Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

MalwareBytes keep detecting PUP.Optional.Conduit from chrome


  • Please log in to reply

#1
Dramzii

Dramzii

    New Member

  • Member
  • Pip
  • 1 posts

Hi, 
First I would like to apologize in advance, for incase there may be some cultural issues. English is not my first language.

Now,  I would like to ask for some help with issues in my computer. Please.

I installed Malwarebytes, because, suddenly my computer started to behave weird, more specifically, it appears Chrome started to behave weird.

Sometimes when i try to do a google search and click on the address bar, or when i try to move a google window, or after i do a search. The windows from windows... begin to overlap on over the other, similar to like if I would've been pressing Alt+tab. Similar*. 

So, when i ran malwarebytes, it did detect  some, malware and cleaned it (apparently), but over and over keeps detecting  between 13~15 PUP.Optional.Conduit from Google Chrome.

I got SuperANtiSpyware running.  and bought a licence for bitdefender. Yet still same results. I don't know if the issue with the windows si related. 

Also, at some point, a Chromium software appeared, and since i couldn't uninstall it, i deleted its windows' files. 

Thank you in advance. 

regards. 

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-04-2020
Ran by dramz (administrator) on DESKTOP-UPRE5G2 (Gigabyte Technology Co., Ltd. Z170X-Gaming 7) (27-04-2020 04:26:18)
Running from F:\GENERAL\Downloads
Loaded Profiles: dramz (Available Profiles: dramz)
Platform: Windows 10 Pro Version 1903 18362.778 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
( () [File not signed])  [File is in use ] C:\Program Files (x86)\Mendeley Desktop\MendeleyWordPlugin.exe
() [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
() [File not signed] C:\Program Files\Elgato\SoundCapture\SoundCapture.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <3>
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdtrackersnmh.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\dramz\AppData\Roaming\uTorrent Web\helper\helper.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <4>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7022\Agent.exe
(Chaos Software Ltd. -> ) [File not signed] C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\register-service.exe
(Chaos Software Ltd.) [File not signed] C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\swrm.exe
(Chaos Software Ltd.) [File not signed] C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Discord Inc. -> Discord Inc.) C:\Users\dramz\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <75>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel® Corporation) C:\Windows\SysWOW64\XtuService.exe
(Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed] C:\Users\dramz\AppData\Roaming\uTorrent Web\utweb.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mendeley Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\MendeleyDesktop.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\dramz\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\dramz\AppData\Local\Microsoft\OneDrive\OneDrive.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\dramz\AppData\Local\Microsoft\Teams\current\Teams.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_47a7ea3f1b25edd7\Display.NvContainer\NVDisplay.Container.exe <2>
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Popcorn Time) [File not signed] C:\Program Files (x86)\Popcorn Time\Updater.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe <5>
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com Inc -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\8de33672-02af-4e63-9bc8-0c28da2b8d63.com
(Surfshark Ltd. -> Iain Patterson) C:\Program Files (x86)\Surfshark\Resources\x64\nssm.exe
(Surfshark Ltd. -> Surfshark) C:\Program Files (x86)\Surfshark\Surfshark.exe
(Surfshark Ltd. -> Surfshark) C:\Program Files (x86)\Surfshark\Surfshark.Service.exe
(The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\QtWebEngineProcess.exe <2>
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\32\WacomDesktopCenter.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wagnardsoft -> Wagnardsoft) C:\Users\dramz\OneDrive\Escritorio\ISLC v1.0.1.6\Intelligent standby list cleaner ISLC.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1234944 2019-05-23] () [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [451928 2020-04-09] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405032 2019-12-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97127680 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2042424 2020-03-16] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-03] (Valve -> Valve Corporation)
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1108968 2020-03-31] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31740816 2020-04-16] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\dramz\AppData\Local\Microsoft\Teams\Update.exe [2339472 2020-04-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Run: [Discord] => C:\Users\dramz\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5557296 2020-03-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Run: [utweb] => C:\Users\dramz\AppData\Roaming\uTorrent Web\utweb.exe [5491840 2020-04-13] (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\8de33672-02af-4e63-9bc8-0c28da2b8d63.com [9230256 2020-04-24] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Run: [Surfshark] => C:\Program Files (x86)\Surfshark\Surfshark.exe [4097488 2020-04-23] (Surfshark Ltd. -> Surfshark)
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-21] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {041394A8-E3A6-4051-94B7-7B05D4C4807D} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\0993108A-E628-4B2B-9030-9E30A553ADF1\Provisioning initiated session => C:\Windows\system32\deviceenroller.exe [551424 2020-01-22] (Microsoft Windows -> Microsoft Corporation)
Task: {13F99BF0-07C3-4F59-A02D-F1BB464A1A66} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\0993108A-E628-4B2B-9030-9E30A553ADF1\PushRenewal => C:\Windows\system32\deviceenroller.exe [551424 2020-01-22] (Microsoft Windows -> Microsoft Corporation)
Task: {18C9A935-A229-4792-B8E9-009FCBB56B27} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2039E387-CE3F-4EC5-B9AF-01F0FAE87DC7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {274F856A-3796-4DFF-96ED-CB795AE79DB9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\0993108A-E628-4B2B-9030-9E30A553ADF1\Schedule #2 created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2020-01-22] (Microsoft Windows -> Microsoft Corporation)
Task: {29FAF627-C64B-4B0D-B550-F736F9F3F0F3} - System32\Tasks\Intelligent StandbyList Cleaner => C:\Users\dramz\OneDrive\Escritorio\ISLC v1.0.1.6\Intelligent standby list cleaner ISLC.exe [410816 2019-07-11] (Wagnardsoft -> Wagnardsoft)
Task: {2B5353E7-4E89-4DB2-A47C-F79913EEF725} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\0993108A-E628-4B2B-9030-9E30A553ADF1\Schedule #1 created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2020-01-22] (Microsoft Windows -> Microsoft Corporation)
Task: {2BB3E9F8-F97C-4B7B-BC2D-6E34432C1B37} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6147496 2020-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {312F890A-A6E6-40D1-A4B5-A197CD9A6CAE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6147496 2020-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {31F5F883-1104-40B1-916E-02CB95B15D64} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3FD65BDF-E0ED-466D-8C8F-4F31BCBD3FDA} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\0993108A-E628-4B2B-9030-9E30A553ADF1\OS Edition Upgrade event listener created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2020-01-22] (Microsoft Windows -> Microsoft Corporation)
Task: {43ABA325-82DC-40F9-8581-732899F299E6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48C49107-7B42-4D70-8AD5-86A617C14377} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\0993108A-E628-4B2B-9030-9E30A553ADF1\Win10 S Mode event listener created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2020-01-22] (Microsoft Windows -> Microsoft Corporation)
Task: {4913DB06-65A9-47EA-806A-977C5C285677} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2045312 2020-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A16D08A-01B1-417B-B3C2-C10E87EAFDC4} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [490808 2019-11-27] (Bitdefender SRL -> Bitdefender)
Task: {509DCD4B-583F-4157-8430-0914C87FF61D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2020-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {51D249A6-BDD9-4347-BC9A-246EF9FC4736} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [232880 2019-05-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {5C99688D-BFB4-405A-B25A-127C6586729D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F620DD7-A8E5-40B2-BC64-73F214D1D0AB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {765DC9FA-985E-44E5-B65A-2DBD0394BBF4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {7B2AC063-7182-451C-A374-01BDC088F4AF} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\0993108A-E628-4B2B-9030-9E30A553ADF1\Schedule #3 created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2020-01-22] (Microsoft Windows -> Microsoft Corporation)
Task: {7C4C1019-91E0-44EF-B202-846ECF293B1F} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel® Software -> Intel Corporation)
Task: {926B6CB6-3D19-458C-94D4-418819EC631C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C77F6EF-B9F6-417D-8BC8-6EE7A49FA0D8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A44229DF-F48E-4CCD-90C1-CE9CEDBC456A} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {AA3F7D80-0A72-47E4-8F4F-7C81980ABAC8} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC670C14-130B-4222-81D9-4FD16A19CC70} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [251824 2019-05-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {ACEEE21F-F3BE-426C-A994-68AFC1CE844F} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [525632 2020-01-27] (Bitdefender SRL -> Bitdefender)
Task: {B19A4131-AE28-48EE-BC04-1DAA9121F3C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-22] (Google LLC -> Google LLC)
Task: {B5A5B43F-F765-43E3-AFFB-86D051838653} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\0993108A-E628-4B2B-9030-9E30A553ADF1\Passport for Work alert created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2020-01-22] (Microsoft Windows -> Microsoft Corporation)
Task: {BDA92909-059E-47B0-A2A0-19A0EDA2B88A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2020-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0A7133E-4F74-4A61-B2C2-797AAAD646AB} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {D7000E8D-6079-4469-A1C3-23EF67931475} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\0993108A-E628-4B2B-9030-9E30A553ADF1\Schedule to run OMADMClient by client => C:\Windows\system32\omadmclient.exe [330240 2020-04-15] (Microsoft Windows -> Microsoft Corporation)
Task: {D81AD853-5D28-412B-80C1-C4DB60331D74} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\0993108A-E628-4B2B-9030-9E30A553ADF1\Schedule created by enrollment client for renewal of certificate warning => C:\Windows\system32\deviceenroller.exe [551424 2020-01-22] (Microsoft Windows -> Microsoft Corporation)
Task: {D9E73A39-523C-4CE2-8D54-451A191602F6} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E3550145-5842-495A-A40B-30ACD512DD87} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F10BADD1-63DD-4BCD-B9BB-7B0868DEE2F1} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F28AAF7F-F8B0-494D-A905-3BBF6D0E3984} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\0993108A-E628-4B2B-9030-9E30A553ADF1\PushLaunch => C:\Windows\system32\deviceenroller.exe [551424 2020-01-22] (Microsoft Windows -> Microsoft Corporation)
Task: {F4DDB8D8-E401-41A7-8F8F-EBEF2D92AEB1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F5837DB5-26AC-4B1B-B7EE-A4AF2061E4B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-22] (Google LLC -> Google LLC)
Task: {F950B06D-B0D7-43CD-B4C1-E8DE2702BDF1} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\0993108A-E628-4B2B-9030-9E30A553ADF1\Schedule to run OMADMClient by server => C:\Windows\system32\omadmclient.exe [330240 2020-04-15] (Microsoft Windows -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 189.209.127.244 148.240.118.40
Tcpip\..\Interfaces\{d55a70fb-cfba-4127-95c3-80982c8f8f92}: [DhcpNameServer] 189.209.127.244 148.240.118.40
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-09] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2020-02-27] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-03-02] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2020-03-02] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-01-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
 
Chrome: 
=======
CHR Profile: C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default [2020-04-27]
CHR Notifications: Default -> hxxps://www1a.bethanyharrell.pro
CHR HomePage: Default -> hxxp://lenovo13.msn.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Slides) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-22]
CHR Extension: (Safe Torrent Scanner) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2020-01-22]
CHR Extension: (Surfshark VPN Extension - Fast & Secure Proxy) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ailoabdmgclmfmhdagmlohpjlbpffblp [2020-04-25]
CHR Extension: (3DTin) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\algoakekcdmbbikdjgjdahbfihboglmi [2020-01-22]
CHR Extension: (Docs) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-22]
CHR Extension: (Google Drive) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-22]
CHR Extension: (Snooker) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjohiacoelemalmancnccjggomjnkfod [2020-01-22]
CHR Extension: (YouTube) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-22]
CHR Extension: (Honey) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-04-05]
CHR Extension: (8-Ball Pool) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb [2020-01-22]
CHR Extension: (Mendeley Web Importer) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2020-04-12]
CHR Extension: (Nyan for Youtube) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dejejekdcaglnfknpmmflmkbebfajeml [2020-04-14]
CHR Extension: (Clipchamp - convert, compress, record video) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\delkpojpfkkfgmknffmblbhmlamkjioi [2020-01-22]
CHR Extension: (Sprinter) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dokjalegehmapmfcgljdmpnnheabgedb [2020-01-22]
CHR Extension: (Adobe Acrobat) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-03]
CHR Extension: (Video Downloader professional) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-01-22]
CHR Extension: (ARC Welder) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2020-01-22]
CHR Extension: (Sheets) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-22]
CHR Extension: (Bitdefender Wallet) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2020-04-25]
CHR Extension: (Google Docs Offline) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-23]
CHR Extension: (Portal - WiFi file transfers) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdalmglpnhhkcpgcggdcnlapeonfkhna [2020-01-22]
CHR Extension: (Adobe Edge Inspect CC) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijoeapleklopieoejahbpdnhkjjgddem [2020-01-22]
CHR Extension: (WhatFont) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2020-01-22]
CHR Extension: (CamDesk) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjgcfadcmkpmkfhecfcoghmaloblkod [2020-01-22]
CHR Extension: (Grammarly for Chrome) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-04-23]
CHR Extension: (VideoSubPlayer) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\keinlcafjoaeegnnbmokjfbkkgfmpljh [2020-01-22]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2020-04-25]
CHR Extension: (Little Alchemy) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2020-01-22]
CHR Extension: (AudioSauna) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2020-01-22]
CHR Extension: (Wikibuy from Capital One) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2020-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-22]
CHR Extension: (Grammar and Spell Checker - LanguageTool) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldceeleldhonbafppcapldpdifcinji [2020-04-09]
CHR Extension: (Gmail) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-22]
CHR Extension: (Chrome Media Router) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-23]
CHR Extension: (Canvas Rider) - C:\Users\dramz\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2020-01-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [820280 2020-03-16] (Adobe Inc. -> Adobe Inc.)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\vpnservice.exe [3401600 2020-02-17] (AnchorFree Inc -> AnchorFree Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-01-27] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-01-27] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [465424 2020-04-09] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8553552 2020-03-18] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626648 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\Windows\system32\CorsairGamingAudioCfgService64.exe [668056 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55336 2019-12-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [113152 2017-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [119368 2019-12-06] (Bitdefender SRL -> Bitdefender)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2020-01-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [142768 2019-05-22] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-23] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [125872 2019-05-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1329240 2020-01-15] (Bitdefender SRL -> Bitdefender)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Surfshark Service; C:\Program Files (x86)\Surfshark\Resources\x64\nssm.exe [436688 2020-02-17] (Surfshark Ltd. -> Iain Patterson)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2019-01-08] (Popcorn Time) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [151656 2020-01-27] (Bitdefender SRL -> Bitdefender)
R2 VRLService; C:\Program Files\Chaos Group\VRLService\OLS/vrol.exe [6520832 2020-02-23] (Chaos Software Ltd.) [File not signed]
R2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\register-service.exe [90176 2020-02-24] (Chaos Software Ltd. -> ) [File not signed]
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-01-27] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2123088 2019-12-12] (Wacom Technology Corporation -> Wacom Technology, Corp.)
R2 XTU3SERVICE; C:\Windows\SysWOW64\XtuService.exe [82200 2019-10-30] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_47a7ea3f1b25edd7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_47a7ea3f1b25edd7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aftap0901; C:\Windows\System32\drivers\aftap0901.sys [48624 2019-12-16] (AnchorFree Inc -> The OpenVPN Project)
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [1693368 2019-09-23] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
S3 AX88179; C:\Windows\System32\drivers\ax88179_178a.sys [93800 2018-10-29] (Microsoft Windows Hardware Compatibility Publisher -> ASIX Electronics Corp.)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [739264 2019-07-29] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [46056 2020-01-17] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [96448 2018-04-27] (Bitdefender SRL -> BitDefender)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2020-01-22] (Microsoft Corporation) [File not signed]
R3 CorsairGamingAudioService; C:\Windows\system32\DRIVERS\CorsairGamingAudio64.sys [61848 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [20696 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45968 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21904 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz149; C:\Windows\temp\cpuz149\cpuz149_x64.sys [44320 2020-04-26] (CPUID S.A.R.L.U. -> CPUID)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1064968 2017-01-09] (Creative Technology Ltd -> Creative Technology Ltd)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [135520 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_b44028fc7fdf4fca\e1d68x64.sys [599920 2019-09-13] (Intel® INTELND1820 -> Intel Corporation)
R3 e2xw10x64; C:\Windows\System32\drivers\e2xw10x64.sys [164816 2018-11-26] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R3 ElgatoGC656Y; C:\Windows\System32\Drivers\ElgatoGC656.sys [52848 2016-08-03] (Elgato Systems LLC -> UB658)
R3 ElgatoVAD; C:\Windows\System32\drivers\ElgatoVAD.sys [39208 2019-05-23] (Elgato Systems LLC -> Elgato Systems GmbH)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-04-23] (Malwarebytes Corporation -> Malwarebytes)
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-01-24] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R0 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [564136 2019-11-18] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [188384 2018-11-28] (Bitdefender SRL -> BitDefender LLC)
R2 Ignis; C:\Windows\system32\DRIVERS\ignis.sys [196392 2019-07-04] (Bitdefender SRL -> Bitdefender)
S3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [164816 2018-11-26] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-04-24] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [195432 2020-04-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2020-04-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-04-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [124560 2020-04-26] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-17] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_47a7ea3f1b25edd7\nvlddmkm.sys [23316368 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-03-31] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SurfsharkSplitTunnelDriver; C:\Program Files (x86)\Surfshark\Resources\x64\SurfsharkSplitTunnelCalloutDriver.sys [39648 2020-02-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapsurfshark; C:\Windows\System32\drivers\tapsurfshark.sys [38728 2019-05-22] (WDKTestCert Lenovo,131775874531219913 -> The OpenVPN Project)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [610640 2019-01-14] (Bitdefender SRL -> Bitdefender)
R3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [134096 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
R3 wacomrouterfilter; C:\Windows\System32\drivers\wacomrouterfilter.sys [35256 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 XTUComponent; C:\Windows\System32\drivers\iocbios2.sys [48632 2019-10-30] (Intel Corporation -> Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-04-27 04:12 - 2020-04-27 04:26 - 000000000 ____D C:\FRST
2020-04-26 07:50 - 2020-04-26 07:50 - 000000000 ___HD C:\OneDriveTemp
2020-04-26 05:44 - 2020-04-26 05:44 - 000000000 ____D C:\Users\dramz\AppData\Roaming\dialog
2020-04-26 05:25 - 2020-04-26 05:54 - 000000000 ____D C:\Users\dramz\AppData\Roaming\PackageManager
2020-04-26 05:25 - 2020-04-26 05:25 - 000000000 ____D C:\Users\dramz\AppData\Roaming\worldrepresentation
2020-04-26 05:25 - 2020-04-26 05:25 - 000000000 ____D C:\Users\dramz\AppData\Roaming\UserSession
2020-04-26 05:25 - 2020-04-26 05:25 - 000000000 ____D C:\Users\dramz\AppData\Roaming\qimessaging
2020-04-26 05:25 - 2020-04-26 05:25 - 000000000 ____D C:\Users\dramz\AppData\Roaming\PreferenceManager
2020-04-26 05:25 - 2020-04-26 05:25 - 000000000 ____D C:\Users\dramz\AppData\Roaming\navigation
2020-04-26 05:25 - 2020-04-26 05:25 - 000000000 ____D C:\Users\dramz\AppData\Roaming\locale
2020-04-26 05:25 - 2020-04-26 05:25 - 000000000 ____D C:\Users\dramz\AppData\Roaming\databases
2020-04-26 05:25 - 2020-04-26 05:25 - 000000000 ____D C:\Users\dramz\AppData\Roaming\Aldebaran
2020-04-26 05:23 - 2020-04-26 05:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aldebaran Robotics
2020-04-26 05:21 - 2020-04-26 05:21 - 000000000 ____D C:\Program Files (x86)\Aldebaran Robotics
2020-04-26 05:18 - 2020-04-26 05:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Softbank Robotics
2020-04-26 04:18 - 2020-04-26 04:18 - 000124560 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-04-26 04:18 - 2020-04-26 04:18 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-04-26 04:04 - 2020-04-26 04:04 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-04-26 04:04 - 2020-04-26 04:04 - 000195432 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-04-26 01:11 - 2020-04-26 01:11 - 000000000 ____D C:\Users\dramz\OneDrive\Documents\My Games
2020-04-25 22:56 - 2020-04-25 22:56 - 000161612 _____ C:\ProgramData\vpn.1587876955.bdinstall.v2.bin
2020-04-25 22:56 - 2020-04-25 22:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2020-04-25 22:56 - 2020-04-25 22:56 - 000000000 ____D C:\ProgramData\Bitdefender VPN
2020-04-25 22:55 - 2020-04-25 22:55 - 000804240 _____ C:\ProgramData\cl.1587876452.bdinstall.v2.bin
2020-04-25 22:55 - 2020-04-25 22:55 - 000138768 _____ C:\ProgramData\dm.1587876907.bdinstall.v2.bin
2020-04-25 22:55 - 2020-04-25 22:55 - 000003420 _____ C:\Windows\system32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2020-04-25 22:55 - 2020-04-25 22:55 - 000000000 ____D C:\ProgramData\dbg
2020-04-25 22:55 - 2020-04-25 22:55 - 000000000 ____D C:\ProgramData\Bitdefender Device Management
2020-04-25 22:55 - 2019-12-16 13:49 - 000048624 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aftap0901.sys
2020-04-25 22:50 - 2020-04-25 22:50 - 000000000 ____D C:\ProgramData\Gemma
2020-04-25 22:50 - 2020-04-25 22:50 - 000000000 ____D C:\ProgramData\Atc
2020-04-25 22:49 - 2020-04-25 23:10 - 000000000 ____D C:\ProgramData\Bitdefender
2020-04-25 22:49 - 2020-04-25 22:55 - 000000000 ____D C:\Users\dramz\AppData\Roaming\Bitdefender
2020-04-25 22:49 - 2020-04-25 22:55 - 000000000 ____D C:\Program Files\Bitdefender
2020-04-25 22:49 - 2020-04-25 22:49 - 000000000 ____D C:\Windows\system32\elambkup
2020-04-25 22:49 - 2020-04-25 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2020-04-25 22:49 - 2020-04-25 22:49 - 000000000 ____D C:\ProgramData\BDLogging
2020-04-25 22:49 - 2020-01-17 03:03 - 000046056 _____ (© Bitdefender SRL) C:\Windows\system32\Drivers\bdprivmon.sys
2020-04-25 22:49 - 2019-11-18 20:08 - 000564136 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\gemma.sys
2020-04-25 22:49 - 2019-09-23 09:43 - 001693368 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2020-04-25 22:49 - 2019-07-29 16:32 - 000739264 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2020-04-25 22:49 - 2019-07-04 12:15 - 000196392 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys
2020-04-25 22:49 - 2019-03-21 00:12 - 000022960 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2020-04-25 22:49 - 2019-01-14 17:25 - 000610640 _____ (Bitdefender) C:\Windows\system32\Drivers\trufos.sys
2020-04-25 22:49 - 2018-11-28 06:45 - 000188384 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2020-04-25 22:49 - 2018-04-27 08:45 - 000096448 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2020-04-25 22:43 - 2020-04-25 22:49 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2020-04-25 22:43 - 2020-04-25 22:43 - 000000085 _____ C:\Windows\wininit.ini
2020-04-25 22:30 - 2020-04-25 22:30 - 000003802 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2020-04-25 22:28 - 2020-04-25 22:44 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-04-25 22:28 - 2020-04-25 22:28 - 000113256 _____ C:\ProgramData\agent.1587875301.bdinstall.v2.bin
2020-04-25 22:28 - 2020-04-25 22:28 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2020-04-25 18:10 - 2020-04-25 18:31 - 000000000 ____D C:\ProgramData\Surfshark
2020-04-25 18:10 - 2020-04-25 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Surfshark
2020-04-25 18:10 - 2020-04-25 18:10 - 000000000 ____D C:\ProgramData\Caphyon
2020-04-25 18:10 - 2020-04-25 18:10 - 000000000 ____D C:\Program Files (x86)\Surfshark
2020-04-25 18:09 - 2020-04-25 18:10 - 000000000 ____D C:\Users\dramz\AppData\Roaming\Surfshark
2020-04-24 16:23 - 2020-04-24 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megadimension Neptunia VIIR
2020-04-24 15:58 - 2020-04-24 15:58 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-04-24 14:02 - 2020-04-24 00:23 - 000450709 ____R C:\Windows\system32\Drivers\etc\hosts.20200424-140258.backup
2020-04-24 03:42 - 2020-04-24 03:49 - 000000000 ____D C:\Users\dramz\OneDrive\Documents\CELSYS
2020-04-24 03:34 - 2020-04-24 03:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO
2020-04-24 03:34 - 2020-04-24 03:34 - 000000000 ____D C:\ProgramData\CELSYS
2020-04-24 03:27 - 2020-04-24 03:43 - 000000000 ____D C:\Users\dramz\AppData\Roaming\CELSYS
2020-04-24 03:26 - 2020-04-24 03:26 - 000000000 ____D C:\Users\dramz\OneDrive\Documents\CELSYS_EN
2020-04-24 03:26 - 2020-04-24 03:26 - 000000000 ____D C:\Users\dramz\AppData\Roaming\CELSYS_EN
2020-04-24 03:15 - 2020-04-24 03:34 - 000000000 ____D C:\Program Files\CELSYS
2020-04-24 03:15 - 2020-04-24 03:15 - 000000000 ____D C:\ProgramData\CELSYS_EN
2020-04-24 03:11 - 2020-04-24 03:18 - 000000000 ____D C:\Users\dramz\AppData\Roaming\Corel
2020-04-24 03:11 - 2020-04-24 03:18 - 000000000 ____D C:\ProgramData\Protexis64
2020-04-24 03:11 - 2020-04-24 03:16 - 000000000 ____D C:\Program Files (x86)\Corel
2020-04-24 03:11 - 2020-04-24 03:11 - 000003336 _____ C:\Windows\system32\Tasks\CorelUpdateHelperTaskCore
2020-04-24 03:11 - 2020-04-24 03:11 - 000000000 ____D C:\Program Files\Common Files\Protexis
2020-04-24 03:10 - 2020-04-24 03:11 - 000000000 ____D C:\ProgramData\Corel
2020-04-24 03:10 - 2020-04-24 03:11 - 000000000 ____D C:\Program Files\Corel
2020-04-24 03:10 - 2020-04-24 03:10 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Painter Essentials 6.lnk
2020-04-24 03:08 - 2020-04-24 03:08 - 000000000 ____D C:\ProgramData\UniqueId
2020-04-24 00:23 - 2019-03-18 22:49 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts.20200424-002359.backup
2020-04-24 00:22 - 2020-04-24 00:22 - 000000000 ____D C:\Users\dramz\AppData\Roaming\SUPERAntiSpyware.com
2020-04-23 19:18 - 2020-04-23 19:24 - 000000000 ____D C:\Program Files (x86)\GameSpy Arcade
2020-04-23 19:18 - 2020-04-23 19:18 - 000000000 ____D C:\Users\dramz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2020-04-23 14:35 - 2020-04-23 14:35 - 000000000 ____D C:\Users\dramz\AppData\Local\mbam
2020-04-23 13:53 - 2020-04-23 13:53 - 000000218 _____ C:\Users\dramz\AppData\Local\recently-used.xbel
2020-04-23 13:53 - 2020-04-23 13:53 - 000000000 ____D C:\Users\dramz\AppData\Roaming\inkscape
2020-04-23 13:53 - 2020-04-23 13:53 - 000000000 ____D C:\Users\dramz\AppData\Local\fontconfig
2020-04-23 13:52 - 2020-04-23 13:52 - 000000000 ____D C:\Users\dramz\AppData\Roaming\Greenshot
2020-04-23 13:52 - 2020-04-23 13:52 - 000000000 ____D C:\Users\dramz\AppData\Local\Greenshot
2020-04-23 12:50 - 2020-04-23 12:50 - 000000000 ____D C:\Users\dramz\AppData\Local\mbamtray
2020-04-23 12:49 - 2020-04-23 14:53 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-04-23 12:49 - 2020-04-23 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-23 12:49 - 2020-04-23 12:48 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-04-23 12:48 - 2020-04-25 22:43 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-04-23 12:48 - 2020-04-23 12:48 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2020-04-23 12:48 - 2020-04-23 12:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-23 12:48 - 2020-04-23 12:48 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-23 12:47 - 2020-04-25 22:45 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-04-23 12:47 - 2020-04-24 00:22 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-04-23 12:47 - 2020-04-23 12:47 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-04-23 12:47 - 2020-04-23 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-04-23 12:46 - 2020-04-23 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.92.5
2020-04-23 12:46 - 2020-04-23 12:47 - 000000000 ____D C:\Program Files\Inkscape
2020-04-23 12:44 - 2020-04-23 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender
2020-04-23 12:42 - 2020-04-23 12:42 - 000000000 ____D C:\Program Files\Blender Foundation
2020-04-23 12:38 - 2020-04-24 03:10 - 000000000 ____D C:\Users\dramz\AppData\Roaming\Notepad++
2020-04-23 12:38 - 2020-04-23 12:38 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-04-23 12:38 - 2020-04-23 12:38 - 000000000 ____D C:\Program Files (x86)\Notepad++
2020-04-23 12:37 - 2020-04-23 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2020-04-23 12:37 - 2020-04-23 12:38 - 000000000 ____D C:\Program Files\Greenshot
2020-04-23 12:25 - 2020-04-23 12:25 - 000000099 _____ C:\Windows\Reimage.ini
2020-04-23 12:23 - 2020-04-23 12:23 - 000595120 _____ (Reimage) C:\Users\dramz\OneDrive\Documents\ReimageRepair.exe
2020-04-23 12:22 - 2020-04-23 12:23 - 152287409 _____ C:\Users\dramz\OneDrive\Documents\chrome-win.zip
2020-04-22 12:32 - 2020-04-22 12:32 - 000000000 ____D C:\Users\dramz\OneDrive\Documents\IBM
2020-04-19 13:21 - 2020-04-22 00:46 - 000000000 ____D C:\Users\dramz\AppData\Roaming\safe-watch
2020-04-19 13:18 - 2020-04-19 13:18 - 000000000 ____D C:\Users\dramz\AppData\Local\safe-watch-updater
2020-04-19 13:16 - 2020-04-19 13:16 - 000000000 ____D C:\Users\dramz\AppData\Local\PopcornTime
2020-04-19 13:16 - 2020-04-19 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2020-04-19 13:15 - 2020-04-19 13:16 - 000000000 ____D C:\Program Files (x86)\Popcorn Time
2020-04-19 00:38 - 2020-04-19 00:38 - 000000000 ____D C:\Users\dramz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn-Time
2020-04-19 00:37 - 2020-04-19 00:41 - 000000000 ____D C:\Users\dramz\AppData\Local\Popcorn-Time
2020-04-17 17:23 - 2020-04-17 17:24 - 000000000 ___HD C:\adobeTemp
2020-04-17 17:08 - 2020-04-17 17:08 - 564413108 _____ C:\Windows\MEMORY.DMP
2020-04-16 17:36 - 2020-04-07 08:48 - 000055840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2020-04-16 11:20 - 2020-04-08 19:35 - 001729240 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-04-16 11:20 - 2020-04-08 19:35 - 001729240 _____ C:\Windows\system32\vulkaninfo.exe
2020-04-16 11:20 - 2020-04-08 19:35 - 001329368 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-04-16 11:20 - 2020-04-08 19:35 - 001329368 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-04-16 11:20 - 2020-04-08 19:35 - 001079008 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-04-16 11:20 - 2020-04-08 19:35 - 001079008 _____ C:\Windows\system32\vulkan-1.dll
2020-04-16 11:20 - 2020-04-08 19:35 - 000937688 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-04-16 11:20 - 2020-04-08 19:35 - 000937688 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-04-16 11:20 - 2020-04-08 19:35 - 000441584 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-04-16 11:20 - 2020-04-08 19:35 - 000344488 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-04-16 11:20 - 2020-04-08 19:34 - 011836512 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2020-04-16 11:20 - 2020-04-08 19:34 - 010160568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2020-04-16 11:20 - 2020-04-08 19:33 - 001561320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-04-16 11:20 - 2020-04-08 19:33 - 001477520 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-04-16 11:20 - 2020-04-08 19:33 - 001363176 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2020-04-16 11:20 - 2020-04-08 19:33 - 001138408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-04-16 11:20 - 2020-04-08 19:33 - 001057696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2020-04-16 11:20 - 2020-04-08 19:33 - 000990944 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2020-04-16 11:20 - 2020-04-08 19:33 - 000818064 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-04-16 11:20 - 2020-04-08 19:33 - 000677792 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-04-16 11:20 - 2020-04-08 19:33 - 000671120 _____ C:\Windows\system32\nvofapi64.dll
2020-04-16 11:20 - 2020-04-08 19:33 - 000565480 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2020-04-16 11:20 - 2020-04-08 19:33 - 000550120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-04-16 11:20 - 2020-04-08 19:33 - 000537824 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-04-16 11:20 - 2020-04-08 19:32 - 040502384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2020-04-16 11:20 - 2020-04-08 19:32 - 035371448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2020-04-16 11:20 - 2020-04-08 19:32 - 017463224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-04-16 11:20 - 2020-04-08 19:32 - 015031392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-04-16 11:20 - 2020-04-08 19:32 - 005378656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-04-16 11:20 - 2020-04-08 19:32 - 004715120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-04-16 11:20 - 2020-04-08 19:32 - 000849848 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2020-04-16 11:20 - 2020-04-08 19:32 - 000443504 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2020-04-16 11:20 - 2020-04-07 08:48 - 000081823 _____ C:\Windows\system32\nvidia-smi.1.pdf
2020-04-16 11:20 - 2020-04-07 08:48 - 000076615 _____ C:\Windows\system32\nvinfo.pb
2020-04-15 01:55 - 2020-04-15 01:55 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 022636544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 018027520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 008013824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 007756800 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 007017472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 006523048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 005910016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 004611584 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 004129624 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 003512320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 002951832 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 002800640 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2020-04-15 01:55 - 2020-04-15 01:55 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 002369576 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 002188600 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 001870408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 001659408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2020-04-15 01:55 - 2020-04-15 01:55 - 001495864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 001413840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 001397576 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-04-15 01:55 - 2020-04-15 01:55 - 001386296 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 001310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2020-04-15 01:55 - 2020-04-15 01:55 - 001151816 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 001077064 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-04-15 01:55 - 2020-04-15 01:55 - 001013000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000983040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-04-15 01:55 - 2020-04-15 01:55 - 000775696 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-04-15 01:55 - 2020-04-15 01:55 - 000768528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000673464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-04-15 01:55 - 2020-04-15 01:55 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2020-04-15 01:55 - 2020-04-15 01:55 - 000538160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-04-15 01:55 - 2020-04-15 01:55 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000456192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2020-04-15 01:55 - 2020-04-15 01:55 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-04-15 01:55 - 2020-04-15 01:55 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000420152 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2020-04-15 01:55 - 2020-04-15 01:55 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-04-15 01:55 - 2020-04-15 01:55 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2020-04-15 01:55 - 2020-04-15 01:55 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\srumapi.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumapi.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000021520 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-04-15 01:55 - 2020-04-15 01:55 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-04-15 01:55 - 2020-04-15 01:55 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-04-15 01:55 - 2020-04-15 01:55 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-04-15 01:55 - 2020-04-15 01:55 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-04-15 01:55 - 2020-04-15 01:55 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-04-15 01:55 - 2020-04-15 01:55 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-04-15 01:55 - 2020-04-15 01:55 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-04-15 01:55 - 2020-04-15 01:55 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-04-15 01:55 - 2020-04-15 01:55 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-04-15 01:55 - 2020-04-15 01:55 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-04-15 01:55 - 2020-04-15 01:55 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-04-15 01:55 - 2020-04-15 01:55 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-04-15 01:54 - 2020-04-15 01:54 - 017790464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 014818816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 007849216 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 004563200 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 003980800 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 003802624 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 003753472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 003729408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 003587384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 002800128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 002767928 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 002717184 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 002453504 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 002131456 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 002126144 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 002114560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 002086656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001999960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001960448 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001918976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001762816 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-04-15 01:54 - 2020-04-15 01:54 - 001729024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001665216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001656904 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001646048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001612800 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001603584 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001512832 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 001497600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001484384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 001427456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001413704 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001378528 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001318912 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001300280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 001263856 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 001261808 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001245184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001243648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001136128 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001071616 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001011200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 001009152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000982840 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000974336 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000915192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000912896 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000865280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000822208 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000785920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000759272 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000684560 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000673704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000654912 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000628616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000618296 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000515600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000513576 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000510792 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000487784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-04-15 01:54 - 2020-04-15 01:54 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000437560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000416016 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000410112 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\wpr.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000339304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000297272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000277864 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000268008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000251704 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000193848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000178192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000151352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000147696 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000142544 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\UtcDecoderHost.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000127280 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000123952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000102216 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000089336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000066624 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000058880 _____ C:\Windows\system32\runexehelper.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000050544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000047000 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WpcProxyStubs.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys
2020-04-15 01:54 - 2020-04-15 01:54 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
2020-04-15 01:54 - 2020-04-15 01:54 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-04-15 01:54 - 2020-04-15 01:54 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-04-15 01:50 - 2020-03-16 21:57 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-04-15 01:50 - 2020-03-16 21:56 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-04-12 11:31 - 2020-04-12 11:31 - 000000000 ____D C:\Users\dramz\AppData\Roaming\SPSSInc
2020-04-12 11:31 - 2020-04-12 11:31 - 000000000 ____D C:\Users\dramz\.spss
2020-04-12 11:30 - 2020-04-12 11:30 - 000000000 ____D C:\Users\dramz\AppData\Local\javasharedresources
2020-04-12 11:27 - 2020-04-12 11:27 - 000000000 ____D C:\Users\dramz\AppData\Local\IBM
2020-04-12 11:27 - 2020-04-12 11:27 - 000000000 ____D C:\ProgramData\SPSS
2020-04-12 11:27 - 2020-04-12 11:27 - 000000000 ____D C:\ProgramData\SafeNet Sentinel
2020-04-12 11:27 - 2020-04-12 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2020-04-12 11:27 - 2020-04-12 11:27 - 000000000 ____D C:\ProgramData\IBM
2020-04-12 11:26 - 2020-04-12 11:26 - 000001025 _____ C:\Windows\SysWOW64\sysprs7.tgz
2020-04-12 11:26 - 2020-04-12 11:26 - 000001025 _____ C:\Windows\SysWOW64\sysprs7.dll
2020-04-12 11:26 - 2020-04-12 11:26 - 000000219 _____ C:\Windows\SysWOW64\lsprst7.tgz
2020-04-12 11:26 - 2020-04-12 11:26 - 000000205 _____ C:\Windows\SysWOW64\lsprst7.dll
2020-04-12 11:26 - 2020-04-12 11:26 - 000000016 ____H C:\Windows\SysWOW64\servdat.slm
2020-04-12 11:26 - 2020-04-12 11:26 - 000000000 ____D C:\Program Files\IBM
2020-04-12 11:26 - 2020-04-12 11:26 - 000000000 ____D C:\Program Files\Common Files\IBM
2020-04-11 21:38 - 2020-04-11 21:38 - 000000000 ____D C:\Users\dramz\AppData\Local\Chromium
2020-04-11 16:36 - 2020-04-11 16:36 - 000000039 _____ C:\Users\dramz\AppData\Local\kritadisplayrc
2020-04-11 16:23 - 2020-04-11 16:36 - 000016169 _____ C:\Users\dramz\AppData\Local\kritarc
2020-04-11 16:23 - 2020-04-11 16:23 - 000000000 ____D C:\Users\dramz\AppData\Roaming\krita
2020-04-11 16:23 - 2020-04-11 16:23 - 000000000 ____D C:\Users\dramz\AppData\Local\krita
2020-04-11 16:22 - 2020-04-11 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Krita
2020-04-11 16:22 - 2020-04-11 16:22 - 000000000 ____D C:\Program Files\Krita (x64)
2020-04-11 00:40 - 2020-04-11 00:40 - 000000067 _____ C:\Users\dramz\AppData\LocalLow\wbkEFE1.tmp
2020-04-10 23:58 - 2020-04-11 00:12 - 000000000 ____D C:\Windows\system32\Tasks\{516BEE90-7D54-E478-5271-3DD755874B14}
2020-04-10 23:57 - 2020-04-10 23:58 - 000000000 ____D C:\ProgramData\{F005CC39-D82D-B441-8075-9C69689D44B1}
2020-04-10 23:56 - 2020-04-10 23:59 - 000000000 ____D C:\ProgramData\fcfbz
2020-04-10 23:45 - 2020-04-10 23:45 - 000000000 ____D C:\Users\dramz\AppData\Roaming\PowerISO
2020-04-10 23:39 - 2017-06-06 18:36 - 000138296 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2020-04-10 23:38 - 2020-04-10 23:38 - 000000000 ____D C:\Users\dramz\AppData\Roaming\Filestar
2020-04-10 23:38 - 2020-04-10 23:38 - 000000000 ____D C:\Users\dramz\AppData\Local\Filestar_AB
2020-04-10 14:15 - 2020-04-26 07:49 - 000000000 ____D C:\Users\dramz\AppData\Local\BitTorrentHelper
2020-04-10 14:04 - 2020-04-27 04:27 - 000000000 ____D C:\Users\dramz\AppData\Roaming\uTorrent Web
2020-04-10 14:04 - 2020-04-24 14:47 - 000001865 _____ C:\Users\dramz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2020-04-06 10:32 - 2020-04-06 10:32 - 000000000 ____D C:\Users\dramz\AppData\Local\UXP
2020-04-06 02:40 - 2020-04-06 02:40 - 000000000 ____D C:\Users\dramz\AppData\Local\Jackbox Games
2020-04-05 12:03 - 2020-04-06 14:01 - 000000000 ____D C:\Users\dramz\AppData\LocalLow\Adobe
2020-04-03 17:54 - 2020-04-24 15:48 - 000000000 ____D C:\Users\dramz\AppData\Roaming\vlc
2020-04-03 15:08 - 2020-04-03 15:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-04-03 15:08 - 2020-04-03 15:08 - 000000000 ____D C:\Program Files\VideoLAN
2020-04-02 18:25 - 2020-04-06 14:01 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2020-04-02 18:25 - 2020-04-02 18:25 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-04-02 18:24 - 2020-04-02 18:24 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-04-02 18:24 - 2020-04-02 18:24 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-04-02 18:17 - 2020-04-02 18:17 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2020.lnk
2020-04-02 18:14 - 2020-04-02 18:14 - 000001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2020.lnk
2020-04-02 18:10 - 2020-04-14 01:06 - 000000000 ____D C:\Users\dramz\OneDrive\Documents\Adobe
2020-04-02 18:10 - 2020-04-02 18:10 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2020.lnk
2020-04-02 18:05 - 2020-04-02 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon
2020-04-02 18:03 - 2020-04-02 18:05 - 000000000 ____D C:\Program Files\Maxon Cinema 4D R21
2020-04-02 18:03 - 2020-04-02 18:03 - 000001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2020.lnk
2020-04-02 17:56 - 2020-04-02 17:56 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2020-04-02 17:49 - 2020-04-02 17:49 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2020-04-02 16:33 - 2020-04-02 16:34 - 000000000 ____D C:\ProgramData\Wondershare
2020-03-31 13:52 - 2020-04-26 07:45 - 000000000 ___RD C:\Users\dramz\Creative Cloud Files
2020-03-31 13:50 - 2020-03-31 13:50 - 000003518 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-03-31 13:47 - 2020-04-05 23:30 - 000000000 ____D C:\ProgramData\Adobe
2020-03-31 13:47 - 2020-03-31 13:47 - 000001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2020-03-31 13:45 - 2020-04-17 17:23 - 000000000 ____D C:\Program Files\Adobe
2020-03-31 13:45 - 2020-04-02 18:23 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-03-31 13:45 - 2020-04-02 18:17 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-03-31 13:45 - 2020-03-31 13:45 - 005537301 _____ C:\Users\dramz\OneDrive\Documents\null.pdf
2020-03-31 13:44 - 2020-04-26 07:44 - 000000000 ____D C:\Users\dramz\AppData\Local\Adobe
2020-03-31 13:43 - 2020-03-31 13:43 - 000000000 ____D C:\Users\dramz\AppData\Local\Wondershare
2020-03-31 13:42 - 2020-04-23 12:21 - 000000000 ____D C:\Users\dramz\OneDrive\Documents\Wondershare Filmora 9
2020-03-31 13:36 - 2020-03-31 13:36 - 005537301 _____ C:\Users\dramz\OneDrive\Documents\null (1).pdf
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-04-27 04:23 - 2019-03-18 22:37 - 000032768 _____ C:\Windows\system32\config\ELAM
2020-04-27 04:20 - 2020-03-21 11:29 - 000000000 ____D C:\Users\dramz\AppData\Roaming\discord
2020-04-27 04:20 - 2020-03-09 17:52 - 000000000 ____D C:\Users\dramz\AppData\Roaming\WTablet
2020-04-27 04:20 - 2020-01-25 02:54 - 000000000 ____D C:\Users\dramz\AppData\Local\Battle.net
2020-04-27 04:19 - 2020-01-25 03:36 - 000000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare
2020-04-27 04:19 - 2020-01-25 02:52 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-04-27 04:19 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-27 04:04 - 2020-01-22 11:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-04-26 22:29 - 2020-02-15 17:42 - 000004166 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0EFC8C18-45CB-4241-B1EF-996ECD1C8187}
2020-04-26 12:25 - 2020-01-22 11:35 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-26 07:50 - 2020-01-22 11:50 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-26 07:50 - 2020-01-22 11:28 - 000000000 ___RD C:\Users\dramz\OneDrive
2020-04-26 05:58 - 2020-01-24 01:36 - 000003142 _____ C:\Windows\system32\Tasks\MSIAfterburner
2020-04-26 05:58 - 2020-01-22 11:21 - 000012253 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-04-26 05:25 - 2020-02-13 23:46 - 000000000 ____D C:\Users\dramz\AppData\Roaming\naoqi
2020-04-26 05:25 - 2020-01-30 22:26 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-04-26 04:24 - 2020-01-22 11:21 - 000840864 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-26 04:24 - 2019-03-18 22:50 - 000000000 ____D C:\Windows\INF
2020-04-26 04:20 - 2020-01-22 12:09 - 000000000 ____D C:\Users\dramz\AppData\Local\NVIDIA Corporation
2020-04-26 04:18 - 2020-01-22 11:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-26 04:17 - 2020-01-22 11:21 - 000017651 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-04-26 04:17 - 2020-01-22 11:21 - 000016798 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-04-26 04:17 - 2019-03-18 22:37 - 000786432 _____ C:\Windows\system32\config\BBI
2020-04-26 04:16 - 2019-03-18 22:37 - 000000000 ____D C:\Windows\CbsTemp
2020-04-26 04:10 - 2020-01-22 11:17 - 000000000 ____D C:\Windows\minidump
2020-04-26 04:10 - 2019-03-18 22:52 - 000000000 ___SD C:\Windows\Downloaded Program Files
2020-04-26 04:10 - 2019-03-18 22:52 - 000000000 ___RD C:\Windows\Offline Web Pages
2020-04-26 04:04 - 2020-01-22 12:52 - 000001210 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-04-26 02:16 - 2020-01-22 12:04 - 000000000 ____D C:\Users\dramz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-04-26 02:08 - 2019-03-18 22:52 - 000000000 ____D C:\Windows\AppReadiness
2020-04-26 02:00 - 2020-01-22 11:28 - 000000000 ____D C:\Users\dramz\AppData\Local\PlaceholderTileLogoFolder
2020-04-26 02:00 - 2020-01-22 11:26 - 000000000 ____D C:\Users\dramz\AppData\Local\Packages
2020-04-26 02:00 - 2020-01-22 11:22 - 000000000 ____D C:\ProgramData\Packages
2020-04-26 02:00 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-26 01:17 - 2020-01-22 18:05 - 000000000 ____D C:\Users\dramz\AppData\Local\CrashDumps
2020-04-25 23:12 - 2020-01-22 11:20 - 000000000 ____D C:\Users\dramz
2020-04-25 16:18 - 2019-03-18 22:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-04-25 02:41 - 2020-03-10 16:56 - 000000000 ____D C:\Users\postgres
2020-04-24 03:34 - 2020-01-24 01:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-23 19:21 - 2019-03-18 23:00 - 000384000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2020-04-23 19:21 - 2019-03-18 23:00 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2020-04-23 19:21 - 2019-03-18 23:00 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2020-04-23 19:21 - 2019-03-18 23:00 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2020-04-23 19:21 - 2019-03-18 23:00 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2020-04-23 19:21 - 2019-03-18 23:00 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2020-04-23 19:21 - 2019-03-18 23:00 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2020-04-23 19:21 - 2019-03-18 23:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2020-04-23 19:21 - 2019-03-18 23:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2020-04-23 19:21 - 2019-03-18 23:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2020-04-23 19:21 - 2019-03-18 23:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2020-04-23 19:21 - 2019-03-18 22:57 - 000472064 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2020-04-23 19:21 - 2019-03-18 22:57 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2020-04-23 19:21 - 2019-03-18 22:57 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2020-04-23 19:21 - 2019-03-18 22:57 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2020-04-23 19:21 - 2019-03-18 22:57 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2020-04-23 19:21 - 2019-03-18 22:57 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2020-04-23 19:21 - 2019-03-18 22:57 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2020-04-23 14:35 - 2020-01-22 15:12 - 000000000 ____D C:\Users\dramz\AppData\Local\cache
2020-04-23 12:49 - 2019-03-18 22:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-04-21 13:48 - 2020-01-22 11:31 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-19 13:16 - 2020-01-22 12:57 - 000000000 ____D C:\Users\dramz\AppData\Local\NVIDIA
2020-04-17 17:08 - 2020-01-26 23:25 - 000000000 ____D C:\Program Files\Microsoft Office
2020-04-17 17:08 - 2019-03-18 22:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-04-17 11:43 - 2020-03-25 19:27 - 000000000 ____D C:\Users\dramz\OneDrive\Documents\CLASES NINAS
2020-04-16 17:21 - 2020-01-31 21:58 - 000000000 ____D C:\Users\dramz\AppData\Roaming\obs-studio
2020-04-16 11:17 - 2020-01-22 12:53 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-16 11:17 - 2020-01-22 12:53 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-16 11:17 - 2020-01-22 12:53 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-16 11:17 - 2020-01-22 12:53 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-16 11:17 - 2020-01-22 12:53 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-16 11:17 - 2020-01-22 12:53 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-16 11:17 - 2020-01-22 12:53 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-16 11:17 - 2020-01-22 12:53 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-16 11:17 - 2020-01-22 12:53 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-16 11:17 - 2020-01-22 12:53 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-16 11:17 - 2020-01-22 12:52 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-04-16 11:17 - 2020-01-22 11:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-04-16 11:17 - 2020-01-22 11:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-04-16 04:43 - 2020-01-30 17:10 - 000002364 _____ C:\Users\dramz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-04-15 13:59 - 2020-01-22 11:14 - 000458824 _____ C:\Windows\system32\FNTCACHE.DAT
2020-04-15 13:58 - 2019-03-19 00:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-15 13:58 - 2019-03-18 22:52 - 000000000 ____D C:\Windows\SystemResources
2020-04-15 13:58 - 2019-03-18 22:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-04-15 13:58 - 2019-03-18 22:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-04-15 13:58 - 2019-03-18 22:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-04-15 13:58 - 2019-03-18 22:52 - 000000000 ____D C:\Windows\Provisioning
2020-04-15 13:58 - 2019-03-18 22:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-04-15 13:58 - 2019-03-18 22:52 - 000000000 ____D C:\Windows\bcastdvr
2020-04-15 03:42 - 2020-02-01 04:01 - 000012099 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-04-14 01:13 - 2020-01-22 11:26 - 000000000 ____D C:\Users\dramz\AppData\Roaming\Adobe
2020-04-13 14:25 - 2020-01-22 11:28 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2193204171-570061880-2489883774-1001
2020-04-13 14:25 - 2020-01-22 11:20 - 000002363 _____ C:\Users\dramz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-11 22:32 - 2020-02-01 00:25 - 000011860 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-04-08 19:33 - 2020-03-03 16:04 - 002068384 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-04-08 19:33 - 2020-03-03 16:04 - 000807328 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-04-08 19:33 - 2020-03-03 16:04 - 000653032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-04-08 16:31 - 2020-03-03 16:04 - 004967400 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-04-08 16:31 - 2020-03-03 16:04 - 004232824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-04-08 01:16 - 2020-01-24 01:08 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2020-04-07 21:56 - 2020-01-24 01:08 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2020-04-07 11:58 - 2020-01-22 12:53 - 002799416 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2020-04-07 11:58 - 2020-01-22 12:53 - 002159592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2020-04-07 11:58 - 2020-01-22 12:53 - 001314792 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2020-04-07 08:48 - 2020-03-03 16:07 - 000238080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2020-04-07 08:48 - 2020-03-03 16:07 - 000075600 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2020-04-06 10:35 - 2020-01-24 01:20 - 000000000 ____D C:\Users\dramz\AppData\Local\D3DSCache
2020-04-06 00:46 - 2020-01-25 05:08 - 000000000 ____D C:\Program Files\Epic Games
2020-04-05 23:28 - 2020-01-22 11:26 - 000012000 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-04-01 22:11 - 2020-01-22 15:02 - 000744808 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-03-31 13:47 - 2020-01-22 12:08 - 000000000 ____D C:\ProgramData\Package Cache
 
==================== Files in the root of some directories ========
 
2020-04-11 16:23 - 2020-04-11 16:23 - 000002445 _____ () C:\Users\dramz\AppData\Local\krita-sysinfo.log
2020-04-11 16:23 - 2020-04-11 16:36 - 000000497 _____ () C:\Users\dramz\AppData\Local\krita.log
2020-04-11 16:36 - 2020-04-11 16:36 - 000000039 _____ () C:\Users\dramz\AppData\Local\kritadisplayrc
2020-04-11 16:23 - 2020-04-11 16:36 - 000016169 _____ () C:\Users\dramz\AppData\Local\kritarc
2020-03-31 13:47 - 2020-03-31 13:47 - 000000410 _____ () C:\Users\dramz\AppData\Local\oobelibMkey.log
2020-04-23 13:53 - 2020-04-23 13:53 - 000000218 _____ () C:\Users\dramz\AppData\Local\recently-used.xbel
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Addition
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2020
Ran by dramz (27-04-2020 04:27:37)
Running from F:\GENERAL\Downloads
Windows 10 Pro Version 1903 18362.778 (X64) (2020-01-22 17:17:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2193204171-570061880-2489883774-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2193204171-570061880-2489883774-503 - Limited - Disabled)
dramz (S-1-5-21-2193204171-570061880-2489883774-1001 - Administrator - Enabled) => C:\Users\dramz
Guest (S-1-5-21-2193204171-570061880-2489883774-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2193204171-570061880-2489883774-504 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_5) (Version: 17.0.5 - Adobe Inc.)
Adobe Animate 2020 (HKLM-x32\...\FLPR_20_0_2) (Version: 20.0.2 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.1.0.407 - Adobe Systems Incorporated)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_1_1) (Version: 24.1.1 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_0_4) (Version: 14.0.4 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1_1) (Version: 21.1.1 - Adobe Inc.)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_4) (Version: 14.0.4 - Adobe Inc.)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.19.0704.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.19.0704.1 - GIGABYTE)
Autodesk Fusion 360 (HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.7438 - Autodesk, Inc.)
Autodesk SketchBook (HKLM\...\{AE6C5657-8710-4968-BEB5-1E2ED89CB2D2}) (Version: 8.71.0000 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 24.0.1.161 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 24.0.14.86 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 24.0.16.95 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 24.0.4.712 - Bitdefender)
Blender (HKLM\...\{892913E7-EB3C-43F8-ABDE-9333ABBF959A}) (Version: 2.82.0 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Choregraphe Suite (HKLM-x32\...\Choregraphe Suite 2.1.4) (Version: 2.1.4 - Aldebaran Robotics)
Choregraphe Suite (HKLM-x32\...\Choregraphe Suite 2.8.5.10) (Version: 2.8.5.10 - Softbank Robotics)
CLIP STUDIO 1.7.8 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.7.8 - CELSYS)
CLIP STUDIO PAINT 1.7.8 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.7.8 - CELSYS)
Corel Painter Essentials 6 - Content (HKLM\...\{56F051E4-C179-425E-9AA8-4B3FBC2F05B7}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - Core (HKLM\...\{FA3FA2BE-94D1-41CA-89BF-29AE2EB61E46}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - CT (HKLM\...\{404B42A1-47EF-44D5-B390-E0CB3F879497}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - DE (HKLM\...\{13CD16A8-0B5E-469D-A8C2-1BD41B58999F}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - EN (HKLM\...\{1B3DFFA0-0CE7-4607-8E55-FB64B8628995}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - FR (HKLM\...\{E39BC105-2204-4BA8-BB9F-D08E5BDD1493}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - IPM (HKLM\...\{B1AA1DD1-FC10-499C-B802-6C9558CBBC1A}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - IPM Content (HKLM\...\{68FC3BC5-C3AA-4B36-86F7-D4ED105E1D7B}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - JP (HKLM\...\{9BAC9F81-DE28-450F-B0F8-C319D08C2A6A}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 (HKLM\...\_{0EDEDA40-4B3A-46D0-A0D8-0FE8834390DE}) (Version: 6.1.0.238 - Corel Corpopration)
Corel Painter Essentials 6 (HKLM\...\{D5ACBF88-A251-4E63-8DFE-1EF7491D601E}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Thumbnail Previewer (HKLM\...\{50139369-99B2-496A-8726-D3DC5D6D4235}) (Version: 18.0 - Corel Corporation)
Corel Update Manager (HKLM\...\{5039B7BE-F79B-4121-A9D3-D66ED4169414}) (Version: 2.11.552 - Corel corporation) Hidden
CORSAIR iCUE Software (HKLM-x32\...\{30D73167-BD7C-473A-AF2F-BBC194FA42D4}) (Version: 3.24.52 - Corsair)
DaVinci Resolve (HKLM\...\{3FC029F3-7C9B-4C04-B11C-14B4414FD564}) (Version: 15.0.0046 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{ADBD8DB7-55EE-49A3-B8EF-94630027B8F3}) (Version: 1.2.0.0 - Blackmagic Design)
Discord (HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.19.0522.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.19.0522.1 - GIGABYTE)
Elgato Game Capture HD (HKLM\...\{CDF9181F-5CF7-4BC9-B6FD-EDB5577BBBC9}) (Version: 3.70.34.3034 - Elgato Systems GmbH)
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - epubfilereader.com)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.6 - Blackmagic Design)
Floow (HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Floow) (Version: 0.0.1 - Floow)
Game Capture HD60 v2.1.1.5 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.5 - Elgato Systems)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1202.1 - GIGABYTE)
Guitar Pro 7 - Soundbanks (HKLM-x32\...\com.arobas-music.guitarpro7-soundbanks_is1) (Version: 1.1.123 - Arobas Music)
Guitar Pro 7 (HKLM-x32\...\{BF4EDCFF-ED20-4AF6-A636-EBAC931336CD}_is1) (Version: 7.5.3.1730 - Arobas Music)
IBM SPSS Statistics 25 (HKLM\...\{C2D1E17D-CB8A-4742-84FA-1DB5C6A1ABDD}) (Version: 25.0.0.0 - IBM Corp)
ICA (HKLM\...\{0EDEDA40-4B3A-46D0-A0D8-0FE8834390DE}) (Version: 6.1 - Corel Corpopration) Hidden
Inkscape 0.92.5 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.92.5.0 - Inkscape project)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Extreme Tuning Utility (HKLM-x32\...\{7368d41d-24b9-4b1a-aef4-862e2571fa92}) (Version: 6.5.1.371 - Intel Corporation)
Intel® Extreme Tuning Utility (HKLM-x32\...\{F9C5DC70-944D-48A7-B312-4F4D9A04B8AF}) (Version: 6.5.1.371 - Intel Corporation) Hidden
Krita (x64) 4.2.9 (HKLM\...\Krita_x64) (Version: 4.2.9.0 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Megadimension Neptunia VIIR (HKLM-x32\...\Megadimension Neptunia VIIR_is1) (Version:  - )
Mendeley Desktop 1.19.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.4 - Mendeley Ltd.)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.12624.20466 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Teams) (Version: 1.3.00.8663 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.6 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Graphics Driver 442.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.92 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20466 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.2.1.14 - Popcorn Time) <==== ATTENTION
Popcorn-Time (HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\Popcorn-Time) (Version: 0.4.4 - Popcorn Time)
Quick CPU (HKLM-x32\...\{41F4C8EE-903D-4EB5-B6EB-75413BF496DE}) (Version: 3.0.1.0 - CoderBag)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
SketchUp 2018 (HKLM\...\{C702DD60-EBF4-4961-8B7D-F209B361F985}) (Version: 18.0.16975 - Trimble, Inc.)
SoulseekQt version 2019.7.22 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2019.7.22 - Soulseek LLC)
Sound Lock (HKLM-x32\...\{F84098A4-28E4-482F-A5A0-1BB29F2808DD}) (Version: 1.3.2 - 3 APPES) Hidden
Sound Lock (HKLM-x32\...\Sound Lock 1.3.2) (Version: 1.3.2 - 3 APPES)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1052 - SUPERAntiSpyware.com)
Surfshark (HKLM-x32\...\{561F5803-2BE8-4F0E-9BF6-FC0E74794B78}) (Version: 2.6.3000 - Surfshark) Hidden
Surfshark (HKLM-x32\...\Surfshark 2.6.3000) (Version: 2.6.3000 - Surfshark)
Surfshark TAP Driver Windows (HKLM-x32\...\{7DD8EED5-6DC7-4867-B71B-855B10F71284}) (Version: 1.0 - Surfshark)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.34161 - Microsoft Corporation)
Twitch Studio (HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
uTorrent Web (HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\utweb) (Version: 1.0.11 - BitTorrent, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
V-Ray for SketchUp (HKLM\...\V-Ray for SketchUp) (Version: 3.60.01 - Chaos Software Ltd)
V-Ray Online License Server (HKLM\...\V-Ray Online License Server) (Version: 4.4.1 - Chaos Software Ltd)
V-Ray Swarm (HKLM\...\V-Ray Swarm) (Version: 1.4.1 - Chaos Software Ltd)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.38-2 - Wacom Technology Corp.)
WhoCrashed 6.65 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
 
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-04-06] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2020-03-31] (Adobe Systems Incorporated)
Audiobooks from Audible -> C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.56.0_x64__xns73kv1ymhp2 [2020-03-14] (Audible Inc)
Controllertester -> C:\Program Files\WindowsApps\58041Sp777.Controllertester_1.4.0.0_x64__r3s71keb874vj [2020-04-26] (Sp777)
DisplayHDR Test -> C:\Program Files\WindowsApps\32340VESADisplayHDR.DisplayHDRTest_1.0.1.0_x64__yke9dzze9zzvw [2020-04-26] (VESA DisplayHDR)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-16] (Dolby Laboratories)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2020.1.45.0_x64__t5j2fzbtdg37r [2020-04-03] (DTS, Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-22] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-25] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2020-01-22] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0 [2020-04-22] (Spotify AB) [Startup Task]
Zoom Anywhere -> C:\Program Files\WindowsApps\18879NatiElgavi.2366A3090C98_1.1.5.0_x64__nzbt9frs4hhja [2020-04-24] (Nati Elgavi)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2193204171-570061880-2489883774-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-2193204171-570061880-2489883774-1001_Classes\CLSID\{04271989-C4D2-4B73-655F-F37AEA9F61FA} -> [OneDrive - Universidad Autonoma de Ciudad Juarez (UACJ)] => E:\CLASES MAESTRIA\OneDrive - Universidad Autonoma de Ciudad Juarez (UACJ) [2020-01-27 20:32]
CustomCLSID: HKU\S-1-5-21-2193204171-570061880-2489883774-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-47820E94CD58} -> [Creative Cloud Files] => C:\Users\dramz\Creative Cloud Files [2020-03-31 13:52]
CustomCLSID: HKU\S-1-5-21-2193204171-570061880-2489883774-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\dramz\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2193204171-570061880-2489883774-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\dramz\AppData\Local\Autodesk\webdeploy\production\f22942efe2b06fa9ddd3dbfac8de50bab0281b28\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-2193204171-570061880-2489883774-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\dramz\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2193204171-570061880-2489883774-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-04-21] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_47a7ea3f1b25edd7\nvshext.dll [2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\dramz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\ARC Welder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=emfinbmielocnlhgmfkkmkngdoccbadn
ShortcutWithArgument: C:\Users\dramz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\CamDesk.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=jmjgcfadcmkpmkfhecfcoghmaloblkod
ShortcutWithArgument: C:\Users\dramz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\431933f5ba23f27c\Floow.lnk -> C:\Users\dramz\AppData\Local\Floow\Floow.exe (The NWJS Community) -> --user-data-dir="C:\Users\dramz\AppData\Local\Floow\User Data" --profile-directory=Default --app-id=ocbmhljlgokcoadnmmphagpaihkjiemj
 
==================== Loaded Modules (Whitelisted) =============
 
2020-02-24 10:36 - 2020-02-24 10:36 - 000174592 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\node_modules\ffi\build\Release\ffi_bindings.node
2020-02-24 10:36 - 2020-02-24 10:36 - 000163328 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\node_modules\ref\build\Release\binding.node
2020-02-24 10:36 - 2020-02-24 10:36 - 000204800 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\node_modules\v8-profiler\build\profiler\v5.6.5\node-v48-win32-x64\profiler.node
2020-02-23 16:18 - 2020-02-23 16:18 - 000144384 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\os-service\build\Release\service.node
2020-02-23 16:18 - 2020-02-23 16:18 - 000150528 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\proxydetect\proxydetect.node
2020-02-23 16:18 - 2020-02-23 16:18 - 000200704 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\vrloffline-win32\vrloffline.node
2020-03-31 14:05 - 2020-03-31 14:05 - 096130048 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\libcef.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000117760 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\libEGL.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 004342784 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\libGLESv2.dll
2019-12-21 15:17 - 2019-12-21 15:17 - 000209408 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2019-12-21 15:16 - 2019-12-21 15:16 - 000101376 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2020-01-25 05:02 - 2020-01-25 05:02 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2020-01-25 05:02 - 2020-01-25 05:02 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2020-01-25 05:02 - 2020-01-25 05:02 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-06-25 18:12 - 2019-06-25 18:12 - 001864192 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\BDR_info.dll
2019-04-08 06:00 - 2019-04-08 06:00 - 000498688 _____ () [File not signed] C:\Program Files (x86)\Mendeley Desktop\Mendeley.dll
2016-06-14 07:08 - 2016-06-14 07:08 - 015995904 _____ () [File not signed] C:\Program Files (x86)\Mendeley Desktop\opengl32sw.dll
2019-10-26 05:04 - 2019-10-26 05:04 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-10-26 05:03 - 2019-10-26 05:03 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-10-26 05:04 - 2019-10-26 05:04 - 000650240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-10-26 05:03 - 2019-10-26 05:03 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-10-26 05:03 - 2019-10-26 05:03 - 000369664 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-09-09 08:29 - 2019-09-09 08:29 - 000057344 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2019-09-09 08:30 - 2019-09-09 08:30 - 000074240 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2019-09-09 08:30 - 2019-09-09 08:30 - 000368640 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2020-02-05 06:24 - 2020-02-05 06:24 - 000270848 _____ () [File not signed] C:\Program Files (x86)\Surfshark\Resources\x32\Surfshark.Firewall.dll
2020-04-13 13:41 - 2020-04-13 13:41 - 001414656 _____ () [File not signed] C:\Users\dramz\AppData\Roaming\uTorrent Web\avcodec-58.dll
2020-04-13 13:41 - 2020-04-13 13:41 - 000898048 _____ () [File not signed] C:\Users\dramz\AppData\Roaming\uTorrent Web\avformat-58.dll
2020-04-13 13:41 - 2020-04-13 13:41 - 000451072 _____ () [File not signed] C:\Users\dramz\AppData\Roaming\uTorrent Web\avutil-56.dll
2020-04-13 13:41 - 2020-04-13 13:41 - 000151552 _____ () [File not signed] C:\Users\dramz\AppData\Roaming\uTorrent Web\swresample-3.dll
2019-05-23 16:35 - 2019-05-23 16:35 - 001029632 _____ (Elgato Systems GmbH) [File not signed] C:\Program Files\Elgato\SoundCapture\ElgatoVAD_Router.dll
2019-04-15 18:24 - 2019-04-15 18:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\yccV2.dll
2019-04-15 18:24 - 2019-04-15 18:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\yccV2.dll
2020-01-26 23:30 - 2020-01-26 23:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-04-17 15:22 - 2020-04-17 15:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-17 15:22 - 2020-04-17 15:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2019-11-15 12:53 - 2019-11-15 12:53 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000760832 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\chrome_elf.dll
2020-01-25 05:02 - 2020-01-25 05:02 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-04-08 05:58 - 2019-04-08 05:58 - 001272320 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Mendeley Desktop\LIBEAY32.dll
2019-04-08 05:58 - 2019-04-08 05:58 - 000278016 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Mendeley Desktop\ssleay32.dll
2020-04-13 13:41 - 2020-04-13 13:41 - 001277952 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\dramz\AppData\Roaming\uTorrent Web\LIBEAY32.dll
2020-04-13 13:41 - 2020-04-13 13:41 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\dramz\AppData\Roaming\uTorrent Web\SSLEAY32.dll
2019-12-12 16:37 - 2019-12-12 16:37 - 002516480 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2019-12-12 16:37 - 2019-12-12 16:37 - 000530432 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\audio\qtaudio_windows.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\imageformats\qgif.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\imageformats\qico.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\imageformats\qjpeg.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\imageformats\qmng.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\imageformats\qsvg.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\imageformats\qtiff.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\platforms\qwindows.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\qml\QtQml\Models.2\modelsplugin.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\qml\QtQuick.2\qtquick2plugin.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\qml\QtQuick\Window.2\windowplugin.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\Qt5Core.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\Qt5Gui.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\Qt5Multimedia.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\Qt5Network.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\Qt5Qml.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\Qt5Quick.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\Qt5QuickControls2.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\Qt5QuickTemplates2.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\Qt5Svg.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\Qt5Widgets.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\Qt5WinExtras.dll
2020-03-31 14:05 - 2020-03-31 14:05 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11943\Qt5Xml.dll
2018-02-08 11:00 - 2018-02-08 11:00 - 000038912 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\bearer\qgenericbearer.dll
2018-02-08 11:00 - 2018-02-08 11:00 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\imageformats\qgif.dll
2018-02-09 05:12 - 2018-02-09 05:12 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\imageformats\qicns.dll
2018-02-08 11:00 - 2018-02-08 11:00 - 000026624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\imageformats\qico.dll
2018-02-08 11:01 - 2018-02-08 11:01 - 000297472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\imageformats\qjpeg.dll
2018-02-09 05:12 - 2018-02-09 05:12 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\imageformats\qtiff.dll
2018-02-09 05:12 - 2018-02-09 05:12 - 000400896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\imageformats\qwebp.dll
2018-02-08 11:01 - 2018-02-08 11:01 - 001155072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\platforms\qwindows.dll
2018-08-30 10:32 - 2018-08-30 10:32 - 004841472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5Core.dll
2018-02-08 10:56 - 2018-02-08 10:56 - 005151232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5Gui.dll
2018-02-08 10:56 - 2018-02-08 10:56 - 000971776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5Network.dll
2018-02-09 05:55 - 2018-02-09 05:55 - 000241664 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5Positioning.dll
2018-02-08 10:59 - 2018-02-08 10:59 - 000268288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5PrintSupport.dll
2018-02-09 05:27 - 2018-02-09 05:27 - 002795520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5Qml.dll
2018-02-09 05:30 - 2018-02-09 05:30 - 002969600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5Quick.dll
2018-02-09 05:31 - 2018-02-09 05:31 - 000060416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5QuickWidgets.dll
2018-02-09 05:53 - 2018-02-09 05:53 - 000087040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5WebChannel.dll
2018-02-09 10:54 - 2018-02-09 10:54 - 000271872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5WebEngine.dll
2018-02-09 10:45 - 2018-02-09 10:45 - 052103680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5WebEngineCore.dll
2018-02-09 10:55 - 2018-02-09 10:55 - 000184320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5WebEngineWidgets.dll
2018-02-08 10:59 - 2018-02-08 10:59 - 004407808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5Widgets.dll
2018-02-09 05:55 - 2018-02-09 05:55 - 000235008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5WinExtras.dll
2018-02-08 10:53 - 2018-02-08 10:53 - 000150016 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\Qt5Xml.dll
2018-02-08 11:00 - 2018-02-08 11:00 - 000122880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Mendeley Desktop\styles\qwindowsvistastyle.dll
2019-12-21 16:10 - 2019-12-21 16:10 - 005139576 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll
2015-10-14 03:15 - 2015-10-14 03:15 - 002042368 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\osvi.dll
2019-03-27 16:15 - 2019-03-27 16:15 - 008703488 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GbtNvGpuLib.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\dramz\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\dramz\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7947 more sites.
 
IE trusted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\sharepoint.com -> hxxps://alumnosuacj-files.sharepoint.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\123simsen.com -> www.123simsen.com
 
There are 7947 more sites.
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-18 22:49 - 2020-04-24 14:02 - 000455008 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15618 more lines.
 
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\IBM\SPSS\Statistics\25\JRE\bin
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dramz\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 189.209.127.244 - 148.240.118.40
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Elgato Sound Capture"
HKLM\...\StartupApproved\Run: => "Greenshot"
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-2193204171-570061880-2489883774-1001\...\StartupApproved\Run: => "utweb"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{B9D09399-A61D-45F0-B9B6-CE1F743056E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B3DFAB2E-E653-40CE-A374-9DB7FDBD24D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EB76A1D8-B064-4396-BD7C-F95700F0FB36}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{31D912E6-AD90-4456-8A49-EF1FF4B81F71}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{6D346179-A12D-4920-83D0-896F28930187}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation )
FirewallRules: [{546F425B-ECE4-4DDB-961C-AD7931A75691}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation )
FirewallRules: [TCP Query User{221440E2-86E8-40DF-B6DA-0261304CDEF9}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{DD0EB57B-B525-4FB0-886C-2A51FA7E49D2}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [{13857219-3735-42D4-8677-7C0CABBF9853}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C638F750-F94C-4419-9541-EC92B326A1CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{B8C9229E-EA1D-4055-A01A-26243BDC2182}C:\users\dramz\appdata\local\floow\floow.exe] => (Allow) C:\users\dramz\appdata\local\floow\floow.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{0E4711B2-E915-44C8-9583-7E86D8BDAD68}C:\users\dramz\appdata\local\floow\floow.exe] => (Allow) C:\users\dramz\appdata\local\floow\floow.exe (The NWJS Community) [File not signed]
FirewallRules: [{C17556D1-3CA1-403C-8121-AD5E6ED3D01B}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{0FEC4AFC-921A-4E58-9D86-E577E9944323}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{F33C7AFA-0EAC-4971-9565-195A61539FB4}] => (Allow) LPort=9009
FirewallRules: [{1E0F35FE-918B-4673-AD18-51FB6228D883}] => (Allow) LPort=9009
FirewallRules: [{5FB4FD01-98BC-41A3-92C0-B8D00C69FD31}] => (Allow) LPort=9009
FirewallRules: [{C24A1A6E-91D1-406C-A222-757D5DA5D331}] => (Allow) LPort=9009
FirewallRules: [{2D62A238-5F64-41B9-9762-33DBD9431CDA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2412D18-A2C1-4544-A808-78CBF34716D3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DCF7F135-2178-4B1F-A8B4-898E302938E0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE58A00C-0216-4445-8FC4-9B867BC97887}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{10A3F63A-AFCC-4D4B-8468-3B0F9305078D}] => (Allow) D:\SteamLibrary\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{47EC77A9-1123-4C1A-9959-665121FE1F1A}] => (Allow) D:\SteamLibrary\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{058BFC40-8E7E-4DA7-B1C7-150B9E63A32C}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{B32E5F6C-64CB-4433-967B-27D5A893180B}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [UDP Query User{62417D86-9743-4182-B44A-27F26CB80100}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [TCP Query User{E8F59382-C16A-428A-8857-7D68BA3117BD}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{C9FC7B90-1309-4615-B58B-A6961450806D}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{F6544C70-8677-4E82-873D-C9436716D06B}] => (Allow) LPort=9009
FirewallRules: [{9484BFFD-3F88-4815-8F7B-1656781077D4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AC635480-7439-4430-8A59-E95FCCBC4349}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{293B380E-7F4A-4821-8134-6FA09E53BD45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{45A2074F-29A2-4116-97D6-AF7FE1CD1FDD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{28BBE50F-3CCF-4751-A35F-3E4E548B82EB}] => (Allow) LPort=9009
FirewallRules: [{7F6213FD-826E-47BD-BBD3-EBB2784B6BFD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{117D5452-C8F5-4EBF-992E-70FF3587FC15}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DF1DC64E-C60D-41D9-B379-42651A072427}] => (Allow) LPort=9009
FirewallRules: [{AFEFC321-A83E-42B6-BFB4-DF98E74CB795}] => (Allow) LPort=9009
FirewallRules: [{ED4CBEEF-40A0-489C-B655-705734C0EF20}] => (Allow) LPort=9009
FirewallRules: [{74E2524B-B75B-4FB2-B71F-B9A3C8E6C0C6}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (Chaos Software, Ltd) [File not signed]
FirewallRules: [{B421C259-AA51-4E5D-B779-413AADF74AEE}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (Chaos Software, Ltd) [File not signed]
FirewallRules: [{334DF5EC-C8EA-4556-860D-507C41FC72D9}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{7924F820-2A63-4C05-AA45-AC6485E917C9}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [TCP Query User{8DE1B46E-5A34-48C6-A3F0-18676083BFD8}C:\program files\sketchup\sketchup 2018\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2018\sketchup.exe (Trimble Navigation -> Trimble, Inc.) [File not signed]
FirewallRules: [UDP Query User{9DC8FFEC-5244-4385-9B82-F2153010E37F}C:\program files\sketchup\sketchup 2018\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2018\sketchup.exe (Trimble Navigation -> Trimble, Inc.) [File not signed]
FirewallRules: [{D98552CE-F06E-41CA-9816-50BA40C0E94C}] => (Allow) LPort=20208
FirewallRules: [{367209A3-0D6F-4135-8590-0DB6D4F8EABE}] => (Allow) LPort=20208
FirewallRules: [{53CFF8A9-7085-4D34-8040-43A89770155B}] => (Allow) C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\swrm.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{7CDA15B5-0863-4221-84EE-414612CDDB1F}] => (Allow) C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\swrm.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{B2CA81D1-A9C9-47D1-AEF3-5F891D5FDB9D}] => (Allow) LPort=9009
FirewallRules: [{0655CCE1-F212-4690-8461-E8541CF84F69}] => (Allow) LPort=9009
FirewallRules: [{FFE96ABE-3202-4CBF-8181-D248E0AFE4D0}] => (Allow) LPort=9009
FirewallRules: [{9EC82CA6-3BB9-4CD3-9248-FEDD1AB7AA40}] => (Allow) LPort=9009
FirewallRules: [{A88D6C65-9A39-490E-965F-89D8531CDE9C}] => (Allow) LPort=9009
FirewallRules: [{B536D772-E357-4F66-9095-CF5F595AA188}] => (Allow) LPort=9009
FirewallRules: [{08AA37CF-A5F4-46C1-9147-1C08DCC2DDC8}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{AB8A6D5D-2D92-4510-A7F8-BF32B8571371}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [File not signed]
FirewallRules: [{4CAC3638-80CA-46FA-A3D4-35F33542D82A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{7882113B-E887-46A2-AF0E-E37698976C39}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{89675FE6-9F1A-429E-9F62-B287F8527317}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{4C7E40B5-4C56-465A-B2D1-6D4B5F70A77D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{81F5F64B-D6E4-4506-B21A-67FF49C1AE1D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe () [File not signed]
FirewallRules: [{CC9ACE52-B482-4E17-8D0D-EE415B8D872D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe () [File not signed]
FirewallRules: [{818FA9D0-414B-4340-A87A-FBBDD1628FCD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{2A347B28-FF66-409F-A79C-B5A5BCF06062}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [TCP Query User{3AD52E34-9441-40B8-95A4-68C27263D466}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{305CC5D8-4D3F-4AEA-9C4D-168F348C7518}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [TCP Query User{C5ED86D0-5E67-4436-8608-88AD9A23E100}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{044B959B-63AE-4DA0-A018-3FFA125935C0}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{4780B454-2925-4A49-BBB8-A333C9AE1721}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{C99B1E02-12FF-4E75-9DA1-035D741C363C}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{88DC7B04-C1F2-44C3-AA7D-6ECFBCAE7701}] => (Allow) LPort=9009
FirewallRules: [{8B574133-E141-48BD-BFF3-9D62B3AC8407}] => (Allow) LPort=9009
FirewallRules: [{BD6B5695-2B01-4349-9699-E03197398AD6}] => (Allow) LPort=9009
FirewallRules: [{9AD5C749-55B8-47FD-AAF3-3D7C49AEDF5E}] => (Allow) LPort=9009
FirewallRules: [{77F9ECB3-1B72-4E81-A6A1-E9907D6753C4}] => (Allow) LPort=9009
FirewallRules: [{09A1EFC9-35A1-4468-BA84-D11180B80AE3}] => (Allow) LPort=9009
FirewallRules: [{FD702582-0888-4CB6-B62A-9887A4EA1088}] => (Allow) LPort=9009
FirewallRules: [{FF702968-5CFA-4198-9924-933BC31EC98F}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{0A8E285B-F460-4D27-A8B0-16E61BBE7708}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{75A25F17-9CAC-41D2-BC0C-43337281E7A3}] => (Allow) E:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{A150D626-0ED1-4E79-AF0A-B80124FE475B}] => (Allow) E:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{45A5DC55-02E6-4489-813C-0DA1622C7D35}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{BDA36146-4CA7-45F3-8BCB-77CF0919CFA9}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{67D1F980-878E-4DA5-A0C0-1C36CA9A4E40}] => (Allow) E:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{B1E27130-8BC2-412B-BA2B-8989FD8F1D0B}] => (Allow) E:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{75AE85E2-8647-4B45-8E22-B7F0DD951E3A}] => (Allow) E:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{A20A0615-82B3-41AB-A7EA-5A5B9E2A7B43}] => (Allow) E:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{65FE161D-241A-4A86-B337-65530C00C3C0}] => (Allow) E:\SteamLibrary\steamapps\common\Game of Thrones Winter is Coming\GotPC.exe (上海游族互娱网络科技有限公司 -> )
FirewallRules: [{1BD3A7DF-217D-428F-B3CE-217C8EA6F98B}] => (Allow) E:\SteamLibrary\steamapps\common\Game of Thrones Winter is Coming\GotPC.exe (上海游族互娱网络科技有限公司 -> )
FirewallRules: [{9507BA2F-DDF4-47C9-BE50-740E155380FC}] => (Allow) E:\SteamLibrary\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{C1C9FE8F-C341-4D96-92B9-B744D2FF8402}] => (Allow) E:\SteamLibrary\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{E49A450F-2B5E-43A2-9363-0FD4CB7A1D50}] => (Allow) E:\SteamLibrary\steamapps\common\ReignsGoT\ReignsGoT.exe () [File not signed]
FirewallRules: [{FEA98291-C52F-4E28-AE85-7F936395AB66}] => (Allow) E:\SteamLibrary\steamapps\common\ReignsGoT\ReignsGoT.exe () [File not signed]
FirewallRules: [{6915147D-CB01-4145-A15B-94E271E3AC6C}] => (Allow) E:\SteamLibrary\steamapps\common\Godot Engine\godot.windows.opt.tools.64.exe (Prehensile Tales B.V. -> Godot Engine)
FirewallRules: [{C4175ABE-7362-432E-A37F-C932B9A01946}] => (Allow) E:\SteamLibrary\steamapps\common\Godot Engine\godot.windows.opt.tools.64.exe (Prehensile Tales B.V. -> Godot Engine)
FirewallRules: [{2F1B7531-2223-4205-8E97-B7A30083DF74}] => (Allow) E:\SteamLibrary\steamapps\common\Tilt Brush\TiltBrush.exe () [File not signed]
FirewallRules: [{CA918F60-BEC8-426C-A7DD-54AB22142990}] => (Allow) E:\SteamLibrary\steamapps\common\Tilt Brush\TiltBrush.exe () [File not signed]
FirewallRules: [{0E14EEFD-1BF8-4F02-AE5E-4C4DB0D2B04B}] => (Allow) E:\SteamLibrary\steamapps\common\Car Mechanic Simulator 2018\cms2018.exe () [File not signed]
FirewallRules: [{CF209769-2024-4B53-BEE8-1B91A8BEAF6C}] => (Allow) E:\SteamLibrary\steamapps\common\Car Mechanic Simulator 2018\cms2018.exe () [File not signed]
FirewallRules: [{F088F940-8D3A-42EA-9A0E-2253AC45DEAC}] => (Allow) E:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{8253CDA7-EFDE-4117-AB09-241039B111E7}] => (Allow) E:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{CB196E95-7201-42A0-A2BB-C57E61B2C3FC}] => (Allow) E:\SteamLibrary\steamapps\common\Conan Exiles - Testlive Client\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe (FUNCOM OSLO AS -> BattlEye Innovations)
FirewallRules: [{88C9FB74-5EF0-4C3C-9ECD-400B03630FBC}] => (Allow) E:\SteamLibrary\steamapps\common\Conan Exiles - Testlive Client\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe (FUNCOM OSLO AS -> BattlEye Innovations)
FirewallRules: [{421D9CCC-24A1-46DF-972E-3496419EDC9C}] => (Allow) E:\SteamLibrary\steamapps\common\Conan Exiles - Testlive Client\ConanSandbox\Binaries\Win64\ConanSandbox.exe (FUNCOM OSLO AS -> Funcom Oslo AS)
FirewallRules: [{F28203C5-D35F-42F3-914B-388BC8D5E2B2}] => (Allow) E:\SteamLibrary\steamapps\common\Conan Exiles - Testlive Client\ConanSandbox\Binaries\Win64\ConanSandbox.exe (FUNCOM OSLO AS -> Funcom Oslo AS)
FirewallRules: [TCP Query User{6958D6A4-9544-458B-B6FE-5F9522C6B3BD}C:\users\dramz\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\dramz\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A7696E2E-4AB8-4285-BE4F-D2445B5BD521}C:\users\dramz\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\dramz\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39E85C00-16E6-4488-9BB5-C998B9B3B5D3}] => (Allow) LPort=9009
FirewallRules: [{7ED7BF63-1603-490F-9C90-1E66797E3CE7}] => (Allow) LPort=9009
FirewallRules: [{C4F9F342-8795-4730-B0A3-41D274D2649B}] => (Allow) E:\SteamLibrary\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{413D6728-E260-486F-B700-005A8691F852}] => (Allow) E:\SteamLibrary\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B06FDAE4-FDB6-4500-8EEF-F29F550FE2A6}] => (Allow) E:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{EA379633-C6A1-497E-B178-22DCE5F4314D}] => (Allow) E:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E2D43744-6968-45C2-A1BC-7B1088D4FEAD}] => (Allow) LPort=9009
FirewallRules: [{AC82C643-4626-46EE-8493-D9E5BCFBD910}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9C19111-0086-4A40-9A28-EBDF7C589BFA}] => (Allow) C:\Users\dramz\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [{427B9660-88C6-4625-9799-3148D3EE9B5F}] => (Allow) C:\Users\dramz\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [{645005ED-4CFC-4716-9377-E1519467FB3A}] => (Allow) C:\Users\dramz\AppData\Local\Chromium\Application\chrome.exe No File
FirewallRules: [{A99A7426-EAA6-44D7-A444-EE2B67093CE1}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{62120E4D-24D3-4841-86CB-AD8FD57BF096}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{945F009F-F6AD-4A73-8BDC-A94DC98862AE}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{43D27475-FBC8-4E3D-A5F7-821412076603}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{D35DB597-4A3F-4757-B2B6-261164DFF56A}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{33AB4FE8-96BF-4B8D-9097-BFFEBD4DC16F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{CD73555A-BDB1-4956-92FC-7743085EBFB2}] => (Allow) LPort=9009
FirewallRules: [{C29D3341-612F-4FD2-B565-2D192611FA26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5B89783B-1A35-4831-AA60-6B770E48B38F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{707C388E-76F4-4199-8356-7C0A11B96015}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2082848B-4B10-4DA6-9240-4BD6F10CDE42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9CBDC63A-6740-4634-AE1A-48691B87E3C0}] => (Allow) LPort=9009
FirewallRules: [{44B0D07E-5F2F-49B8-B93F-B88FF57C8B8E}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{F65F117A-DDA3-45FA-A016-ACF95E7A4B87}C:\users\dramz\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dramz\appdata\local\popcorn-time\popcorn-time.exe (The NW.js Community) [File not signed]
FirewallRules: [UDP Query User{5DFC586B-BD99-4622-B4A5-7895BE07373E}C:\users\dramz\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dramz\appdata\local\popcorn-time\popcorn-time.exe (The NW.js Community) [File not signed]
FirewallRules: [{BC04B976-39D0-4037-BAE7-9AD15224575F}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]
FirewallRules: [{FB87E83A-D5A8-48FF-9397-07E804FB7381}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]
FirewallRules: [{7A172CCC-2B50-403A-AACE-5B7538CBAB77}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe () [File not signed]
FirewallRules: [{34405281-3C8A-4BF6-ADDC-78790B4E562B}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe () [File not signed]
FirewallRules: [{7CC07DE4-4AF3-487A-89FE-BDE89028A849}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [{9BCB94FB-0A07-4269-B289-A2361A4E7599}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [{18AAC3D0-C9AF-4A77-AF24-287190251AA8}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe (Joyent Inc -> Joyent, Inc)
FirewallRules: [{AF0F226F-733C-4576-829E-D18860D12773}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe (Joyent Inc -> Joyent, Inc)
FirewallRules: [{C7680359-237C-47B3-95D0-A3D151A50542}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7D674353-5B73-4CF5-8911-378EFB8FE06C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9FBD9945-0139-4039-8D4F-9C49F102CE6A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{38FCF28C-1498-4E9A-B753-1874E6B16C6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7EA5D618-DA45-4EF7-99ED-CF08422B107C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B6CE107D-FF6B-4E60-86FF-C11E3687D942}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9DCEFA6D-BA7C-4B97-88A0-7E4093765B95}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{904687E0-3826-41A3-B661-E4BCCDFA4B27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E05EB026-154C-40BB-AEAE-8DDAB229DB46}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A3C2300E-1479-4D33-9F25-882154421D90}] => (Allow) LPort=9009
FirewallRules: [{866F924F-1988-43DC-9F93-8CA7078EA325}] => (Allow) LPort=9009
FirewallRules: [{7187D823-AB0B-47EE-B1E6-75F2C1B217C1}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout Tactics\TacticsLauncher.exe (ZeniMax Media) [File not signed]
FirewallRules: [{E78425F3-FF88-40FF-B933-0F3EACBC845B}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout Tactics\TacticsLauncher.exe (ZeniMax Media) [File not signed]
FirewallRules: [{A9184DEE-3493-4E16-BF28-F80B0874B22C}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe (IGN Entertainment, Inc.) [File not signed]
FirewallRules: [{91EC649E-DD24-4548-8F04-50DF8770BBD5}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe (IGN Entertainment, Inc.) [File not signed]
FirewallRules: [{BAD16B55-43B5-4888-AD25-95B573345BAE}] => (Allow) E:\SteamLibrary\steamapps\common\Neptunia Rebirth1\NeptuniaReBirth1.exe () [File not signed]
FirewallRules: [{B23ECE52-7726-4C57-B1C1-FA708FA7F4AA}] => (Allow) E:\SteamLibrary\steamapps\common\Neptunia Rebirth1\NeptuniaReBirth1.exe () [File not signed]
FirewallRules: [{4E233B7E-0CD0-4575-AF61-4C0ED197DC65}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{134B989D-8DC2-4E29-8504-D89987FC57D4}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{4CFF352E-564E-406C-906A-3E647DBD9A95}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout\FalloutLauncher.exe (ZeniMax Media) [File not signed]
FirewallRules: [{49218C9F-2B99-43D9-8A33-F49F864339E2}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout\FalloutLauncher.exe (ZeniMax Media) [File not signed]
FirewallRules: [{B07FBDFA-5021-4185-B6CF-71E6787D1A8D}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout 2\Fallout2Launcher.exe (ZeniMax Media) [File not signed]
FirewallRules: [{68AF626E-5BE5-412B-9D95-B216B94F9D8E}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout 2\Fallout2Launcher.exe (ZeniMax Media) [File not signed]
FirewallRules: [{E5DB0B98-EF25-4725-BDBE-3F1197B9C8EE}] => (Allow) LPort=9009
FirewallRules: [{016DAF5D-B79F-41D5-A1C6-A733403323D8}] => (Block) D:\Games\Megadimension Neptunia VIIR\resource\bin\v2r.exe () [File not signed]
FirewallRules: [{E0790622-74F2-438B-AB01-E6993CE6FE08}] => (Allow) LPort=9009
FirewallRules: [{F771539C-065E-4106-B32F-8166E4772C85}] => (Allow) E:\SteamLibrary\steamapps\common\BOXVR\BoxVR.exe () [File not signed]
FirewallRules: [{24EE58DB-0F4F-4A0E-B62D-ADC6DB422824}] => (Allow) E:\SteamLibrary\steamapps\common\BOXVR\BoxVR.exe () [File not signed]
FirewallRules: [{1CF2EA27-531C-4C0E-B4B0-5C60AFEF963A}] => (Allow) LPort=9009
FirewallRules: [{598D3349-DA27-4DED-852F-3A64E52AD2D1}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
FirewallRules: [{224427CC-79A3-4912-ACF7-5CEFBE13610B}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
FirewallRules: [{48DB6FC5-044E-44E3-B4F9-84A660B708B5}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{701D7964-9DAD-4378-BA76-DFE7614C46EB}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{392CD9DF-76BF-4E69-B9D3-6A1D89FC6D28}] => (Allow) LPort=9009
FirewallRules: [{352B76FB-159E-4545-A7CE-F016ABF60D16}] => (Allow) LPort=9009
FirewallRules: [{1A8E2342-A34A-48CA-936C-E5C4F58DE419}] => (Allow) E:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{661B6A75-EBA3-488F-961E-E0E0F61409E4}] => (Allow) E:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
 
==================== Restore Points =========================
 
23-04-2020 19:18:09 Installed DirectX
25-04-2020 18:09:58 Installed Surfshark
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (04/27/2020 04:20:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-UPRE5G2.local already in use; will try DESKTOP-UPRE5G2-2.local instead
 
Error: (04/27/2020 04:20:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 DESKTOP-UPRE5G2.local. Addr 192.168.15.2
 
Error: (04/27/2020 04:20:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.15.2:5353   16 DESKTOP-UPRE5G2.local. AAAA FE80:0000:0000:0000:6152:F7CC:DBC1:56F8
 
Error: (04/27/2020 04:20:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:    4 DESKTOP-UPRE5G2.local. Addr 192.168.15.2
 
Error: (04/27/2020 04:20:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.15.2:5353   16 DESKTOP-UPRE5G2.local. AAAA FE80:0000:0000:0000:6152:F7CC:DBC1:56F8
 
Error: (04/27/2020 04:05:02 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=254, authorId=311, vendorId=14122, vendorType=1
 
Error: (04/27/2020 04:04:57 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=254, authorId=311, vendorId=14122, vendorType=1
 
Error: (04/27/2020 04:04:57 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=254, authorId=311, vendorId=14122, vendorType=1
 
 
System errors:
=============
Error: (04/27/2020 04:20:02 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{D55A70FB-CFBA-4127-95C3-80982C8F8F92} because another computer on the network has the same name.  The server could not start.
 
Error: (04/27/2020 04:05:09 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{D2ED471D-2149-447A-8FD9-50B47A713E54} because another computer on the network has the same name.  The server could not start.
 
Error: (04/27/2020 04:05:09 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{D55A70FB-CFBA-4127-95C3-80982C8F8F92} because another computer on the network has the same name.  The server could not start.
 
Error: (04/26/2020 09:19:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UPRE5G2)
Description: The server {84F66100-FF7C-4FB4-B0C0-02CD7FB668FE} did not register with DCOM within the required timeout.
 
Error: (04/26/2020 07:43:52 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UPRE5G2)
Description: The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
 
Error: (04/26/2020 05:58:09 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UPRE5G2)
Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX8z5q44mt1b9k6x2nkjj0bkr2e1ac0dxy.mca did not register with DCOM within the required timeout.
 
Error: (04/26/2020 04:17:38 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Malwarebytes Service service did not shut down properly after receiving a preshutdown control.
 
Error: (04/26/2020 04:17:24 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
 
Windows Defender:
===================================
Date: 2020-04-25 16:21:40.378
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1038C370-214F-4155-BF94-83E7C3A18175}
Scan Type: Antimalware
Scan Parameters: Full Scan
 
Date: 2020-04-25 16:12:39.123
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4B2A7C17-B146-4940-B08F-164B5DF74C1B}
Scan Type: Antimalware
Scan Parameters: Custom Scan
 
Date: 2020-04-24 15:52:19.502
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...77&enterprise=1
Name: Trojan:Script/Wacatac.C!ml
ID: 2147749377
Severity: Severe
Category: Trojan
Path: file:_F:\GENERAL\Documents\Soulseek Downloads.OLD\complete\thep48\DAWs\Sony ACID Pro 7.0.641.Keygen.rar
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.313.2238.0, AS: 1.313.2238.0, NIS: 1.313.2238.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
 
Date: 2020-04-24 03:58:36.236
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...25&enterprise=1
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Severe
Category: Trojan
Path: containerfile:_E:\FileHistory\Dramzii\DESKTOP-J7FM9N0\Data\$OF\643\784 (2020_01_22 09_16_23 UTC).zip; containerfile:_E:\FileHistory\Dramzii\DESKTOP-J7FM9N0\Data\$OF\643\796 (2020_01_22 09_16_23 UTC).zip; containerfile:_E:\FileHistory\Dramzii\DESKTOP-J7FM9N0\Data\$OF\725\737 (2020_01_22 09_16_23 UTC).zip; file:_E:\FileHistory\Dramzii\DESKTOP-J7FM9N0\Data\$OF\643\784 (2020_01_22 09_16_23 UTC).zip->Celemony.Melodyne.Plugin.VST.RTAS.v1.0.Incl.Keygen-AiR/a-cmp10a.zip->a-cmp10.rar->Keygen.exe; file:_E:\FileHistory\Dramzii\DESKTOP-J7FM9N0\Data\$OF\643\796 (2020_01_22 09_16_23 UTC).zip->A.O.M. Factory Total Bundle Plugins Pack v1.7.3.VST x86x64 Patched and KeyGen-CHAOS [deepstatus]/chs-1888.rar->CHAOS\KeyGen.exe; file:_E:\FileHistory\Dramzii\DESKTOP-J7FM9N0\Data\$OF\725\737 (2020_01_22 09_16_23 UTC).zip->Native.Instruments.Reaktor.6.v6.3.1.Incl.Patched.and.Keygen-R2R/R2R/Reaktor_Keygen.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.313.2224.0, AS: 1.313.2224.0, NIS: 1.313.2224.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
 
Date: 2020-04-24 03:58:36.235
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...42&enterprise=1
Name: Trojan:Win32/Skeeyah.A!MTB
ID: 2147729042
Severity: Severe
Category: Trojan
Path: containerfile:_E:\FileHistory\Dramzii\DESKTOP-J7FM9N0\Data\F\GENERAL\Documents\Soulseek Downloads\complete\axiomatic\Torrents\Sketchup Pro 2018 for windows 64 Bit Full Software (2020_01_22 09_16_23 UTC).rar; containerfile:_E:\FileHistory\dramz\DESKTOP-UPRE5G2\Data\F\GENERAL\Downloads\Sketchup Pro 2018 for windows 64 Bit Full Software (2020_04_15 20_17_27 UTC).rar; file:_E:\FileHistory\Dramzii\DESKTOP-J7FM9N0\Data\F\GENERAL\Documents\Soulseek Downloads\complete\axiomatic\Torrents\Sketchup Pro 2018 for windows 64 Bit Full Software (2020_01_22 09_16_23 UTC).rar->Sketchup Pro 2018 for windows 64 Bit Full Software\su2018.-64-patch.exe; file:_E:\FileHistory\dramz\DESKTOP-UPRE5G2\Data\F\GENERAL\Downloads\Sketchup Pro 2018 for windows 64 Bit Full Software (2020_04_15 20_17_27 UTC).rar->Sketchup Pro 2018 for windows 64 Bit Full Software\su2018.-64-patch.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.313.2224.0, AS: 1.313.2224.0, NIS: 1.313.2224.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
 
Date: 2020-04-24 15:37:54.102
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: The program could not find the malware and other potentially unwanted software on this device. 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
CodeIntegrity:
===================================
 
Date: 2020-04-27 04:28:38.396
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
 
Date: 2020-04-27 04:28:38.394
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
 
Date: 2020-04-27 04:28:34.083
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-27 04:28:34.082
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-27 04:28:33.792
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-27 04:28:33.791
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-27 04:25:33.701
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
 
Date: 2020-04-27 04:25:33.700
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. F21 03/06/2017
Motherboard: Gigabyte Technology Co., Ltd. Z170X-Gaming 7
Processor: Intel® Core™ i5-7600K CPU @ 3.80GHz
Percentage of memory in use: 65%
Total physical RAM: 16339.58 MB
Available physical RAM: 5610.14 MB
Total Virtual: 42963.58 MB
Available Virtual: 24293.57 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.13 GB) (Free:102.96 GB) NTFS
Drive d: (SSD 240 GB) (Fixed) (Total:223.57 GB) (Free:39.49 GB) NTFS
Drive e: (HDD 7200 RPM 3 TB) (Fixed) (Total:2794.5 GB) (Free:331.75 GB) NTFS
Drive f: (DRAMZII-3TB) (Fixed) (Total:2794.39 GB) (Free:545.44 GB) NTFS
 
\\?\Volume{555be7eb-e385-4943-8ea2-ece43a82c87a}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.11 GB) NTFS
\\?\Volume{74e7d2bb-d0d5-4102-bee5-dfcdd2ece2f8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 1B33B872)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 73BE240E)
 
Partition: GPT.
 
==========================================================
Disk: 3 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Uninstall:

Bonjour (You have an outdated version.)

SuperAntiSpyware (waste of time)

 

 

Get Unblock Origin for Chrome:

 

https://chrome.googl...hjbkeiagm?hl=en

 

In Chrome, go to chrome://extensions/


Turn off all but the Chrome Apps and Ublock Origin and anything from BitDefender by moving the blue spot to the left. 


Now Go to

chrome://settings/

 

Under You & google:

If it says: Syncing to "your email address" Click on Turn Off


Find:

On Startup

 Click on

Open The New Tab Page.


Find:

Search engine
Search engine used in the address bar - change to Google


Click on Manage search engines

For each search engine except Google under Default Search Engines, click on the three bars and select Remove From List.




Scroll to the bottom and click on Advanced.

 

Now scroll to where it says System and turn off

 

Continue running background apps when Google Chrome is closed
 

Under

Privacy and security

 

turn off:

 

Preload pages for faster browsing and searching

 

That should cut down the number of Chrome.exe programs running.  (you have 75 per FRST)  Restart Chrome so that the changes take effect.

 

Now rerun MalwareBytes and see if it still finds Conduit associated malware.  If it finds it, let it remove then reboot and rescan.  Does it come back?  

Do you still have the problem you described?

 

Please do a new FRST scan and post both logs.

 


 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP