49 - Webroot)
WhatsApp (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\WhatsApp) (Version: 0.3.2276 - WhatsApp)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{06B74C04-E813-4DD4-A972-172836EFA8D6}\InprocServer32 -> C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{06C9646D-2807-44C0-97D2-6DA0DB623DB4}\localserver32 -> C:\Users\steph\AppData\Local\BraveSoftware\Brave-Browser\Application\72.0.60.47\notification_helper.exe (Brave Software, Inc. -> Brave Software, Inc.)
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{8DE224FD-6370-47FA-A864-FDF45A05112F}\InprocServer32 -> C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\steph\Dropbox [2019-01-24 16:53]
ShellIconOverlayIdentifiers: [ ] -> {1914B27A-33C8-46F8-A1C2-F993268D4564} => C:\Windows\system32\WRusr.dll [2019-03-03] (Webroot Inc. -> Webroot)
ShellIconOverlayIdentifiers: [  ] -> {C14874EA-ACE4-4A47-8A81-18C4D1C40868} => C:\Windows\system32\WRusr.dll [2019-03-03] (Webroot Inc. -> Webroot)
ShellIconOverlayIdentifiers: [   ] -> {6DA1ED92-315E-4D0B-B354-9D5F519DBA95} => C:\Windows\system32\WRusr.dll [2019-03-03] (Webroot Inc. -> Webroot)
ShellIconOverlayIdentifiers: [    ] -> {8D7FC74C-E409-42DF-8EEE-69D45FAE2F30} => C:\Windows\system32\WRusr.dll [2019-03-03] (Webroot Inc. -> Webroot)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro\12\NitroProShellExtensionShim.dll [2019-02-08] (Nitro Software, Inc. -> )
ContextMenuHandlers1: [SodaPDFDesktop11_ManagerExt] -> {95288ec1-ce0d-11e8-b453-40167e6e7313} => C:\Program Files\Soda PDF Desktop 11\context-menu.dll [2019-02-05] (LULU Software -> LULU Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\Windows\system32\WRusr.dll [2019-03-03] (Webroot Inc. -> Webroot)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-01-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\Windows\system32\WRusr.dll [2019-03-03] (Webroot Inc. -> Webroot)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0F3998ED-6A3C-404B-A0FE-98167645F8DE} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {2A523F72-2DB2-43AA-B2B8-0CFD15086B4D} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3657392865-4282527132-3450529356-1001UA => C:\Users\steph\AppData\Local\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {393EF620-E312-486F-BE1C-FF2B91E078E4} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3F497AA2-1BDF-49D2-9941-0CE89B246F46} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {46FB6455-25C3-49AC-B211-32519B0F1293} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {4DEFCE24-B2AF-4535-BA7F-53F8838DDB84} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6A21F591-F081-4BF4-A58D-47F5C137FB11} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3657392865-4282527132-3450529356-1001Core => C:\Users\steph\AppData\Local\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {745A82B5-64B3-450C-92BB-3147B96E9EC2} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {82E88759-E2AC-43DF-B374-C1B2C7B93E1F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {878344B9-1103-4C62-A35D-F5D21099BDA6} - System32\Tasks\SS3svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe (ASUSTeK COMPUTER INC.) [File not signed]
Task: {8D6C3F56-85F5-4759-A3FE-2F95E46BB7C2} - System32\Tasks\Opera scheduled Autoupdate 1551747080 => C:\Users\steph\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {9425C4F4-F875-4300-8A59-B6292E48EA13} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {980193A7-9C42-4FE0-9D0C-11B4E7CFF562} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {9AC9B2AA-ED2A-4A2A-B250-57BD26765E59} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {AB1FA68B-DC14-4061-BD22-DFE04D816A12} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B34B8487-2D38-480F-B068-6BD11DBE8E03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {BAFFA189-21FB-4FC7-935B-A7989242127A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C1FED2B9-749F-467B-86CE-BE1F857DA561} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C5B5393E-C83D-44AD-9809-38A651610B9C} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe (Advanced Micro Devices Inc. -> )
Task: {C86B7A9F-35E7-4EC2-9A9A-3253BEAEC1C2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D4414CED-D32A-4A78-80DF-D5450DFF462C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DA03E1EB-0D73-49CE-B304-681A9F74AA2E} - System32\Tasks\SS3svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe (ASUSTeK COMPUTER INC.) [File not signed]
Task: {F91A96AD-4362-4E7B-90B4-3D5BA2B0F779} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {FF39B522-8F35-4FD0-93AB-56A68A2C9A4D} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
 
==================== Loaded Modules (Whitelisted) ==============
 
2019-01-28 09:54 - 2013-03-08 01:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2019-01-28 09:54 - 2005-04-21 23:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2018-12-10 09:29 - 2018-12-10 09:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\Soda PDF Desktop 11\libcurl.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiuxp64.dll
2019-02-08 13:52 - 2019-02-08 13:52 - 000022528 _____ () [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5118.0_x86__71ef4824z52ta\Todoist.Universal.exe
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiumd6a.dll
2017-12-29 17:13 - 2017-12-29 17:13 - 001234432 _____ (ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe
2017-12-29 17:17 - 2017-12-29 17:17 - 000811520 _____ (ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe
2018-11-13 15:57 - 2018-11-13 15:57 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 005590528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 076171264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 006303232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-22 19:34 - 2019-01-22 19:34 - 005786112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000189952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atig6txx.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 001413632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-11-13 15:58 - 2018-11-13 15:58 - 002551808 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000502784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000137728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiu9p64.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\amduve64.dll
2019-01-28 09:54 - 2014-06-16 16:02 - 000579584 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
2019-01-28 09:54 - 2014-06-16 15:59 - 001537536 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
2019-01-10 10:44 - 2019-01-10 10:44 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2018-04-17 21:39 - 2018-04-17 21:39 - 000018432 _____ () [File not signed] C:\Program Files (x86)\LightingService\Log4cxxWrapper.dll
2018-04-17 21:39 - 2018-04-17 21:39 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2018-12-27 16:18 - 2018-12-27 16:18 - 000861184 _____ () [File not signed] C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.dll
2018-05-16 10:54 - 2018-05-16 10:54 - 000156672 _____ () [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\AacHal_x86.dll
2018-05-16 10:46 - 2018-05-16 10:46 - 000053248 _____ (MS) [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\MsIo32.dll
2018-09-20 09:39 - 2018-09-20 09:39 - 000156672 _____ () [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\AacHal_x86.dll
2018-09-20 09:08 - 2018-09-20 09:08 - 000053760 _____ (MS) [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\MsIo32_Galax.dll
2018-10-22 17:21 - 2018-10-22 17:21 - 000076288 _____ (ASUSTek) [File not signed] C:\Program Files\ASUS\AacVGAHal\AacVgaHal.dll
2018-10-22 16:40 - 2018-10-22 16:40 - 001932800 _____ (ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUS\AacVGAHal\LED_DLL_forMB.dll
2018-10-22 16:38 - 2018-10-22 16:38 - 001629184 _____ (TODO: <Company name>) [File not signed] C:\Program Files\ASUS\AacVGAHal\VGA_Extra.dll
2018-10-22 16:37 - 2018-10-22 16:37 - 001779712 _____ () [File not signed] C:\Program Files\ASUS\AacVGAHal\Vender.dll
2018-08-29 16:19 - 2018-08-29 16:19 - 000223232 _____ () [File not signed] C:\Program Files\ASUS\AacOdd\AacOddHal_x86.dll
2018-12-27 16:31 - 2018-12-27 16:31 - 000225280 _____ () [File not signed] C:\Program Files\ASUS\CORSAIR_Aac_DRAM\AacCosairDramHal_x86.dll
2018-12-27 16:26 - 2018-12-27 16:26 - 000237568 _____ () [File not signed] C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.dll
2018-09-07 00:29 - 2018-09-07 00:29 - 000202752 _____ () [File not signed] C:\Program Files\ASUS\AacTerminalHal\AacStripBusHal_x86.dll
2018-04-12 16:55 - 2018-04-12 16:55 - 000053248 _____ () [File not signed] C:\Program Files (x86)\LightingService\cpuutil.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-02-08 13:52 - 2019-02-08 13:52 - 053920768 _____ () [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5118.0_x86__71ef4824z52ta\Todoist.Universal.dll
2019-02-08 13:52 - 2019-02-08 13:52 - 000710656 _____ () [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5118.0_x86__71ef4824z52ta\e_sqlite3.dll
2019-02-08 13:52 - 2019-02-08 13:52 - 001084928 _____ (SQLite Development Team) [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5118.0_x86__71ef4824z52ta\sqlite3.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiuxpag.dll
2017-12-29 17:13 - 2017-12-29 17:13 - 000367616 _____ () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\NSConfiguratorDaemonModule.dll
2017-12-29 17:30 - 2017-12-29 17:30 - 000230400 _____ () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\ProfileSwitcherDaemonModule.dll
2019-01-24 14:19 - 2019-01-24 14:19 - 000000000 ____LMicrosoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2019-01-24 14:19 - 2019-01-24 14:19 - 000000000 ____LMicrosoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2019-01-28 09:54 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2019-01-28 09:54 - 2014-06-16 15:45 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2019-01-28 09:54 - 2014-06-16 16:04 - 000080384 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2019-01-28 09:54 - 2014-06-16 16:03 - 000083968 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2019-01-28 09:54 - 2014-06-16 16:03 - 017955328 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2019-02-06 12:28 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2019-02-06 12:28 - 2017-03-23 09:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2019-02-06 12:28 - 2017-03-23 09:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
2019-02-15 16:09 - 2019-02-15 16:09 - 000204800 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2018-12-03 13:30 - 2018-12-03 13:30 - 000147456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Xml.dll
2018-12-03 16:48 - 2018-12-03 16:48 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Scxml.dll
2018-12-03 16:59 - 2018-12-03 16:59 - 000444416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5WinExtras.dll
2018-12-03 13:31 - 2018-12-03 13:31 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Concurrent.dll
2018-12-03 16:48 - 2018-12-03 16:48 - 000576512 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Multimedia.dll
2018-12-03 13:35 - 2018-12-03 13:35 - 001043968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Network.dll
2018-12-03 16:39 - 2018-12-03 16:39 - 003348480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Qml.dll
2018-12-03 16:31 - 2018-12-03 16:31 - 003169792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Quick.dll
2018-12-03 13:40 - 2018-12-03 13:40 - 004525568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Widgets.dll
2019-02-15 16:38 - 2019-02-15 16:38 - 005086208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll
2018-12-03 13:36 - 2018-12-03 13:36 - 005337600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Gui.dll
2019-02-15 16:04 - 2019-02-15 16:04 - 000098816 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2018-12-03 13:44 - 2018-12-03 13:44 - 001196032 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\platforms\qwindows.dll
2018-12-03 13:43 - 2018-12-03 13:43 - 000122368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\styles\qwindowsvistastyle.dll
2018-12-03 13:41 - 2018-12-03 13:41 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qico.dll
2018-12-03 13:42 - 2018-12-03 13:42 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qgif.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000034816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qicns.dll
2018-12-03 13:43 - 2018-12-03 13:43 - 000364032 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qjpeg.dll
2018-12-03 16:19 - 2018-12-03 16:19 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qsvg.dll
2018-12-03 16:19 - 2018-12-03 16:19 - 000263680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Svg.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qtga.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qtiff.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qwbmp.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000411648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qwebp.dll
2018-12-03 13:29 - 2018-12-03 13:29 - 000015872 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libEGL.DLL
2018-12-03 13:29 - 2018-12-03 13:29 - 002786816 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libGLESv2.dll
2018-12-03 16:36 - 2018-12-03 16:36 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick.2\qtquick2plugin.dll
2018-12-03 16:37 - 2018-12-03 16:37 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Window.2\windowplugin.dll
2018-12-03 16:45 - 2018-12-03 16:45 - 000056320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-12-03 16:37 - 2018-12-03 16:37 - 000072192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-12-03 16:45 - 2018-12-03 16:45 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-12-03 16:52 - 2018-12-03 16:52 - 000269312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-12-03 16:57 - 2018-12-03 16:57 - 000446976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2018-12-03 16:51 - 2018-12-03 16:51 - 000142336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5QuickControls2.dll
2018-12-03 16:51 - 2018-12-03 16:51 - 000847872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5QuickTemplates2.dll
2018-12-03 16:52 - 2018-12-03 16:52 - 000260608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-01-04 20:02 - 2019-01-04 20:02 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ssleay32.dll
2019-01-04 20:02 - 2019-01-04 20:02 - 001277952 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LIBEAY32.dll
2019-03-05 10:43 - 2015-09-28 13:04 - 050572288 _____ () [File not signed] C:\Users\steph\AppData\Local\Todoist\WindowsDesktopApp\libcef.DLL
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiu9pag.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiumdva.dll
2019-03-05 10:43 - 2015-09-28 13:04 - 001874944 _____ () [File not signed] C:\Users\steph\AppData\Local\Todoist\WindowsDesktopApp\libglesv2.dll
2019-03-05 10:43 - 2015-09-28 13:04 - 000075264 _____ () [File not signed] C:\Users\steph\AppData\Local\Todoist\WindowsDesktopApp\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:76650B61 [103]
AlternateDataStreams: C:\Users\steph\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\steph\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-09-15 02:31 - 2018-09-15 02:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKCU\Environment\\Path: %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\steph\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\amd-ryzen-8k-hw-2560x1080 (1).jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{37B26839-9779-422D-B349-113093A8D6BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{51BBFC0A-06C8-4167-B828-4F0E45D2B41C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9B1A0BF4-9016-4996-9FDF-77FFA402FA46}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{36613DE6-1B4D-47ED-8EC4-C0F1D41D4383}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C5AD289B-BB2F-4842-A0E3-216921F76BF8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E3BBA3A4-B8FB-480D-A625-5AC68D3505AE}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{84291FD6-94D0-4D8A-9AC2-B5FC3AA493F3}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{304A85E8-B5C0-45FB-8B8A-202162A5C1D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{B0ADF072-3CF2-4ECF-9417-D61D8F87697B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{6C0F9A6D-59E7-44E3-9836-4D893CF61173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overload\Overload.exe () [File not signed]
FirewallRules: [{3FE3B7F8-7529-4C35-AD4E-BB3E028EF88F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overload\Overload.exe () [File not signed]
FirewallRules: [TCP Query User{130D65FE-76BC-49AA-90B1-5B498C4EF5A7}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{015C8A14-AFE8-46A3-B7BA-3180D8194D91}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{8F965F1D-1BD3-49E4-BF46-B715F280DADC}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite Titanium.SP2c\WNt600x64\RpcSandraSrv.exe No File
FirewallRules: [{55173C2C-0421-4DD5-A399-2935E4F1FBBF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3361CE68-1FE5-4541-AC90-779E84784A0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{19E16029-AF3B-4D01-A1B3-F06948EE99DE}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{4C811218-3755-4FE3-9143-634BA5984B0A}C:\program files\energicore\energi-qt.exe] => (Allow) C:\program files\energicore\energi-qt.exe () [File not signed]
FirewallRules: [UDP Query User{1C4B8625-8960-47E2-B4D8-C77ACFA79438}C:\program files\energicore\energi-qt.exe] => (Allow) C:\program files\energicore\energi-qt.exe () [File not signed]
FirewallRules: [TCP Query User{947ADF80-73E0-494A-B124-42C7AED29F5B}C:\gog games\unreal tournament goty\system\unrealtournament.exe] => (Allow) C:\gog games\unreal tournament goty\system\unrealtournament.exe () [File not signed]
FirewallRules: [UDP Query User{D62D993E-D193-4DCA-90B3-A42820E7A7E7}C:\gog games\unreal tournament goty\system\unrealtournament.exe] => (Allow) C:\gog games\unreal tournament goty\system\unrealtournament.exe () [File not signed]
FirewallRules: [{EC3A78C5-CB1B-4A3F-B1ED-971F8312FDF1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B13886ED-C4F9-4B25-B244-A5D4AE60DCAA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{10EC5035-779F-40CC-B695-106702638904}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe No File
FirewallRules: [UDP Query User{B4726148-0480-47E5-8337-9033A14CEEC6}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe No File
FirewallRules: [TCP Query User{75FAF6F2-3C81-4A09-99D5-535E85F563BA}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{88B5173A-AB35-415A-92AA-90B934D88A3A}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{ECBF9C20-5FD9-4BCA-9595-1CE1A1214E59}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe No File
FirewallRules: [UDP Query User{C5293B1D-DC51-4D28-BA69-95DD53C395E4}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe No File
FirewallRules: [{DC06B8C2-F5B9-4028-99FF-3EA805E8B5ED}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe No File
FirewallRules: [{AB62C6F7-1FED-4A27-8BC0-69ED9744451E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe No File
FirewallRules: [{D907F4F9-C915-4483-8CBC-9FB2B09D7945}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe No File
FirewallRules: [{420C0F7C-8A84-49CE-867C-C9F600C9D276}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe No File
FirewallRules: [{E39FC96C-D6E8-4D96-B2F9-66251B2AB896}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe No File
FirewallRules: [{31C426CB-9ED4-4B9B-BB1E-BD6EA127B8A8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{70ABA078-A6EB-42BE-8165-C7A473F90598}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{6008004C-6DE4-48F5-9CD6-D85EB110D8DD}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{3CF831AC-22E8-4F04-BCDC-AF36736309D3}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe (Splashtop Inc. -> Splashtop Inc.)
FirewallRules: [{5BC82B91-A3A4-4C49-88A3-E91A71296BA4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
 
==================== Restore Points =========================
 
19-02-2019 11:26:32 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
25-02-2019 17:32:41 Installed CORSAIR iCUE Software
01-03-2019 20:59:58 Windows Update
04-03-2019 17:28:27 Revo Uninstaller Pro's restore point - Opera Stable 58.0.3135.79
04-03-2019 17:31:53 Revo Uninstaller Pro's restore point - Opera Stable 58.0.3135.79
05-03-2019 10:36:19 Revo Uninstaller Pro's restore point - Inkscape 0.92.4
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/04/2019 06:31:34 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (03/04/2019 05:28:27 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {2c3471f3-b146-44ea-8879-78e229c06b7e}
 
Error: (03/03/2019 06:49:59 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (03/03/2019 06:48:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LightingService.exe, version: 0.0.0.0, time stamp: 0x5c2ed438
Faulting module name: LightingService.exe, version: 0.0.0.0, time stamp: 0x5c2ed438
Exception code: 0xc000041d
Fault offset: 0x000c2740
Faulting process id: 0xd1c
Faulting application start time: 0x01d4d21b85e28fb7
Faulting application path: C:\Program Files (x86)\LightingService\LightingService.exe
Faulting module path: C:\Program Files (x86)\LightingService\LightingService.exe
Report Id: e2aed02b-8f86-481b-940b-67d74279edfd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/03/2019 06:48:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LightingService.exe, version: 0.0.0.0, time stamp: 0x5c2ed438
Faulting module name: LightingService.exe, version: 0.0.0.0, time stamp: 0x5c2ed438
Exception code: 0xc0000005
Fault offset: 0x000c2740
Faulting process id: 0xd1c
Faulting application start time: 0x01d4d21b85e28fb7
Faulting application path: C:\Program Files (x86)\LightingService\LightingService.exe
Faulting module path: C:\Program Files (x86)\LightingService\LightingService.exe
Report Id: 52ce081d-421b-493b-9195-59872c6af6ee
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/02/2019 08:48:37 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (03/02/2019 08:30:52 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (02/27/2019 12:41:46 PM) (Source: Microsoft Office 16) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook couldn't start last time. Safe mode could help you troubleshoot the problem, but some features might not be available in this mode.
 
Do you want to start in safe mode?.
Rejected Safe Mode action : Microsoft Outlook.
 
 
System errors:
=============
Error: (03/05/2019 10:31:00 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/05/2019 10:30:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/05/2019 10:30:47 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/05/2019 10:30:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/05/2019 10:30:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/04/2019 08:02:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Origin Client Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/04/2019 07:46:27 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/04/2019 07:46:27 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
CodeIntegrity:
===================================
 
Date: 2019-03-05 10:31:44.967
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-04 21:14:15.294
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-04 21:14:13.357
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-03-04 07:46:55.823
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-03 21:59:51.675
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-03 18:49:06.675
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-03 09:55:35.837
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-02 08:47:48.743
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
==================== Memory info =========================== 
 
Processor: AMD Ryzen 7 2700X Eight-Core Processor 
Percentage of memory in use: 43%
Total physical RAM: 16315.14 MB
Available physical RAM: 9280.49 MB
Total Virtual: 18747.14 MB
Available Virtual: 7043.97 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.22 GB) (Free:281.26 GB) NTFS
 
\\?\Volume{0b53f0fb-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.13 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0B53F0FB)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 

 


  • 0

Advertisements


#11
getdealtwith

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Here is the screenshot

Attached Thumbnails

  • operaerror.png

  • 0

#12
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 479 posts
Hi,

It looks like you may have pirated/cracked software installed.
Using pirated software is an easy way to get your computer infected - almost as easy as intentionally downloading malware. Additionally, it's illegal in many places. Note that the tools we use will remove pirated software as well.

Before I can assist you further, all pirated/cracked software must be uninstalled. If you do not wish to do so, let me know and this topic will be closed.

If you decide to remove all pirated software, let me know and I'll continue assisting you.

Thanks.
  • 0

#13
getdealtwith

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Yes I'd be more than happy to. I have uninstalled the Nitro pdf software. Please excuse my ignorance. Thanks for your help.


  • 0

#14
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 479 posts
Hi,

OK, sounds good.

Please run a new scan with FRST, and post both logs in your reply.
  • 0

#15
getdealtwith

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files\inkscape\lib\python2.7\site-packages\numpy\f2py\crackfortran.py
c:\program files\inkscape\lib\python2.7\site-packages\numpy\f2py\crackfortran.pyc
c:\program files\inkscape\lib\python2.7\site-packages\numpy\f2py\crackfortran.pyo
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.17763.1_none_ad6c66b207e8c478\ssh-keygen.exe
scanner sequence 3.CA.11.IGAAFA
 ----- EOF ----- 

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP