Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trouble launching Opera browser - Error 0xc0000022 [Solved]

Started by getdealtwith , Mar 02 2019 07:57 AM

  • This topic is locked This topic is locked

#16
iMacg3
Posted 05 March 2019 - 02:12 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

I would like you to run the FRST scan and post both logs. (FRST.txt and Addition.txt)
  • 0

Advertisements

#17
getdealtwith
Posted 05 March 2019 - 08:14 PM

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Ok, coming up


Edited by getdealtwith, 05 March 2019 - 08:15 PM.

  • 0

#18
getdealtwith
Posted 06 March 2019 - 07:30 AM

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019
Ran by steph (administrator) on DESKTOP-2C5MEQG (06-03-2019 08:27:43)
Running from C:\Users\steph\Downloads
Loaded Profiles: steph (Available Profiles: steph)
Platform: Windows 10 Home Version 1809 17763.348 (X64) Language: English (United States)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Webroot Inc. -> Webroot) C:\Program Files\Webroot\WRSA.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0338455.inf_amd64_819aa0406bf36af7\B338454\atiesrxx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\updater-ws.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\ws.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Failed to access process -> LightingService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0338455.inf_amd64_819aa0406bf36af7\B338454\atieclxx.exe
(Webroot Inc. -> Webroot) C:\Program Files\Webroot\WRSA.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20453.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRAgent.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
(ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\steph\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\TiWorker.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Sonic Studio 3] => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1234432 2017-12-29] (ASUSTeK COMPUTER INC.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4190016 2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [3956368 2019-02-04] (Webroot Inc. -> Webroot)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405032 2019-02-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3144480 2019-02-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Run: [BraveSoftware Update] => C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\BraveUpdateCore.exe [607688 2019-02-15] (Brave Software, Inc. -> BraveSoftware Inc.)
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Run: [GoogleChromeAutoLaunch_F93EFB3DD44213C0D4E7C2DEA6F95C5C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1708016 2019-02-28] (Google LLC -> Google Inc.)
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\RunOnce: [Application Restart #3] => C:\Users\steph\AppData\Local\BraveSoftware\Brave-Browser\Application\brave.exe [2081256 2019-02-27] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [189952 2018-09-15] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\...\AppCompatFlags\Custom\UnrealTournament.exe: [{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb] -> GOG.com Unreal Tournament GOTY
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fa491d91-322c-4059-a1f7-4a79782edee8}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb [2013-01-03]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-04] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{97E1814E-5601-41c8-9971-10C319EF61CC}] -> C:\Windows\system32\SRCredentialProvider.dll [2019-01-16] (Splashtop Inc. -> Splashtop Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2019-01-25]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Inc. -> Webroot Software, Inc.)
Startup: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\[email protected] [2019-02-08]
ShortcutTarget: [email protected] -> C:\Program Files (x86)\FAHClient\HideConsole.exe (No File)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 1.0.0.1 192.168.2.1
Tcpip\..\Interfaces\{3bba500e-f493-4cd6-882c-1268d898d81a}: [DhcpNameServer] 1.1.1.1 1.0.0.1 192.168.2.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
BHO: Soda PDF Desktop 11 Helper -> {9703de71-ce0d-11e8-9c83-40167e6e7313} -> C:\Program Files\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll [2019-02-05] (LULU Software -> LULU Software)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\PKG\LPBar64.dll [2019-01-25] (Webroot Inc. -> Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2019-01-25] (Webroot Inc. -> Webroot)
BHO-x32: Soda PDF Desktop 11 Helper -> {9703de71-ce0d-11e8-9c83-40167e6e7313} -> C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll [2019-02-05] (LULU Software -> LULU Software)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\PKG\LPBar.dll [2019-01-25] (Webroot Inc. -> Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2019-01-25] (Webroot Inc. -> Webroot)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll [2019-01-25] (Webroot Inc. -> Webroot)
Toolbar: HKLM - Soda PDF Desktop 11 Toolbar - {970516f0-ce0d-11e8-8baa-40167e6e7313} - C:\Program Files\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-02-05] (LULU Software -> LULU Software)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll [2019-01-25] (Webroot Inc. -> Webroot)
Toolbar: HKLM-x32 - Soda PDF Desktop 11 Toolbar - {970516f0-ce0d-11e8-8baa-40167e6e7313} - C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-02-05] (LULU Software -> LULU Software)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: dpu2go2i.default
FF ProfilePath: C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\dpu2go2i.default [2019-03-06]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\WRData\PKG\FF_XPI\wts_ff_extension.xpi
FF Extension: (Webroot Filtering Extension) - C:\ProgramData\WRData\PKG\FF_XPI\wts_ff_extension.xpi [2019-01-25]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\[email protected]
FF Extension: (Soda PDF Desktop 11 Creator) - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\[email protected] [2019-01-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\[email protected]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-03-01] (Adobe Systems Incorporated -> )
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-03-01] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-03-01] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-03-01] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-3657392865-4282527132-3450529356-1001: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-02-15] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin HKU\S-1-5-21-3657392865-4282527132-3450529356-1001: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-02-15] (Brave Software, Inc. -> BraveSoftware Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default [2019-03-06]
CHR Extension: (Slides) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-01]
CHR Extension: (Docs) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-01]
CHR Extension: (Google Drive) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-01]
CHR Extension: (YouTube) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-01]
CHR Extension: (Dropbox for Gmail) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2019-03-01]
CHR Extension: (Dashlane - Password Manager) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2019-03-01]
CHR Extension: (Sheets) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-01]
CHR Extension: (Audio Downloader Prime) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\flainkeonkoanoijnkojmiiihnfdhipd [2019-03-01]
CHR Extension: (Google Docs Offline) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-02]
CHR Extension: (Google Keep - notes and lists) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2019-03-05]
CHR Extension: (Podio) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikfhmmbhaifchbdlhlfcoildocgmbleb [2019-03-01]
CHR Extension: (Email Extractor) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdianbbpnakhcmfkcckaboohfgnngfcc [2019-03-01]
CHR Extension: (Webroot Filtering Extension) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2019-03-01]
CHR Extension: (Evernote Web) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2019-03-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-01]
CHR Extension: (Data Scraper - Easy Web Scraping) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndknepjnldbdbepjfgmncbggmopgden [2019-03-01]
CHR Extension: (Evernote Web Clipper) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2019-03-01]
CHR Extension: (Gmail) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-01]
CHR Extension: (Chrome Media Router) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-01]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0338455.inf_amd64_819aa0406bf36af7\B338454\atiesrxx.exe [508320 2019-01-24] (Advanced Micro Devices, Inc. -> AMD)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe [419264 2018-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8348064 2019-01-24] (BattlEye Innovations e.K. -> )
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11013280 2019-02-07] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [49704 2019-02-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-24] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [1326016 2019-01-04] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 RtkBtManServ; C:\Windows\RtkBtManServ.exe [713816 2018-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 Soda PDF Desktop 11; C:\Program Files\Soda PDF Desktop 11\ws.exe [2463560 2019-02-05] (LULU Software -> LULU Software)
R2 Soda PDF Desktop 11 Creator; C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe [720200 2019-02-05] (LULU Software -> LULU Software)
R2 Soda PDF Desktop 11 Update Service; C:\Program Files\Soda PDF Desktop 11\updater-ws.exe [1778504 2019-02-05] (LULU Software -> LULU Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [3956368 2019-02-04] (Webroot Inc. -> Webroot)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Wondershare Video Converter Ultimate (Desktop)\Transfer\DriverInstall.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ALSysIO; C:\Users\steph\AppData\Local\Temp\ALSysIO64.sys [46384 2019-03-03] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [43400 2017-03-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\Windows\System32\drivers\atikmdag-patched\atikmdag.sys [52785728 2012-06-26] (Edgard Roberto Viera -> Advanced Micro Devices, Inc.) [File not signed]
R3 amdkmdag; C:\Windows\SysWOW64\drivers\atikmdag-patched\atikmdag.sys [52785728 2012-06-26] (Edgard Roberto Viera -> Advanced Micro Devices, Inc.) [File not signed]
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0338455.inf_amd64_819aa0406bf36af7\B338454\atikmpag.sys [589216 2019-01-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [101568 2019-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33504 2019-01-01] (ASUSTeK Computer Inc. -> )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [46944 2018-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [23392 2018-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz148; C:\Windows\temp\cpuz148\cpuz148_x64.sys [44648 2019-03-03] (CPUID S.A.R.L.U. -> CPUID)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [65320 2019-01-24] (Martin Malik - REALiX -> REALiX™)
R3 MSIO; C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
R3 RtkBtFilter; C:\Windows\System32\drivers\RtkBtfilter.sys [758312 2018-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [8009040 2017-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R0 secnvme; C:\Windows\System32\drivers\secnvme.sys [134120 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [128216 2019-01-25] (Webroot Inc. -> Webroot)
R3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [68416 2019-01-25] (Webroot Inc. -> Webroot)
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite Titanium.SP2c\WNt600x64\Sandra.sys [X]
U0 SR; no ImagePath
U2 srservice; no ImagePath
S3 VGAOCTool; \??\C:\Users\steph\AppData\Local\Temp\VGAOCTool.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-06 08:26 - 2019-03-06 08:26 - 000000000 ___HD C:\OneDriveTemp
2019-03-05 14:34 - 2019-03-05 14:40 - 000000253 _____ C:\Windows\SysWOW64\ckfiles.txt
2019-03-05 13:13 - 2019-03-05 13:13 - 000012585 _____ C:\Users\steph\Downloads\Bandit Signers - All Bandit Signers.xlsx
2019-03-05 11:08 - 2019-03-06 08:27 - 000000000 ____D C:\Users\steph\Downloads\FRST-OlderVersion
2019-03-05 10:53 - 2019-03-05 10:53 - 000103833 _____ C:\Users\steph\Desktop\Low Priorty Leads - All Low Priorty Leads.xlsx
2019-03-05 10:51 - 2019-03-05 10:51 - 000094317 _____ C:\Users\steph\Downloads\Low Priorty Leads - All Low Priorty Leads.xlsx
2019-03-05 10:43 - 2019-03-05 10:43 - 000001311 _____ C:\Users\steph\Desktop\Todoist.lnk
2019-03-05 10:43 - 2019-03-05 10:43 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Todoist
2019-03-05 10:43 - 2019-03-05 10:43 - 000000000 ____D C:\Users\steph\AppData\Local\Todoist
2019-03-05 10:43 - 2019-03-05 10:43 - 000000000 ____D C:\Users\steph\AppData\Local\Doist_Ltd
2019-03-05 10:41 - 2019-03-05 10:41 - 027704576 _____ (Doist Ltd. ) C:\Users\steph\Downloads\Todoist_for_Windows_Desktop_2_7_6.exe
2019-03-05 10:31 - 2019-03-05 10:31 - 000468480 _____ () C:\Users\steph\Downloads\CKScanner (2).exe
2019-03-04 21:13 - 2019-03-05 10:32 - 000000501 _____ C:\Users\steph\Downloads\ckfiles.txt
2019-03-04 21:09 - 2019-03-04 21:09 - 000468480 _____ () C:\Users\steph\Downloads\CKScanner.exe
2019-03-04 21:09 - 2019-03-04 21:09 - 000468480 _____ () C:\Users\steph\Downloads\CKScanner (1).exe
2019-03-04 19:51 - 2019-03-04 19:51 - 000004206 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1551747080
2019-03-04 19:51 - 2019-03-04 19:51 - 000001397 _____ C:\Users\steph\Desktop\Opera Browser.lnk
2019-03-04 19:51 - 2019-03-04 19:51 - 000001397 _____ C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-03-04 17:30 - 2019-03-04 17:30 - 002162056 _____ (Opera Software) C:\Users\steph\Downloads\OperaSetup.exe
2019-03-04 17:27 - 2019-03-04 17:27 - 016008384 _____ (VS Revo Group ) C:\Users\steph\Downloads\RevoUninProSetup.exe
2019-03-04 17:27 - 2019-03-04 17:27 - 000001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2019-03-04 17:27 - 2019-03-04 17:27 - 000000000 ____D C:\Users\steph\AppData\Local\VS Revo Group
2019-03-04 17:27 - 2019-03-04 17:27 - 000000000 ____D C:\ProgramData\VS Revo Group
2019-03-04 17:27 - 2019-03-04 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2019-03-04 17:27 - 2019-03-04 17:27 - 000000000 ____D C:\Program Files\VS Revo Group
2019-03-04 17:27 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2019-03-03 13:53 - 2019-03-03 13:53 - 000002805 _____ C:\Users\steph\Unigine_Heaven_Benchmark_4.0_20190303_1353.html
2019-03-03 13:47 - 2019-03-03 13:47 - 000002194 _____ C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
2019-03-03 13:47 - 2019-03-03 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2019-03-03 13:47 - 2019-03-03 13:47 - 000000000 ____D C:\Program Files (x86)\Unigine
2019-03-02 12:23 - 2019-03-02 12:23 - 002751394 _____ C:\Users\steph\Downloads\NewList03-01-19a-postcards.csv
2019-03-02 08:45 - 2019-03-02 08:45 - 000000000 ____D C:\AdwCleaner
2019-03-02 08:39 - 2019-03-06 08:28 - 000039091 _____ C:\Users\steph\Downloads\FRST.txt
2019-03-02 08:39 - 2019-03-06 08:27 - 000000000 ____D C:\FRST
2019-03-02 08:39 - 2019-03-05 11:09 - 000075050 _____ C:\Users\steph\Downloads\Addition.txt
2019-03-02 08:38 - 2019-03-06 08:27 - 002434560 _____ (Farbar) C:\Users\steph\Downloads\FRST64.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 026807296 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 024616960 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 023439360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 020812288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 019284480 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 019023872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 017520640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 015224832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 012858368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 012150784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 009683256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 009670656 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 008875008 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007897088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007688088 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007647256 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007556392 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 007251456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 006544584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 006440960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 006309040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005915936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005588184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005566464 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005436184 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 005296640 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 004920832 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 004688896 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 004245280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 003983872 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003923456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003761664 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003729808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 003660288 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003652656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003566080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003551408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003504128 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003427840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003399168 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003381760 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 003378488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 003108864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002871312 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 002842112 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002766648 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002752360 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002720768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 002700792 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002637312 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 002630656 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002626360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 002485760 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002447360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002278240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002187264 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002127360 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002073240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002044416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002013696 _____ C:\Windows\system32\rdpnano.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 002001408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001994760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001969464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 001931264 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001893888 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001844448 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001830200 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001782272 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001742104 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001715712 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001711616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001697744 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-01 21:01 - 2019-03-01 21:01 - 001672704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001656832 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001644048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001604096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001590072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001572176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001563336 _____ (Microsoft Corporation) C:\Windows\system32\ttdrecordcpu.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001481488 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001479480 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001468440 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001457544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001360696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 001341880 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-01 21:01 - 2019-03-01 21:01 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001307648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001296576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001294856 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001289192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001272552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdrecordcpu.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001267712 _____ (Microsoft Corporation) C:\Windows\system32\APMon.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001259320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 001258808 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-03-01 21:01 - 2019-03-01 21:01 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001255736 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001221944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001221120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001191512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001179168 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001176064 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001131520 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001098128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001087800 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001078072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Services.TargetedContent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001077912 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001072720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001056272 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001054200 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001052160 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001050936 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 001047040 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001022616 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 001001472 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2019-03-01 21:01 - 2019-03-01 21:01 - 000955392 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000926208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000918032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000908800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2019-03-01 21:01 - 2019-03-01 21:01 - 000902144 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000888320 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000888120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pidgenx.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000871792 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000866152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000865568 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000860160 _____ C:\Windows\system32\MBR2GPT.EXE
2019-03-01 21:01 - 2019-03-01 21:01 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000836096 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000833064 _____ C:\Windows\system32\InputHost.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000823296 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000808464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000790328 _____ (Microsoft Corporation) C:\Windows\system32\upshared.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000775168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000772608 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000772408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Services.TargetedContent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000764216 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000757664 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000745984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000735760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000714240 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000691712 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000652824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000646656 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000646632 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000622080 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000621568 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000619832 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000605496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000604336 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000599040 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000591832 _____ C:\Windows\SysWOW64\InputHost.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000549376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000548864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000525312 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000519992 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000511800 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000505656 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\ResourceMapper.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000484976 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000479232 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000460304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000453944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000449368 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000435712 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000421688 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000387832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000383288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageHandlers.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000359424 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000355360 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000336744 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000330464 _____ (Microsoft Corporation) C:\Windows\system32\ttdwriter.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000322576 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000279376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000272648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdwriter.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000262456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000246584 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\ptpprov.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\SecureTimeAggregator.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000202552 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000195896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\winbio.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\ngctasks.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000169784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000147256 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SpatialAudioLicenseSrv.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000138960 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000134144 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageLiveTileTask.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbio.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000115152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000071184 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2019-03-01 21:01 - 2019-03-01 21:01 - 000035640 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-03-01 21:01 - 2019-03-01 21:01 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\SecureBioSysprep.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-03-01 21:01 - 2019-03-01 21:01 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-03-01 13:32 - 2019-03-04 18:37 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-01 13:32 - 2019-03-04 18:37 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-01 13:32 - 2019-03-01 13:32 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2019-03-01 13:32 - 2019-03-01 13:32 - 000000000 ____D C:\Users\steph\AppData\Roaming\Google
2019-03-01 13:31 - 2019-03-01 13:40 - 000000000 ____D C:\Users\steph\AppData\Local\Google
2019-03-01 13:31 - 2019-03-01 13:32 - 000000000 ____D C:\Program Files (x86)\Google
2019-03-01 13:31 - 2019-03-01 13:31 - 001136176 _____ (Google Inc.) C:\Users\steph\Downloads\ChromeSetup.exe
2019-03-01 13:31 - 2019-03-01 13:31 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-01 13:31 - 2019-03-01 13:31 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-01 13:28 - 2019-03-01 14:15 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-01 13:28 - 2019-03-01 13:28 - 000004578 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-01 13:28 - 2019-03-01 13:28 - 000000000 ____D C:\Users\steph\AppData\Roaming\Macromedia
2019-02-26 17:31 - 2019-02-26 17:31 - 000318040 _____ C:\Users\steph\Downloads\NS_LBP_.pdf
2019-02-26 11:23 - 2019-02-26 11:23 - 000019719 _____ C:\Users\steph\Downloads\190222GACHEROKEE.csv
2019-02-26 11:23 - 2019-02-26 11:23 - 000007684 _____ C:\Users\steph\Downloads\190225GAPAULDING.csv
2019-02-26 11:15 - 2019-02-26 11:15 - 000370212 _____ C:\Users\steph\Downloads\209186_2019-02-26_16-14_Stephen_Richardson.csv
2019-02-25 19:12 - 2019-02-25 19:12 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (6).pages
2019-02-25 19:12 - 2019-02-25 19:12 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (5).pages
2019-02-25 19:12 - 2019-02-25 19:12 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (4).pages
2019-02-25 19:12 - 2019-02-25 19:12 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (3).pages
2019-02-25 19:11 - 2019-02-25 19:11 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3).pages
2019-02-25 19:11 - 2019-02-25 19:11 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (2).pages
2019-02-25 19:11 - 2019-02-25 19:11 - 000705365 _____ C:\Users\steph\Downloads\DCW ADOPTION CONFIDENTIAL ADOPTIVE PARENTS QUESTIONNAIRE (3) (1).pages
2019-02-25 17:38 - 2019-02-25 17:38 - 014209518 _____ C:\Users\steph\Downloads\MM1000_QSG.pdf
2019-02-25 17:35 - 2019-02-25 17:35 - 000001199 _____ C:\Users\Public\Desktop\iCUE.lnk
2019-02-25 17:35 - 2019-02-25 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-02-25 17:35 - 2019-02-25 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2019-02-25 17:35 - 2019-02-25 17:35 - 000000000 ____D C:\Program Files (x86)\Corsair
2019-02-20 22:15 - 2019-02-20 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-02-19 18:19 - 2019-02-19 18:19 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-02-19 18:19 - 2019-02-19 18:19 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-02-19 18:19 - 2019-02-19 18:19 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-02-19 18:19 - 2019-02-19 18:19 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-02-19 11:47 - 2019-02-19 11:50 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
2019-02-19 11:47 - 2019-02-19 11:50 - 000000000 ____D C:\Program Files (x86)\WonderFox Soft
2019-02-19 11:47 - 2019-02-19 11:47 - 000000000 ____D C:\Users\steph\Documents\WonderFox Soft
2019-02-19 11:38 - 2019-02-19 11:38 - 000000000 ____D C:\Users\steph\AppData\Roaming\Nitro
2019-02-19 11:38 - 2019-02-19 11:38 - 000000000 ____D C:\ProgramData\Nitro
2019-02-19 11:38 - 2019-02-19 11:38 - 000000000 ____D C:\Program Files\Nitro
2019-02-19 11:33 - 2019-02-19 11:33 - 000000000 ____D C:\Users\Public\Documents\CyberLink
2019-02-19 11:31 - 2019-02-19 11:34 - 000000000 ____D C:\Users\steph\Documents\CyberLink
2019-02-19 11:31 - 2019-02-19 11:34 - 000000000 ____D C:\Users\steph\AppData\Roaming\CyberLink
2019-02-19 11:31 - 2019-02-19 11:31 - 000000000 ____D C:\Users\Public\CyberLink
2019-02-19 11:27 - 2019-02-19 11:27 - 000000000 ____D C:\Windows\system32\Drivers\CLFCL5.18
2019-02-19 11:26 - 2019-02-19 11:35 - 000000000 ____D C:\ProgramData\install_clap
2019-02-19 11:26 - 2019-02-19 11:34 - 000000000 ____D C:\Users\steph\AppData\Local\CyberLink
2019-02-19 11:26 - 2019-02-19 11:34 - 000000000 ____D C:\ProgramData\CyberLink
2019-02-19 11:26 - 2019-02-19 11:27 - 000000000 ____D C:\ProgramData\PDVD
2019-02-19 11:26 - 2019-02-19 11:26 - 000000000 ____D C:\ProgramData\CLSK
2019-02-19 11:20 - 2019-02-19 11:46 - 000000000 ____D C:\Program Files (x86)\Wondershare
2019-02-19 11:20 - 2019-02-19 11:20 - 000000000 ____D C:\Wondershare Video Converter Ultimate
2019-02-19 11:20 - 2019-02-19 11:20 - 000000000 ____D C:\ProgramData\Wondershare MediaServer
2019-02-19 11:20 - 2019-02-19 11:20 - 000000000 ____D C:\ProgramData\GraphicsType
2019-02-19 11:20 - 2019-02-19 11:20 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2019-02-17 22:12 - 2019-02-17 22:12 - 000000000 ____D C:\Program Files (x86)\dvdfab
2019-02-17 22:06 - 2019-02-17 22:06 - 000000000 ____D C:\ProgramData\Canneverbe Limited
2019-02-17 22:05 - 2019-03-01 15:10 - 000007619 _____ C:\Users\steph\AppData\Local\Resmon.ResmonCfg
2019-02-17 22:05 - 2019-02-17 22:05 - 000000000 ____D C:\Users\steph\AppData\Roaming\Canneverbe Limited
2019-02-17 21:57 - 2019-02-17 21:57 - 000000000 ____D C:\Users\steph\AppData\Roaming\DVDFab11
2019-02-17 21:54 - 2019-02-17 21:54 - 000000000 ____D C:\Users\steph\AppData\Roaming\30080
2019-02-17 21:53 - 2019-02-17 21:53 - 000001057 _____ C:\Users\steph\AppData\Roaming\88e9dc3a-641c-4dc2-9204-9ba65cc42265
2019-02-17 21:53 - 2019-02-17 21:53 - 000000171 _____ C:\Users\steph\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-02-17 21:53 - 2019-02-17 21:53 - 000000000 ____D C:\Users\steph\Documents\DVDFabCommon
2019-02-17 21:53 - 2019-02-17 21:53 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-02-17 21:52 - 2019-02-17 21:53 - 000000000 ____D C:\Users\steph\Downloads\DVDFab 11
2019-02-17 21:52 - 2019-02-17 21:53 - 000000000 ____D C:\Users\steph\Documents\DVDFab11
2019-02-17 21:40 - 2019-02-17 21:50 - 000000000 ____D C:\Temp
2019-02-17 21:38 - 2019-02-17 21:38 - 000000000 ____D C:\Users\steph\AppData\Roaming\Digiarty
2019-02-17 21:32 - 2019-02-17 21:49 - 000000000 ____D C:\Users\steph\AppData\Local\cdrtfe
2019-02-17 20:44 - 2019-02-21 08:49 - 000000000 ____D C:\Users\steph\AppData\Roaming\vlc
2019-02-17 20:44 - 2019-02-19 11:17 - 000000000 ____D C:\Users\steph\AppData\Roaming\dvdcss
2019-02-17 20:36 - 2019-02-21 08:50 - 000000000 ____D C:\Users\steph\Documents\ConvertXToDVD
2019-02-17 20:36 - 2019-02-21 08:47 - 000000000 ____D C:\Users\steph\Documents\ConvertXtoDVD_Resources
2019-02-17 20:36 - 2019-02-17 21:10 - 000000000 ____D C:\ProgramData\VSO
2019-02-17 20:36 - 2019-02-17 20:43 - 000000000 ____D C:\Users\steph\AppData\Roaming\VSO
2019-02-17 20:36 - 2019-02-17 20:36 - 000099384 _____ C:\Users\steph\AppData\Roaming\inst.exe
2019-02-17 20:36 - 2019-02-17 20:36 - 000082816 _____ (VSO Software) C:\Users\steph\AppData\Roaming\pcouffin.sys
2019-02-17 20:36 - 2019-02-17 20:36 - 000007859 _____ C:\Users\steph\AppData\Roaming\pcouffin.cat
2019-02-17 20:36 - 2019-02-17 20:36 - 000001309 _____ C:\Users\steph\Desktop\ConvertXToDVD 7.lnk
2019-02-17 20:36 - 2019-02-17 20:36 - 000000000 ____D C:\Users\steph\Documents\PcSetup
2019-02-17 20:36 - 2019-02-17 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2019-02-17 20:36 - 2019-02-17 20:36 - 000000000 ____D C:\Program Files (x86)\VSO
2019-02-17 20:29 - 2019-02-17 20:30 - 000000000 ____D C:\Users\steph\Documents\dvd
2019-02-17 20:28 - 2019-02-17 20:31 - 000000000 ____D C:\Program Files (x86)\DVD Flick
2019-02-17 20:28 - 2007-08-31 18:36 - 000036864 _____ (Robdogg Inc.) C:\Windows\SysWOW64\trayicon_handler.ocx
2019-02-17 20:28 - 2003-01-26 13:41 - 000040960 _____ (vbAccelerator) C:\Windows\SysWOW64\ssubtmr6.dll
2019-02-17 20:16 - 2019-02-17 20:28 - 000000000 ____D C:\Windows\System32\Tasks\NCH Software
2019-02-15 13:35 - 2019-03-01 14:41 - 000002623 _____ C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2019-02-15 13:35 - 2019-02-15 13:35 - 000003700 _____ C:\Windows\System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3657392865-4282527132-3450529356-1001UA
2019-02-15 13:35 - 2019-02-15 13:35 - 000003432 _____ C:\Windows\System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3657392865-4282527132-3450529356-1001Core
2019-02-15 13:35 - 2019-02-15 13:35 - 000000000 ____D C:\Users\steph\AppData\Local\BraveSoftware
2019-02-15 13:02 - 2019-02-15 13:02 - 000069677 _____ C:\Users\steph\Downloads\209100_2019-02-15_18-01_Stephen_Richardson.csv
2019-02-15 12:57 - 2019-02-15 12:57 - 000017202 _____ C:\Users\steph\Desktop\CherokeeDelinq.csv
2019-02-15 11:39 - 2019-02-15 11:39 - 000000000 ____D C:\Users\steph\AppData\Local\KutoolsforExcel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\Users\steph\Documents\Kutools for Excel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\Users\steph\AppData\Roaming\Kutools for Excel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\Users\Public\Documents\Kutools for Excel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kutools for Excel
2019-02-15 11:38 - 2019-02-15 11:38 - 000000000 ____D C:\Program Files (x86)\Kutools for Excel
2019-02-13 20:01 - 2019-02-13 20:01 - 000032429 _____ C:\Users\steph\Downloads\dgreadiness_v3.6.zip
2019-02-13 12:17 - 2019-02-13 12:17 - 000000000 ____D C:\Users\steph\AppData\Roaming\PDF Producer
2019-02-13 12:11 - 2019-02-15 13:05 - 000084745 _____ C:\Users\steph\Desktop\Copy of delinq2819.xlsx
2019-02-13 08:24 - 2019-02-13 08:24 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 006070272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 004885504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 002927120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 002437552 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 002021584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001700864 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001671864 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001467560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000982576 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000982032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000765960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000475152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-02-13 08:24 - 2019-02-13 08:24 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000461824 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000419128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000387384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000047136 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2019-02-13 08:24 - 2019-02-13 08:24 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-13 08:24 - 2019-02-13 08:24 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000039304 _____ (Microsoft Corporation) C:\Windows\system32\NtlmShared.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NtlmShared.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2019-02-13 08:24 - 2019-02-13 08:24 - 000000072 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2019-02-12 19:13 - 2019-02-13 22:07 - 000000000 ____D C:\Users\steph\AppData\Roaming\Soda PDF Desktop 11
2019-02-12 19:13 - 2019-02-12 19:14 - 000000000 ____D C:\ProgramData\Soda PDF Desktop 11
2019-02-12 19:13 - 2019-02-12 19:13 - 000001143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop 11.lnk
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\Users\steph\Documents\Soda PDF Files
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop 11
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\Program Files\Soda PDF Desktop 11
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\Program Files (x86)\Soda PDF Desktop Manager
2019-02-12 19:13 - 2019-02-12 19:13 - 000000000 ____D C:\Program Files (x86)\Soda PDF Desktop 11
2019-02-11 16:01 - 2019-02-11 16:01 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-02-10 18:14 - 2019-02-10 18:14 - 000000000 ____D C:\Users\steph\AppData\Roaming\EasyAntiCheat
2019-02-10 18:13 - 2019-03-02 09:54 - 000001199 _____ C:\Users\Public\Desktop\Apex Legends.lnk
2019-02-10 18:13 - 2019-02-10 18:13 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-02-10 18:13 - 2019-02-10 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2019-02-10 18:13 - 2019-02-10 18:13 - 000000000 ____D C:\ProgramData\Electronic Arts
2019-02-10 17:59 - 2019-03-02 09:53 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-02-10 17:57 - 2019-03-04 20:02 - 000000000 ____D C:\Program Files (x86)\Origin
2019-02-10 17:57 - 2019-02-10 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2019-02-10 17:54 - 2019-03-02 22:43 - 000000000 ____D C:\ProgramData\Origin
2019-02-10 17:54 - 2019-03-02 09:54 - 000000000 ____D C:\Users\steph\AppData\Roaming\Origin
2019-02-10 17:54 - 2019-02-10 18:14 - 000000000 ____D C:\Users\steph\AppData\Local\Origin
2019-02-10 17:54 - 2019-02-10 17:54 - 000000000 ____D C:\Users\steph\.QtWebEngineProcess
2019-02-10 17:54 - 2019-02-10 17:54 - 000000000 ____D C:\Users\steph\.Origin
2019-02-08 13:33 - 2019-02-08 13:36 - 000461980 _____ C:\Users\steph\Downloads\209040_2019-02-08_18-33_Stephen_Richardson.csv
2019-02-08 12:24 - 2019-02-08 12:24 - 000277808 _____ C:\Users\steph\Downloads\call_recording_download_02-08-2019 11_24.zip
2019-02-08 12:16 - 2019-02-08 12:18 - 000000000 ____D C:\ProgramData\TEMP
2019-02-06 14:59 - 2019-02-06 14:59 - 000000112 _____ C:\Users\steph\Downloads\contact000000.vcf
2019-02-06 13:15 - 2019-02-06 13:15 - 000073393 _____ C:\Users\steph\Downloads\190206GACOBB.csv
2019-02-06 13:00 - 2019-02-06 13:00 - 000230251 _____ C:\Users\steph\Downloads\contract-for-laura-lloyd-signed.pdf
2019-02-06 12:41 - 2019-02-06 12:41 - 000131544 _____ C:\Users\steph\AppData\Local\GDIPFONTCACHEV1.DAT
2019-02-06 12:41 - 2019-02-06 12:41 - 000000000 ____D C:\Users\steph\AppData\Roaming\PDF Software
2019-02-06 12:29 - 2019-02-19 11:20 - 000000000 ____D C:\ProgramData\Wondershare
2019-02-06 12:28 - 2019-02-19 11:20 - 000000000 ____D C:\Users\steph\AppData\Local\Wondershare
2019-02-06 12:27 - 2019-02-19 11:20 - 000000000 ____D C:\Users\steph\AppData\Roaming\Wondershare
2019-02-06 12:27 - 2019-02-19 11:20 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2019-02-06 11:48 - 2019-02-06 11:48 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-05 10:57 - 2019-02-05 10:57 - 000024836 _____ C:\Users\steph\Downloads\members_REI_Live_opened_Feb_5_2019.csv
2019-02-05 10:42 - 2019-02-05 10:42 - 000207073 _____ C:\Users\steph\Documents\assignment-for-260-cottonwood-loop.pdf
2019-02-04 15:54 - 2019-02-04 15:54 - 000000000 ____D C:\Users\steph\AppData\Local\DBG
2019-02-04 10:08 - 2019-02-04 10:08 - 000000000 ____D C:\Users\steph\Documents\Shadow of the Tomb Raider
2019-02-04 10:08 - 2019-02-04 10:08 - 000000000 ____D C:\Users\steph\AppData\Roaming\Eidos Montreal
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-06 08:28 - 2019-01-27 09:57 - 000000000 ____D C:\Users\steph\AppData\LocalLow\Mozilla
2019-03-06 08:26 - 2019-01-24 16:53 - 000000000 ___RD C:\Users\steph\Dropbox
2019-03-06 08:26 - 2019-01-24 14:45 - 000000000 ____D C:\Program Files (x86)\Steam
2019-03-06 08:26 - 2019-01-24 13:48 - 000000000 ____D C:\Users\steph\AppData\Local\D3DSCache
2019-03-06 08:26 - 2019-01-24 13:46 - 000003112 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-03-06 08:26 - 2019-01-24 13:42 - 000000000 ___RD C:\Users\steph\OneDrive
2019-03-05 21:17 - 2019-01-25 14:28 - 000000000 ____D C:\Users\steph\AppData\Roaming\WhatsApp
2019-03-05 21:14 - 2019-01-25 04:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-03-05 21:14 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-05 17:32 - 2019-01-24 13:42 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3657392865-4282527132-3450529356-1001
2019-03-05 17:32 - 2019-01-24 13:39 - 000002367 _____ C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-05 14:49 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-05 14:49 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\AppReadiness
2019-03-05 14:37 - 2019-01-24 14:43 - 000000000 ____D C:\Users\steph\Downloads\Telegram Desktop
2019-03-05 13:13 - 2019-01-24 13:40 - 000000000 ____D C:\Users\steph\AppData\Local\Packages
2019-03-05 12:45 - 2019-01-25 13:26 - 000000000 ____D C:\ProgramData\WRData
2019-03-05 11:57 - 2019-01-28 13:46 - 000000000 ____D C:\Program Files\EnergiCore
2019-03-05 11:01 - 2019-01-24 14:42 - 000000000 ____D C:\Users\steph\AppData\Roaming\Telegram Desktop
2019-03-04 19:50 - 2019-01-24 14:02 - 000000000 ____D C:\Users\steph\AppData\Roaming\Opera Software
2019-03-03 18:53 - 2019-01-24 13:42 - 000795988 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-03 18:53 - 2018-09-15 02:31 - 000000000 ____D C:\Windows\INF
2019-03-03 18:47 - 2019-01-25 13:26 - 000273688 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2019-03-03 18:47 - 2019-01-25 13:26 - 000231104 _____ (Webroot) C:\Windows\system32\WRusr.dll
2019-03-03 18:47 - 2019-01-25 04:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-03 18:47 - 2019-01-24 13:46 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-03-03 18:47 - 2018-09-15 01:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-03-03 18:37 - 2018-09-15 02:23 - 000000000 ____D C:\Windows\CbsTemp
2019-03-03 13:53 - 2019-01-24 13:39 - 000000000 ____D C:\Users\steph
2019-03-03 13:47 - 2019-01-25 16:02 - 001065984 _____ C:\Users\steph\AppData\Local\file__0.localstorage
2019-03-03 13:47 - 2019-01-25 16:02 - 000000000 ____D C:\Users\steph\Heaven
2019-03-03 13:47 - 2019-01-25 15:28 - 000000000 ____D C:\Users\steph\AppData\Roaming\qBittorrent
2019-03-02 08:29 - 2019-01-24 13:40 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-03-02 08:29 - 2019-01-24 13:40 - 000000000 ___RD C:\Users\steph\3D Objects
2019-03-02 08:28 - 2019-01-27 09:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-03-02 08:28 - 2019-01-27 09:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-02 08:28 - 2019-01-25 04:36 - 000649224 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\TextInput
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\oobe
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-03-01 21:12 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\bcastdvr
2019-03-01 21:01 - 2019-01-24 13:38 - 002865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-03-01 14:15 - 2019-01-24 19:48 - 000004600 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-01 14:15 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-01 14:15 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-01 13:28 - 2019-01-27 09:57 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-01 13:28 - 2019-01-24 19:48 - 000000000 ____D C:\Users\steph\AppData\Local\Adobe
2019-02-26 11:32 - 2019-01-25 14:28 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-02-26 11:32 - 2019-01-25 14:28 - 000000000 ____D C:\Users\steph\AppData\Local\WhatsApp
2019-02-26 10:39 - 2019-01-24 14:02 - 000000000 ____D C:\Users\steph\AppData\Local\Opera Software
2019-02-26 10:31 - 2018-09-15 02:41 - 000385536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2019-02-26 10:31 - 2018-09-15 02:41 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2019-02-26 10:31 - 2018-09-15 02:41 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2019-02-26 10:31 - 2018-09-15 02:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000472576 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2019-02-26 10:31 - 2018-09-15 02:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2019-02-26 10:31 - 2018-09-15 02:37 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2019-02-25 19:13 - 2019-01-29 10:13 - 000000000 ____D C:\Users\steph\AppData\Roaming\Psiphon3
2019-02-25 17:35 - 2019-01-24 15:08 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-02-25 17:28 - 2019-01-24 15:08 - 000000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-02-25 17:28 - 2019-01-24 15:08 - 000000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-02-20 22:15 - 2019-01-24 14:21 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-02-20 22:15 - 2019-01-24 14:21 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-02-20 22:15 - 2019-01-24 14:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-19 11:38 - 2019-01-24 14:48 - 000000000 ____D C:\Users\steph\AppData\Local\Downloaded Installations
2019-02-19 11:35 - 2019-01-24 13:44 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-19 11:30 - 2019-01-24 13:40 - 000000000 ____D C:\Users\steph\AppData\Local\VirtualStore
2019-02-19 11:26 - 2019-01-24 13:46 - 000000000 ____D C:\ProgramData\Package Cache
2019-02-13 18:59 - 2019-01-24 15:08 - 000003998 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2019-02-13 18:59 - 2019-01-24 15:08 - 000003766 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2019-02-13 13:39 - 2019-01-24 17:11 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-02-13 09:47 - 2019-01-25 11:07 - 000000000 ____D C:\Users\steph\Desktop\Games
2019-02-13 08:23 - 2019-01-24 14:36 - 000000000 ____D C:\Windows\system32\MRT
2019-02-13 08:22 - 2019-01-24 14:36 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-10 18:14 - 2019-01-24 19:21 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-02-08 13:52 - 2019-01-24 13:42 - 000000000 ____D C:\Users\steph\AppData\Local\PlaceholderTileLogoFolder
2019-02-04 15:51 - 2019-01-25 14:28 - 000000000 ____D C:\Users\steph\AppData\Local\SquirrelTemp
2019-02-04 09:16 - 2019-01-24 13:52 - 000000000 ____D C:\Users\steph\AppData\Local\Comms
 
==================== Files in the root of some directories =======
 
2019-01-25 13:27 - 2019-01-25 13:27 - 018102328 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
2019-02-17 21:53 - 2019-02-17 21:53 - 000000171 _____ () C:\Users\steph\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-02-17 21:53 - 2019-02-17 21:53 - 000001057 _____ () C:\Users\steph\AppData\Roaming\88e9dc3a-641c-4dc2-9204-9ba65cc42265
2019-02-17 20:36 - 2019-02-17 20:36 - 000099384 _____ () C:\Users\steph\AppData\Roaming\inst.exe
2019-02-17 20:36 - 2019-02-17 20:36 - 000007859 _____ () C:\Users\steph\AppData\Roaming\pcouffin.cat
2019-02-17 20:36 - 2019-02-17 20:36 - 000001167 _____ () C:\Users\steph\AppData\Roaming\pcouffin.inf
2019-02-17 20:36 - 2019-02-17 20:36 - 000000055 _____ () C:\Users\steph\AppData\Roaming\pcouffin.log
2019-02-17 20:36 - 2019-02-17 20:36 - 000082816 _____ (VSO Software) C:\Users\steph\AppData\Roaming\pcouffin.sys
2019-01-25 16:02 - 2019-03-03 13:47 - 001065984 _____ () C:\Users\steph\AppData\Local\file__0.localstorage
2019-01-29 12:02 - 2019-01-29 12:02 - 000000796 _____ () C:\Users\steph\AppData\Local\recently-used.xbel
2019-02-17 22:05 - 2019-03-01 15:10 - 000007619 _____ () C:\Users\steph\AppData\Local\Resmon.ResmonCfg
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019
Ran by steph (06-03-2019 08:28:26)
Running from C:\Users\steph\Downloads
Windows 10 Home Version 1809 17763.348 (X64) (2019-01-25 09:37:43)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3657392865-4282527132-3450529356-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3657392865-4282527132-3450529356-503 - Limited - Disabled)
Guest (S-1-5-21-3657392865-4282527132-3450529356-501 - Limited - Disabled)
steph (S-1-5-21-3657392865-4282527132-3450529356-1001 - Administrator - Enabled) => C:\Users\steph
WDAGUtilityAccount (S-1-5-21-3657392865-4282527132-3450529356-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Webroot SecureAnywhere (Enabled - Up to date) {4646A877-74EB-CD3B-8FDB-210DB94FA61A}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Webroot SecureAnywhere (Enabled - Up to date) {FD274993-52D1-C2B5-B56B-1A7FC2C8ECA7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 1.5.3.0902 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.1.2 - Advanced Micro Devices, Inc.)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.4 - Electronic Arts, Inc.)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{71667bbb-81ab-429c-aeb4-e43c31e8fe14}) (Version: 2.2.12.0 - ASUSTek COMPUTER INC.) Hidden
Asus ApoDispatchConfigurator (HKLM\...\{4FEB3307-A0EF-4385-9C8F-4B4C1503311C}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
Asus AudioCaptureNotificationConfigurator (HKLM\...\{04C5CE55-7F32-4D2D-AEA2-FDC03E8F65CC}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{36aa03d4-9606-4f04-bf3e-a70ebe6650f3}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.9 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{2d85b111-aee4-468b-874b-a9272712f69b}) (Version: 1.0.9 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.1.16 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{ac3dc320-7e5e-4f22-9572-4c2119fcdf85}) (Version: 1.1.16 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.31 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{b31aaf98-0562-411d-a962-0c3d16a3527a}) (Version: 1.0.31 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{a29279dc-f417-4442-8225-4db77f7d35b5}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.08 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.1.7 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{4f18ae01-4390-4b41-be3a-54ef4eacdd91}) (Version: 0.0.1.7 - ASUSTek COMPUTER INC. ) Hidden
Asus DeviceRoutingConfigurator (HKLM\...\{AC306567-A1B7-4208-8FED-97CF535050BC}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.27 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{210cdd08-c947-43a2-9378-bc288f651e41}) (Version: 1.0.27 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{3e9b91eb-5bb0-4272-8670-f88d353eb68b}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{add3bacc-578f-4bf9-97e3-a0f0c3ae3323}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.0.6 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{cc37f609-4db9-4ce3-9e37-9cb1b432452e}) (Version: 1.0.0.6 - ASUSTek COMPUTER INC.) Hidden
Asus NahimicSettingsConfigurator (HKLM\...\{B028B8A0-36BD-4A96-8F28-5E95C0D68679}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
Asus ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.6.2601 - ASUSTeK COMPUTER INC) Hidden
Asus ProfileSwitcherCleanup (HKLM\...\{C7E4F981-F94E-4007-9E78-07DF3178BE6C}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC) Hidden
Asus Sonic Radar 3 (HKLM-x32\...\{5a6fe0f0-37f2-4f35-9480-6e98ced96fba}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC)
Asus Sonic Studio 3 (HKLM-x32\...\{7c3c8060-12d4-4bea-aea1-ce0478a148fc}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC)
Asus SonicMapperConfigurator (HKLM\...\{02632F10-EFA1-4B62-9982-9BCDE65F995B}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC) Hidden
Asus SonicRadar3Setup (HKLM\...\{8F9191B4-D834-485C-85C3-7A931585311E}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC) Hidden
Asus SonicStudio3Setup (HKLM\...\{520F73ED-BAA5-4933-9C6A-CC04425D6214}) (Version: 3.6.26.48019 - ASUSTeK COMPUTER INC) Hidden
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.07.35 - ASUSTeK Computer Inc.)
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.26 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{dded177f-c7b2-4212-9c64-74884f3fd53b}) (Version: 1.0.26 - ASUS) Hidden
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.03.16 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{69e3ed08-553c-4647-86e2-6bc40f7ab682}) (Version: 3.03.16 - ASUSTeK Computer Inc.)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Brave (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\BraveSoftware Brave-Browser) (Version: 72.0.60.47 - Brave Software Inc)
Brother MFL-Pro Suite HL-L2380DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Core Temp 1.13 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.13 - ALCPU)
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.6 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{da7ebf10-b0be-494e-a79d-568546795a51}) (Version: 1.0.6 - CORSAIR COMPONENTS INC.) Hidden
CORSAIR iCUE Software (HKLM-x32\...\{37E2CEEA-E7E8-44C4-B3E6-D214543D9DA9}) (Version: 3.13.94 - Corsair)
Dropbox (HKLM-x32\...\Dropbox) (Version: 67.4.83 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
GALAX GAMER RGB (HKLM\...\{06A16AA8-BBA7-4362-962E-16651962D87C}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Hidden
GALAX GAMER RGB (HKLM-x32\...\{1257fdeb-ffa3-4e17-9d4b-189075ea3656}) (Version: 1.00.02 - Galaxy Microsystems Ltd.)
GOG.com Unreal Tournament GOTY (HKLM\...\{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HWiNFO64 Version 6.00 (HKLM\...\HWiNFO64_is1) (Version: 6.00 - Martin Malík - REALiX)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.9 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{d6cac989-7570-43fd-b147-e31d6280a3a6}) (Version: 1.0.9 - KINGSTON COMPONENTS INC.) Hidden
Kutools for Excel 18.00 (HKLM-x32\...\{A095BA43-4A97-4D55-8E25-A0BC46F10765}_is1) (Version: 18.00 - Addin Technology Inc.)
LibreOffice 6.1.4.2 (HKLM\...\{080C0C39-B1B5-48BB-85AB-4F9A8768CD10}) (Version: 6.1.4.2 - The Document Foundation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11231.20174 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 65.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-US)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Opera Stable 58.0.3135.79 (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\Opera 58.0.3135.79) (Version: 58.0.3135.79 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.35.22222 - Electronic Arts, Inc.)
Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.05 - Patriot Memory) Hidden
Patriot Viper RGB (HKLM-x32\...\{0ea44351-5397-43b0-a9c7-c4c53d9948ef}) (Version: 1.00.05 - Patriot Memory)
Python 3.6.6 (32-bit) (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\{b43c5985-05a6-4dc7-be5f-85f504d498d0}) (Version: 3.6.6150.0 - Python Software Foundation)
Python 3.6.6 Core Interpreter (32-bit) (HKLM-x32\...\{D9D74228-D4AC-4877-9950-8FDFE485D1A5}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Development Libraries (32-bit) (HKLM-x32\...\{C7844709-AB1D-459E-9C09-E62811844B52}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Documentation (32-bit) (HKLM-x32\...\{A619A9AA-65E2-485A-960E-456327A4787C}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Executables (32-bit) (HKLM-x32\...\{BB82E3E8-BB03-41F1-8C13-9540188BB592}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 pip Bootstrap (32-bit) (HKLM-x32\...\{46D96E6F-3747-4E02-B95E-E1D1C9F7226D}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Standard Library (32-bit) (HKLM-x32\...\{D40EACD0-CC67-4D18-BDB5-D1D81D73DCF6}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F64435CF-E0D6-409D-B07B-958C8DEB84E5}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Test Suite (32-bit) (HKLM-x32\...\{387AB42E-1FCC-4FB6-A32C-2295E221A2BB}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Utility Scripts (32-bit) (HKLM-x32\...\{9F328F30-55B0-4055-BBB1-AB577ED16D63}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{A9DED8BE-05DF-45D5-81A0-3743A44CC0C9}) (Version: 3.6.6386.0 - Python Software Foundation)
qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.5.1006.171124 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0019 - REALTEK Semiconductor Corp.)
Revo Uninstaller Pro 4.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.1 Beta 4 (HKLM-x32\...\RTSS) (Version: 7.2.1 Beta 4 - Unwinder)
Samsung NVM Express Driver (HKLM-x32\...\{bfb0503a-76b9-415a-b0a3-dd55d2a01ebe}) (Version: 3.0.0.1802 - Samsung Electronics)
Samsung NVM Express Driver 3.0.0.1802 (HKLM\...\{92729760-681A-42A2-A101-1098CAB4DEC1}) (Version: 3.0.0.1802 - Samsung Electronics Co., Ltd) Hidden
Sapphire TRIXX 6.4.0 (HKLM-x32\...\{54CE6A44-8553-4B78-9B07-AC88A9D581E8}_is1) (Version: 6.4.0 - Sapphire Technology)
Soda PDF Desktop 11 (HKLM-x32\...\SodaDesktop11) (Version: 11.0.15.1455 - LULU Software)
Soda PDF Desktop 11 Asian Fonts Pack (HKLM\...\{BB4DC24B-7F35-4B84-A6C2-241933C45628}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Convert Module (HKLM\...\{B5CDE8A3-4BF5-4AAB-B169-FD6BE4690EDF}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Create Module (HKLM\...\{FBDAE9BD-1B2E-4244-800A-A593DC95C28A}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Edit Module (HKLM\...\{984153FE-9ADC-45D6-A119-8807B4B5389A}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Forms Module (HKLM\...\{51710932-1AEA-4227-A562-6CA445EE1586}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Insert Module (HKLM\...\{FD1BBF97-1C5A-4F27-A9DB-E752D2F12189}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 OCR TESS Module (HKLM\...\{5C066B6B-335B-4303-A5BD-A2E8BE2571A5}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Review Module (HKLM\...\{890A08AF-7844-4AAB-9951-B00A32B761EA}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 Secure Module (HKLM\...\{6558C36A-BBD0-45B8-AE2C-A215F6E62E1B}) (Version: 11.0.15.2796 - LULU Software) Hidden
Soda PDF Desktop 11 View Module (HKLM\...\{D3570F36-3E34-41C0-AFE1-753F0B272651}) (Version: 11.0.15.2796 - LULU Software) Hidden
Splashtop Personal (HKLM-x32\...\{E7CF0F14-8C1D-41F3-85ED-579C108262C7}) (Version: 2.6.4.0 - Splashtop Inc.)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.3.0.0 - Splashtop Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop version 1.5.15 (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.5.15 - Telegram Messenger LLP)
Todoist (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\{B1B3C79A-FFD9-4B28-A456-62B6E55E2A5C}_is1) (Version: 2.7.6.0 - Doist Ltd.)
Unreal Tournament GOTY (HKLM-x32\...\GOGPACKUT_is1) (Version: 2.0.0.5 - GOG.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.64 - VSO Software)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.24.49 - Webroot)
WhatsApp (HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\...\WhatsApp) (Version: 0.3.2276 - WhatsApp)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{06B74C04-E813-4DD4-A972-172836EFA8D6}\InprocServer32 -> C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{06C9646D-2807-44C0-97D2-6DA0DB623DB4}\localserver32 -> C:\Users\steph\AppData\Local\BraveSoftware\Brave-Browser\Application\72.0.60.47\notification_helper.exe (Brave Software, Inc. -> Brave Software, Inc.)
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{8DE224FD-6370-47FA-A864-FDF45A05112F}\InprocServer32 -> C:\Users\steph\AppData\Local\BraveSoftware\Update\1.3.99.0\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
CustomCLSID: HKU\S-1-5-21-3657392865-4282527132-3450529356-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\steph\Dropbox [2019-01-24 16:53]
ShellIconOverlayIdentifiers: [ ] -> {1914B27A-33C8-46F8-A1C2-F993268D4564} => C:\Windows\system32\WRusr.dll [2019-03-03] (Webroot Inc. -> Webroot)
ShellIconOverlayIdentifiers: [  ] -> {C14874EA-ACE4-4A47-8A81-18C4D1C40868} => C:\Windows\system32\WRusr.dll [2019-03-03] (Webroot Inc. -> Webroot)
ShellIconOverlayIdentifiers: [   ] -> {6DA1ED92-315E-4D0B-B354-9D5F519DBA95} => C:\Windows\system32\WRusr.dll [2019-03-03] (Webroot Inc. -> Webroot)
ShellIconOverlayIdentifiers: [    ] -> {8D7FC74C-E409-42DF-8EEE-69D45FAE2F30} => C:\Windows\system32\WRusr.dll [2019-03-03] (Webroot Inc. -> Webroot)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [SodaPDFDesktop11_ManagerExt] -> {95288ec1-ce0d-11e8-b453-40167e6e7313} => C:\Program Files\Soda PDF Desktop 11\context-menu.dll [2019-02-05] (LULU Software -> LULU Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\Windows\system32\WRusr.dll [2019-03-03] (Webroot Inc. -> Webroot)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-01-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\Windows\system32\WRusr.dll [2019-03-03] (Webroot Inc. -> Webroot)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2A523F72-2DB2-43AA-B2B8-0CFD15086B4D} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3657392865-4282527132-3450529356-1001UA => C:\Users\steph\AppData\Local\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {393EF620-E312-486F-BE1C-FF2B91E078E4} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3F497AA2-1BDF-49D2-9941-0CE89B246F46} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {46FB6455-25C3-49AC-B211-32519B0F1293} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {4A320BCA-F54D-4196-8484-727B48F566CA} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {4DEFCE24-B2AF-4535-BA7F-53F8838DDB84} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6A21F591-F081-4BF4-A58D-47F5C137FB11} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3657392865-4282527132-3450529356-1001Core => C:\Users\steph\AppData\Local\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {745A82B5-64B3-450C-92BB-3147B96E9EC2} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {82E88759-E2AC-43DF-B374-C1B2C7B93E1F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {878344B9-1103-4C62-A35D-F5D21099BDA6} - System32\Tasks\SS3svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe (ASUSTeK COMPUTER INC.) [File not signed]
Task: {8D6C3F56-85F5-4759-A3FE-2F95E46BB7C2} - System32\Tasks\Opera scheduled Autoupdate 1551747080 => C:\Users\steph\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {9425C4F4-F875-4300-8A59-B6292E48EA13} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {980193A7-9C42-4FE0-9D0C-11B4E7CFF562} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {9AC9B2AA-ED2A-4A2A-B250-57BD26765E59} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {AB1FA68B-DC14-4061-BD22-DFE04D816A12} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B34B8487-2D38-480F-B068-6BD11DBE8E03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {BAFFA189-21FB-4FC7-935B-A7989242127A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C1FED2B9-749F-467B-86CE-BE1F857DA561} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C5B5393E-C83D-44AD-9809-38A651610B9C} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe (Advanced Micro Devices Inc. -> )
Task: {C86B7A9F-35E7-4EC2-9A9A-3253BEAEC1C2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D4414CED-D32A-4A78-80DF-D5450DFF462C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DA03E1EB-0D73-49CE-B304-681A9F74AA2E} - System32\Tasks\SS3svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe (ASUSTeK COMPUTER INC.) [File not signed]
Task: {F91A96AD-4362-4E7B-90B4-3D5BA2B0F779} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {FF39B522-8F35-4FD0-93AB-56A68A2C9A4D} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
 
==================== Loaded Modules (Whitelisted) ==============
 
2019-01-28 09:54 - 2013-03-08 01:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2019-01-28 09:54 - 2005-04-21 23:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2018-12-10 09:29 - 2018-12-10 09:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\Soda PDF Desktop 11\libcurl.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiuxp64.dll
2017-12-29 17:13 - 2017-12-29 17:13 - 001234432 _____ (ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe
2017-12-29 17:17 - 2017-12-29 17:17 - 000811520 _____ (ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiumd6a.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 076171264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 005590528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 006303232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-22 19:34 - 2019-01-22 19:34 - 005786112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000189952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-11-13 15:57 - 2018-11-13 15:57 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atig6txx.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiu9p64.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\amduve64.dll
2019-01-28 09:54 - 2014-06-16 16:02 - 000579584 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
2019-01-28 09:54 - 2014-06-16 15:59 - 001537536 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
2019-01-10 10:44 - 2019-01-10 10:44 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2018-04-17 21:39 - 2018-04-17 21:39 - 000018432 _____ () [File not signed] C:\Program Files (x86)\LightingService\Log4cxxWrapper.dll
2018-04-17 21:39 - 2018-04-17 21:39 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2018-12-27 16:18 - 2018-12-27 16:18 - 000861184 _____ () [File not signed] C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.dll
2018-05-16 10:54 - 2018-05-16 10:54 - 000156672 _____ () [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\AacHal_x86.dll
2018-05-16 10:46 - 2018-05-16 10:46 - 000053248 _____ (MS) [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\MsIo32.dll
2018-09-20 09:39 - 2018-09-20 09:39 - 000156672 _____ () [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\AacHal_x86.dll
2018-09-20 09:08 - 2018-09-20 09:08 - 000053760 _____ (MS) [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\MsIo32_Galax.dll
2018-10-22 17:21 - 2018-10-22 17:21 - 000076288 _____ (ASUSTek) [File not signed] C:\Program Files\ASUS\AacVGAHal\AacVgaHal.dll
2018-10-22 16:40 - 2018-10-22 16:40 - 001932800 _____ (ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUS\AacVGAHal\LED_DLL_forMB.dll
2018-10-22 16:38 - 2018-10-22 16:38 - 001629184 _____ (TODO: <Company name>) [File not signed] C:\Program Files\ASUS\AacVGAHal\VGA_Extra.dll
2018-10-22 16:37 - 2018-10-22 16:37 - 001779712 _____ () [File not signed] C:\Program Files\ASUS\AacVGAHal\Vender.dll
2018-08-29 16:19 - 2018-08-29 16:19 - 000223232 _____ () [File not signed] C:\Program Files\ASUS\AacOdd\AacOddHal_x86.dll
2018-12-27 16:31 - 2018-12-27 16:31 - 000225280 _____ () [File not signed] C:\Program Files\ASUS\CORSAIR_Aac_DRAM\AacCosairDramHal_x86.dll
2018-12-27 16:26 - 2018-12-27 16:26 - 000237568 _____ () [File not signed] C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.dll
2018-09-07 00:29 - 2018-09-07 00:29 - 000202752 _____ () [File not signed] C:\Program Files\ASUS\AacTerminalHal\AacStripBusHal_x86.dll
2018-04-12 16:55 - 2018-04-12 16:55 - 000053248 _____ () [File not signed] C:\Program Files (x86)\LightingService\cpuutil.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-02-10 17:57 - 2019-02-10 17:55 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-12-29 17:13 - 2017-12-29 17:13 - 000367616 _____ () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\NSConfiguratorDaemonModule.dll
2017-12-29 17:30 - 2017-12-29 17:30 - 000230400 _____ () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\ProfileSwitcherDaemonModule.dll
2019-01-24 14:30 - 2019-01-25 16:31 - 000000000 ____LAdvanced Micro Devices, Inc.  C:\Windows\System32\drivers\atikmdag-patched\atiuxpag.dll
2019-01-24 14:19 - 2019-01-24 14:19 - 000000000 ____LMicrosoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2019-01-24 14:19 - 2019-01-24 14:19 - 000000000 ____LMicrosoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2019-01-28 09:54 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2019-01-28 09:54 - 2014-06-16 15:45 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2019-02-15 16:09 - 2019-02-15 16:09 - 000204800 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2018-12-03 16:59 - 2018-12-03 16:59 - 000444416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5WinExtras.dll
2018-12-03 16:48 - 2018-12-03 16:48 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Scxml.dll
2018-12-03 13:30 - 2018-12-03 13:30 - 000147456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Xml.dll
2018-12-03 16:48 - 2018-12-03 16:48 - 000576512 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Multimedia.dll
2018-12-03 13:31 - 2018-12-03 13:31 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Concurrent.dll
2018-12-03 13:35 - 2018-12-03 13:35 - 001043968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Network.dll
2018-12-03 16:31 - 2018-12-03 16:31 - 003169792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Quick.dll
2018-12-03 13:40 - 2018-12-03 13:40 - 004525568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Widgets.dll
2019-02-15 16:38 - 2019-02-15 16:38 - 005086208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll
2019-02-15 16:04 - 2019-02-15 16:04 - 000098816 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2018-12-03 16:39 - 2018-12-03 16:39 - 003348480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Qml.dll
2018-12-03 13:36 - 2018-12-03 13:36 - 005337600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Gui.dll
2018-12-03 13:44 - 2018-12-03 13:44 - 001196032 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\platforms\qwindows.dll
2018-12-03 13:43 - 2018-12-03 13:43 - 000122368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\styles\qwindowsvistastyle.dll
2018-12-03 13:41 - 2018-12-03 13:41 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qico.dll
2018-12-03 13:42 - 2018-12-03 13:42 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qgif.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000034816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qicns.dll
2018-12-03 13:43 - 2018-12-03 13:43 - 000364032 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qjpeg.dll
2018-12-03 16:19 - 2018-12-03 16:19 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qsvg.dll
2018-12-03 16:19 - 2018-12-03 16:19 - 000263680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Svg.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qtga.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qtiff.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qwbmp.dll
2018-12-03 16:20 - 2018-12-03 16:20 - 000411648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qwebp.dll
2018-12-03 13:29 - 2018-12-03 13:29 - 000015872 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libEGL.DLL
2018-12-03 13:29 - 2018-12-03 13:29 - 002786816 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libGLESv2.dll
2018-12-03 16:36 - 2018-12-03 16:36 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick.2\qtquick2plugin.dll
2018-12-03 16:37 - 2018-12-03 16:37 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Window.2\windowplugin.dll
2018-12-03 16:45 - 2018-12-03 16:45 - 000056320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-12-03 16:37 - 2018-12-03 16:37 - 000072192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-12-03 16:45 - 2018-12-03 16:45 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-12-03 16:52 - 2018-12-03 16:52 - 000269312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-12-03 16:57 - 2018-12-03 16:57 - 000446976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2018-12-03 16:51 - 2018-12-03 16:51 - 000142336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5QuickControls2.dll
2018-12-03 16:51 - 2018-12-03 16:51 - 000847872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5QuickTemplates2.dll
2018-12-03 16:52 - 2018-12-03 16:52 - 000260608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-01-04 20:02 - 2019-01-04 20:02 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ssleay32.dll
2019-01-04 20:02 - 2019-01-04 20:02 - 001277952 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LIBEAY32.dll
2019-01-28 09:54 - 2014-06-16 16:04 - 000080384 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2019-01-28 09:54 - 2014-06-16 16:03 - 000083968 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2019-01-28 09:54 - 2014-06-16 16:03 - 017955328 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:76650B61 [103]
AlternateDataStreams: C:\Users\steph\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\steph\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-09-15 02:31 - 2018-09-15 02:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKCU\Environment\\Path: %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3657392865-4282527132-3450529356-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\steph\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\amd-ryzen-8k-hw-2560x1080 (1).jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{37B26839-9779-422D-B349-113093A8D6BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{51BBFC0A-06C8-4167-B828-4F0E45D2B41C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9B1A0BF4-9016-4996-9FDF-77FFA402FA46}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{36613DE6-1B4D-47ED-8EC4-C0F1D41D4383}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C5AD289B-BB2F-4842-A0E3-216921F76BF8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E3BBA3A4-B8FB-480D-A625-5AC68D3505AE}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{84291FD6-94D0-4D8A-9AC2-B5FC3AA493F3}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{304A85E8-B5C0-45FB-8B8A-202162A5C1D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{B0ADF072-3CF2-4ECF-9417-D61D8F87697B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{6C0F9A6D-59E7-44E3-9836-4D893CF61173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overload\Overload.exe () [File not signed]
FirewallRules: [{3FE3B7F8-7529-4C35-AD4E-BB3E028EF88F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overload\Overload.exe () [File not signed]
FirewallRules: [TCP Query User{130D65FE-76BC-49AA-90B1-5B498C4EF5A7}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{015C8A14-AFE8-46A3-B7BA-3180D8194D91}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{8F965F1D-1BD3-49E4-BF46-B715F280DADC}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite Titanium.SP2c\WNt600x64\RpcSandraSrv.exe No File
FirewallRules: [{55173C2C-0421-4DD5-A399-2935E4F1FBBF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3361CE68-1FE5-4541-AC90-779E84784A0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{19E16029-AF3B-4D01-A1B3-F06948EE99DE}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{4C811218-3755-4FE3-9143-634BA5984B0A}C:\program files\energicore\energi-qt.exe] => (Allow) C:\program files\energicore\energi-qt.exe No File
FirewallRules: [UDP Query User{1C4B8625-8960-47E2-B4D8-C77ACFA79438}C:\program files\energicore\energi-qt.exe] => (Allow) C:\program files\energicore\energi-qt.exe No File
FirewallRules: [TCP Query User{947ADF80-73E0-494A-B124-42C7AED29F5B}C:\gog games\unreal tournament goty\system\unrealtournament.exe] => (Allow) C:\gog games\unreal tournament goty\system\unrealtournament.exe () [File not signed]
FirewallRules: [UDP Query User{D62D993E-D193-4DCA-90B3-A42820E7A7E7}C:\gog games\unreal tournament goty\system\unrealtournament.exe] => (Allow) C:\gog games\unreal tournament goty\system\unrealtournament.exe () [File not signed]
FirewallRules: [{EC3A78C5-CB1B-4A3F-B1ED-971F8312FDF1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B13886ED-C4F9-4B25-B244-A5D4AE60DCAA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{10EC5035-779F-40CC-B695-106702638904}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe No File
FirewallRules: [UDP Query User{B4726148-0480-47E5-8337-9033A14CEEC6}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe No File
FirewallRules: [TCP Query User{75FAF6F2-3C81-4A09-99D5-535E85F563BA}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{88B5173A-AB35-415A-92AA-90B934D88A3A}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{ECBF9C20-5FD9-4BCA-9595-1CE1A1214E59}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe No File
FirewallRules: [UDP Query User{C5293B1D-DC51-4D28-BA69-95DD53C395E4}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe No File
FirewallRules: [{DC06B8C2-F5B9-4028-99FF-3EA805E8B5ED}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe No File
FirewallRules: [{AB62C6F7-1FED-4A27-8BC0-69ED9744451E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe No File
FirewallRules: [{D907F4F9-C915-4483-8CBC-9FB2B09D7945}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe No File
FirewallRules: [{420C0F7C-8A84-49CE-867C-C9F600C9D276}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe No File
FirewallRules: [{E39FC96C-D6E8-4D96-B2F9-66251B2AB896}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe No File
FirewallRules: [{31C426CB-9ED4-4B9B-BB1E-BD6EA127B8A8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{70ABA078-A6EB-42BE-8165-C7A473F90598}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{6008004C-6DE4-48F5-9CD6-D85EB110D8DD}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{3CF831AC-22E8-4F04-BCDC-AF36736309D3}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe (Splashtop Inc. -> Splashtop Inc.)
FirewallRules: [{5BC82B91-A3A4-4C49-88A3-E91A71296BA4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
 
==================== Restore Points =========================
 
19-02-2019 11:26:32 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
25-02-2019 17:32:41 Installed CORSAIR iCUE Software
01-03-2019 20:59:58 Windows Update
04-03-2019 17:28:27 Revo Uninstaller Pro's restore point - Opera Stable 58.0.3135.79
04-03-2019 17:31:53 Revo Uninstaller Pro's restore point - Opera Stable 58.0.3135.79
05-03-2019 10:36:19 Revo Uninstaller Pro's restore point - Inkscape 0.92.4
05-03-2019 11:54:58 Removed Nitro Pro
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/05/2019 11:55:18 AM) (Source: nlsX86cc) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (03/04/2019 06:31:34 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (03/04/2019 05:28:27 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {2c3471f3-b146-44ea-8879-78e229c06b7e}
 
Error: (03/03/2019 06:49:59 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (03/03/2019 06:48:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LightingService.exe, version: 0.0.0.0, time stamp: 0x5c2ed438
Faulting module name: LightingService.exe, version: 0.0.0.0, time stamp: 0x5c2ed438
Exception code: 0xc000041d
Fault offset: 0x000c2740
Faulting process id: 0xd1c
Faulting application start time: 0x01d4d21b85e28fb7
Faulting application path: C:\Program Files (x86)\LightingService\LightingService.exe
Faulting module path: C:\Program Files (x86)\LightingService\LightingService.exe
Report Id: e2aed02b-8f86-481b-940b-67d74279edfd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/03/2019 06:48:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LightingService.exe, version: 0.0.0.0, time stamp: 0x5c2ed438
Faulting module name: LightingService.exe, version: 0.0.0.0, time stamp: 0x5c2ed438
Exception code: 0xc0000005
Fault offset: 0x000c2740
Faulting process id: 0xd1c
Faulting application start time: 0x01d4d21b85e28fb7
Faulting application path: C:\Program Files (x86)\LightingService\LightingService.exe
Faulting module path: C:\Program Files (x86)\LightingService\LightingService.exe
Report Id: 52ce081d-421b-493b-9195-59872c6af6ee
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/02/2019 08:48:37 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (03/02/2019 08:30:52 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
 
System errors:
=============
Error: (03/06/2019 08:26:30 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/06/2019 08:26:29 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/06/2019 08:26:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/06/2019 08:26:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/05/2019 01:10:41 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/05/2019 10:31:00 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/05/2019 10:30:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/05/2019 10:30:47 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2C5MEQG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-2C5MEQG\steph SID (S-1-5-21-3657392865-4282527132-3450529356-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
CodeIntegrity:
===================================
 
Date: 2019-03-06 08:27:25.315
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-05 10:31:44.967
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-04 21:14:15.294
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-04 21:14:13.357
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-03-04 07:46:55.823
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-03 21:59:51.675
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-03 18:49:06.675
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-03-03 09:55:35.837
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
==================== Memory info =========================== 
 
Processor: AMD Ryzen 7 2700X Eight-Core Processor 
Percentage of memory in use: 34%
Total physical RAM: 16315.14 MB
Available physical RAM: 10641.82 MB
Total Virtual: 18747.14 MB
Available Virtual: 9239.18 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.22 GB) (Free:289.58 GB) NTFS
 
\\?\Volume{0b53f0fb-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.13 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0B53F0FB)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#19
iMacg3
Posted 06 March 2019 - 08:49 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

Did you uninstall any pirated/cracked versions of CyberLink PowerDVD?
If not, please do so.

-----------------------

We will get a capture with Process Monitor to track down the error code.

Download Process Monitor and save it to your Desktop.
  • Extract the file (Right-click it and select Extract All)
  • Right-click Procmon.exe and select Run as Administrator
  • The tool will open and begin the capture.
Launch Opera and trigger the error code, then close it.
  • Open the Process Monitor window. Go to File and uncheck Capture Events
  • Click File > Save. Ensure the "Path" is set to your Desktop. (Don't change any other settings)
  • Click OK to save the file.
  • Navigate to your desktop and locate the file (.PML extension). Right-click on it and select Send to > Compressed (zipped) folder.
  • A .zip file will be created on your Desktop.
Upload it to the file sharing site of your choice, and provide a link in your next reply. An example would be Sendspace.
  • 0

#20
getdealtwith
Posted 06 March 2019 - 01:14 PM

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Yes, there are no versions of Cyberlink DVD installed. Here is the link to the zip file. Thanks so much for taking the time to help me with this!

 

https://www.dropbox....ogfile.zip?dl=0


  • 0

#21
iMacg3
Posted 06 March 2019 - 04:14 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

Uninstall Opera via the Add/Remove Programs menu.

--------------------

Once Opera is uninstalled, please run this FRST Fix.

Highlight the contents of the below code box and press Ctrl + C:
Start::
C:\Users\steph\AppData\Local\Programs\Opera
Reboot:
End::
Right-click on FRST/FRST64 and select Run as Administrator.
Click on Fix.
Note - there is no need to paste the contents of the code box anywhere.
If your computer restarts, allow it to do so.
When the fix is complete the tool will create a log (Fixlog.txt) in the same directory it was run from.
Copy and paste the contents of Fixlog.txt into your next reply.

-----------------------

Download the Opera installer from here and install it.

Let me know if the problem persists.
  • 0

#22
getdealtwith
Posted 07 March 2019 - 11:45 AM

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

I followed all instructions and re-installed Opera. Still getting the same error. Here is the fixlog:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019
Ran by steph (07-03-2019 10:26:11) Run:1
Running from C:\Users\steph\Downloads
Loaded Profiles: steph (Available Profiles: steph)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\Users\steph\AppData\Local\Programs\Opera
Reboot:
 
*****************
 
C:\Users\steph\AppData\Local\Programs\Opera => moved successfully
 
 
The system needed a reboot.
 
==== End of Fixlog 10:26:11 ====

  • 0

#23
iMacg3
Posted 07 March 2019 - 12:30 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts

Hi,

 

We'll take a closer look at an Opera related file that may be causing the issue.

 

Highlight the contents of the below code box and press Ctrl + C:

Start::

File: C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.79\opera_elf.dll

End::
Right-click on FRST/FRST64 and select Run as Administrator.
Click on Fix.
Note - there is no need to paste the contents of the code box anywhere.
If your computer restarts, allow it to do so.
When the fix is complete the tool will create a log (Fixlog.txt) in the same directory it was run from.
Copy and paste the contents of Fixlog.txt into your next reply.
  • 0

#24
getdealtwith
Posted 07 March 2019 - 12:37 PM

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

It says that file cannot be found:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019
Ran by steph (07-03-2019 13:36:15) Run:4
Running from C:\Users\steph\Downloads
Loaded Profiles: steph (Available Profiles: steph)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
File: C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.79\opera_elf.dll
 
*****************
 
 
========================= File: C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.79\opera_elf.dll ========================
 
"C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.79\opera_elf.dll" => not found
====== End of File: ======
 
 
==== End of Fixlog 13:36:15 ====

  • 0

#25
iMacg3
Posted 08 March 2019 - 11:29 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts

Hi,

 

Highlight the contents of the below code box and press Ctrl + C:

Start::

Folder: C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.79
Folder: C:\Users\steph\AppData\Local\Programs\Opera

End::
Right-click on FRST/FRST64 and select Run as Administrator.
Click on Fix.
Note - there is no need to paste the contents of the code box anywhere.
If your computer restarts, allow it to do so.
When the fix is complete the tool will create a log (Fixlog.txt) in the same directory it was run from.
Copy and paste the contents of Fixlog.txt into your next reply.
  • 0

Advertisements

#26
getdealtwith
Posted 08 March 2019 - 02:24 PM

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019
Ran by steph (08-03-2019 15:23:34) Run:5
Running from C:\Users\steph\Downloads
Loaded Profiles: steph (Available Profiles: steph)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Folder: C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.79
Folder: C:\Users\steph\AppData\Local\Programs\Opera
 
*****************
 
 
========================= Folder: C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.79 ========================
 
not found.
 
====== End of Folder: ======
 
 
========================= Folder: C:\Users\steph\AppData\Local\Programs\Opera ========================
 
2019-03-07 13:35 - 2019-03-07 13:35 - 000011790 ____A [875B20154A29EE37872E885DC267CAF5] () C:\Users\steph\AppData\Local\Programs\Opera\installation_status.json
2019-03-07 13:35 - 2019-03-08 11:58 - 000001115 ____A [D19A36039006EB2B9E75D4B1AB2D7B2D] () C:\Users\steph\AppData\Local\Programs\Opera\installer_prefs.json
2019-03-07 13:35 - 2019-03-08 11:58 - 000001115 ____A [D19A36039006EB2B9E75D4B1AB2D7B2D] () C:\Users\steph\AppData\Local\Programs\Opera\installer_prefs.json.backup
2019-03-07 13:35 - 2019-03-07 01:41 - 001465432 ____A [5D034385BFFF8D8923E907847413F5E8] (Opera Software) C:\Users\steph\AppData\Local\Programs\Opera\launcher.exe
2019-03-07 13:35 - 2018-11-28 09:05 - 000000317 ____A [A19B4BFB5A4CC4F482C00E4CE4566066] () C:\Users\steph\AppData\Local\Programs\Opera\launcher.visualelementsmanifest.xml
2019-03-07 13:35 - 2019-03-07 13:35 - 000000057 ____A [F488C9F9D9D5E631484D4BF155F45442] () C:\Users\steph\AppData\Local\Programs\Opera\pref_default_overrides
2019-03-07 13:35 - 2018-11-28 09:05 - 000003072 ____A [400817D0A91767CB830767AA94383F31] () C:\Users\steph\AppData\Local\Programs\Opera\Resources.pri
2019-03-07 13:35 - 2019-03-07 13:35 - 000001344 ____A [46761B955B7D1776F4A3E0DC816E649C] () C:\Users\steph\AppData\Local\Programs\Opera\server_tracking_data
2019-03-07 13:35 - 2019-03-08 11:58 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90
2019-03-07 13:35 - 2019-03-07 01:41 - 004353896 ____A [B714D5B994097236EAB2BA323C2EF8D9] (Microsoft Corporation) C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\d3dcompiler_47.dll
2019-03-08 11:58 - 2019-03-08 13:35 - 000000284 ____A [9A1A606988D7A246BAD0554485D30A80] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\debug.log
2019-03-07 13:35 - 2019-03-06 17:01 - 010611648 ____A [6101584A8B373531080EED51DA9FB2F6] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\icudtl.dat
2019-03-07 13:35 - 2019-03-07 01:41 - 004334680 ____A [27FF0EDBC5DF06FA19B47FA3BE970541] (Opera Software) C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\installer.exe
2019-03-07 13:35 - 2019-03-07 01:41 - 000100952 ____A [24628725F3BEA4D259C5FB7271841E61] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\installer_helper_64.exe
2019-03-07 13:35 - 2019-03-07 01:41 - 000011352 ____A [1AD6160ADA17CEA2CF7E25FB6F489399] (Opera Software AS) C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\installer_helper_lib.dll
2019-03-07 13:35 - 2019-03-07 01:41 - 000117336 ____A [2265436910A5B2A654D4F2DEF10B463E] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\libEGL.dll
2019-03-07 13:35 - 2019-03-07 01:41 - 005212760 ____A [48062D3C70A5C946777D39DD3887C253] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\libGLESv2.dll
2019-03-07 13:35 - 2019-03-06 17:22 - 000092247 ____A [EE8117CF109AA1E47599B6B6BBFFC176] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\natives_blob.bin
2019-03-07 13:35 - 2019-03-07 01:41 - 000791640 ____A [3075741E3B5E8290A35407ED0483E23E] (The Chromium Authors) C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\notification_helper.exe
2019-03-07 13:35 - 2019-03-07 01:41 - 001603672 ____A [BC40AAA85A0284473E111F51FCF1AC04] (Opera Software) C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera.exe
2019-03-07 13:35 - 2019-03-07 01:41 - 000001471 ____A [A0E4980D41D9CD39F4204AD7D0347096] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera.exe.sig
2019-03-07 13:35 - 2019-03-06 18:03 - 019853439 ____A [C33CFFC10A4FF8571AB4019896194A6D] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera.pak
2019-03-07 13:35 - 2019-03-06 17:38 - 002071222 ____A [61A9DF3D2C3DEB87A7023531E8142955] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_100_percent.pak
2019-03-07 13:35 - 2019-03-06 17:38 - 002086795 ____A [68CD73196D484D2071F1BF676CBE4C2A] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_125_percent.pak
2019-03-07 13:35 - 2019-03-06 17:38 - 002136200 ____A [E3E66641AE389DABCEFEFD98C72816E8] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_150_percent.pak
2019-03-07 13:35 - 2019-03-06 17:38 - 002495564 ____A [D35756FCEB84B6D1B2162E5AADD91A88] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_200_percent.pak
2019-03-07 13:35 - 2019-03-06 17:19 - 000692304 ____A [86C9C98848DB134511057E0630D225CC] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_250_percent.pak
2019-03-07 13:35 - 2019-03-07 01:41 - 003759192 ____A [D2647EB7903CC45FB4B25F0E278E6DE2] (Opera Software) C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_autoupdate.exe
2019-03-07 13:35 - 2018-06-29 08:51 - 000014004 ____A [2528B26988213FE5C0EE9CE75ACC2935] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_autoupdate.licenses
2019-03-07 13:35 - 2018-06-29 08:51 - 000000006 ____A [6E0C5D81F59BEF066C2EA2FE22AF723E] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_autoupdate.version
2019-03-07 13:35 - 2019-03-07 01:41 - 109982296 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_browser.dll
2019-03-07 13:35 - 2019-03-07 01:41 - 000001471 ____A [A424D6F87A7C2BAD32E9141AF7429913] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_browser.dll.sig
2019-03-07 13:35 - 2019-03-07 01:41 - 001444440 ____A [0E2322DFD571DEE20627BF3F092C9098] (Opera Software) C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_crashreporter.exe
2019-03-07 13:35 - 2019-03-07 01:41 - 000701016 ____A [EC5A50DD1CB0A5EAA3FF47C49DA136E1] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_elf.dll
2019-03-07 13:35 - 2019-03-06 18:51 - 000343008 ____A [80775962690F1DF7D94488177B9E4498] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\snapshot_blob.bin
2019-03-07 13:35 - 2019-03-06 18:54 - 000753168 ____A [7F855129D7544331F5A1792CA807EE9D] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\v8_context_snapshot.bin
2019-03-07 13:35 - 2019-03-07 01:41 - 000393304 ____A [57DB4CF1083BFA8E689015A61F3559D2] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\win10_share_handler.dll
2019-03-07 13:35 - 2019-03-07 01:41 - 000117336 ____A [16DEFB165F3D8F4DBBC2DF5B687089F9] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\win8_importing.dll
2019-03-07 13:35 - 2019-03-07 13:35 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization
2019-03-07 13:35 - 2019-03-06 17:17 - 000275843 ____A [5EC77D1FC73F08198D30E5445C3015E0] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\be.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000337671 ____A [96F1AE0D9ABC4948A371F623ED447EEC] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\bg.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000448194 ____A [97DAD18BAD02A3D63438315280901DED] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\bn.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000219008 ____A [E08A5CC2E6940A8900C086A881E963F7] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\ca.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000217302 ____A [E16F261F7731897C907DAC719637D213] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\cs.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000199086 ____A [B886BFD32E41B39B90BCB030E1D9A7AD] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\da.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000218901 ____A [B02362CD8FDAEC2B292AAA7778E4243D] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\de.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000369251 ____A [254B9709BBAC40D276AD37ADF34A5CB3] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\el.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000181252 ____A [07CDFCFC78C35F617A2B77DEF6136831] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\en-GB.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000182529 ____A [DF83A811EC867F736C055F837F37A1B8] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\en-US.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000214426 ____A [E3B80EC64A00D0FB0733D5919483C58A] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\es.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000217254 ____A [8411F3EC136EE1F069A4DDA9786F72A1] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\es-419.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000203123 ____A [75874EF28E5DA765E2BD88C9D5A8DD4F] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\fi.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000223685 ____A [C6A96C390AE288DFE0D0DB932338438F] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\fil.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000227343 ____A [D981CF25DDE88F6A25387B71D83918F9] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\fr.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000206938 ____A [46AFD92C10F5AB59B9BDDD663E780882] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\fr-CA.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000431097 ____A [7A8B7D5A62B90CC1E0F6225DF1C75FE3] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\hi.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000210524 ____A [A9CBEFCB5CBF5E037A6A896B90AE3BB0] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\hr.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000224275 ____A [C0ACF739270517522D734A4DD45DCB79] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\hu.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000194346 ____A [33BA07730C3C1CB6A198535D7E0B20B0] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\id.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000213273 ____A [EAEE4715B161BC69CCDB85339E677938] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\it.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000260691 ____A [A37CABFBAEB1BE87FC5F118C9BC4D190] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\ja.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000217933 ____A [B3823F4B7AA85F50F89146ABC527E1DC] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\ko.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000223389 ____A [BDE203104F672788A43BC710BE02A56C] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\lt.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000221814 ____A [06441C469D6F9998DE2A1DF6D7E842D7] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\lv.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000199820 ____A [E27B6554B01720DC7E865B86314F2641] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\ms.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000196093 ____A [9933E1C58C8C397C320652D0C90F7A5C] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\nb.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000204621 ____A [A902FBD6A149C2CCF04C13B510407F3B] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\nl.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000216852 ____A [3871609CC8B340A041ACA7D23BE28DD7] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\pl.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000212394 ____A [2DC2381B78DC5A1AA4C992FAF3BA92F3] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\pt-BR.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000214361 ____A [E0AFDC09F801B0B0E5AACC5DFACC3E20] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\pt-PT.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000220792 ____A [8DF2C1133DDC9C8F28742AD0111FDAA9] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\ro.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000334456 ____A [E471BB58CB937915F14499EC156458E4] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\ru.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000218405 ____A [A52B117F527AACC8AC3C5D0DD7B22B73] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\sk.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000323711 ____A [3A42273C8702B114D1850DA6AE4A72DD] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\sr.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000199337 ____A [6D36F93B12E7F834CA2A297D39CCF5F0] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\sv.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000202439 ____A [E22038F3C6FA844780CBB2EC4EAE2C38] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\sw.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000504469 ____A [ABA9BC3AB2A51511B590F6F38C1E584B] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\ta.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000468514 ____A [598DA0B9B4CECB78899037F19D1F97B2] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\te.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000411534 ____A [8DA6DECE2061425E333FEE089E7B2BDD] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\th.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000210600 ____A [DC5462372E9D1372DD6522ACD512DE11] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\tr.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000340442 ____A [F94B02AC34AE471B3AD9E8973ABF364F] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\uk.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000244046 ____A [BCAF8F3C83C9D467C037FE370BCE104F] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\vi.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000177685 ____A [3D403ADCC71A89AC0C90A83C3043C023] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\zh-CN.pak
2019-03-07 13:35 - 2019-03-06 17:17 - 000184737 ____A [3F54B31840634D13651F5C3C00003C2D] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\localization\zh-TW.pak
2019-03-07 13:35 - 2019-03-07 13:35 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\MEIPreload
2019-03-07 13:35 - 2019-03-06 17:00 - 000000228 ____A [89F8BAEED2BF11597080803F1023B19E] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\MEIPreload\manifest.json
2019-03-07 13:35 - 2019-03-06 17:00 - 000017116 ____A [332221B2AA984844E1738C0F0FFDB993] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\MEIPreload\preloaded_data.pb
2019-03-07 13:35 - 2019-03-07 13:35 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources
2019-03-07 13:35 - 2018-06-29 08:51 - 000001150 ____A [985B900732F0A910420E09E190A1484F] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\013E742B-287B-4228-A0B9-BD617E4E02A4.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000001150 ____A [74FDAC19593602B8D25A5E2FDB9C3051] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\07593226-C5C5-438B-86BE-3F6361CD5B10.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000017542 ____A [CA6619B86C2F6E6068B69BA3AADDB7E4] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\0CD5F3A0-8BF6-11E2-9E96-0800200C9A66.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000001150 ____A [64AD26B9B9D8E4DA8CD564FE4843E65F] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\1AF2CDD0-8BF3-11E2-9E96-0800200C9A66.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000002550 ____A [B2C57A76E16F5A20DF0DF529EAF7CC52] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\1CF37043-6733-479C-9086-7B21A2292DDA.ico
2019-03-07 13:35 - 2018-07-09 16:00 - 000015086 ____A [2C40ED190AA02EB3A2CDC38B89F4458D] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\2A3F5C20-8BF5-11E2-9E96-0800200C9A66.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000017542 ____A [86509075838848045C675A8B0121CEB2] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\2F8F0E41-F521-45A4-9691-F664AFAFE67F.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000005430 ____A [9796ED786D95606D51BE9DAB54FB5350] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\3B6191A0-8BF3-11E2-9E96-0800200C9A66.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000004286 ____A [BD5865B6A3787241931895B562D1AAF9] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\3BFDFA54-5DD6-4DFF-8B6C-C1715F306D6B.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000001150 ____A [3264B65E59E51CA4943AE076748BFCEC] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\4C95ADC1-5FD9-449D-BC75-77CA217403AE.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000001150 ____A [7868D43BE5BE8978E247DA73B69A50AC] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\5BBBDD5B-EDC7-4168-9F5D-290AF826E716.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000015086 ____A [2C40ED190AA02EB3A2CDC38B89F4458D] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\66DD4BB6-A3BA-4B11-AF7A-F4BF23E073B2.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000001150 ____A [74FDAC19593602B8D25A5E2FDB9C3051] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\6D3582E1-6013-429F-BB34-C75B90CDD1F8.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000001150 ____A [15CC60C14626AE2549F3305C25B249F7] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\76C397A8-9E8E-4706-8203-BD2878E9C618.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000006518 ____A [5E5293480F2EE9B15767E01F4D5DBAF5] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\8D754F20-8BF5-11E2-9E96-0800200C9A66.ico
2019-03-07 13:35 - 2019-03-06 17:00 - 000008404 ____A [DE5CF93FE4909D65F16DB42CD0FDEB7E] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\ab_tests.json
2019-03-07 13:35 - 2018-06-29 08:51 - 000001150 ____A [58605FAE7FE4E695F5FD358A7465565B] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\AD2FD2BD-0727-4AF7-8917-AAED8627ED47.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000001150 ____A [D2F1F9CE53773F7F51412AFFFEE0D97A] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\B478FE0C-0761-41C3-946F-CD1340356039.ico
2019-03-07 13:35 - 2019-03-06 17:00 - 000022288 ____A [DF0AE8A898601EE3B2694356DB76D9C0] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\browser.js
2019-03-07 13:35 - 2018-06-29 08:51 - 000017542 ____A [86509075838848045C675A8B0121CEB2] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\C665D993-1B49-4C2E-962C-BEB19993BB86.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000017542 ____A [86509075838848045C675A8B0121CEB2] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\CCCED631-6DA2-4060-9824-95737E64350C.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000034686 ____A [5337074698C608F4996D7F6AC571DBB9] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\CFCE84E5-9A95-4B3F-B8E4-3E98CF7EE6C5.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000005686 ____A [CAE06CD4B5B7BE327CCB00A6DD6F588C] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\CFD4BE41-4C6D-496A-ADDB-4095DFA1DD0E.ico
2019-03-07 13:35 - 2019-03-06 17:00 - 000313496 ____A [AA50D8A311275BD07694E155851679E7] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\default_partner_content.json
2019-03-07 13:35 - 2018-06-29 08:51 - 000011716 ____A [0244732535ED40A401B62841948B32AF] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\dictionaries.xml
2019-03-07 13:35 - 2018-06-29 08:51 - 000002550 ____A [B2C57A76E16F5A20DF0DF529EAF7CC52] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\F3F34CBB-24FF-4830-9E87-1663E7A0A5EE.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000001150 ____A [192A42730EEA5A6A3238F50285F01010] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\F98D4D4C-8AA7-4619-A1E7-AC89B24558DD.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000016278 ____A [7071FC1EA92AF20E834862DE0951833C] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\facebook_icon.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000001150 ____A [74FDAC19593602B8D25A5E2FDB9C3051] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\FDC2CCAB-E8F9-4620-91DD-B0B67285997C.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000005430 ____A [4CA6A47462D19D539F9A32B702B10177] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\FF57F01A-0718-44B7-8A1F-8B15BC33A50B.ico
2019-03-07 13:35 - 2018-06-29 08:51 - 000001150 ____A [72460DF2C3C16ED7FFFA3988F5E86CBA] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\FFF3F819-B6CE-4DE6-B4E4-8E2618ABC0D9.ico
2019-03-07 13:35 - 2019-03-06 17:00 - 000011017 ____A [182159EACF7BC4D82FCE00279CDE714F] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\license.txt
2019-03-07 13:35 - 2019-03-06 17:02 - 000316797 ____A [4812563E044C4A0B5AFD8BB44FAC2275] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\partner_speeddials.json
2019-03-07 13:35 - 2018-06-29 08:51 - 000016278 ____A [3B6D70A7EA1C4CB7C4B92BF238FDB903] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\vk_icon.ico
2019-03-07 13:35 - 2019-03-07 13:35 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\promotion_extension_1
2019-03-07 13:35 - 2019-03-07 13:35 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\promotion_extension_1\_locales
2019-03-07 13:35 - 2019-03-07 13:35 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\promotion_extension_1\_locales\en
2019-03-07 13:35 - 2019-03-06 17:14 - 000000785 ____A [ECFB1F5071C7402BFE8A3C437AF44C45] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\promotion_extension_1\_locales\en\messages.json
2019-03-07 13:35 - 2019-03-07 13:35 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\standard_themes
2019-03-07 13:35 - 2019-03-06 17:00 - 000002060 ____A [298502582B0D74CAC3085C2428F92995] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\resources\standard_themes\default_theme.zip
2019-03-07 13:35 - 2019-03-07 13:35 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\swiftshader
2019-03-07 13:35 - 2019-03-07 01:41 - 000156760 ____A [82F98CEE573BD90A75A8FFDF5085416A] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\swiftshader\libEGL.dll
2019-03-07 13:35 - 2019-03-07 01:41 - 002687064 ____A [B18EC907AC8E7C7AE2B3D493D051C0F7] () C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\swiftshader\libGLESv2.dll
2019-03-07 13:35 - 2019-03-07 13:35 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\steph\AppData\Local\Programs\Opera\Assets
2019-03-07 13:35 - 2018-11-28 09:05 - 000001083 ____A [2E2BFB597E12481E8BA48EA69468DD06] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\150x150Logo.scale-100.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000001090 ____A [D0EA4391A54C3EF5D1B8F0732256FFEC] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\150x150Logo.scale-100_contrast-white.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000001465 ____A [09B002C92F8F1EDCC18E7500960416AA] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\150x150Logo.scale-140.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000001471 ____A [97B898B0DDD32124BFC126B80A126F44] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\150x150Logo.scale-140_contrast-white.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000001861 ____A [AB92EA284C466C1ADB1BEE11F3E0AEDA] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\150x150Logo.scale-180.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000001998 ____A [2B478239F1E085B8AD0C9FF866A40DE6] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\150x150Logo.scale-180_contrast-white.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000000842 ____A [01A789EB7CF1923AE73C6E9B6FA5D172] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\150x150Logo.scale-80.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000000843 ____A [5D3CE2C57AB1984C46A3BCD47B7712DD] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\150x150Logo.scale-80_contrast-white.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000000796 ____A [60E26A8E23EC330E52580CD7249266E3] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\70x70Logo.scale-100.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000000803 ____A [E45A04E6B6CA5775AB51EAF0E2724212] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\70x70Logo.scale-100_contrast-white.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000001007 ____A [7A119C70B4DB04DEAB6A6B4366E694E1] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\70x70Logo.scale-140.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000000892 ____A [2C02A139220DCEE90603F7DA2513EB46] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\70x70Logo.scale-140_contrast-white.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000001281 ____A [14CF87DAE90583033875BD43D8AC5C2E] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\70x70Logo.scale-180.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000001125 ____A [EFF8D2C58D64B7481374034C65CA42EE] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\70x70Logo.scale-180_contrast-white.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000000595 ____A [5DDD60FED1F8D97C01E8DD541657296A] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\70x70Logo.scale-80.png
2019-03-07 13:35 - 2018-11-28 09:05 - 000000625 ____A [3EC9C6ED0BC50CFBBC276B6295BA4562] () C:\Users\steph\AppData\Local\Programs\Opera\Assets\70x70Logo.scale-80_contrast-white.png
 
====== End of Folder: ======
 
 
==== End of Fixlog 15:23:35 ====

  • 0

#27
iMacg3
Posted 08 March 2019 - 03:41 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

Please download GrantPerms and save it to your desktop.
Note: you need to download the version compatible with your system. If you do not know whether your system is 32 or 64 bit, download both versions and try to run them. Only one will run on your system, and that will be the right version.
  • Right-click on the .zip file and click Extract all. Extract the files to your Desktop.
  • Right-click on GrantPerms.exe/GrantPerms64.exe and select Run as Administrator.
  • Copy and paste the following in the edit box:
    C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90\opera_elf.dll
  • Click Unlock. When it is done click OK.
  • Click List Permissions. A log will open called Perms.txt. Copy and paste its contents into your next reply.
Note: Perms.txt is saved to the same directory GrantPerms is run from.

-------------------

Does the problem persist?
  • 0

#28
getdealtwith
Posted 09 March 2019 - 07:58 AM

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Yes, still having the same issue. I noticed that the "C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90" directory was empty but there was a very similar folder named "C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90_0" so I changed the code you provided to copy and paste into GrantPerms and got this result:
 
 
GrantPerms by Farbar 
Ran by steph (administrator) at 2019-03-09 08:57:02
 
===============================================
\\?\C:\Users\steph\AppData\Local\Programs\Opera\58.0.3135.90_0\opera_elf.dll
 
   Owner: BUILTIN\Administrators
 
   DACL(NP)(AI):
         BUILTIN\Users   READ/EXECUTE   ALLOW   (NI)
   NT AUTHORITY\SYSTEM   FULL   ALLOW   (I)
   BUILTIN\Administrators   FULL   ALLOW   (I)
   DESKTOP-2C5MEQG\steph   FULL   ALLOW   (I)
 
 
 
================ End Of List ================

  • 0

#29
iMacg3
Posted 09 March 2019 - 10:43 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

This is not a malware issue and not my forte.
I suggest you post in the Web Browsers and Email forum where an expert with web browsers can assist you with this issue.

Good luck. :thumbsup:
  • 0

#30
getdealtwith
Posted 11 March 2019 - 06:31 AM

getdealtwith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

tHi,

This is not a malware issue and not my forte.
I suggest you post in the Web Browsers and Email forum where an expert with web browsers can assist you with this issue.

Good luck. :thumbsup:

Thanks so much for all your help, I really appreciate it.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP