Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Google Chrome keeps getting the default search set to Yahoo [Closed]

chrome changed default search changed search to yahoo

  • This topic is locked This topic is locked

#1
rocket-ron

rocket-ron

    Member

  • Member
  • PipPip
  • 42 posts

Dear Sir/Madam,

 

My default search engine on Google Chrome keeps getting changed to Yahoo. Therefore, I believe there is Malware on my computer. Could this be checked for please? It is a Windows 8.1 machine.

 

Any help with this matter would be greatly appreciated.

 

Thanks,

 

Kiran.

 

==========

FRST.txt 

==========

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-09-2020

Ran by ron (administrator) on HAL-RON (02-10-2020 13:41:43)
Running from D:\Downloads
Loaded Profiles: ron
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Anaconda\envs\k36\Scripts\jupyter.exe
() [File not signed] C:\Anaconda\envs\k36\Scripts\jupyter-lab.exe
() [File not signed] C:\cygwin64\bin\bash.exe
() [File not signed] C:\Windows\System\HsMgr64.exe
() [File not signed] C:\Windows\SysWOW64\HsMgr.exe
(ANDREA VACONDIO -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 4\creator-ws.exe
(Andy Koppe / Thomas Wolff) [File not signed] C:\cygwin64\bin\mintty.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\My Image Garden\cnmigmain.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CMedia) [File not signed] C:\Program Files\ASUS Xonar Xense Audio\Customapp\AsusAudioCenter.exe
(Deezer -> Deezer) C:\Users\ron\AppData\Local\Programs\deezer.desktop\Deezer.exe <5>
(Foxit Software Incorporated -> Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Shell Extensions\FoxitPrevhost.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <152>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\excel.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ownCloud GmbH -> ownCloud) C:\Program Files (x86)\ownCloud\owncloud.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\12\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\12\bin\postgres.exe <8>
(Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\python.exe <3>
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp -> Realtek) C:\Windows\SwUSB.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe
(RStudio, Inc.) [File not signed] C:\Program Files\RStudio\bin\rstudio.exe
(RStudio, Inc.) [File not signed] C:\Program Files\RStudio\bin\x64\rsession.exe
(Signal Messenger, LLC -> Open Whisper Systems) C:\Users\ron\AppData\Local\Programs\signal-desktop\Signal.exe <5>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sync.com Inc. -> ) C:\Users\ron\AppData\Local\Programs\Sync\sync-worker.exe <3>
(Sync.com Inc. -> Sync.com Inc.) C:\Users\ron\AppData\Local\Programs\Sync\sync-taskbar.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\Syswow64\cmicnfgp.dll [12935168 2014-12-28] (C-Media Corporation) [File not signed]
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2014-12-28] () [File not signed]
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2014-12-28] () [File not signed]
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [868328 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48737752 2020-09-09] (Google LLC -> )
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Google Update] => C:\Users\ron\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-04-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [2374872 2020-06-12] (ownCloud GmbH -> ownCloud)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [404060112 2020-06-20] (Manhattan Engineering Incorporated -> Kite)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90951528 2020-09-22] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\ron\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Opera Browser Assistant] => C:\Users\ron\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3085336 2020-09-29] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\MountPoints2: {f6844e0d-f65e-11e9-bea8-3085a98ce5fe} - "G:\WD SmartWare.exe" autoplay=true
HKLM\...\Windows x64\Print Processors\Canon MG5600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCA.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5600 series: C:\WINDOWS\system32\CNMLMCA.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5600 series XPS: C:\WINDOWS\system32\CNMXLMCA.DLL [408576 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2014-03-17] (CANON INC.) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\Custom64\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-24] (Google LLC -> Google LLC)
Startup: C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk [2019-09-28]
ShortcutTarget: Password Safe.lnk -> C:\Program Files (x86)\Password Safe\pwsafe.exe (SourceForge.net) [File not signed]
Startup: C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sync.LNK [2018-05-05]
ShortcutTarget: Sync.LNK -> C:\Users\ron\AppData\Local\Programs\Sync\sync-taskbar.exe (Sync.com Inc. -> Sync.com Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {048B46DC-0BC5-400F-B9A3-423D55FF0CD5} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {06C14AE8-2154-4138-A74F-27C3C656BD9C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {09D3E962-76AD-4E9F-B020-FB971145B57F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1DDA3249-C1D1-4820-AD47-C03939307421} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23B0C28A-DDFA-4B0D-9460-E131FF2BFF02} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30A7E63F-977E-4AEA-80C5-3015C2B310A4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3487088 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {35CFDE44-C3DA-4B68-B235-5715ED691D10} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CF8ADEA-046C-42FD-A3F6-40D3C675A450} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [994672 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {492F8726-136B-4E52-BB68-0C7B7E2A4D38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-16] (Google Inc -> Google Inc.)
Task: {4C29320E-56C1-46F6-90C7-CB36865F533F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {6343D530-6966-4BD2-8410-B0301EF844BB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {671CA532-4BC6-411B-AD05-9D13C19E5F3C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6DE83157-DE9E-44B0-9017-16C355449356} - System32\Tasks\Opera scheduled assistant Autoupdate 1582299511 => C:\Users\ron\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {7EDA26FF-0346-498C-8286-D5E066AC9D8A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-233570897-2198283788-2588358591-1001Core => C:\Users\ron\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {858AE3F5-2F76-40B4-BD92-CE95B49B19C9} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87C4A64E-1CA5-4263-9D9A-BD588DC8B034} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-233570897-2198283788-2588358591-1001UA => C:\Users\ron\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {96B756A7-D0E6-4B34-AF94-AFEB2A0C6FD5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3D3C8C0-D3F4-4ABB-BE9E-379754139437} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [695664 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9CDA4AD-4917-4E49-A214-5568F84183C2} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B31C2298-D254-4DF5-8BBC-66A9ECD0520F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD38628B-32C9-446F-BE3C-C61B99D6A450} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C4DB7967-E171-40B5-9DF5-344B5DD9D062} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C84E3CE8-99AA-415F-96E6-5822E7C0583D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-16] (Google Inc -> Google Inc.)
Task: {CB539B5D-F137-4388-8067-E92F66E9C7CF} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [70016 2019-05-14] (Oracle America, Inc. -> Oracle Corporation)
Task: {CEB07199-4B4D-42AF-8734-D491FA19CE84} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [754176 2016-07-29] (Oracle Corporation) [File not signed]
Task: {D0671856-6416-4154-9D86-53124C5CACB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9F9566B-E3A7-45D2-9EE0-2FA6C98AEB9A} - System32\Tasks\Opera scheduled Autoupdate 1572432817 => C:\Users\ron\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {E1B3B7E4-058A-49F5-A6C9-316DE98EF023} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{68584B7A-0386-43A8-9926-8CFF586B4014}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{76CC638A-02B0-4AF7-848E-FEF893671806}: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
Edge: 
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ron\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-14]
 
FireFox:
========
FF DefaultProfile: ny746aeo.default
FF ProfilePath: C:\Users\ron\AppData\Roaming\Mozilla\Firefox\Profiles\ny746aeo.default [2020-01-15]
FF ProfilePath: C:\Users\ron\AppData\Roaming\Mozilla\Firefox\Profiles\9tp68gj4.default-release [2020-10-02]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: PDFsam Enhanced 4 -> C:\Program Files (x86)\PDFsam Enhanced 4\np-previewer.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
 
Chrome: 
=======
CHR Profile: C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default [2020-10-02]
CHR Notifications: Default -> hxxps://alison.com; hxxps://app.chime.aws; hxxps://app.slack.com; hxxps://calendar.google.com; hxxps://conference.blockdownconf.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://support.cloud.google.com; hxxps://www.datacamp.com; hxxps://www.facebook.com; hxxps://www.headmasters.com; hxxps://www.monsterinsights.com; hxxps://www.simplilearn.com
CHR HomePage: Default -> hxxp://www.holasearch.com/?affID=121962&tt=gc_&babsrc=HP_ss&mntrId=86603085A98CE5FE
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/","hxxps://mail.google.com/","hxxp://www.deezer.com/playlist/1290162447"
CHR Extension: (Google Translate) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Slides) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Postman Interceptor) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aicmkgpgakddgnaphhhpliifpcfhicfo [2020-05-20]
CHR Extension: (Docs) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-25]
CHR Extension: (YouTube) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-16]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2020-09-15]
CHR Extension: (Sheets) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Postman) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2020-07-02]
CHR Extension: (EditThisCookie) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-11-30]
CHR Extension: (Google Docs Offline) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-12]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-09-25]
CHR Extension: (Home) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomhhejmlbhdpfjbpgemagmcckjhajgg [2018-05-04]
CHR Extension: (Pinterest Save Button) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-10-02]
CHR Extension: (Grammarly for Chrome) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-10-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-10-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Gmail) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-13]
CHR Extension: (HappyPath) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhcklacellfncndpbedjbdbmligjfcn [2017-09-16]
CHR Profile: C:\Users\ron\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-20]
CHR HKU\S-1-5-21-233570897-2198283788-2588358591-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052944 2020-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-08-25] (Foxit Software Incorporated -> Foxit Software Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2015-02-05] (Microsoft Corporation -> Microsoft Corporation)
R2 KiteService; C:\Program Files\Kite\KiteService.exe [141936 2020-09-22] (Manhattan Engineering Incorporated -> Kite)
S2 MySQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [46693696 2019-04-13] (Oracle America, Inc. -> )
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-02-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-02-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 PDFsam Enhanced 4; C:\Program Files\PDFsam Enhanced 4\ws.exe [2005744 2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PDFsam Enhanced 4 Creator; C:\Program Files\PDFsam Enhanced 4\creator-ws.exe [757496 2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [493544 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
R2 postgresql-x64-12; C:\Program Files\PostgreSQL\12\bin\pg_ctl.exe [116736 2020-04-24] (PostgreSQL Global Development Group) [File not signed]
R2 RealtekWlanU; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2734080 2014-12-28] (C-MEDIA ELECTRONICS INC. -> C-Media Inc)
S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2015-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NVHDA; C:\WINDOWS\system32\drivers\nvhda64v.sys [218968 2018-09-17] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [226304 2014-11-22] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-09-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\ron\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-10-02 13:41 - 2020-10-02 13:42 - 000000000 ____D C:\FRST
2020-09-25 15:02 - 2020-09-25 15:02 - 000000072 _____ C:\Users\ron\Untitled9.ipynb
2020-09-25 00:37 - 2020-09-25 00:37 - 000026895 _____ C:\Users\ron\Downloads\2020_07_GCP (1).pdf
2020-09-24 23:44 - 2020-09-24 23:44 - 000131276 _____ C:\Users\ron\Downloads\2020_07_to_08.pdf
2020-09-24 14:33 - 2020-09-24 14:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-19 22:27 - 2020-09-24 22:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-16 09:45 - 2020-09-16 09:45 - 000000000 ____D C:\Users\ron\AppData\Local\ownCloud
2020-09-11 12:05 - 2020-09-29 22:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-09-09 10:30 - 2020-09-02 06:52 - 003332608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-09 10:30 - 2020-09-02 06:25 - 003641344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-09 10:30 - 2020-08-29 03:41 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-09 10:30 - 2020-08-27 06:04 - 004169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-09 10:30 - 2020-08-20 21:54 - 022382424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-09 10:30 - 2020-08-20 21:51 - 019805104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-09 10:30 - 2020-08-15 08:22 - 001370680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-09-09 10:30 - 2020-08-15 08:18 - 007363328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-09 10:30 - 2020-08-15 08:18 - 002012928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-09 10:30 - 2020-08-15 08:18 - 000373512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-09 10:30 - 2020-08-15 06:11 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-09 10:30 - 2020-08-15 05:43 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2020-09-09 10:30 - 2020-08-15 05:39 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-09 10:30 - 2020-08-15 05:33 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-09 10:30 - 2020-08-15 05:23 - 001993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-09 10:30 - 2020-08-15 05:17 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-09 10:30 - 2020-08-15 05:17 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2020-09-09 10:30 - 2020-08-15 05:14 - 001442304 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-09 10:30 - 2020-08-15 05:14 - 001383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-09 10:30 - 2020-08-15 05:12 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-09 10:30 - 2020-08-15 05:12 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-09 10:30 - 2020-08-15 05:11 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-09 10:30 - 2020-08-15 05:11 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-09 10:30 - 2020-08-15 05:04 - 001757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-09 10:30 - 2020-08-15 05:02 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-09 10:30 - 2020-08-15 04:59 - 001088512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-09-09 10:30 - 2020-08-15 04:57 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-09 10:30 - 2020-08-15 04:50 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-09 10:30 - 2020-08-13 06:25 - 001308256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-09 10:30 - 2020-08-13 06:24 - 000355576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-09 10:30 - 2020-08-13 05:41 - 025756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-09 10:30 - 2020-08-13 05:17 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-09-09 10:30 - 2020-08-13 05:06 - 020291072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-09 10:30 - 2020-08-13 05:06 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-09 10:30 - 2020-08-13 05:06 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-09-09 10:30 - 2020-08-13 04:50 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-09-09 10:30 - 2020-08-13 04:40 - 000653824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-09-09 10:30 - 2020-08-13 04:37 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-09-09 10:30 - 2020-08-13 04:30 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-09-09 10:30 - 2020-08-13 04:29 - 015480320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-09 10:30 - 2020-08-13 04:26 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-09 10:30 - 2020-08-13 04:20 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-09-09 10:30 - 2020-08-13 04:18 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-09 10:30 - 2020-08-13 04:16 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-09 10:30 - 2020-08-13 04:15 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-09 10:30 - 2020-08-13 04:15 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-09-09 10:30 - 2020-08-13 04:12 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-09 10:30 - 2020-08-13 04:11 - 013862400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-09 10:30 - 2020-08-13 04:04 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-09-09 10:30 - 2020-08-13 03:57 - 004387840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-09 10:30 - 2020-08-13 03:54 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-09-09 10:30 - 2020-08-13 03:53 - 001341952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-09-09 10:30 - 2020-08-13 03:52 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-09-09 10:30 - 2020-08-11 07:19 - 000136824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-09 10:30 - 2020-08-11 07:17 - 000537632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-09-09 10:30 - 2020-08-11 07:16 - 001210112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-09 10:30 - 2020-08-11 07:16 - 000376072 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2020-09-09 10:30 - 2020-08-11 07:12 - 002173376 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-09 10:30 - 2020-08-11 07:12 - 001665104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-09 10:30 - 2020-08-11 05:33 - 001037600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-09 10:30 - 2020-08-11 05:33 - 000450312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-09-09 10:30 - 2020-08-11 05:33 - 000317176 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2020-09-09 10:30 - 2020-08-11 05:31 - 001561296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-09 10:30 - 2020-08-11 05:31 - 001215736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-09 10:30 - 2020-08-11 04:30 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-09-09 10:30 - 2020-08-11 04:03 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-09-09 10:30 - 2020-08-11 04:03 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-09 10:30 - 2020-08-11 04:00 - 003720192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-09 10:30 - 2020-08-11 03:57 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-09 10:30 - 2020-08-11 03:56 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-09 10:30 - 2020-08-11 03:55 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-09 10:30 - 2020-08-11 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-09 10:30 - 2020-08-11 03:44 - 001099264 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-09 10:30 - 2020-08-11 03:44 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-09 10:30 - 2020-08-11 03:41 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-09 10:30 - 2020-08-11 03:32 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-09 10:30 - 2020-08-11 01:44 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-09 10:30 - 2020-08-10 10:18 - 000160144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-09-09 10:30 - 2020-08-10 01:04 - 003223552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-09-09 10:30 - 2020-08-10 01:04 - 001998848 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-09 10:30 - 2020-08-08 14:43 - 001545912 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-09 10:30 - 2020-08-06 14:37 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-09 10:30 - 2020-08-06 14:35 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-07 12:53 - 2020-09-07 12:53 - 000002018 _____ C:\Users\ron\Downloads\invite.ics
2020-09-02 12:42 - 2020-09-02 12:42 - 000000000 ____D C:\Users\ron\.ssh
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-10-02 13:28 - 2018-05-05 00:43 - 000000000 ____D C:\Users\ron\AppData\Local\Sync.Logs
2020-10-02 12:58 - 2017-09-15 19:18 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-233570897-2198283788-2588358591-1001
2020-10-02 12:45 - 2017-09-15 19:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-10-02 12:42 - 2020-07-02 12:15 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-02 12:42 - 2020-07-02 12:15 - 000002202 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-02 12:42 - 2020-07-02 12:15 - 000002202 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-02 12:42 - 2017-09-16 13:53 - 000003914 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{53E789E7-A7B5-4F94-960F-DE25B549729B}
2020-10-01 12:46 - 2019-01-24 14:39 - 000000000 ____D C:\Users\ron\AppData\Local\ClassicShell
2020-09-30 10:47 - 2019-08-16 09:35 - 000000000 ____D C:\Users\ron\AppData\Roaming\deezer-desktop
2020-09-30 10:17 - 2020-02-21 16:38 - 000004262 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582299511
2020-09-26 01:14 - 2018-10-13 10:13 - 000000000 ____D C:\Users\ron\AppData\Roaming\jupyter
2020-09-25 22:47 - 2017-10-08 20:10 - 000002016 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002016 _____ C:\ProgramData\Desktop\Google Slides.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002014 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002014 _____ C:\ProgramData\Desktop\Google Sheets.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002004 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002004 _____ C:\ProgramData\Desktop\Google Docs.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-25 15:02 - 2018-10-13 10:14 - 000000000 ____D C:\Users\ron\.ipynb_checkpoints
2020-09-25 15:02 - 2017-09-16 13:43 - 000000000 ____D C:\Users\ron
2020-09-25 00:15 - 2017-10-08 19:53 - 002369024 ___SH C:\Users\ron\Documents\Thumbs.db
2020-09-25 00:12 - 2018-02-15 00:47 - 000000000 ___HD C:\Users\ron\Documents\.tmp.drivedownload
2020-09-24 23:32 - 2017-10-04 13:29 - 000210944 _____ C:\Users\ron\AppData\Local\WebpageIcons.db
2020-09-24 14:33 - 2020-01-15 23:22 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-24 14:33 - 2020-01-15 23:22 - 000000000 ____D C:\Users\ron\AppData\LocalLow\Mozilla
2020-09-24 14:33 - 2020-01-15 23:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-24 14:01 - 2014-11-22 02:01 - 000958820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-24 14:01 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2020-09-24 13:57 - 2019-05-24 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-24 13:56 - 2020-01-21 03:05 - 000000000 ____D C:\Users\ron\AppData\Roaming\ownCloud
2020-09-24 13:56 - 2018-05-04 09:40 - 000000000 __RDO C:\Users\ron\OneDrive
2020-09-24 13:55 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-24 13:25 - 2019-08-01 11:40 - 000000000 ____D C:\Users\ron\AppData\Roaming\Slack
2020-09-24 09:42 - 2017-09-16 13:55 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-24 09:42 - 2017-09-16 13:55 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-24 09:42 - 2017-09-16 13:55 - 000002203 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-22 21:45 - 2020-06-05 21:48 - 000000000 ____D C:\Program Files\Kite
2020-09-21 12:01 - 2020-05-14 21:54 - 000000000 ____D C:\Users\ron\AppData\Roaming\Atom
2020-09-21 12:01 - 2020-05-14 21:54 - 000000000 ____D C:\Users\ron\.atom
2020-09-19 09:21 - 2019-10-30 11:53 - 000004032 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1572432817
2020-09-19 09:21 - 2019-10-30 11:53 - 000001371 _____ C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2020-09-18 14:04 - 2019-02-18 13:01 - 000000000 ____D C:\Users\ron\AppData\Local\CrashDumps
2020-09-17 12:56 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-17 12:56 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-16 10:51 - 2019-04-28 19:05 - 000017408 ___SH C:\Users\ron\Desktop\Thumbs.db
2020-09-16 10:46 - 2020-05-24 04:15 - 000000000 ____D C:\Users\ron\AppData\Roaming\Signal
2020-09-16 10:41 - 2020-06-02 12:13 - 000000000 ____D C:\Users\ron\AppData\Roaming\Typora
2020-09-16 10:18 - 2017-09-15 19:12 - 000000000 ____D C:\Users\ron\AppData\Local\Packages
2020-09-16 09:46 - 2020-07-10 17:12 - 000000000 ___SD C:\Users\ron\ownCloud
2020-09-16 09:46 - 2020-06-02 11:54 - 000000000 ___SD C:\Users\ron\mesonomics
2020-09-16 09:46 - 2019-09-28 15:05 - 000000000 ____D C:\Users\ron\AppData\Local\PasswordSafe
2020-09-16 09:45 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-09-15 12:39 - 2020-06-18 12:07 - 000000000 ____D C:\Users\ron\AppData\Roaming\obs-studio
2020-09-15 01:02 - 2018-09-25 07:00 - 000078336 ___SH C:\Users\ron\Downloads\Thumbs.db
2020-09-14 23:01 - 2020-06-18 12:45 - 000000000 ____D C:\Users\ron\AppData\Roaming\vlc
2020-09-14 22:23 - 2020-06-18 12:59 - 000000000 ____D C:\ProgramData\Wondershare Filmora Scrn
2020-09-14 18:15 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-09-14 17:53 - 2017-10-04 13:29 - 000000000 ____D C:\Users\ron\AppData\Local\RStudio-Desktop
2020-09-14 14:08 - 2018-04-24 22:08 - 000000000 ___HD C:\Users\ron\Desktop\.tmp.drivedownload
2020-09-14 13:53 - 2019-11-07 07:43 - 000000000 ____D C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2020-09-14 13:53 - 2019-08-09 13:19 - 000000000 ____D C:\Users\ron\AppData\Local\slack
2020-09-14 13:53 - 2019-08-01 11:40 - 000002159 _____ C:\Users\ron\Desktop\Slack.lnk
2020-09-14 13:53 - 2019-08-01 11:40 - 000000000 ____D C:\Users\ron\AppData\Local\SquirrelTemp
2020-09-13 00:06 - 2020-09-01 11:38 - 000001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-09-12 23:15 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2020-09-12 22:54 - 2013-08-22 15:44 - 000400056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-12 22:52 - 2017-09-19 22:37 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-09-12 22:52 - 2014-11-22 06:25 - 000000000 ___SD C:\WINDOWS\system32\CompatTel
2020-09-12 22:52 - 2013-08-22 16:36 - 000000000 ___RD C:\WINDOWS\ToastData
2020-09-12 22:51 - 2019-01-24 14:32 - 000000000 ____D C:\Users\ron\AppData\Roaming\glogg
2020-09-12 22:37 - 2020-05-24 04:15 - 000002470 _____ C:\Users\ron\Desktop\Signal.lnk
2020-09-11 00:35 - 2019-01-07 12:47 - 000002329 _____ C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2020-09-11 00:35 - 2017-09-17 20:40 - 000003168 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-233570897-2198283788-2588358591-1001
2020-09-09 14:24 - 2020-05-14 21:54 - 000002139 _____ C:\Users\ron\Desktop\Atom.lnk
2020-09-09 14:24 - 2020-05-14 21:54 - 000000000 ____D C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2020-09-09 14:24 - 2020-05-14 21:53 - 000000000 ____D C:\Users\ron\AppData\Local\atom
2020-09-09 11:52 - 2012-07-26 08:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-09 11:50 - 2017-09-15 20:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-09 11:40 - 2017-09-15 20:40 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 
==================== Files in the root of some directories ========
 
2020-04-04 16:46 - 2020-04-04 16:46 - 000000000 _____ () C:\Users\ron\.mongorc.js
2020-05-04 16:29 - 2020-05-04 16:29 - 017761912 _____ (EnterpriseDB) C:\Users\ron\edb_psqlodbc.exe
2020-05-04 16:29 - 2020-05-04 16:29 - 175035688 _____ (PostgreSQL Global Development Group) C:\Users\ron\postgresql_96.exe
2020-08-30 14:44 - 2020-08-30 14:45 - 000000000 ____D () C:\Users\ron\reveal.js
2020-06-08 12:46 - 2020-09-18 14:04 - 000000000 _____ () C:\Users\ron\AppData\Roaming\git-cola.launch.pyw.log
2018-04-12 09:50 - 2020-07-20 16:04 - 000000600 _____ () C:\Users\ron\AppData\Local\PUTTY.RND
2018-05-05 00:42 - 2018-05-05 00:42 - 015750144 _____ () C:\Users\ron\AppData\Local\Sync-1525477359.msi
2018-05-05 00:42 - 2018-05-05 00:43 - 000188154 _____ () C:\Users\ron\AppData\Local\Sync-1525477359.msi.log
2017-10-04 13:29 - 2020-09-24 23:32 - 000210944 _____ () C:\Users\ron\AppData\Local\WebpageIcons.db
2019-09-06 10:53 - 2019-09-06 10:53 - 000000000 _____ () C:\Users\ron\AppData\Local\{B5FBF800-A313-42EC-9DE2-26EAC6AE9D30}
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-09-29 22:09
==================== End of FRST.txt ========================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-09-2020
Ran by ron (administrator) on HAL-RON (02-10-2020 13:41:43)
Running from D:\Downloads
Loaded Profiles: ron
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Anaconda\envs\k36\Scripts\jupyter.exe
() [File not signed] C:\Anaconda\envs\k36\Scripts\jupyter-lab.exe
() [File not signed] C:\cygwin64\bin\bash.exe
() [File not signed] C:\Windows\System\HsMgr64.exe
() [File not signed] C:\Windows\SysWOW64\HsMgr.exe
(ANDREA VACONDIO -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 4\creator-ws.exe
(Andy Koppe / Thomas Wolff) [File not signed] C:\cygwin64\bin\mintty.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\My Image Garden\cnmigmain.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CMedia) [File not signed] C:\Program Files\ASUS Xonar Xense Audio\Customapp\AsusAudioCenter.exe
(Deezer -> Deezer) C:\Users\ron\AppData\Local\Programs\deezer.desktop\Deezer.exe <5>
(Foxit Software Incorporated -> Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Shell Extensions\FoxitPrevhost.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <152>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\excel.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ownCloud GmbH -> ownCloud) C:\Program Files (x86)\ownCloud\owncloud.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\12\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\12\bin\postgres.exe <8>
(Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\python.exe <3>
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp -> Realtek) C:\Windows\SwUSB.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe
(RStudio, Inc.) [File not signed] C:\Program Files\RStudio\bin\rstudio.exe
(RStudio, Inc.) [File not signed] C:\Program Files\RStudio\bin\x64\rsession.exe
(Signal Messenger, LLC -> Open Whisper Systems) C:\Users\ron\AppData\Local\Programs\signal-desktop\Signal.exe <5>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sync.com Inc. -> ) C:\Users\ron\AppData\Local\Programs\Sync\sync-worker.exe <3>
(Sync.com Inc. -> Sync.com Inc.) C:\Users\ron\AppData\Local\Programs\Sync\sync-taskbar.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\Syswow64\cmicnfgp.dll [12935168 2014-12-28] (C-Media Corporation) [File not signed]
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2014-12-28] () [File not signed]
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2014-12-28] () [File not signed]
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [868328 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48737752 2020-09-09] (Google LLC -> )
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Google Update] => C:\Users\ron\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-04-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [2374872 2020-06-12] (ownCloud GmbH -> ownCloud)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [404060112 2020-06-20] (Manhattan Engineering Incorporated -> Kite)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90951528 2020-09-22] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\ron\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Opera Browser Assistant] => C:\Users\ron\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3085336 2020-09-29] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\MountPoints2: {f6844e0d-f65e-11e9-bea8-3085a98ce5fe} - "G:\WD SmartWare.exe" autoplay=true
HKLM\...\Windows x64\Print Processors\Canon MG5600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCA.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5600 series: C:\WINDOWS\system32\CNMLMCA.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5600 series XPS: C:\WINDOWS\system32\CNMXLMCA.DLL [408576 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2014-03-17] (CANON INC.) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\Custom64\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-24] (Google LLC -> Google LLC)
Startup: C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk [2019-09-28]
ShortcutTarget: Password Safe.lnk -> C:\Program Files (x86)\Password Safe\pwsafe.exe (SourceForge.net) [File not signed]
Startup: C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sync.LNK [2018-05-05]
ShortcutTarget: Sync.LNK -> C:\Users\ron\AppData\Local\Programs\Sync\sync-taskbar.exe (Sync.com Inc. -> Sync.com Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {048B46DC-0BC5-400F-B9A3-423D55FF0CD5} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {06C14AE8-2154-4138-A74F-27C3C656BD9C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {09D3E962-76AD-4E9F-B020-FB971145B57F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1DDA3249-C1D1-4820-AD47-C03939307421} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23B0C28A-DDFA-4B0D-9460-E131FF2BFF02} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30A7E63F-977E-4AEA-80C5-3015C2B310A4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3487088 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {35CFDE44-C3DA-4B68-B235-5715ED691D10} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CF8ADEA-046C-42FD-A3F6-40D3C675A450} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [994672 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {492F8726-136B-4E52-BB68-0C7B7E2A4D38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-16] (Google Inc -> Google Inc.)
Task: {4C29320E-56C1-46F6-90C7-CB36865F533F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {6343D530-6966-4BD2-8410-B0301EF844BB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {671CA532-4BC6-411B-AD05-9D13C19E5F3C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6DE83157-DE9E-44B0-9017-16C355449356} - System32\Tasks\Opera scheduled assistant Autoupdate 1582299511 => C:\Users\ron\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {7EDA26FF-0346-498C-8286-D5E066AC9D8A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-233570897-2198283788-2588358591-1001Core => C:\Users\ron\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {858AE3F5-2F76-40B4-BD92-CE95B49B19C9} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87C4A64E-1CA5-4263-9D9A-BD588DC8B034} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-233570897-2198283788-2588358591-1001UA => C:\Users\ron\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {96B756A7-D0E6-4B34-AF94-AFEB2A0C6FD5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3D3C8C0-D3F4-4ABB-BE9E-379754139437} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [695664 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9CDA4AD-4917-4E49-A214-5568F84183C2} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B31C2298-D254-4DF5-8BBC-66A9ECD0520F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD38628B-32C9-446F-BE3C-C61B99D6A450} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C4DB7967-E171-40B5-9DF5-344B5DD9D062} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C84E3CE8-99AA-415F-96E6-5822E7C0583D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-16] (Google Inc -> Google Inc.)
Task: {CB539B5D-F137-4388-8067-E92F66E9C7CF} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [70016 2019-05-14] (Oracle America, Inc. -> Oracle Corporation)
Task: {CEB07199-4B4D-42AF-8734-D491FA19CE84} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [754176 2016-07-29] (Oracle Corporation) [File not signed]
Task: {D0671856-6416-4154-9D86-53124C5CACB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9F9566B-E3A7-45D2-9EE0-2FA6C98AEB9A} - System32\Tasks\Opera scheduled Autoupdate 1572432817 => C:\Users\ron\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {E1B3B7E4-058A-49F5-A6C9-316DE98EF023} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{68584B7A-0386-43A8-9926-8CFF586B4014}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{76CC638A-02B0-4AF7-848E-FEF893671806}: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
Edge: 
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ron\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-14]
 
FireFox:
========
FF DefaultProfile: ny746aeo.default
FF ProfilePath: C:\Users\ron\AppData\Roaming\Mozilla\Firefox\Profiles\ny746aeo.default [2020-01-15]
FF ProfilePath: C:\Users\ron\AppData\Roaming\Mozilla\Firefox\Profiles\9tp68gj4.default-release [2020-10-02]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: PDFsam Enhanced 4 -> C:\Program Files (x86)\PDFsam Enhanced 4\np-previewer.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
 
Chrome: 
=======
CHR Profile: C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default [2020-10-02]
CHR Notifications: Default -> hxxps://alison.com; hxxps://app.chime.aws; hxxps://app.slack.com; hxxps://calendar.google.com; hxxps://conference.blockdownconf.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://support.cloud.google.com; hxxps://www.datacamp.com; hxxps://www.facebook.com; hxxps://www.headmasters.com; hxxps://www.monsterinsights.com; hxxps://www.simplilearn.com
CHR HomePage: Default -> hxxp://www.holasearch.com/?affID=121962&tt=gc_&babsrc=HP_ss&mntrId=86603085A98CE5FE
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/","hxxps://mail.google.com/","hxxp://www.deezer.com/playlist/1290162447"
CHR Extension: (Google Translate) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Slides) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Postman Interceptor) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aicmkgpgakddgnaphhhpliifpcfhicfo [2020-05-20]
CHR Extension: (Docs) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-25]
CHR Extension: (YouTube) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-16]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2020-09-15]
CHR Extension: (Sheets) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Postman) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2020-07-02]
CHR Extension: (EditThisCookie) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-11-30]
CHR Extension: (Google Docs Offline) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-12]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-09-25]
CHR Extension: (Home) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomhhejmlbhdpfjbpgemagmcckjhajgg [2018-05-04]
CHR Extension: (Pinterest Save Button) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-10-02]
CHR Extension: (Grammarly for Chrome) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-10-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-10-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Gmail) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-13]
CHR Extension: (HappyPath) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhcklacellfncndpbedjbdbmligjfcn [2017-09-16]
CHR Profile: C:\Users\ron\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-20]
CHR HKU\S-1-5-21-233570897-2198283788-2588358591-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052944 2020-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-08-25] (Foxit Software Incorporated -> Foxit Software Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2015-02-05] (Microsoft Corporation -> Microsoft Corporation)
R2 KiteService; C:\Program Files\Kite\KiteService.exe [141936 2020-09-22] (Manhattan Engineering Incorporated -> Kite)
S2 MySQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [46693696 2019-04-13] (Oracle America, Inc. -> )
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-02-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-02-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 PDFsam Enhanced 4; C:\Program Files\PDFsam Enhanced 4\ws.exe [2005744 2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PDFsam Enhanced 4 Creator; C:\Program Files\PDFsam Enhanced 4\creator-ws.exe [757496 2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [493544 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
R2 postgresql-x64-12; C:\Program Files\PostgreSQL\12\bin\pg_ctl.exe [116736 2020-04-24] (PostgreSQL Global Development Group) [File not signed]
R2 RealtekWlanU; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2734080 2014-12-28] (C-MEDIA ELECTRONICS INC. -> C-Media Inc)
S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2015-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NVHDA; C:\WINDOWS\system32\drivers\nvhda64v.sys [218968 2018-09-17] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [226304 2014-11-22] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-09-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\ron\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-10-02 13:41 - 2020-10-02 13:42 - 000000000 ____D C:\FRST
2020-09-25 15:02 - 2020-09-25 15:02 - 000000072 _____ C:\Users\ron\Untitled9.ipynb
2020-09-25 00:37 - 2020-09-25 00:37 - 000026895 _____ C:\Users\ron\Downloads\2020_07_GCP (1).pdf
2020-09-24 23:44 - 2020-09-24 23:44 - 000131276 _____ C:\Users\ron\Downloads\2020_07_to_08.pdf
2020-09-24 14:33 - 2020-09-24 14:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-19 22:27 - 2020-09-24 22:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-16 09:45 - 2020-09-16 09:45 - 000000000 ____D C:\Users\ron\AppData\Local\ownCloud
2020-09-11 12:05 - 2020-09-29 22:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-09-09 10:30 - 2020-09-02 06:52 - 003332608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-09 10:30 - 2020-09-02 06:25 - 003641344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-09 10:30 - 2020-08-29 03:41 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-09 10:30 - 2020-08-27 06:04 - 004169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-09 10:30 - 2020-08-20 21:54 - 022382424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-09 10:30 - 2020-08-20 21:51 - 019805104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-09 10:30 - 2020-08-15 08:22 - 001370680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-09-09 10:30 - 2020-08-15 08:18 - 007363328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-09 10:30 - 2020-08-15 08:18 - 002012928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-09 10:30 - 2020-08-15 08:18 - 000373512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-09 10:30 - 2020-08-15 06:11 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-09 10:30 - 2020-08-15 05:43 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2020-09-09 10:30 - 2020-08-15 05:39 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-09 10:30 - 2020-08-15 05:33 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-09 10:30 - 2020-08-15 05:23 - 001993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-09 10:30 - 2020-08-15 05:17 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-09 10:30 - 2020-08-15 05:17 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2020-09-09 10:30 - 2020-08-15 05:14 - 001442304 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-09 10:30 - 2020-08-15 05:14 - 001383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-09 10:30 - 2020-08-15 05:12 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-09 10:30 - 2020-08-15 05:12 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-09 10:30 - 2020-08-15 05:11 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-09 10:30 - 2020-08-15 05:11 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-09 10:30 - 2020-08-15 05:04 - 001757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-09 10:30 - 2020-08-15 05:02 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-09 10:30 - 2020-08-15 04:59 - 001088512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-09-09 10:30 - 2020-08-15 04:57 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-09 10:30 - 2020-08-15 04:50 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-09 10:30 - 2020-08-13 06:25 - 001308256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-09 10:30 - 2020-08-13 06:24 - 000355576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-09 10:30 - 2020-08-13 05:41 - 025756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-09 10:30 - 2020-08-13 05:17 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-09-09 10:30 - 2020-08-13 05:06 - 020291072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-09 10:30 - 2020-08-13 05:06 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-09 10:30 - 2020-08-13 05:06 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-09-09 10:30 - 2020-08-13 04:50 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-09-09 10:30 - 2020-08-13 04:40 - 000653824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-09-09 10:30 - 2020-08-13 04:37 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-09-09 10:30 - 2020-08-13 04:30 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-09-09 10:30 - 2020-08-13 04:29 - 015480320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-09 10:30 - 2020-08-13 04:26 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-09 10:30 - 2020-08-13 04:20 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-09-09 10:30 - 2020-08-13 04:18 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-09 10:30 - 2020-08-13 04:16 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-09 10:30 - 2020-08-13 04:15 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-09 10:30 - 2020-08-13 04:15 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-09-09 10:30 - 2020-08-13 04:12 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-09 10:30 - 2020-08-13 04:11 - 013862400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-09 10:30 - 2020-08-13 04:04 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-09-09 10:30 - 2020-08-13 03:57 - 004387840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-09 10:30 - 2020-08-13 03:54 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-09-09 10:30 - 2020-08-13 03:53 - 001341952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-09-09 10:30 - 2020-08-13 03:52 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-09-09 10:30 - 2020-08-11 07:19 - 000136824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-09 10:30 - 2020-08-11 07:17 - 000537632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-09-09 10:30 - 2020-08-11 07:16 - 001210112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-09 10:30 - 2020-08-11 07:16 - 000376072 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2020-09-09 10:30 - 2020-08-11 07:12 - 002173376 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-09 10:30 - 2020-08-11 07:12 - 001665104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-09 10:30 - 2020-08-11 05:33 - 001037600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-09 10:30 - 2020-08-11 05:33 - 000450312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-09-09 10:30 - 2020-08-11 05:33 - 000317176 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2020-09-09 10:30 - 2020-08-11 05:31 - 001561296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-09 10:30 - 2020-08-11 05:31 - 001215736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-09 10:30 - 2020-08-11 04:30 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-09-09 10:30 - 2020-08-11 04:03 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-09-09 10:30 - 2020-08-11 04:03 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-09 10:30 - 2020-08-11 04:00 - 003720192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-09 10:30 - 2020-08-11 03:57 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-09 10:30 - 2020-08-11 03:56 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-09 10:30 - 2020-08-11 03:55 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-09 10:30 - 2020-08-11 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-09 10:30 - 2020-08-11 03:44 - 001099264 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-09 10:30 - 2020-08-11 03:44 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-09 10:30 - 2020-08-11 03:41 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-09 10:30 - 2020-08-11 03:32 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-09 10:30 - 2020-08-11 01:44 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-09 10:30 - 2020-08-10 10:18 - 000160144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-09-09 10:30 - 2020-08-10 01:04 - 003223552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-09-09 10:30 - 2020-08-10 01:04 - 001998848 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-09 10:30 - 2020-08-08 14:43 - 001545912 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-09 10:30 - 2020-08-06 14:37 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-09 10:30 - 2020-08-06 14:35 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-07 12:53 - 2020-09-07 12:53 - 000002018 _____ C:\Users\ron\Downloads\invite.ics
2020-09-02 12:42 - 2020-09-02 12:42 - 000000000 ____D C:\Users\ron\.ssh
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-10-02 13:28 - 2018-05-05 00:43 - 000000000 ____D C:\Users\ron\AppData\Local\Sync.Logs
2020-10-02 12:58 - 2017-09-15 19:18 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-233570897-2198283788-2588358591-1001
2020-10-02 12:45 - 2017-09-15 19:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-10-02 12:42 - 2020-07-02 12:15 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-02 12:42 - 2020-07-02 12:15 - 000002202 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-02 12:42 - 2020-07-02 12:15 - 000002202 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-02 12:42 - 2017-09-16 13:53 - 000003914 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{53E789E7-A7B5-4F94-960F-DE25B549729B}
2020-10-01 12:46 - 2019-01-24 14:39 - 000000000 ____D C:\Users\ron\AppData\Local\ClassicShell
2020-09-30 10:47 - 2019-08-16 09:35 - 000000000 ____D C:\Users\ron\AppData\Roaming\deezer-desktop
2020-09-30 10:17 - 2020-02-21 16:38 - 000004262 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582299511
2020-09-26 01:14 - 2018-10-13 10:13 - 000000000 ____D C:\Users\ron\AppData\Roaming\jupyter
2020-09-25 22:47 - 2017-10-08 20:10 - 000002016 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002016 _____ C:\ProgramData\Desktop\Google Slides.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002014 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002014 _____ C:\ProgramData\Desktop\Google Sheets.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002004 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002004 _____ C:\ProgramData\Desktop\Google Docs.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-25 15:02 - 2018-10-13 10:14 - 000000000 ____D C:\Users\ron\.ipynb_checkpoints
2020-09-25 15:02 - 2017-09-16 13:43 - 000000000 ____D C:\Users\ron
2020-09-25 00:15 - 2017-10-08 19:53 - 002369024 ___SH C:\Users\ron\Documents\Thumbs.db
2020-09-25 00:12 - 2018-02-15 00:47 - 000000000 ___HD C:\Users\ron\Documents\.tmp.drivedownload
2020-09-24 23:32 - 2017-10-04 13:29 - 000210944 _____ C:\Users\ron\AppData\Local\WebpageIcons.db
2020-09-24 14:33 - 2020-01-15 23:22 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-24 14:33 - 2020-01-15 23:22 - 000000000 ____D C:\Users\ron\AppData\LocalLow\Mozilla
2020-09-24 14:33 - 2020-01-15 23:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-24 14:01 - 2014-11-22 02:01 - 000958820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-24 14:01 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2020-09-24 13:57 - 2019-05-24 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-24 13:56 - 2020-01-21 03:05 - 000000000 ____D C:\Users\ron\AppData\Roaming\ownCloud
2020-09-24 13:56 - 2018-05-04 09:40 - 000000000 __RDO C:\Users\ron\OneDrive
2020-09-24 13:55 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-24 13:25 - 2019-08-01 11:40 - 000000000 ____D C:\Users\ron\AppData\Roaming\Slack
2020-09-24 09:42 - 2017-09-16 13:55 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-24 09:42 - 2017-09-16 13:55 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-24 09:42 - 2017-09-16 13:55 - 000002203 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-22 21:45 - 2020-06-05 21:48 - 000000000 ____D C:\Program Files\Kite
2020-09-21 12:01 - 2020-05-14 21:54 - 000000000 ____D C:\Users\ron\AppData\Roaming\Atom
2020-09-21 12:01 - 2020-05-14 21:54 - 000000000 ____D C:\Users\ron\.atom
2020-09-19 09:21 - 2019-10-30 11:53 - 000004032 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1572432817
2020-09-19 09:21 - 2019-10-30 11:53 - 000001371 _____ C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2020-09-18 14:04 - 2019-02-18 13:01 - 000000000 ____D C:\Users\ron\AppData\Local\CrashDumps
2020-09-17 12:56 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-17 12:56 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-16 10:51 - 2019-04-28 19:05 - 000017408 ___SH C:\Users\ron\Desktop\Thumbs.db
2020-09-16 10:46 - 2020-05-24 04:15 - 000000000 ____D C:\Users\ron\AppData\Roaming\Signal
2020-09-16 10:41 - 2020-06-02 12:13 - 000000000 ____D C:\Users\ron\AppData\Roaming\Typora
2020-09-16 10:18 - 2017-09-15 19:12 - 000000000 ____D C:\Users\ron\AppData\Local\Packages
2020-09-16 09:46 - 2020-07-10 17:12 - 000000000 ___SD C:\Users\ron\ownCloud
2020-09-16 09:46 - 2020-06-02 11:54 - 000000000 ___SD C:\Users\ron\mesonomics
2020-09-16 09:46 - 2019-09-28 15:05 - 000000000 ____D C:\Users\ron\AppData\Local\PasswordSafe
2020-09-16 09:45 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-09-15 12:39 - 2020-06-18 12:07 - 000000000 ____D C:\Users\ron\AppData\Roaming\obs-studio
2020-09-15 01:02 - 2018-09-25 07:00 - 000078336 ___SH C:\Users\ron\Downloads\Thumbs.db
2020-09-14 23:01 - 2020-06-18 12:45 - 000000000 ____D C:\Users\ron\AppData\Roaming\vlc
2020-09-14 22:23 - 2020-06-18 12:59 - 000000000 ____D C:\ProgramData\Wondershare Filmora Scrn
2020-09-14 18:15 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-09-14 17:53 - 2017-10-04 13:29 - 000000000 ____D C:\Users\ron\AppData\Local\RStudio-Desktop
2020-09-14 14:08 - 2018-04-24 22:08 - 000000000 ___HD C:\Users\ron\Desktop\.tmp.drivedownload
2020-09-14 13:53 - 2019-11-07 07:43 - 000000000 ____D C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2020-09-14 13:53 - 2019-08-09 13:19 - 000000000 ____D C:\Users\ron\AppData\Local\slack
2020-09-14 13:53 - 2019-08-01 11:40 - 000002159 _____ C:\Users\ron\Desktop\Slack.lnk
2020-09-14 13:53 - 2019-08-01 11:40 - 000000000 ____D C:\Users\ron\AppData\Local\SquirrelTemp
2020-09-13 00:06 - 2020-09-01 11:38 - 000001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-09-12 23:15 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2020-09-12 22:54 - 2013-08-22 15:44 - 000400056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-12 22:52 - 2017-09-19 22:37 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-09-12 22:52 - 2014-11-22 06:25 - 000000000 ___SD C:\WINDOWS\system32\CompatTel
2020-09-12 22:52 - 2013-08-22 16:36 - 000000000 ___RD C:\WINDOWS\ToastData
2020-09-12 22:51 - 2019-01-24 14:32 - 000000000 ____D C:\Users\ron\AppData\Roaming\glogg
2020-09-12 22:37 - 2020-05-24 04:15 - 000002470 _____ C:\Users\ron\Desktop\Signal.lnk
2020-09-11 00:35 - 2019-01-07 12:47 - 000002329 _____ C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2020-09-11 00:35 - 2017-09-17 20:40 - 000003168 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-233570897-2198283788-2588358591-1001
2020-09-09 14:24 - 2020-05-14 21:54 - 000002139 _____ C:\Users\ron\Desktop\Atom.lnk
2020-09-09 14:24 - 2020-05-14 21:54 - 000000000 ____D C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2020-09-09 14:24 - 2020-05-14 21:53 - 000000000 ____D C:\Users\ron\AppData\Local\atom
2020-09-09 11:52 - 2012-07-26 08:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-09 11:50 - 2017-09-15 20:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-09 11:40 - 2017-09-15 20:40 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 
==================== Files in the root of some directories ========
 
2020-04-04 16:46 - 2020-04-04 16:46 - 000000000 _____ () C:\Users\ron\.mongorc.js
2020-05-04 16:29 - 2020-05-04 16:29 - 017761912 _____ (EnterpriseDB) C:\Users\ron\edb_psqlodbc.exe
2020-05-04 16:29 - 2020-05-04 16:29 - 175035688 _____ (PostgreSQL Global Development Group) C:\Users\ron\postgresql_96.exe
2020-08-30 14:44 - 2020-08-30 14:45 - 000000000 ____D () C:\Users\ron\reveal.js
2020-06-08 12:46 - 2020-09-18 14:04 - 000000000 _____ () C:\Users\ron\AppData\Roaming\git-cola.launch.pyw.log
2018-04-12 09:50 - 2020-07-20 16:04 - 000000600 _____ () C:\Users\ron\AppData\Local\PUTTY.RND
2018-05-05 00:42 - 2018-05-05 00:42 - 015750144 _____ () C:\Users\ron\AppData\Local\Sync-1525477359.msi
2018-05-05 00:42 - 2018-05-05 00:43 - 000188154 _____ () C:\Users\ron\AppData\Local\Sync-1525477359.msi.log
2017-10-04 13:29 - 2020-09-24 23:32 - 000210944 _____ () C:\Users\ron\AppData\Local\WebpageIcons.db
2019-09-06 10:53 - 2019-09-06 10:53 - 000000000 _____ () C:\Users\ron\AppData\Local\{B5FBF800-A313-42EC-9DE2-26EAC6AE9D30}
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-09-29 22:09
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-09-2020
Ran by ron (02-10-2020 13:43:05)
Running from D:\Downloads
Windows 8.1 (Update) (X64) (2017-09-16 12:51:51)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-233570897-2198283788-2588358591-500 - Administrator - Disabled)
Guest (S-1-5-21-233570897-2198283788-2588358591-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-233570897-2198283788-2588358591-1005 - Limited - Enabled)
ron (S-1-5-21-233570897-2198283788-2588358591-1001 - Administrator - Enabled) => C:\Users\ron
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
${{arpDisplayName}} (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cufft_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
7-Zip 17.01 beta (x64) (HKLM\...\7-Zip) (Version: 17.01 beta - Igor Pavlov)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: 6.3.6.0 - iMobie Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Application Insights Tools for Visual Studio 2013 (HKLM-x32\...\{873F2D30-973B-415E-9BCA-E465AF816CCF}) (Version: 2.5 - Microsoft Corporation) Hidden
ASUS Xonar Xense Audio (HKLM-x32\...\{8FFA0EAF-5AFB-4492-B5F7-C56B03DF08DF}) (Version: 1.00.0003 - ASUSTeK Computer Inc.)
Atom (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\atom) (Version: 1.51.0 - GitHub Inc.)
AWS Command Line Interface (HKLM\...\{15B28B6C-1E1C-4D5F-954E-256FE269F541}) (Version: 1.16.240 - Amazon Web Services Developer Relations)
AzureTools.Notifications (HKLM-x32\...\{3FBFCF2C-392A-4632-9442-14C305B44D5E}) (Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Backup and Sync from Google (HKLM\...\{B109BD68-709A-485B-97E6-651FEB234AC9}) (Version: 3.51.3307.8076 - Google, Inc.)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (HKLM-x32\...\{594DB57D-58D1-4AA3-AE6C-BF99484F52F8}) (Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (HKLM-x32\...\{28C7344F-E894-4CF5-8D05-EDC7ED71796C}) (Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Beyond Compare 4.2.6 (HKLM\...\BeyondCompare4_is1) (Version: 4.2.6.23150 - Scooter Software)
Blend for Visual Studio 2013 (HKLM-x32\...\{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (HKLM-x32\...\{9ED1634C-4E71-4992-A1BA-7C4BE6EE39E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (HKLM-x32\...\{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build Tools - amd64 (HKLM\...\{DE293220-4F3A-40C8-B825-E151A231455A}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{20C6C9E5-B5B0-40A2-8ACD-EF08A9562A5B}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (HKLM\...\{ACE05087-00E9-480F-A955-1C3D7B977A7D}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (HKLM-x32\...\{2F2A7D0D-C28D-4953-A59A-A5EF1171E03F}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.01 - Canon Inc.)
Canon MG5600 series On-screen Manual (HKLM-x32\...\Canon MG5600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon MG5600 series User Registration (HKLM-x32\...\Canon MG5600 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Core Temp 1.13 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.13 - ALCPU)
CUBLAS Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cublas_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUBLAS Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cublas_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUDA Documentation (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_documentation_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUDA Profiler Tools (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvprof_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUDA Toolkit (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAToolkit_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUDA Version (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAVersion_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUDART Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cudart_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUFFT Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cufft_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
cuobjdump (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cuobjdump_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUPTI (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cupti_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CURAND Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_curand_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CURAND Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_curand_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUSOLVER Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusolver_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUSOLVER Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusolver_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUSPARSE Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusparse_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUSPARSE Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusparse_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
DBeaver 6.2.4 (HKLM\...\DBeaver) (Version: 6.2.4 - DBeaver Corp)
Deezer 4.16.3 (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\67490f87-0893-5593-ae76-b1e5d0acd13f) (Version: 4.16.3 - Deezer)
Deezer 4.19.10 (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\{67490f87-0893-5593-ae76-b1e5d0acd13f}) (Version: 4.19.10 - Deezer)
Demo Suite (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_demo_suite_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
Disassembler (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvdisasm_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 411.31 - NVIDIA Corporation) Hidden
Dotfuscator and Analytics Community Edition (HKLM-x32\...\{2386192E-D6DB-4AD2-9564-65586A0AE53E}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Entity Framework 6.1.3 Tools  for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
FileZilla Client 3.45.1 (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\FileZilla Client) (Version: 3.45.1 - Tim Kosse)
FlashBack Express 5 (HKLM-x32\...\FlashBack Express 5) (Version: 5.36.0.4417 - Blueberry Software (UK) Ltd.)
Fortran Examples (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_fortran_examples_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.2.25013 - Foxit Software Inc.)
Git version 2.25.1 (HKLM\...\Git_is1) (Version: 2.25.1 - The Git Development Community)
git-cola (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\git-cola) (Version: 3.7 - )
glogg (HKLM-x32\...\glogg) (Version: v1.1.4-x86_64 - )
Google Ads Editor (HKLM-x32\...\{0630E221-E3C9-11EA-B475-DC4A3E998CF6}) (Version: 13.4.4.0 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GPU Library Advisor (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_gpu_library_advisor_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
Grammarly for Microsoft® Office Suite (HKLM\...\{F0E0C340-6901-47B9-B2E6-F9A4CCAE6C75}) (Version: 6.7.190 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\{92a2ef9a-75ce-46ea-92d9-5774c698c9ee}) (Version: 6.7.190 - Grammarly)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
iTunes (HKLM\...\{ABCE8B41-D52C-4304-A5B9-2445AA8B4D4B}) (Version: 12.9.6.3 - Apple Inc.)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Kit SDK de vérification de Visual Studio 2012 - fra (HKLM-x32\...\{8A3862F9-F587-3DFA-AAFC-C1F0E116F05C}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
Kite (HKLM\...\Kite) (Version:  - Manhattan Engineering Inc)
LocalESPC Dev12 (HKLM-x32\...\{492498A3-F88C-FE2F-755C-9B1B91724CA5}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (HKLM-x32\...\{B1C38F27-D377-8C98-D98D-29B67C0B978D}) (Version: 8.100.25984 - Microsoft) Hidden
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
MEMCHECK (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_memcheck_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
Memory Profiler (HKLM-x32\...\{4522FE06-850C-4106-AB9E-B32C1462DF8B}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Memory Profiler (HKLM-x32\...\{57960F45-EDBA-4EFA-94D8-0C6FB5CCF11E}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
MergeModule_x64 (HKLM\...\{8B591A6B-253E-4E62-B2A8-3668CDA0A907}) (Version: 11.0.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{51B45206-47B1-4B51-B46A-330B9156D6C1}) (Version: 11.0.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.5267.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Teams) (Version: 1.3.00.21759 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.27.2 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 5 (HKLM-x32\...\{693b15f4-4a52-402e-a7ea-862b20443883}) (Version: 12.0.40629 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MongoDB Compass (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\MongoDBCompass) (Version: 1.20.5 - MongoDB Inc)
Mozilla Firefox 80.0.1 (x64 en-GB) (HKLM\...\Mozilla Firefox 80.0.1 (x64 en-GB)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.2.1 - Mozilla)
Mozilla Thunderbird 78.2.2 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 78.2.2 (x86 en-US)) (Version: 78.2.2 - Mozilla)
MySQL Connector C++ 8.0 (HKLM\...\{80A4FABD-6281-40ED-8FA8-61208D7EA5C5}) (Version: 8.0.16 - Oracle Corporation)
MySQL Connector J (HKLM-x32\...\{D2B7A080-0321-4543-80C1-3216B5A0B703}) (Version: 8.0.16 - Oracle Corporation)
MySQL Connector Net 8.0.15 (HKLM-x32\...\{C52EF11C-FD2C-4645-B851-F213C11E6FBE}) (Version: 8.0.15 - Oracle)
MySQL Connector/ODBC 8.0 (HKLM\...\{A6302E15-2BC2-47E1-9080-BBB7CACEE11B}) (Version: 8.0.16 - Oracle Corporation)
MySQL Documents 8.0 (HKLM-x32\...\{9AF28A89-AAB5-4521-BAD5-6A97F39272D7}) (Version: 8.0.16 - Oracle Corporation)
MySQL for Visual Studio 1.2.8 (HKLM-x32\...\{8FAF420D-7967-44AC-B8B1-F7067944F904}) (Version: 1.2.8 - Oracle)
MySQL Installer - Community (HKLM-x32\...\{71C466E1-2901-483E-879D-57B100926B92}) (Version: 1.4.29.0 - Oracle Corporation)
MySQL Installer for Windows - Community (HKLM-x32\...\{0D4C6A5D-CA41-470D-A34B-355C9BD7433B}) (Version: 1.4.30.0 - Oracle Corporation)
MySQL Notifier 1.1.7 (HKLM-x32\...\{724CDD73-430E-47DA-8F4E-7DF2000BA268}) (Version: 1.1.7 - Oracle)
MySQL Router 8.0 (HKLM\...\{E5A421DC-CAA3-4604-8026-9F64A04084CD}) (Version: 8.0.16 - Oracle Corporation)
MySQL Server 8.0 (HKLM\...\{87210B05-B03F-4F6D-A217-D20F19746EAC}) (Version: 8.0.16 - Oracle Corporation)
MySQL Shell 8.0.15 (HKLM\...\{E1B8F0C7-5D8D-416F-B20C-0745DE10FA9A}) (Version: 8.0.15 - Oracle and/or its affiliates)
MySQL Workbench 8.0 CE (HKLM\...\{C806C745-44EB-4934-8531-7A38D4C75E62}) (Version: 8.0.16 - Oracle Corporation)
Neo4j Desktop 1.0.20 (HKLM\...\14c7e06f-6a3b-5e4e-9e0c-ebe055b1b752) (Version: 1.0.20 - Neo4j Inc.)
Neo4j Desktop 1.0.24 (only current user) (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\14c7e06f-6a3b-5e4e-9e0c-ebe055b1b752) (Version: 1.0.24 - Neo4j Inc.)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NPP Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_npp_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NPP Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_npp_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
nvcc (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvcc_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVGRAPH Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvgraph_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVGRAPH Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvgraph_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 411.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 411.31 - NVIDIA Corporation)
NVIDIA CUDA Development 10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADevelopment_10.0) (Version: 10.0 - NVIDIA Corporation)
NVIDIA CUDA Documentation 10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocument_10.0) (Version: 10.0 - NVIDIA Corporation)
NVIDIA CUDA Runtime 10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDARuntimes_10.0) (Version: 10.0 - NVIDIA Corporation)
NVIDIA CUDA Samples 10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_samples_10.0) (Version: 10.0 - NVIDIA Corporation)
NVIDIA CUDA Visual Studio Integration 10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_visual_studio_integration_10.0) (Version: 10.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Graphics Driver 411.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 411.31 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 411.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 411.31 - NVIDIA Corporation)
NVIDIA Nsight Compute v1.0 (HKLM\...\{3A63BBE3-1FA5-4500-B580-BA102E59C55C}) (Version: 1.0.18227.2207 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 6.0.0.18227 (HKLM\...\{06D6D3DB-339A-4FCC-A049-1F289C17A25E}) (Version: 6.0.0.18227 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 - NVIDIA Corporation)
NVML Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvml_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
nvprune (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvprune_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVRTC Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvrtc_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVRTC Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvrtc_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVTX Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvtx_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
Occupancy Calculator (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_occupancy_calculator_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5267.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5267.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5267.1000 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN 2.4.7-I603  (HKLM\...\OpenVPN) (Version: 2.4.7-I603 - OpenVPN Technologies, Inc.)
Opera Stable 70.0.3728.189 (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Opera 70.0.3728.189) (Version: 70.0.3728.189 - Opera Software)
ownCloud (HKLM-x32\...\{524938D1-2460-4AA7-8F87-2188F2FEDCFB}) (Version: 2.6.3.13551 - ownCloud GmbH)
Pandoc 2.9.2.1 (HKLM\...\{F9F08465-924D-4077-8DF9-38D612F057E1}) (Version: 2.9.2.1 - John MacFarlane)
Password Safe (32-bit) (HKLM-x32\...\Password Safe) (Version: 3.49.1 - Rony Shapiro)
PDFsam Basic (HKLM-x32\...\{958E80E8-BB6E-47F6-98F3-E365959A197D}) (Version: 3.30.3.0 - Andrea Vacondio)
PDFsam Enhanced 4 (HKLM-x32\...\PDFsam Enhanced 4) (Version: 4.0.3.32301 - Copyright 2017 Andrea Vacondio)
PDFsam Enhanced 4 Asian Fonts Pack (HKLM\...\{23186912-8615-4924-B677-D032739A0861}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Convert Module (HKLM\...\{82E16ABB-95AB-43E7-A402-1638B03C8391}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Create Module (HKLM\...\{DB8BDD2C-FA37-4B7C-B43A-443FB1D268F6}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Edit Module (HKLM\...\{93082EB3-E24B-44A0-9ACB-F1F700F8977F}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Forms Module (HKLM\...\{D66F2332-0894-4B48-99E7-3C25C108ECE8}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Insert Module (HKLM\...\{57DCEFC3-54A2-40C8-B833-3CAE945FFC0C}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 OCR Module (HKLM\...\{41B8D2E1-47FC-4BB4-A4EA-BC2F1471996D}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Review Module (HKLM\...\{A8BEAD35-464C-459E-B572-06CF3270370D}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Secure Module (HKLM\...\{C66640E8-BAEB-43FB-BE87-C184E866405F}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 View Module (HKLM\...\{193A600E-D248-4D12-95BE-8FD5B25DD0AD}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PlayMemories Home (HKLM-x32\...\{AEB04E0E-0A28-4014-A96A-282E43B7227B}) (Version: 6.0.00.12211 - Sony Corporation)
PMB_ModeEditor (HKLM-x32\...\{F8063714-BD75-42DC-8FAA-D0E1EED92519}) (Version: 11.0.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{CF081855-ED80-445A-BF63-025584939230}) (Version: 11.0.00 - Sony Corporation) Hidden
PostgreSQL 12  (HKLM\...\PostgreSQL 12) (Version: 12 - PostgreSQL Global Development Group)
Postman-win64-7.8.0 (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Postman) (Version: 7.8.0 - Postman)
PowerShellIntegration.Notifications (HKLM-x32\...\{0B48F5AE-6A17-49C1-8C65-81C6F74E6CF2}) (Version: 2.6.0.0 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Progress Telerik Fiddler (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Fiddler2) (Version: 5.0.20182.28034 - Telerik)
psqlODBC 11.01.0000 (HKLM\...\psqlODBC 11.01.0000-2) (Version: 11.01.0000-2 - EnterpriseDB)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
PyCharm Community Edition 2019.3.3 (HKLM-x32\...\PyCharm Community Edition 2019.3.3) (Version: 193.6494.30 - JetBrains s.r.o.)
Python 3.6.5 (Anaconda3 5.2.0 64-bit) (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Python 3.6.5 (Anaconda3 5.2.0 64-bit)) (Version: 5.2.0 - Anaconda, Inc.)
Python Tools Redirection Template (HKLM-x32\...\{2881CFB4-71F9-40C7-8228-6395117C0EDA}) (Version: 1.3 - Microsoft Corporation) Hidden
R for Windows 3.4.2 (HKLM\...\R for Windows 3.4.2_is1) (Version: 3.4.2 - R Core Team)
R for Windows 3.5.1 (HKLM\...\R for Windows 3.5.1_is1) (Version: 3.5.1 - R Core Team)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0267 - )
RStudio (HKLM-x32\...\RStudio) (Version: 1.0.153 - RStudio)
SDK de comprobación de Visual Studio 2012 - esn (HKLM-x32\...\{90EF884E-5253-324C-9C11-63C9DA16BF0C}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
Signal 1.36.1 (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 1.36.1 - Open Whisper Systems)
Skype version 8.64 (HKLM-x32\...\Skype_is1) (Version: 8.64 - Skype Technologies S.A.)
Slack (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\slack) (Version: 4.9.0 - Slack Technologies Inc.)
Strawberry Perl (64-bit) (HKLM\...\{C78E6EDD-70D2-1014-96E1-D7907CD34131}) (Version: 5.28.1001 - strawberryperl.com project)
Sync (HKLM-x32\...\{96855E80-23DA-11E2-BDFB-09006188709B}) (Version: 1.3.3.1292 - Sync)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Team Explorer for Microsoft Visual Studio 2013 (HKLM-x32\...\{C9E7751E-88ED-36CF-B610-71A1D262E906}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
TypeScript Power Tool (HKLM-x32\...\{6098D454-CB7B-44C2-8615-D869FD9655C7}) (Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{0E4A9B1A-12D2-4827-BE61-44DBD72797FB}) (Version: 1.0.5.0 - Microsoft Corporation) Hidden
Typora version 0.9.89 (HKLM\...\{37771A20-7167-44C0-B322-FD3E54C56156}_is1) (Version: 0.9.89 - typora.io)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VS Update core components (HKLM-x32\...\{7CE8C6D0-6EA4-34C3-A4ED-8C28A1D67228}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (HKLM-x32\...\{46910786-E4AC-41E4-A4A0-C086EA85242D}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{BF3E2194-F89B-44FB-A801-464BF787599F}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
WinEdt (HKLM-x32\...\WinEdt_is1) (Version:  - WinEdt Team)
Wondershare Filmora Scrn(Build 2.0.1) (HKLM\...\Wondershare Filmora Scrn_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Zoom (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
Пакет Visual Studio 2012 Verification SDK - rus (HKLM-x32\...\{977CABC5-7B4B-3AE4-8E1B-56C673C1D638}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
 
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-06] (Canon Inc.)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-22] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-09-17] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\ron\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\ron\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\ron\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.190\B712F5FC58\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\ron\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.190\B712F5FC58\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\ron\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ron\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\ron\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [   AAASyncNo] -> {CD0DD5EC-23D2-4AE0-A111-C7B89038E695} => C:\ProgramData\Sync.Com DLL\overlay.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ShellIconOverlayIdentifiers: [   AAASyncProg] -> {9A1FA446-6778-4A02-883B-3100549CF193} => C:\ProgramData\Sync.Com DLL\overlay.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ShellIconOverlayIdentifiers: [   AAASyncRoot] -> {B57A832B-F40A-4A9D-A0F5-49E7D17B8EE4} => C:\ProgramData\Sync.Com DLL\overlay.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ShellIconOverlayIdentifiers: [   AAASyncSkip] -> {AFE40DBB-AB20-4979-B0D2-483B6866C8C9} => C:\ProgramData\Sync.Com DLL\overlay.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ShellIconOverlayIdentifiers: [   AAASyncYes] -> {9C569020-57C0-4CE0-9605-8AD42F4B1C7F} => C:\ProgramData\Sync.Com DLL\overlay.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2020-06-12] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2020-06-12] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2020-06-12] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2020-06-12] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2020-06-12] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> )
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-08-19] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers1: [QuickShare] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File
ContextMenuHandlers1: [SyncComContextShlExt] -> {0dcd9583-eb2f-4e08-a146-885c923c0833} => C:\ProgramData\Sync.Com DLL\rclick.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ContextMenuHandlers3: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Program Files (x86)\ownCloud\shellext_x64\OCContextMenu.dll [2020-06-12] (ownCloud GmbH -> ownCloud GmbH)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Utilities\bin\x64\TxView.dll [2010-06-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers4: [SyncComContextShlExt] -> {0dcd9583-eb2f-4e08-a146-885c923c0833} => C:\ProgramData\Sync.Com DLL\rclick.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-08-19] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop
ShortcutWithArgument: C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Anaconda\Scripts\activate.bat C:\Anaconda
 
==================== Loaded Modules (Whitelisted) =============
 
2018-04-09 07:12 - 2012-08-08 21:56 - 000863232 _____ ( Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\P2PLib.dll
2017-09-28 23:49 - 2016-01-18 13:02 - 000351232 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\MFP\CNMFP.dll
2020-09-12 22:37 - 2020-09-11 02:51 - 003102208 _____ () [File not signed] \\?\C:\Users\ron\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@journeyapps\sqlcipher\lib\binding\electron-v8.3-win32-x64\node_sqlite3.node
2020-09-12 22:37 - 2020-09-11 02:51 - 000190464 _____ () [File not signed] \\?\C:\Users\ron\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\curve25519-n\build\Release\curve.node
2020-09-12 22:37 - 2020-09-11 02:51 - 000214016 _____ () [File not signed] \\?\C:\Users\ron\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node
2020-09-12 22:37 - 2020-09-11 02:51 - 000169984 _____ () [File not signed] \\?\C:\Users\ron\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\ref-napi\build\Release\binding.node
2020-09-12 22:37 - 2020-09-11 02:51 - 010392064 _____ () [File not signed] \\?\C:\Users\ron\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\ringrtc\build\win32\libringrtc.node
2020-09-12 22:37 - 2020-09-11 02:51 - 000169984 _____ () [File not signed] \\?\C:\Users\ron\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\zkgroup\node_modules\ref-napi\build\Release\binding.node
2019-04-25 12:04 - 2019-02-26 01:52 - 000014848 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\markupsafe\_speedups.cp36-win_amd64.pyd
2019-04-25 12:04 - 2019-03-11 21:38 - 000033280 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\pvectorc.cp36-win_amd64.pyd
2019-04-25 12:04 - 2019-03-25 15:28 - 000010240 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\tornado\speedups.cp36-win_amd64.pyd
2020-04-07 16:20 - 2018-05-09 01:26 - 000011264 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\win32\_win32sysloader.pyd
2020-04-07 16:20 - 2018-05-09 01:26 - 000137216 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\win32\pywintypes36.dll
2020-04-07 16:20 - 2018-05-09 01:26 - 000131584 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\win32\win32api.pyd
2019-02-18 19:01 - 2018-12-17 21:44 - 000069120 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\winpty\cywinpty.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000050688 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\_device.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000059904 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\_poll.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000046080 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\_proxy_steerable.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000028672 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\_version.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000068096 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\constants.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000064512 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\context.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000030720 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\error.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000086016 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\message.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000134656 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\socket.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000041472 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\utils.cp36-win_amd64.pyd
2018-03-28 08:12 - 2018-03-28 08:12 - 000282112 _____ () [File not signed] C:\Anaconda\envs\k36\Library\bin\libsodium.dll
2020-04-07 16:20 - 2018-05-09 01:27 - 000552448 _____ () [File not signed] C:\Anaconda\envs\k36\Library\bin\pythoncom36.dll
2020-08-03 16:07 - 2020-06-22 15:39 - 001543168 _____ () [File not signed] C:\Anaconda\envs\k36\Library\bin\sqlite3.dll
2018-02-02 19:44 - 2018-02-02 19:44 - 002509089 _____ () [File not signed] C:\Anaconda\envs\k36\Library\bin\winpty.dll
2018-04-17 16:07 - 2019-07-28 17:51 - 000307731 _____ () [File not signed] C:\cygwin64\bin\cygncursesw-10.dll
2018-04-17 16:07 - 2017-02-13 20:45 - 000224275 _____ () [File not signed] C:\cygwin64\bin\cygreadline7.dll
2020-06-18 13:00 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-06-18 13:00 - 2016-10-08 16:48 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2019-05-24 14:42 - 2020-09-22 21:38 - 002072064 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-05-24 14:42 - 2020-09-22 21:38 - 000310784 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-05-24 14:42 - 2020-09-22 21:38 - 006903808 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-04-09 07:12 - 2013-02-27 17:17 - 000221184 _____ () [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\EnumDevLib.dll
2017-09-19 22:19 - 2014-12-28 23:08 - 000143360 ____N () [File not signed] C:\Program Files\ASUS Xonar Xense Audio\Customapp\VmixP8.dll
2020-05-03 18:22 - 2020-04-24 04:56 - 000296448 _____ () [File not signed] C:\Program Files\PostgreSQL\12\bin\LIBPQ.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 002269696 _____ () [File not signed] C:\Program Files\PostgreSQL\12\bin\libxml2.dll
2018-09-11 19:11 - 2018-07-02 10:07 - 030811648 _____ () [File not signed] C:\Program Files\R\R-3.5.1\bin\x64\R.dll
2018-09-11 19:11 - 2018-07-02 10:07 - 000312794 _____ () [File not signed] C:\Program Files\R\R-3.5.1\bin\x64\Rblas.dll
2018-09-11 19:11 - 2018-07-02 10:06 - 000322525 _____ () [File not signed] C:\Program Files\R\R-3.5.1\bin\x64\Rgraphapp.dll
2018-09-11 19:11 - 2018-07-02 10:06 - 000066785 _____ () [File not signed] C:\Program Files\R\R-3.5.1\bin\x64\Riconv.dll
2018-09-11 19:11 - 2018-07-02 10:08 - 002741760 _____ () [File not signed] C:\Program Files\R\R-3.5.1\bin\x64\Rlapack.dll
2018-09-11 19:12 - 2018-07-02 10:10 - 000296448 _____ () [File not signed] C:\Program Files\R\R-3.5.1\library\graphics\libs\x64\graphics.dll
2018-09-11 19:12 - 2018-07-02 10:10 - 001177600 _____ () [File not signed] C:\Program Files\R\R-3.5.1\library\grDevices\libs\x64\grDevices.dll
2018-09-11 19:12 - 2018-07-02 10:11 - 000043008 _____ () [File not signed] C:\Program Files\R\R-3.5.1\library\methods\libs\x64\methods.dll
2018-09-11 19:12 - 2018-07-02 10:10 - 000657920 _____ () [File not signed] C:\Program Files\R\R-3.5.1\library\stats\libs\x64\stats.dll
2018-09-11 19:12 - 2018-07-02 10:08 - 000089600 _____ () [File not signed] C:\Program Files\R\R-3.5.1\library\tools\libs\x64\tools.dll
2018-09-11 19:12 - 2018-07-02 10:09 - 000137728 _____ () [File not signed] C:\Program Files\R\R-3.5.1\library\utils\libs\x64\utils.dll
2018-09-11 19:12 - 2018-07-02 10:07 - 003779137 _____ () [File not signed] C:\Program Files\R\R-3.5.1\modules\x64\internet.dll
2014-10-16 11:34 - 2014-10-16 11:34 - 021565880 _____ () [File not signed] C:\Program Files\RStudio\bin\icudt53.dll
2014-10-16 11:34 - 2014-10-16 11:34 - 003758809 _____ () [File not signed] C:\Program Files\RStudio\bin\icuin53.dll
2014-10-16 11:33 - 2014-10-16 11:33 - 002093901 _____ () [File not signed] C:\Program Files\RStudio\bin\icuuc53.dll
2014-10-23 11:27 - 2014-10-23 11:27 - 000119822 _____ () [File not signed] C:\Program Files\RStudio\bin\libgcc_s_dw2-1.dll
2014-10-23 11:27 - 2014-10-23 11:27 - 001026574 _____ () [File not signed] C:\Program Files\RStudio\bin\libstdc++-6.dll
2014-09-19 13:37 - 2014-09-19 13:37 - 021008384 _____ () [File not signed] C:\Program Files\RStudio\bin\rsclang\x86_64\libclang.dll
2019-11-20 11:48 - 2020-04-03 10:23 - 001991168 _____ () [File not signed] C:\Users\ron\AppData\Local\Programs\deezer.desktop\ffmpeg.dll
2019-11-20 11:48 - 2020-04-03 10:23 - 000115712 _____ () [File not signed] C:\Users\ron\AppData\Local\Programs\deezer.desktop\libegl.dll
2019-11-20 11:48 - 2020-04-03 10:23 - 004636672 _____ () [File not signed] C:\Users\ron\AppData\Local\Programs\deezer.desktop\libglesv2.dll
2020-05-24 04:15 - 2020-09-11 02:51 - 002338304 _____ () [File not signed] C:\Users\ron\AppData\Local\Programs\signal-desktop\ffmpeg.dll
2020-05-24 04:15 - 2020-09-11 02:51 - 000376320 _____ () [File not signed] C:\Users\ron\AppData\Local\Programs\signal-desktop\libegl.dll
2020-05-24 04:15 - 2020-09-11 02:51 - 007947776 _____ () [File not signed] C:\Users\ron\AppData\Local\Programs\signal-desktop\libglesv2.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 000114176 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_ctypes.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000172544 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_elementtree.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 002250240 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_hashlib.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000032256 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_multiprocessing.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000046080 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_psutil_windows.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000047616 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_socket.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 002819584 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_ssl.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000026112 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_yappi.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000080896 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\bz2.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000016384 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\common.time34.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000007680 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\hashobjs_ext.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000301568 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\PIL._imaging.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000168448 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\pyexpat.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 001084416 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\pysqlite2._sqlite.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000548864 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\pythoncom27.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 000137728 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\pywintypes27.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 000010752 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\select.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000020992 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\thumbnails_ext.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000689664 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\unicodedata.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000119808 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\usb_ext.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000128512 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32api.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000438784 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32com.shell.shell.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000011776 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32crypt.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000023040 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32event.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000149504 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32file.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000223232 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32gui.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000048128 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32inet.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000029696 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32pdh.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000027648 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32pipe.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000044032 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32process.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000020480 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32profile.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000136192 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32security.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000026624 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32ts.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000034816 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\windows.conditional.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000038400 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\windows.connectivity.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000071680 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\windows.device_monitor.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000109056 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\windows.volumes.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000020480 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\windows.winwrap.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 001325056 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wx._controls_.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 001489408 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wx._core_.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 001007104 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wx._gdi_.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000103424 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wx._html2.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000916992 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wx._misc_.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 001039872 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wx._windows_.pyd
2019-02-18 17:37 - 2019-02-18 17:37 - 000262144 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\_yaml.cp36-win_amd64.pyd
2019-02-18 12:07 - 2019-02-18 12:07 - 033107591 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\.libs\libopenblas.IPBC74C7KURV7CB2PKT5Z5FNR3SIBV4J.gfortran-win_amd64.dll
2019-02-18 12:07 - 2019-02-18 12:07 - 000101376 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\core\_multiarray_tests.cp36-win_amd64.pyd
2019-02-18 12:07 - 2019-02-18 12:07 - 002494976 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\core\_multiarray_umath.cp36-win_amd64.pyd
2019-02-18 12:07 - 2019-02-18 12:07 - 000078336 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\fft\fftpack_lite.cp36-win_amd64.pyd
2019-02-18 12:07 - 2019-02-18 12:07 - 000131072 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\linalg\_umath_linalg.cp36-win_amd64.pyd
2019-02-18 12:07 - 2019-02-18 12:07 - 000023552 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\linalg\lapack_lite.cp36-win_amd64.pyd
2019-02-18 12:07 - 2019-02-18 12:07 - 000700928 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\random\mtrand.cp36-win_amd64.pyd
2017-09-28 23:49 - 2016-11-24 10:24 - 000241152 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\AddOn\MovieCapture\cnmignsrcliwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:24 - 000105472 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\AddOn\PhotoSharing\cnmigphotosharingwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:32 - 000065536 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\cnmigfaceidlibwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:22 - 000262144 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\cnmigimagefixwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:33 - 000119808 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\cnmigpdcwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:22 - 000113152 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\cnmigpdfeditorwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:21 - 000099328 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\cnmigpdfreaderwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:23 - 000180736 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\cnmigsurveywrapper.dll
2017-09-28 23:49 - 2016-06-09 13:35 - 000588800 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2017-09-28 23:50 - 2014-01-15 15:12 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL
2017-09-28 23:50 - 2014-01-15 15:10 - 000307712 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2017-09-28 23:49 - 2016-11-24 10:23 - 001777152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\AddOn\PhotoSharing\CNMIGPS2LIB.dll
2017-09-28 23:49 - 2016-11-24 10:22 - 000013824 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\cnmigsurveyitemlist.dll
2017-09-28 23:49 - 2016-03-10 16:17 - 000425984 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\cnpapgmg.dll
2017-09-28 23:49 - 2016-03-10 16:18 - 000589824 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\FaceIDLib.dll
2017-09-28 23:49 - 2016-03-10 16:17 - 001228800 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\pafcv2.dll
2017-09-28 23:49 - 2016-03-10 16:18 - 000943104 _____ (Canon Inc.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\PDC.dll
2017-09-28 23:49 - 2016-03-10 16:18 - 000344064 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\sledge_v2.dll
2017-09-28 23:49 - 2016-03-10 16:18 - 001496064 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\VIR_FDFA.dll
2017-09-28 23:49 - 2016-06-09 11:57 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2017-09-28 23:50 - 2014-03-17 19:15 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2017-09-19 22:19 - 2014-12-28 23:08 - 000430080 ____N (C-Media Electronics Inc.) [File not signed] C:\Program Files\ASUS Xonar Xense Audio\CustomApp\cmdevice.dll
2017-09-19 22:19 - 2014-12-28 23:08 - 000122880 ____N (C-Media Electronics Inc.) [File not signed] C:\Windows\System\HsSrv64.dll
2015-02-17 07:15 - 2015-02-17 07:15 - 000033280 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qgif.dll
2015-02-17 07:15 - 2015-02-17 07:15 - 000035328 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qico.dll
2015-02-17 07:15 - 2015-02-17 07:15 - 000247296 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qjpeg.dll
2015-02-17 07:28 - 2015-02-17 07:28 - 000367104 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qmng.dll
2015-02-17 07:18 - 2015-02-17 07:18 - 000029184 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qsvg.dll
2015-02-17 07:28 - 2015-02-17 07:28 - 000028160 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qtga.dll
2015-02-17 07:28 - 2015-02-17 07:28 - 000433664 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qtiff.dll
2015-02-17 07:16 - 2015-02-17 07:16 - 001324544 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\platforms\qwindows.dll
2015-05-06 23:12 - 2015-05-06 23:12 - 004830208 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Core.dll
2015-02-17 07:01 - 2015-02-17 07:01 - 005219328 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Gui.dll
2015-02-17 08:00 - 2015-02-17 08:00 - 000784384 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Multimedia.dll
2015-02-17 08:02 - 2015-02-17 08:02 - 000110592 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5MultimediaWidgets.dll
2015-02-17 06:56 - 2015-02-17 06:56 - 001513472 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Network.dll
2015-02-17 07:12 - 2015-02-17 07:12 - 000335360 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5OpenGL.dll
2015-02-17 08:08 - 2015-02-17 08:08 - 000229376 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Positioning.dll
2015-02-17 07:13 - 2015-02-17 07:13 - 000352768 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5PrintSupport.dll
2015-02-17 07:32 - 2015-02-17 07:32 - 004129280 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Qml.dll
2015-02-17 07:41 - 2015-02-17 07:41 - 003718144 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Quick.dll
2015-02-17 07:56 - 2015-02-17 07:56 - 000199680 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Sensors.dll
2015-02-17 06:55 - 2015-02-17 06:55 - 000259072 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Sql.dll
2015-02-17 07:18 - 2015-02-17 07:18 - 000329216 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Svg.dll
2015-02-17 08:07 - 2015-02-17 08:07 - 000117760 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5WebChannel.dll
2015-02-17 10:39 - 2015-02-17 10:39 - 033309696 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5WebKit.dll
2015-02-17 10:41 - 2015-02-17 10:41 - 000273408 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5WebKitWidgets.dll
2015-02-17 07:08 - 2015-02-17 07:08 - 006472192 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Widgets.dll
2018-04-17 16:07 - 2015-02-20 18:07 - 001033235 _____ (Free Software Foundation) [File not signed] C:\cygwin64\bin\cygiconv-2.dll
2018-04-17 16:07 - 2016-10-23 07:34 - 000042515 _____ (Free Software Foundation) [File not signed] C:\cygwin64\bin\cygintl-8.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 001872271 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\12\bin\libiconv-2.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 000829175 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\12\bin\libintl-8.dll
2018-10-19 14:28 - 2018-10-19 14:28 - 003512832 _____ (FreeImage) [File not signed] C:\Users\ron\AppData\Local\Programs\Sync\FreeImage.dll
2017-11-27 12:37 - 2017-08-28 11:30 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-02-18 19:00 - 2019-02-01 13:57 - 000451072 _____ (iMatix Corporation) [File not signed] C:\Anaconda\envs\k36\Library\bin\libzmq-mt-4_3_1.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2014-10-23 11:27 - 2014-10-23 11:27 - 000049152 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files\RStudio\bin\libwinpthread-1.dll
2019-04-25 12:02 - 2019-02-22 03:30 - 000052224 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_asyncio.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000081920 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_bz2.pyd
2019-05-01 06:37 - 2019-02-22 03:30 - 000124928 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_ctypes.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000259584 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_decimal.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000201728 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_elementtree.pyd
2019-04-25 12:02 - 2019-02-22 03:33 - 001686016 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_hashlib.pyd
2019-04-25 12:02 - 2019-02-22 03:31 - 000249856 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_lzma.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000022016 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_multiprocessing.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000034816 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_overlapped.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000065536 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_socket.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000076288 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_sqlite3.pyd
2019-04-25 12:02 - 2019-02-22 03:33 - 002140672 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_ssl.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000193024 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\pyexpat.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000019456 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\select.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000898048 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\unicodedata.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000051200 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\python3.dll
2019-04-25 12:02 - 2019-02-22 03:30 - 003618816 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\python36.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\python27.dll
2018-04-09 07:12 - 2015-03-26 10:39 - 000552960 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlLib.dll
2018-04-09 07:12 - 2012-09-13 09:25 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\IpLib.dll
2018-04-09 07:12 - 2015-02-05 13:58 - 000098304 _____ (Realtek) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlICS.dll
2018-04-09 07:12 - 2015-03-30 10:39 - 000274432 _____ (Realtek) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlIhvOid.dll
2018-04-09 07:12 - 2012-06-22 16:01 - 000044544 _____ (Realtek) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlQRCode.dll
2018-04-17 16:07 - 2020-06-01 10:00 - 003538235 _____ (Red Hat) [File not signed] C:\cygwin64\bin\cygwin1.dll
2018-05-05 00:48 - 2018-05-05 00:48 - 001462272 _____ (Sync.com Inc.) [File not signed] C:\ProgramData\Sync.Com DLL\overlay.dll
2018-05-05 00:48 - 2018-05-05 00:48 - 001136640 _____ (Sync.com Inc.) [File not signed] C:\ProgramData\Sync.Com DLL\rclick.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 021529088 _____ (The ICU Project) [File not signed] C:\Program Files\PostgreSQL\12\bin\icudt53.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 001844224 _____ (The ICU Project) [File not signed] C:\Program Files\PostgreSQL\12\bin\icuin53.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 001317376 _____ (The ICU Project) [File not signed] C:\Program Files\PostgreSQL\12\bin\icuuc53.dll
2018-04-09 07:12 - 2009-07-23 17:32 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\LIBEAY32.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 002842112 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\12\bin\libcrypto-1_1-x64.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 000680960 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\12\bin\libssl-1_1-x64.dll
2020-06-18 13:00 - 2016-10-08 16:49 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wxbase30u_net_vc90_x64.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wxbase30u_vc90_x64.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wxmsw30u_adv_vc90_x64.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wxmsw30u_core_vc90_x64.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wxmsw30u_html_vc90_x64.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wxmsw30u_webview_vc90_x64.dll
2017-10-01 23:01 - 2017-05-24 04:45 - 000877104 _____ (捷而思股份有限公司 -> jrsys Inc. hxxp://www.jrsys.com.tw/) [File not signed] C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\jrsys\x86\jrsysCryptoDll.dll
2017-10-01 23:01 - 2017-05-24 04:45 - 000053808 _____ (捷而思股份有限公司 -> jrsys Inc. hxxp://www.jrsys.com.tw/) [File not signed] C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\jrsys\x86\jrsysMSCryptoDll.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2020-06-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2020-06-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFsam Enhanced 4 Helper -> {952B1B0C-7ABC-49DD-8CC8-A7E73675E4F0} -> C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-helper.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - PDFsam Enhanced 4 Toolbar - {C33F5D76-0A77-4A99-8274-54AD52AF7D1B} - C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-plugin.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v10.0\bin;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v10.0\libnvvp;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\PuTTY\;C:\Program Files\Microsoft VS Code\bin;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\Program Files\Amazon\AWSCLI\bin;C:\Program Files\Git\cmd;C:\Program Files\Pandoc\;C:\Anaconda\envs\k36;C:\ProgramData\chocolatey\bin;
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ron\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_2420.jpg
DNS Servers: 192.168.50.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\StartupApproved\StartupFolder: => "Password Safe.lnk"
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{E353A4F8-BD1B-4C1F-96F0-5B1890807C12}] => (Allow) C:\Users\ron\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C699647F-B190-4436-BF9C-69E7FEFB196D}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{6EA4DA27-B842-401B-B586-D8EE4880343E}] => (Allow) LPort=1542
FirewallRules: [{FC125CDA-DED1-41E7-A6CD-78EDE8B0F4C7}] => (Allow) LPort=1542
FirewallRules: [{265E7481-F779-46D5-88FF-EA5A8DAF447A}] => (Allow) LPort=53
FirewallRules: [{BC177F63-8B10-46F1-9F14-22BD9C6117F0}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1360F953-080A-4680-9677-EB0718EC42A6}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F39BC5A5-AD17-4EED-9FB4-B483E9A852EF}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{55898D68-96FA-4936-A681-8BCF60F2356F}] => (Allow) LPort=53
FirewallRules: [{98C28FAB-AD17-4B98-83FB-FF1E3E91BE9F}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F4F931E8-11C1-4752-A096-783905DDF093}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1AB4A01F-9259-4C9A-8A30-50BA987E8A36}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{101020EC-3743-4DC3-A1BB-92152181D348}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [TCP Query User{E2E18907-7812-4C24-92F8-A1E1A67C120C}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [UDP Query User{0695CF40-8A31-4DEA-8065-DA797204A192}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [TCP Query User{5DCCD1FA-476D-47A3-BB6D-DC50014D23C1}C:\users\ron\appdata\local\programs\neo4j-desktop\neo4j desktop.exe] => (Block) C:\users\ron\appdata\local\programs\neo4j-desktop\neo4j desktop.exe (Neo4j, Inc. -> Neo4j Inc.)
FirewallRules: [UDP Query User{741F5D19-06F5-48F0-841B-104D70DEE68C}C:\users\ron\appdata\local\programs\neo4j-desktop\neo4j desktop.exe] => (Block) C:\users\ron\appdata\local\programs\neo4j-desktop\neo4j desktop.exe (Neo4j, Inc. -> Neo4j Inc.)
FirewallRules: [{340B985E-4CA7-41FD-8D45-F683614A579A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{70F7D928-8AF6-487E-86FB-81E8BE02289E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{80F124F6-F1CF-4079-B3AE-68C09CBC81B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DDF9849E-0A1C-45F2-8ED9-731DE801634E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{91B82CB8-D58D-4313-A7CF-6D11ACDE9493}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{3A0205A5-85D5-43A6-9D69-3DC3CD8DDA7F}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [UDP Query User{AEC6F79C-D2E2-4119-AC89-F8793738A3BA}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [TCP Query User{97396227-7CFF-43B1-9115-CBF9E429A84E}C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe] => (Allow) C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [UDP Query User{7AA0DCF3-1BC7-47AB-B180-525BADE60342}C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe] => (Allow) C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [TCP Query User{4469C49A-91A4-4364-9374-84A8062E9717}C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe] => (Block) C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [UDP Query User{A6F95C09-4F68-45AA-B7DB-5DDF94DDAE55}C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe] => (Block) C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [{29B1F58F-4C22-409F-92BE-D3520B085963}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23533FBB-1311-459A-BBE8-0CC157606617}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C461F2C-37DD-42E5-8DDA-7AD67EA6F743}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B99A4AE-AC8A-465A-A1AC-69ABE92BB799}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B15A643D-AD01-4593-BCFD-D7BCA22CA7C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7609380D-E16A-4C46-9842-C80C02E4578C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D325A135-2F37-4123-832D-FC4B33C4B154}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{77E56EE0-ED07-4CE1-81DA-5CA59A3937A9}] => (Allow) LPort=3306
FirewallRules: [{1854609A-C41B-4B67-AD5D-5573F9AED676}] => (Allow) LPort=33060
FirewallRules: [TCP Query User{B32648E9-3B5B-464C-ABA4-425BF0CC2520}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project)
FirewallRules: [UDP Query User{D49805BA-5D44-4AF7-B91B-B0DE266660C5}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project)
FirewallRules: [{C1403061-D520-46CC-8EE6-789BE34150AD}] => (Block) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project)
FirewallRules: [{86FAAE7E-C9BB-4B0F-BB8E-7FF454340A66}] => (Block) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project)
FirewallRules: [{45DAA289-1C30-42D0-8CDE-CE7EE0831A9E}] => (Allow) C:\Users\ron\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D5C60C09-9BC6-463E-81B9-B1F1F709792D}] => (Allow) C:\Users\ron\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{20CD8E2B-7CD6-48C5-B7EA-F2ACBEB3D953}C:\programdata\oracle\java\javapath_target_531963703\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_531963703\java.exe
FirewallRules: [UDP Query User{4D6E129C-36DA-4655-80D6-6D0100EFDD50}C:\programdata\oracle\java\javapath_target_531963703\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_531963703\java.exe
FirewallRules: [{6A724D1A-6D7F-4905-A862-B4B87179F831}] => (Block) C:\programdata\oracle\java\javapath_target_531963703\java.exe
FirewallRules: [{14020B23-1EFA-41C2-BA12-0AE89A151B5B}] => (Block) C:\programdata\oracle\java\javapath_target_531963703\java.exe
FirewallRules: [{C5305FCA-BB20-40F1-A67D-1B2BAC7E9AB7}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C2B13C58-63A2-4533-9FD6-2EBB65D0420D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{501E9A84-0EEF-456D-BB94-9FDC878B6CFB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{9827DED6-B362-4F2C-8AE6-B22A6C44338B}C:\program files\dbeaver\dbeaver.exe] => (Allow) C:\program files\dbeaver\dbeaver.exe (DBeaver Corp -> )
FirewallRules: [UDP Query User{11707E6B-BC86-4924-83A3-3C61467455C4}C:\program files\dbeaver\dbeaver.exe] => (Allow) C:\program files\dbeaver\dbeaver.exe (DBeaver Corp -> )
FirewallRules: [{775DCBBD-6C3E-409C-A1DD-E7CEE9011CBA}] => (Block) C:\program files\dbeaver\dbeaver.exe (DBeaver Corp -> )
FirewallRules: [{DC1749F6-D397-4055-B278-279789D63170}] => (Block) C:\program files\dbeaver\dbeaver.exe (DBeaver Corp -> )
FirewallRules: [{FAB51A6A-C87F-4DA5-A272-A96790992619}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D682846E-AC2A-40A1-9DD6-C11BB98AD6FA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{4BA0BDD6-7B80-4C2A-83CE-E3780EAC182D}C:\users\ron\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{D93AB094-67E3-4762-9C69-2BE6A54831AC}C:\users\ron\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{3EDF0CF6-EBF2-4FBF-851A-6BA077B5C1BE}C:\users\ron\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [UDP Query User{4054B10B-30AF-40C3-A309-469F65D12BF6}C:\users\ron\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [TCP Query User{FCB1CF3E-1EA1-4C5E-A572-439174DB0EA2}C:\users\ron\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\67.0.3575.79\opera.exe => No File
FirewallRules: [UDP Query User{DB182E8D-9CBA-4DF1-8D06-656833F4CED0}C:\users\ron\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\67.0.3575.79\opera.exe => No File
FirewallRules: [TCP Query User{7748A41F-E74E-4778-9FF4-89BD8EDF46C3}C:\users\ron\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [UDP Query User{90250903-32D5-4065-BD1E-68BBD38DDBDF}C:\users\ron\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [{7B457B93-8493-4036-8A1A-EF944CEB56A0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{961C02AC-1378-4E26-9C90-8A9DAF17BE24}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38FE7E6A-8FDC-47CE-90C2-F7DEB5BEBE61}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
 
==================== Restore Points =========================
 
17-09-2020 13:12:31 Scheduled Checkpoint
25-09-2020 12:47:08 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
Name: Realtek RTL8811AU Wireless LAN 802.11ac USB 2.0 Network Adapter
Description: Realtek RTL8811AU Wireless LAN 802.11ac USB 2.0 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RtlWlanu
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Microsoft Visual Studio Location Simulator Sensor
Description: Microsoft Visual Studio Location Simulator Sensor
Class Guid: {5175d334-c371-4806-b3ba-71fd53c9258d}
Manufacturer: Microsoft Corporation
Service: SensorsSimulatorDriver
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (10/02/2020 01:27:48 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005).
 
Error: (10/02/2020 12:58:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1516
 
Error: (10/02/2020 12:58:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1516
 
Error: (10/02/2020 12:58:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/30/2020 02:53:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1500
 
Error: (09/30/2020 02:53:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1500
 
Error: (09/30/2020 02:53:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/30/2020 02:49:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NVDisplay.Container.exe, version: 1.11.2451.4491, time stamp: 0x5b483088
Faulting module name: DisplayDriverRAS.dll, version: 1.10.0.0, time stamp: 0x5b9038f5
Exception code: 0xc0000005
Fault offset: 0x0000000000037512
Faulting process ID: 0x544c
Faulting application start time: 0x01d6972e7ffc63a8
Faulting application path: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Faulting module path: C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverRAS\DisplayDriverRAS.dll
Report ID: b87c3f0b-0323-11eb-bec6-3085a98ce5fe
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (10/02/2020 12:58:10 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (09/30/2020 02:53:33 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (09/30/2020 02:49:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (09/30/2020 02:34:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (09/30/2020 12:35:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (09/30/2020 12:22:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (09/30/2020 12:08:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (09/30/2020 11:54:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
 
Windows Defender:
===================================
Date: 2020-10-02 13:27:45.522
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {7080B37A-D057-4090-B59F-06C7D32EA7E9}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-09-24 15:31:57.868
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {8D0D2E52-FFE2-412B-9209-6A62E8DECC0B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-09-24 14:23:15.640
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {6E4D825D-FBF4-419A-B9E1-5C00B7A0E750}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-09-24 14:17:10.845
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {19DBA195-F05A-446C-A576-2DE951130663}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-09-17 13:07:34.041
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {A39DE1FF-F351-473E-8BAC-55FFA94E46C6}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-09-28 11:16:35.444
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.323.2091.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17400.5
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2020-09-28 11:16:35.443
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.323.2091.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17400.5
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2020-09-28 11:16:35.443
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.323.2091.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17400.5
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
CodeIntegrity:
===================================
 
Date: 2020-10-02 13:42:49.869
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-10-02 13:42:49.555
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-10-02 13:42:49.105
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-10-02 13:42:48.791
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-10-02 13:42:27.895
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-10-02 13:42:27.583
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-10-02 13:41:58.274
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-10-02 13:41:57.951
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 1402 04/19/2012
Motherboard: ASUSTeK COMPUTER INC. Crosshair V Formula
Processor: AMD FX™-8350 Eight-Core Processor 
Percentage of memory in use: 41%
Total physical RAM: 32712.27 MB
Available physical RAM: 19050.54 MB
Total Virtual: 59336.27 MB
Available Virtual: 30780.16 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:476.6 GB) (Free:75.49 GB) NTFS
Drive d: (Data) (Fixed) (Total:2794.39 GB) (Free:1163.15 GB) NTFS
 
\\?\Volume{975cd8ad-9a3f-11e7-be6e-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.04 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 675DB0D7)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.6 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt

Attached Files


Edited by rocket-ron, 02 October 2020 - 06:49 AM.

  • 0

Advertisements


#2
Gary R

Gary R

    Trusted Helper

  • Malware Removal
  • 362 posts

Please run a scan with ADWCleaner

Download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.

  • Accept the EULA when it pops up.
  • Click Scan Now ...
    • When the scan has finished a Scan Results window will open.
    • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Files tab ...
    • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
    • A Notepad file will open containing the results of the scan.
    • Please post the contents of the file in your next reply.



 


  • 0

#3
Gary R

Gary R

    Trusted Helper

  • Malware Removal
  • 362 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0

#4
Gary R

Gary R

    Trusted Helper

  • Malware Removal
  • 362 posts

Per OP request, this topic has been re-opened.


  • 0

#5
Gary R

Gary R

    Trusted Helper

  • Malware Removal
  • 362 posts

It's now almost 2 days since I re-opened this topic, if I do not see a reply by this time tomorrow I will close this topic and it will not be re-opened.


  • 0

#6
Gary R

Gary R

    Trusted Helper

  • Malware Removal
  • 362 posts

Due to lack of feedback, this topic has been closed.

It will not be re-opened.


  • 0






Similar Topics


Also tagged with one or more of these keywords: chrome, changed default search, changed search to yahoo

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP