Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

winscomrssrv.dll not found

Started by fengvang24 , Oct 11 2019 11:49 AM

  • Please log in to reply

#1
fengvang24
Posted 11 October 2019 - 11:49 AM

fengvang24

    New Member

  • Member
  • Pip
  • 5 posts

Hi after receiving the StartupCheckLibrary.dll error I came on here and you guys helped me remove it but now its telling me 'winscomrssrv.dll not found'. I have uTorrent installed on my PC, but want to remove this winscomrssrv.dll error message during startup. Thanks in advance.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-10-2019 01

Ran by Feng Vang (administrator) on FENG-PC (Gigabyte Technology Co., Ltd. B360M-DS3H) (11-10-2019 10:45:14)
Running from C:\Users\Feng Vang\Downloads
Loaded Profiles: Feng Vang (Available Profiles: Feng Vang)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Amazon Services LLC -> Amazon) C:\Users\Feng Vang\AppData\Roaming\Chime\Chime.exe
(Amazon Services LLC -> The CefSharp Authors) C:\Users\Feng Vang\AppData\Roaming\Chime\CefSharp.BrowserSubprocess.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel® Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(London Trust Media Incorporated -> ) C:\Program Files\Private Internet Access\pia-service.exe
(London Trust Media Incorporated -> London Trust Media Incorporated) C:\Program Files\Private Internet Access\pia-client.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.32.14001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.32.14001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1002.3.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19091.313.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c7bdd6222811a2ee\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c7bdd6222811a2ee\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [757184 2018-06-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\FocusriteUSB\Focusrite Notifier.exe [3949568 2019-06-20] (Focusrite Audio Engineering, Ltd.) [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-08-27] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\Run: [Chime] => C:\Users\Feng Vang\AppData\Roaming\Chime\Chime.exe [7571624 2019-09-17] (Amazon Services LLC -> Amazon)
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3211040 2019-10-02] (Valve -> Valve Corporation)
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\Run: [Private Internet Access] => C:\Program Files\Private Internet Access\pia-client.exe [3978208 2019-08-26] (London Trust Media Incorporated -> London Trust Media Incorporated)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {075ACC3E-152D-4A1B-B43A-25CAE917E6BD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {139CD5E6-DA4B-4033-899B-934B53BEC695} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {1B4BEF78-580D-4101-82C2-D86D16BC1ACD} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [781808 2019-04-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {293B1BB9-911E-40B1-BC22-23832944C3EC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33A4D2B3-5A6F-4A7F-8EE6-953624699020} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {456D4E72-0297-458D-BF44-F3B53E0316CD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4AE247DD-F089-4C48-A55B-70483C0D2668} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {507CAE63-1A58-4543-99E1-E96649EBAC10} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {5570C986-9C2D-416D-95AB-CE3B72D72F4A} - System32\Tasks\D3DGearRawFrameCaptureTask => D:\SteamLibrary\D3DGear.exe
Task: {5A052A5C-5C9B-48CB-8830-08531A926E9A} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {6E379FF1-EDED-45AB-B109-553AA49443C4} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {6E9545C9-436D-4717-96FB-3B34C63ECAFE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70660537-BA4F-4051-8570-7FAAB21A0DCC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {70722A5E-715B-4E88-B99E-4563A2CE32A5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {761FA6EF-CD10-4717-9F0D-1E984D59D3BE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
Task: {764CFDE2-ADFA-4447-B9D6-3EB0A1D0A587} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7EC6C26E-F3E1-4A31-A0FE-040F75AA674B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {86076F54-EE7D-4643-BBE8-AA727F529B98} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DC15BB9-67B8-4F19-9ABB-C07471D23B71} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACC1F793-6D6E-49D9-A812-1BFA6693BAB8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B007D3AA-DB5F-4B7E-B4E3-34723F9D3E25} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5FB0B85-4CF2-44E3-B01F-737EE756CD4D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {B854DF22-3DA5-445A-B638-5AF1AB1492FD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7B68DE2-B825-429C-A518-6418D83A9CC5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D3B33B90-A712-41B3-ACA3-81B7E75AB129} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {D42377E8-FBA5-4783-B49C-B921B9240715} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4BC883C-0DBF-44A8-82DB-B8A7D9AE40FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DB5F02D0-3F61-4BED-A73D-ECA2AA36426F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD9F80C5-7C55-46E9-AAFE-B2969B6F4EE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-11] (Google Inc -> Google LLC)
Task: {E5A07EDD-D578-427D-8599-5CDD1530C93C} - System32\Tasks\CorelUpdateHelperTask-C0203F81333B839EBCE7637377C02B51 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {E9B19420-7596-4C2E-8B28-A6B2401A8BB5} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
Task: {F48A0087-C0A8-4103-91DF-670DE4B6E139} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F5AE2B15-6654-4CA5-8A44-9D8787B331F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-11] (Google Inc -> Google LLC)
Task: {F8F6A4C6-416C-405E-B57C-373C3E22FE13} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {FA7C4E37-2545-4CCA-802B-9D38BB7715BF} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{47025474-2192-47df-8fcd-2616610a39ef}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{47025474-2192-47df-8fcd-2616610a39ef}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{822c01f4-9ad1-4cb3-abe5-413dd6103059}: [DhcpNameServer] 172.20.10.1
 
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-410341470-1476927905-1517334712-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-09-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-09-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: 9c291n8a.default
FF ProfilePath: C:\Users\Feng Vang\AppData\Roaming\Mozilla\Firefox\Profiles\9c291n8a.default [2019-10-06]
FF ProfilePath: C:\Users\Feng Vang\AppData\Roaming\Mozilla\Firefox\Profiles\kr0wpgkh.default-release [2019-10-10]
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-09-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-09-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR Profile: C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default [2019-10-11]
CHR Extension: (Slides) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-11]
CHR Extension: (Docs) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-11]
CHR Extension: (Google Drive) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-11]
CHR Extension: (YouTube) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-11]
CHR Extension: (Sheets) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-12]
CHR Extension: (AdBlock) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-10-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-25]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11634696 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [34664 2019-09-25] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [101224 2019-09-25] (IDSA Production signing key -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-06-13] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel® Software Development Products -> )
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.32.14001.0_x64__8wekyb3d8bbwe\GamingServices.exe [21640 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.32.14001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21640 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2348336 2019-09-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3228464 2019-09-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 PrivateInternetAccessService; C:\Program Files\Private Internet Access\pia-service.exe [1073664 2019-08-26] (London Trust Media Incorporated -> )
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Rockstar Service; D:\Launcher\Rockstar Launcher\RockstarService.exe [471696 2019-09-25] (Rockstar Games, Inc. -> Rockstar Games)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [757184 2018-06-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RunSwUSB; C:\Windows\runSW.exe [59232 2018-02-07] (Realtek Semiconductor Corp. -> )
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2019-05-23] () [File not signed]
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [195832 2018-12-19] (Intel® Software Development Products -> )
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel® Software Development Products -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2236360 2019-05-10] (Wacom Technology Corporation -> Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c7bdd6222811a2ee\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c7bdd6222811a2ee\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [2807664 2019-09-05] (BattlEye Innovations e.K. -> )
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-05-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-05-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [101304 2019-06-20] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_1b21574792f7489c\gameflt.sys [71216 2019-09-27] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c7bdd6222811a2ee\nvlddmkm.sys [22377560 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1131024 2018-10-23] (Realtek Semiconductor Corp. -> Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [8206848 2019-03-18] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 tap-pia-0901; C:\WINDOWS\System32\drivers\tap-pia-0901.sys [39432 2019-05-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 UcmCxUcsiNvppc; C:\WINDOWS\System32\drivers\UcmCxUcsiNvppc.sys [715680 2019-08-16] (NVIDIA Corporation -> NVIDIA Corporation)
R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49216 2019-03-25] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46688 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [350136 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_f6a7534fb0f98a2f\xvdd.sys [450584 2019-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-10-11 03:54 - 2019-10-11 03:54 - 004281458 _____ C:\Users\Feng Vang\Downloads\elementor.2.7.4.zip
2019-10-11 03:04 - 2019-10-11 03:04 - 005551218 _____ C:\Users\Feng Vang\Downloads\ml-slider.3.14.0.zip
2019-10-11 00:33 - 2019-10-11 00:33 - 000002768 _____ C:\Users\Feng Vang\AppData\Local\recently-used.xbel
2019-10-11 00:26 - 2019-10-11 00:26 - 008656643 _____ C:\Users\Feng Vang\Downloads\salon-booking-system.3.32.6.zip
2019-10-11 00:09 - 2019-10-11 00:09 - 001699951 _____ C:\Users\Feng Vang\Downloads\easy-appointments.2.6.0.zip
2019-10-11 00:03 - 2019-10-11 00:03 - 002979663 _____ C:\Users\Feng Vang\Downloads\wpforms-lite.1.5.5.1.zip
2019-10-10 20:54 - 2019-10-10 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2019-10-10 20:52 - 2019-10-10 20:54 - 000000000 ____D C:\xampp
2019-10-10 09:40 - 2019-10-10 09:40 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 019811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 004129616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 002422592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-10 09:40 - 2019-10-10 09:40 - 002314648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-10 09:40 - 2019-10-10 09:40 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 001152016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 022628352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 018019840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 017787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 009928504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 006517640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 006232064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 005915648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 004012544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 003701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002762504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-10-10 09:39 - 2019-10-10 09:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-10-10 09:39 - 2019-10-10 09:39 - 002723328 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 002703360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002456064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002236144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002000168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001730560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001664928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001439744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 001394488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001217904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 001084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000890472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000880088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000856576 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-10 09:39 - 2019-10-10 09:39 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000829536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000774672 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000758584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000516408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000466416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000412152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-10 09:39 - 2019-10-10 09:39 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-10 09:39 - 2019-10-10 09:39 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-10-10 09:39 - 2019-10-10 09:39 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-10-10 09:36 - 2019-09-19 21:36 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-10-10 09:36 - 2019-09-19 21:14 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-10-09 15:59 - 2019-10-09 15:59 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Tempzxpsignb8ceb8e0fa6a620d
2019-10-08 14:51 - 2019-10-08 14:51 - 000003328 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-C0203F81333B839EBCE7637377C02B51
2019-10-07 05:31 - 2019-10-11 10:41 - 000000000 ____D C:\Users\Feng Vang\Downloads\FRST-OlderVersion
2019-10-07 05:31 - 2019-10-07 05:31 - 000001131 _____ C:\Users\Feng Vang\Downloads\Fixlog.txt
2019-10-06 15:43 - 2019-10-06 15:57 - 000000000 ____D C:\Users\Feng Vang\.koala
2019-10-06 15:43 - 2019-10-06 15:43 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Koala
2019-10-06 15:42 - 2019-10-06 15:42 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koala
2019-10-06 15:41 - 2019-10-06 15:46 - 000000000 ____D C:\Program Files (x86)\Koala
2019-10-06 15:36 - 2019-10-06 15:47 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\npm
2019-10-06 15:36 - 2019-10-06 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2019-10-06 15:36 - 2019-10-06 15:36 - 000000000 ____D C:\nodejs
2019-10-06 15:33 - 2019-10-06 15:37 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\npm-cache
2019-10-06 15:33 - 2019-10-06 15:33 - 000000000 ____D C:\Users\Feng Vang\.config
2019-10-06 15:32 - 2019-10-06 15:32 - 000000000 _____ C:\Users\Feng Vang\.node_repl_history
2019-10-06 14:38 - 2019-10-10 18:23 - 000000000 ____D C:\Users\Feng Vang\AppData\LocalLow\Mozilla
2019-10-06 14:38 - 2019-10-06 14:38 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-06 14:38 - 2019-10-06 14:38 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Mozilla
2019-10-06 14:38 - 2019-10-06 14:38 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Mozilla
2019-10-06 14:38 - 2019-10-06 14:38 - 000000000 ____D C:\ProgramData\Mozilla
2019-10-06 14:38 - 2019-10-06 14:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-06 14:38 - 2019-10-06 14:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-06 14:09 - 2019-10-06 14:09 - 000000263 _____ C:\Users\Feng Vang\Downloads\SearchReg.txt
2019-10-06 14:05 - 2019-10-06 14:06 - 000000262 _____ C:\Users\Feng Vang\Downloads\Search.txt
2019-10-06 14:02 - 2019-10-06 14:02 - 018190336 _____ C:\Users\Feng Vang\Downloads\node-v10.16.3-x64.msi
2019-10-05 12:32 - 2019-10-05 12:34 - 000062836 _____ C:\Users\Feng Vang\Downloads\Addition.txt
2019-10-05 12:31 - 2019-10-11 10:45 - 000033594 _____ C:\Users\Feng Vang\Downloads\FRST.txt
2019-10-05 12:31 - 2019-10-11 10:45 - 000000000 ____D C:\FRST
2019-10-05 12:30 - 2019-10-11 10:41 - 001615872 _____ (Farbar) C:\Users\Feng Vang\Downloads\FRST64.exe
2019-10-04 18:09 - 2019-10-04 18:09 - 000000000 ____D C:\Users\Feng Vang\Documents\GTA San Andreas User Files
2019-10-04 11:14 - 2019-10-04 11:14 - 000001157 _____ C:\Users\Feng Vang\Desktop\Grand Theft Auto San Andreas.lnk
2019-10-04 11:09 - 2019-10-04 11:14 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2019-10-04 11:09 - 2019-10-04 11:09 - 000000778 _____ C:\Users\Feng Vang\Desktop\Rockstar Games Launcher.lnk
2019-10-04 11:09 - 2019-10-04 11:09 - 000000000 ____D C:\ProgramData\Rockstar Games
2019-10-03 23:32 - 2019-10-11 01:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-10-03 23:32 - 2019-10-11 01:36 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-10-03 23:32 - 2019-10-03 23:32 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-10-03 17:28 - 2019-10-03 17:28 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-10-03 17:28 - 2019-10-03 17:28 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 001012640 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 001012640 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 000876448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 000876448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 000447120 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 000351912 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 000301472 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-10-03 16:59 - 2019-09-27 13:43 - 000301472 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-10-03 16:59 - 2019-09-27 13:43 - 000273312 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-10-03 16:59 - 2019-09-27 13:43 - 000273312 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-10-03 16:59 - 2019-09-27 13:42 - 011561728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-10-03 16:59 - 2019-09-27 13:42 - 009936640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 002051728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 001551448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 001477720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 001247192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 001140640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000999840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000959632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000823768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000813008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000676952 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000659544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000633432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000571864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2019-10-03 16:59 - 2019-09-27 13:41 - 000544672 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000523736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 040445368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 035334104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 017301464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 014922656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 005358680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 004697504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 000858712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2019-10-03 16:59 - 2019-09-27 13:40 - 000450976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2019-10-03 16:59 - 2019-09-26 20:20 - 000074045 _____ C:\WINDOWS\system32\nvinfo.pb
2019-10-03 15:18 - 2019-10-03 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-10-01 14:04 - 2019-10-01 14:04 - 000000919 _____ C:\Users\Feng Vang\Documents\equity_award_pdf_report.pdf
2019-10-01 14:03 - 2019-10-01 14:03 - 000000896 _____ C:\Users\Feng Vang\Documents\detailed_tax_report.pdf
2019-10-01 11:10 - 2019-10-01 11:19 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\calibre-cache
2019-10-01 11:09 - 2019-10-01 11:21 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\calibre
2019-10-01 11:09 - 2019-10-01 11:17 - 000000000 ____D C:\Users\Feng Vang\Calibre Library
2019-09-28 20:35 - 2019-10-03 15:18 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-09-28 20:30 - 2019-09-28 20:30 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-09-28 20:14 - 2019-09-28 20:23 - 000000000 ____D C:\Program Files\Microsoft Office
2019-09-27 22:43 - 2019-10-10 13:17 - 000000000 ____D C:\Windows.old
2019-09-27 22:34 - 2019-09-27 22:43 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-09-27 22:33 - 2019-09-27 22:34 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-09-27 22:33 - 2019-09-27 22:33 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-09-27 22:31 - 2019-09-27 22:31 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 007848192 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 006425600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 006227624 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 006164480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 006084048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 005865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 005764872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 005105152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 004612520 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 004046336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 003964056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 003742032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 003386880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 003184128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 003105280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002821120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 002772032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002258856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002160640 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002132280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002120272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002069504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001957008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001913296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001845408 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001788728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-09-27 22:31 - 2019-09-27 22:31 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001664376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001616784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 001510752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001383856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-09-27 22:31 - 2019-09-27 22:31 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001297936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001261800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001244944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 001178816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001150240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001054872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001047968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001036800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000944664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000904704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000833312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000792296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000759488 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000732176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000656960 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000551952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000541480 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-09-27 22:31 - 2019-09-27 22:31 - 000487576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11on12.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000449888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000442704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-09-27 22:31 - 2019-09-27 22:31 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000398728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000342896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000334936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000293344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgmgr32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000223032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000176152 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000140496 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000119840 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000100664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000092624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000079376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devrtl.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000052752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000021544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000011576 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-09-27 22:28 - 2019-09-27 22:28 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-09-27 22:28 - 2019-09-27 22:28 - 000000000 ____D C:\Program Files\MSBuild
2019-09-27 22:28 - 2019-09-27 22:28 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-09-27 22:28 - 2019-03-01 18:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-09-27 22:28 - 2019-03-01 18:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-09-27 22:28 - 2019-03-01 18:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-09-27 22:28 - 2019-02-05 19:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-09-27 22:28 - 2019-02-05 19:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-09-27 22:28 - 2019-02-05 19:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-09-27 21:53 - 2019-10-11 10:44 - 000845124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-27 21:51 - 2019-09-27 21:51 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-09-27 21:50 - 2019-09-27 21:50 - 000000020 ___SH C:\Users\Feng Vang\ntuser.ini
2019-09-27 21:49 - 2019-10-11 10:41 - 000004158 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2E641F8F-3A38-4E2E-81A9-5749FF524F7E}
2019-09-27 21:49 - 2019-10-11 10:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-27 21:49 - 2019-10-11 04:41 - 000003134 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-09-27 21:49 - 2019-10-10 18:09 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-410341470-1476927905-1517334712-1001
2019-09-27 21:49 - 2019-10-08 11:35 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-09-27 21:49 - 2019-10-08 11:35 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-09-27 21:49 - 2019-09-27 21:49 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-09-27 21:49 - 2019-09-27 21:49 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-09-27 21:49 - 2019-09-27 21:49 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-09-27 21:49 - 2019-09-27 21:49 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2019-09-27 21:49 - 2019-09-27 21:49 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002738 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2019-09-27 21:49 - 2019-09-27 21:49 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2019-09-27 21:49 - 2019-09-27 21:49 - 000002568 _____ C:\WINDOWS\system32\Tasks\D3DGearRawFrameCaptureTask
2019-09-27 21:49 - 2019-09-27 21:49 - 000002440 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2019-09-27 21:49 - 2019-09-27 21:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\SmartFTP
2019-09-27 21:49 - 2019-09-27 21:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-410341470-1476927905-1517334712-1001
2019-09-27 21:49 - 2019-09-27 21:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2019-09-27 21:46 - 2019-10-10 18:09 - 000002412 _____ C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-27 21:46 - 2019-10-06 15:43 - 000000000 ____D C:\Users\Feng Vang
2019-09-27 21:46 - 2019-09-27 21:46 - 000000000 ____D C:\ProgramData\USOShared
2019-09-27 21:44 - 2019-09-09 10:44 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-09-27 21:43 - 2019-10-10 20:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-27 21:43 - 2019-09-28 20:24 - 005196688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-27 21:13 - 2019-10-10 13:17 - 000000000 ___DC C:\WINDOWS\Panther
2019-09-27 21:07 - 2019-09-27 21:13 - 000000000 ____D C:\ESD
2019-09-27 21:04 - 2019-09-27 21:04 - 000000000 ___HD C:\$Windows.~WS
2019-09-27 13:30 - 2019-09-27 13:30 - 000081440 _____ C:\WINDOWS\dxdiag.txt
2019-09-27 12:50 - 2019-09-27 12:50 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Macromedia
2019-09-26 18:10 - 2019-09-26 18:10 - 000020532 _____ C:\Users\Feng Vang\Documents\LRCCD Transcript Unofficial.pdf
2019-09-26 15:25 - 2019-09-27 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-09-26 15:25 - 2019-09-26 15:25 - 000000000 ____D C:\Program Files (x86)\Intel
2019-09-25 15:10 - 2019-09-25 15:10 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Tempzxpsign1e53e69327de9465
2019-09-25 15:08 - 2019-09-25 15:08 - 000001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2017.lnk
2019-09-25 15:06 - 2019-09-25 15:06 - 000001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2019.lnk
2019-09-25 05:34 - 2019-09-25 05:34 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CC 2017.lnk
2019-09-24 17:04 - 2019-09-25 15:08 - 000000000 ____D C:\Users\Public\Documents\Adobe
2019-09-24 17:04 - 2019-09-25 15:08 - 000000000 ____D C:\ProgramData\Documents\Adobe
2019-09-24 17:04 - 2019-09-24 17:04 - 000001271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2019.lnk
2019-09-24 17:03 - 2019-09-24 17:03 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2019-09-24 17:03 - 2019-09-24 17:03 - 000000000 ____D C:\ProgramData\Documents\AdobeInstalledCodecs
2019-09-24 13:12 - 2019-09-24 13:12 - 000000000 ____D C:\Users\Feng Vang\Documents\Frontier Developments
2019-09-24 13:12 - 2019-09-24 13:12 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Frontier Developments
2019-09-24 13:12 - 2019-09-24 13:12 - 000000000 ____D C:\ProgramData\Frontier Developments
2019-09-24 13:07 - 2019-09-24 13:07 - 000000222 _____ C:\Users\Feng Vang\Desktop\Planet Zoo.url
2019-09-23 15:25 - 2019-09-23 15:25 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2019.lnk
2019-09-21 00:12 - 2019-10-08 20:44 - 000000600 _____ C:\Users\Feng Vang\AppData\Roaming\winscp.rnd
2019-09-21 00:09 - 2019-09-21 00:09 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2019-09-21 00:09 - 2019-09-21 00:09 - 000000000 ____D C:\Program Files (x86)\WinSCP
2019-09-20 21:42 - 2019-09-20 21:42 - 000279019 _____ C:\Users\Feng Vang\Documents\FCFA60.1.2_19-20_SAP_Appeal.pdf
2019-09-19 22:02 - 2019-09-19 22:02 - 000000000 ____D C:\Users\Feng Vang\Documents\Larian Studios
2019-09-19 22:01 - 2019-09-19 22:02 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\LarianLauncher
2019-09-19 20:56 - 2019-09-19 20:56 - 000000000 ____D C:\Users\Feng Vang\Documents\Call of Duty Modern Warfare
2019-09-19 18:51 - 2019-09-19 18:51 - 000037145 _____ C:\Users\Feng Vang\Documents\Feng-Resume.pdf
2019-09-19 16:20 - 2019-09-27 21:46 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2019-09-19 16:19 - 2019-09-27 21:46 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2019-09-19 16:19 - 2019-09-20 18:20 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-09-19 16:19 - 2019-09-19 16:20 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-09-12 15:30 - 2019-09-12 15:30 - 000000000 ____D C:\Users\Feng Vang\AppData\LocalLow\Ookla
2019-09-12 15:29 - 2019-09-27 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speedtest By Ookla
2019-09-12 15:29 - 2019-09-12 15:29 - 000000000 ____D C:\Program Files\Speedtest
2019-09-12 14:18 - 2019-09-27 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-09-12 14:18 - 2019-09-12 14:18 - 000000000 ____D C:\Program Files\iPod
2019-09-12 14:17 - 2019-09-12 14:18 - 000000000 ____D C:\Program Files\iTunes
2019-09-12 14:15 - 2019-09-12 14:15 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-10-11 10:44 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
2019-10-11 10:41 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-11 10:40 - 2019-05-11 23:16 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-11 10:38 - 2019-08-11 11:48 - 000000000 ____D C:\ProgramData\VMware
2019-10-11 10:38 - 2019-05-24 22:52 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\WTablet
2019-10-11 10:38 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-11 04:41 - 2019-05-12 00:46 - 000000000 ____D C:\ProgramData\Origin
2019-10-11 04:41 - 2019-05-11 23:25 - 000008596 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2019-10-11 04:41 - 2019-05-11 23:24 - 000025470 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2019-10-11 04:41 - 2019-05-11 23:24 - 000013335 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2019-10-11 04:41 - 2019-03-18 21:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-10-11 04:40 - 2019-05-14 22:12 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Code
2019-10-10 18:29 - 2019-07-25 16:12 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Origin
2019-10-10 18:18 - 2019-05-13 13:01 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2019-10-10 18:09 - 2019-05-12 14:06 - 000000000 ___RD C:\Users\Feng Vang\OneDrive
2019-10-10 13:37 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-10 09:43 - 2019-05-12 02:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-10 09:41 - 2019-05-12 02:04 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-10 09:41 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-09 15:59 - 2019-05-12 14:04 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Adobe
2019-10-09 02:40 - 2019-06-29 00:27 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\vlc
2019-10-07 15:32 - 2019-07-25 16:12 - 000000000 ____D C:\Program Files (x86)\Origin
2019-10-05 17:31 - 2019-05-12 00:42 - 000000000 ____D C:\Program Files (x86)\Steam
2019-10-05 15:54 - 2019-05-11 23:21 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\PlaceholderTileLogoFolder
2019-10-05 15:47 - 2019-05-17 23:24 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Jagex
2019-10-05 15:47 - 2019-05-17 23:24 - 000000000 ____D C:\ProgramData\Jagex
2019-10-04 23:59 - 2019-05-12 14:04 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Packages
2019-10-04 18:09 - 2019-05-13 02:39 - 000000000 ____D C:\Users\Feng Vang\Documents\Rockstar Games
2019-10-04 18:09 - 2019-03-18 22:00 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2019-10-04 18:09 - 2019-03-18 22:00 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2019-10-04 18:09 - 2019-03-18 22:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2019-10-04 18:09 - 2019-03-18 21:57 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2019-10-04 18:09 - 2019-03-18 21:57 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2019-10-04 18:09 - 2019-03-18 21:57 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2019-10-04 18:09 - 2019-03-18 21:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2019-10-04 18:09 - 2019-03-18 21:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2019-10-04 18:09 - 2019-03-18 21:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2019-10-04 18:09 - 2019-03-18 21:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2019-10-04 11:10 - 2019-05-13 02:39 - 000000000 ____D C:\Program Files\Rockstar Games
2019-10-04 11:10 - 2019-05-13 02:39 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-10-04 11:09 - 2019-05-13 02:39 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Rockstar Games
2019-10-04 11:09 - 2019-05-12 00:47 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\D3DSCache
2019-10-04 11:09 - 2019-05-11 23:17 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-03 17:47 - 2019-06-13 13:22 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Ubisoft Game Launcher
2019-10-03 17:31 - 2019-05-11 23:16 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-10-03 17:28 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\servicing
2019-10-03 17:02 - 2019-05-11 23:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-10-03 15:17 - 2019-05-15 00:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-02 14:57 - 2019-05-12 13:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-09-30 23:15 - 2019-05-19 00:04 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\uTorrent
2019-09-30 23:12 - 2019-05-19 00:04 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\BitTorrentHelper
2019-09-28 20:30 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-09-28 18:52 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-09-27 22:43 - 2019-08-30 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II
2019-09-27 22:43 - 2019-08-30 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite USB
2019-09-27 22:43 - 2019-08-30 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2019-09-27 22:43 - 2019-08-11 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2019-09-27 22:43 - 2019-07-26 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-09-27 22:43 - 2019-07-25 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2019-09-27 22:43 - 2019-06-29 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-09-27 22:43 - 2019-06-11 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2019-09-27 22:43 - 2019-05-24 22:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2019-09-27 22:43 - 2019-05-21 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2019-09-27 22:43 - 2019-05-17 23:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jagex
2019-09-27 22:43 - 2019-05-17 02:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield™ V
2019-09-27 22:43 - 2019-05-15 00:56 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-09-27 22:43 - 2019-05-13 00:26 - 000000000 ____D C:\Program Files\Intel
2019-09-27 22:43 - 2019-05-13 00:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2019-09-27 22:43 - 2019-05-12 01:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2019-09-27 22:43 - 2019-05-12 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2019-09-27 22:43 - 2019-05-11 23:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2019-09-27 22:43 - 2019-05-11 23:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-09-27 22:43 - 2019-05-11 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-09-27 22:43 - 2019-03-18 21:56 - 000000000 ____D C:\WINDOWS\Setup
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Catroot2.old
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-27 22:43 - 2019-03-18 21:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-09-27 22:43 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-09-27 22:34 - 2019-05-21 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2019-09-27 22:33 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-09-27 22:33 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-09-27 22:32 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-27 22:32 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-27 21:52 - 2019-05-12 02:02 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-09-27 21:51 - 2019-06-12 11:54 - 001149576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2019-09-27 21:51 - 2019-06-12 11:54 - 000178848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2019-09-27 21:51 - 2019-06-12 11:54 - 000052360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2019-09-27 21:50 - 2019-05-12 14:04 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-09-27 21:50 - 2019-05-12 14:04 - 000000000 ___RD C:\Users\Feng Vang\3D Objects
2019-09-27 21:50 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-09-27 21:50 - 2019-03-18 21:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-09-27 21:49 - 2019-05-17 23:24 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OldSchool RuneScape
2019-09-27 21:49 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-09-27 21:47 - 2019-03-18 21:52 - 000000000 __RSD C:\WINDOWS\Media
2019-09-27 21:46 - 2019-08-14 04:00 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7
2019-09-27 21:46 - 2019-08-10 00:39 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2019-09-27 21:46 - 2019-08-08 18:49 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac
2019-09-27 21:46 - 2019-06-13 13:22 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-09-27 21:46 - 2019-06-02 10:21 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iRacing
2019-09-27 21:46 - 2019-05-24 22:36 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chime
2019-09-27 21:46 - 2019-05-21 14:13 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2019-09-27 21:46 - 2019-05-13 01:48 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-09-27 21:46 - 2019-05-11 23:22 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-09-27 16:40 - 2019-09-10 14:21 - 005001984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-09-27 16:40 - 2019-09-10 14:21 - 004263296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-09-27 15:53 - 2019-06-12 11:52 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\PackageStaging
2019-09-27 15:49 - 2019-06-13 18:08 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\ElevatedDiagnostics
2019-09-27 13:21 - 2019-05-12 14:03 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.old
2019-09-27 13:16 - 2019-05-13 01:53 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\CrashDumps
2019-09-27 13:00 - 2019-05-15 00:49 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-09-27 12:49 - 2019-05-11 23:22 - 000000000 ____D C:\ProgramData\Packages
2019-09-26 18:00 - 2019-05-12 14:04 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\ConnectedDevicesPlatform
2019-09-25 15:09 - 2019-05-15 00:44 - 000000000 ____D C:\Users\Feng Vang\Documents\Adobe
2019-09-25 15:08 - 2019-05-15 00:49 - 000000000 ____D C:\Program Files\Adobe
2019-09-25 15:06 - 2019-05-15 00:41 - 000000000 ____D C:\ProgramData\Adobe
2019-09-25 15:05 - 2019-05-15 00:41 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Adobe
2019-09-24 14:51 - 2019-07-07 14:50 - 000000000 ____D C:\Program Files (x86)\Corel
2019-09-24 12:57 - 2019-05-11 23:21 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-23 15:25 - 2019-05-15 00:49 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-09-21 02:41 - 2019-05-12 01:39 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Battle.net
2019-09-21 00:06 - 2019-05-14 22:39 - 000000000 ____D C:\Program Files\SmartFTP Client
2019-09-20 09:40 - 2019-05-17 23:38 - 000000024 _____ C:\Users\Feng Vang\jagexappletviewer.preferences
2019-09-20 09:37 - 2019-05-17 23:38 - 000000048 _____ C:\Users\Feng Vang\jagex_cl_oldschool_LIVE.dat
2019-09-20 09:37 - 2019-05-17 23:38 - 000000024 _____ C:\Users\Feng Vang\random.dat
2019-09-19 17:27 - 2019-05-24 22:36 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Chime
2019-09-19 14:29 - 2019-05-11 23:20 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-15 18:31 - 2019-05-11 23:24 - 000013098 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2019-09-15 14:35 - 2019-06-11 15:33 - 000000000 ____D C:\Users\Feng Vang\Documents\American Truck Simulator
2019-09-12 14:15 - 2019-07-28 11:42 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
 
==================== Files in the root of some directories ================
 
2019-09-21 00:12 - 2019-10-08 20:44 - 000000600 _____ () C:\Users\Feng Vang\AppData\Roaming\winscp.rnd
2019-05-25 22:32 - 2019-05-25 22:32 - 000001456 _____ () C:\Users\Feng Vang\AppData\Local\Adobe Save for Web 13.0 Prefs
2019-05-17 11:53 - 2019-05-17 11:53 - 000000000 _____ () C:\Users\Feng Vang\AppData\Local\oobelibMkey.log
2019-10-11 00:33 - 2019-10-11 00:33 - 000002768 _____ () C:\Users\Feng Vang\AppData\Local\recently-used.xbel
 
==================== SigCheck ===============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-10-2019 01

Ran by Feng Vang (11-10-2019 10:46:20)
Running from C:\Users\Feng Vang\Downloads
Windows 10 Home Version 1903 18362.418 (X64) (2019-09-28 04:50:02)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
80969055B5E144BC9993 (S-1-5-21-410341470-1476927905-1517334712-1009 - Limited - Enabled)
Administrator (S-1-5-21-410341470-1476927905-1517334712-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-410341470-1476927905-1517334712-503 - Limited - Disabled)
E1476EE7E8FB4B1E8146 (S-1-5-21-410341470-1476927905-1517334712-1008 - Limited - Enabled)
Feng Vang (S-1-5-21-410341470-1476927905-1517334712-1001 - Administrator - Enabled) => C:\Users\Feng Vang
Guest (S-1-5-21-410341470-1476927905-1517334712-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-410341470-1476927905-1517334712-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
Adobe (HKLM\...\{3A8DC48F-607D-4394-8C04-EA9F5186348D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
adobe (HKLM\...\{F5E6F3F4-C3CB-4A34-B690-F3F8AF571B0E}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1) (Version: 16.1 - Adobe Systems Incorporated)
Adobe Animate 2019 (HKLM-x32\...\FLPR_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_0_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe InDesign 2019 (HKLM-x32\...\IDSN_14_0_3) (Version: 14.0.3 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Adobe Premiere (HKLM\...\{C1CB876C-A08E-4692-B525-42848BD154D7}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_0) (Version: 11.1.0 - Adobe Systems Incorporated)
Amazon Chime (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\{D9D58C68-544A-4C36-B6B4-62D0F9505765}_is1) (Version: 4.25.9339.1 - Amazon.com, Inc.)
Amazon Kindle (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.2.2 - Electronic Arts, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version:  - Ubisoft)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.61.35422 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
Corel Painter Essentials 6 - Content (HKLM\...\{56F051E4-C179-425E-9AA8-4B3FBC2F05B7}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - Core (HKLM\...\{FA3FA2BE-94D1-41CA-89BF-29AE2EB61E46}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - CT (HKLM\...\{404B42A1-47EF-44D5-B390-E0CB3F879497}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - DE (HKLM\...\{13CD16A8-0B5E-469D-A8C2-1BD41B58999F}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - EN (HKLM\...\{1B3DFFA0-0CE7-4607-8E55-FB64B8628995}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - FR (HKLM\...\{E39BC105-2204-4BA8-BB9F-D08E5BDD1493}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - IPM (HKLM\...\{B1AA1DD1-FC10-499C-B802-6C9558CBBC1A}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - IPM Content (HKLM\...\{68FC3BC5-C3AA-4B36-86F7-D4ED105E1D7B}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - JP (HKLM\...\{9BAC9F81-DE28-450F-B0F8-C319D08C2A6A}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 (HKLM\...\_{0EDEDA40-4B3A-46D0-A0D8-0FE8834390DE}) (Version: 6.1.0.238 - Corel Corpopration)
Corel Painter Essentials 6 (HKLM\...\{D5ACBF88-A251-4E63-8DFE-1EF7491D601E}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Thumbnail Previewer (HKLM\...\{50139369-99B2-496A-8726-D3DC5D6D4235}) (Version: 18.0 - Corel Corporation)
Corel Update Manager (HKLM\...\{5039B7BE-F79B-4121-A9D3-D66ED4169414}) (Version: 2.11.552 - Corel corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{466EA30A-9B38-4AD2-A6B0-18D6E0C1A848}) (Version: 1.1.206.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FB360 Spatial Workstation AAX version 3.3 (HKLM\...\FB360 Spatial Workstation AAX_is1) (Version: 3.3 - )
Focusrite USB 4.63.23.563 (HKLM\...\Focusrite USB_is1) (Version: 4.63.23.563 - Focusrite Audio Engineering, Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Grand Theft Auto: San Andreas (HKLM-x32\...\Grand Theft Auto: San Andreas) (Version: 1.0.0.22 - Rockstar Games)
ICA (HKLM\...\{0EDEDA40-4B3A-46D0-A0D8-0FE8834390DE}) (Version: 6.1 - Corel Corpopration) Hidden
Inkscape 0.92.4 (HKLM-x32\...\Inkscape) (Version: 0.92.4 - Inkscape Project)
Intel Driver && Support Assistant (HKLM-x32\...\{C2BB0965-B84D-4689-A4B0-AA40250C5C4D}) (Version: 19.9.38.6 - Intel) Hidden
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{f4fb06ec-c4f2-465a-a239-9c8bd6fd7108}) (Version: 19.9.38.6 - Intel)
iTunes (HKLM\...\{D6969886-0A8A-46BF-A3FA-D6CD43FC8F85}) (Version: 12.10.0.7 - Apple Inc.)
Koala -- A cool tool for web developers (HKLM-x32\...\Koala) (Version: 2.3.0 - koala-app.com)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.12026.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.39.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 69.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 69.0.2 (x64 en-US)) (Version: 69.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.2 - Mozilla)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version:  - Native Instruments)
Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version:  - Native Instruments)
Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Node.js (HKLM\...\{23A34EBD-AE97-4FB3-8542-501FBA47EA98}) (Version: 10.16.3 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Graphics Driver 436.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.38.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.38.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
OpenIV (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\OpenIV) (Version: 3.1.1033 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 10.5.48.31055 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Private Internet Access (HKLM\...\{33023371-7761-4F81-BBB1-0E0D0D175ACF}) (Version: 1.4.0+03180 - London Trust Media, Inc.)
PS4 Remote Play (HKLM-x32\...\{856AD2B5-7C4C-4BCA-90C0-48010DAD701F}) (Version: 2.8.0.03041 - Sony Interactive Entertainment Inc.)
Python 3.7.4 (64-bit) (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\{8ae589dd-de2e-42cd-af56-102374115fee}) (Version: 3.7.4150.0 - Python Software Foundation)
Python 3.7.4 Add to Path (64-bit) (HKLM\...\{16AB56AD-A068-4407-B239-25D2A507743D}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Core Interpreter (64-bit) (HKLM\...\{92A73F83-DC16-4316-945A-B66BC12362A7}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Development Libraries (64-bit) (HKLM\...\{B86709C3-962E-4C62-BF25-CF8D06267D72}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Documentation (64-bit) (HKLM\...\{4BC82D3B-BBC7-4BAF-899D-10AF5745E4AB}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Executables (64-bit) (HKLM\...\{6DDB726E-09CE-44B4-A129-B62AD1604A95}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 pip Bootstrap (64-bit) (HKLM\...\{F92D31AF-F447-4A85-B0FD-CE6378F7625A}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Standard Library (64-bit) (HKLM\...\{5BF79310-A787-430F-93DD-CC8A9787679D}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Tcl/Tk Support (64-bit) (HKLM\...\{E5B772D5-8CCD-461B-BC60-B10DFB5704AB}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Test Suite (64-bit) (HKLM\...\{794D5EC8-A92F-4969-A318-449C2E71D8C4}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Utility Scripts (64-bit) (HKLM\...\{16F74529-EDE0-4BBD-B2AF-89AF9C696EA8}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{D722DA3A-92F5-454A-BD5D-A48C94D82300}) (Version: 3.7.6762.0 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.5.121 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.2.5 - Rockstar Games)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
Speedtest by Ookla (HKLM\...\{47EB4D56-9DDA-422E-A769-172304E3BB09}) (Version: 1.2.29.001 - Ookla)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.47527 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.55.108.1020 - Electronic Arts Inc.)
TP-Link Archer T4U Driver (HKLM-x32\...\{4805DC86-DEBF-4A5C-B9C4-291FA6441548}) (Version: 2.1.0 - TP-Link)
TransMac version 12.4 (HKLM-x32\...\TransMac_is1) (Version: 12.4 - Acute Systems)
Uplay (HKLM-x32\...\Uplay) (Version: 88.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VMware Player (HKLM\...\{7F9DD9E6-685C-46C6-9430-D91B0DF932BB}) (Version: 14.1.7 - VMware, Inc.)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.34-3 - Wacom Technology Corp.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinSCP 5.15.4 (HKLM-x32\...\winscp3_is1) (Version: 5.15.4 - Martin Prikryl)
XAMPP (HKLM\...\xampp) (Version: 7.3.10-0 - Bitnami)
 
Packages:
=========
Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_20.1.12.4_x64__adky2gkssdxte [2019-09-27] (Adobe Systems Incorporated)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.22.7.0_x86__kgqvnymyfvs32 [2019-10-04] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1600.3.0_x86__kgqvnymyfvs32 [2019-10-04] (king.com)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-09-28] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-09-28] (Microsoft Corporation)
Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.351.461.2_x64__8wekyb3d8bbwe [2019-10-04] (Microsoft Studios)
Forza Horizon 4 Formula Drift Car Pack -> C:\Program Files\WindowsApps\Microsoft.FormulaDriftCarPack_1.0.3.2_neutral__8wekyb3d8bbwe [2019-05-12] (Microsoft Studios)
Gaming Services -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.32.14001.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-10-04] (HP Inc.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-10-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-04] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-10-05] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.94.574.0_x64__mcm4njqhnhss8 [2019-10-05] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-10-04] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.136.0_x64__dt26b99r8h8gj [2019-09-27] (Realtek Semiconductor Corp)
Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_1909.1001.12.0_x64__8wekyb3d8bbwe [2019-10-05] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-410341470-1476927905-1517334712-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-410341470-1476927905-1517334712-1001_Classes\CLSID\{85A6BE02-117C-4C76-B352-CE8D2AF1F526}\localserver32 -> "C:\Program Files\SmartFTP Client\SmartFTP.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-410341470-1476927905-1517334712-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-05-19] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2019-03-25] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2019-03-25] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c7bdd6222811a2ee\nvshext.dll [2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.WVC1] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.WMV3] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.MJPG] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.M4S2] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.FVFW] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.MP4V] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.FFVH] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.H264] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Feng Vang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6c0b951e69aa5b9e\Koala.lnk -> C:\Program Files (x86)\Koala\Koala.exe (The NWJS Community) -> --user-data-dir="C:\Users\Feng Vang\AppData\Local\Koala\User Data" --profile-directory=Default --app-id=nbcfhoaboniogapedbkoengejahmpnbi
 
==================== Loaded Modules (Whitelisted) ==============
 
2019-05-24 22:36 - 2019-09-17 21:09 - 003472384 _____ ( ) [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\AudioClient.dll
2019-05-24 22:36 - 2019-09-17 21:09 - 008079360 _____ ( ) [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\MediaClient.dll
2019-05-24 22:36 - 2019-09-17 21:09 - 000257536 _____ ( ) [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\MediaContext.dll
2019-05-24 22:36 - 2019-09-17 21:09 - 003471872 _____ ( ) [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\ScreenClient.dll
2019-04-21 01:33 - 2019-04-21 01:33 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-04-21 01:32 - 2019-04-21 01:32 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-04-21 01:33 - 2019-04-21 01:33 - 000649216 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-04-21 01:32 - 2019-04-21 01:32 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-04-21 01:33 - 2019-04-21 01:33 - 000367104 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-05-24 22:36 - 2019-07-16 01:11 - 000859648 _____ () [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\CefSharp.BrowserSubprocess.Core.dll
2019-05-24 22:36 - 2019-07-16 01:11 - 001257984 _____ () [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\CefSharp.Core.dll
2019-05-24 22:36 - 2019-07-16 01:11 - 070447616 _____ () [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\libcef.dll
2019-05-24 22:36 - 2019-07-16 01:11 - 001084416 _____ (Robert Simpson, et al.) [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\x86\SQLite.Interop.dll
2019-05-24 22:36 - 2019-07-16 01:11 - 000433664 _____ (The Chromium Authors) [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\chrome_elf.dll
2019-07-25 16:12 - 2019-07-25 16:12 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-07-25 16:12 - 2019-07-25 16:12 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-07-25 16:12 - 2019-07-25 16:12 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-10-07 15:32 - 2019-07-25 16:12 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-10-07 15:32 - 2019-07-25 16:12 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-10-07 15:32 - 2019-07-25 16:12 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-10-07 15:32 - 2019-07-25 16:12 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-10-07 15:32 - 2019-07-25 16:12 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\PACE:E2F2E09B320E5E3F [217]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-09-15 00:31 - 2018-09-15 00:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%D3DGEARPATH%;d:\steamlibrary;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\nodejs\
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Feng Vang\Pictures\sunset-over-manhattan-bridge-8u-1080p.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Focusrite Notifier"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\StartupApproved\Run: => "Steam"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{EF53A66F-9E9C-4092-9D4C-6E69263B6BC6}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [TCP Query User{15973975-FB66-4E9B-909A-3FDD753772A2}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [UDP Query User{C815D2B9-370D-4459-AA42-E27C47A71D32}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [TCP Query User{2FCA32AF-65FF-48C1-BC75-52E19C2C8782}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [{DBC08052-5FD7-47E7-BB32-35F6FE9728D7}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{103842E8-99DD-48A7-9EA0-AB028292EAF3}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{F6F0B682-FF9F-43A9-81C0-E895D16C4CCD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FDAF666A-387B-44CD-B222-AE0C567F15C6}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{9F4BF7FA-2902-4CDF-B298-992D0A77B5C2}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{0D41EF0D-0F4D-4500-8893-7CCE4AB056A8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{3356EFB2-1AC1-4430-A563-A90AF7EE3189}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [UDP Query User{6904B00F-FE21-4C87-AA89-A79A29318D33}D:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe No File
FirewallRules: [TCP Query User{24A42F9B-7C3B-4B31-AF11-42323AFD6DEB}D:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe No File
FirewallRules: [{0648E5B9-6357-4E13-80C9-47CD3B96A8E6}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{C74CFCAF-2ED0-40C9-A761-B19DC618C8DD}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{69B3F1F0-F8A9-4B3D-9010-FF22EADA8BD2}D:\overwatch\call of duty modern warfare beta\modernwarfare.exe] => (Allow) D:\overwatch\call of duty modern warfare beta\modernwarfare.exe No File
FirewallRules: [TCP Query User{DD1C2562-558E-41F2-BA5C-7DBF57C21227}D:\overwatch\call of duty modern warfare beta\modernwarfare.exe] => (Allow) D:\overwatch\call of duty modern warfare beta\modernwarfare.exe No File
FirewallRules: [{63E56A51-DD4D-4EC0-922F-3B75A3FA16C4}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2E25CD8C-6E25-4953-BCF7-AACC981948D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B54FED40-5530-46C8-ADEB-B35B2E49BCB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DBF0FB3C-182E-459F-973F-9FC9EEB06664}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D435E9A-599B-4F99-A713-C52AD7C39F61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{DE4492F4-7CBF-459D-883D-DE45700F1A21}C:\program files (x86)\ubisoft\ubisoft game launcher\games\ghost recon breakpoint\grb_upp.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\ghost recon breakpoint\grb_upp.exe No File
FirewallRules: [TCP Query User{C38DAE61-188C-45CA-93B1-310A954B02EC}C:\program files (x86)\ubisoft\ubisoft game launcher\games\ghost recon breakpoint\grb_upp.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\ghost recon breakpoint\grb_upp.exe No File
FirewallRules: [{9F8D56E8-16AC-4624-A6C5-B3F03C5E44D3}] => (Allow) D:\Ubisoft Games\Assassin's Creed Odyssey\ACOdyssey.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{7C0990C3-6A91-4CF9-97CF-227E0347E961}D:\overwatch\overwatch\_retail_\overwatch.exe] => (Allow) D:\overwatch\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D4749253-7A0E-4942-8ADA-771A79792E21}D:\overwatch\overwatch\_retail_\overwatch.exe] => (Allow) D:\overwatch\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7A6C777A-FC6A-4745-9160-57411D0A44AF}] => (Allow) D:\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{0EB382DD-970F-4D2E-97A4-52EDBAAA21B9}] => (Allow) D:\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{224F16A5-9516-4106-B117-25E19AB4D5D3}] => (Allow) D:\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{49803158-E82B-4B1B-8765-AEB0B44E74D3}] => (Allow) D:\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{0E04F21B-05F0-4822-9E66-6D257803E4F4}] => (Allow) D:\SteamLibrary\steamapps\common\Toy Story 3\Game-TS3.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{336EA910-FA0F-45C1-A1E9-033984BB0208}] => (Allow) D:\SteamLibrary\steamapps\common\Toy Story 3\Game-TS3.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{AE9B12D5-71A0-47BF-8F2B-8E7097A0B0EF}] => (Allow) C:\Program Files\Avid\Avid Link\AvidAppManHelper.exe No File
FirewallRules: [{207CB466-00D6-449C-9B57-E5540FEE846A}] => (Allow) C:\Program Files\Avid\Avid Link\Avid Link.exe No File
FirewallRules: [{B9AA71AD-9E61-4F10-86B8-DF58FFE7EE0D}] => (Allow) C:\Program Files\Avid\Avid Link\jre\bin\java.exe No File
FirewallRules: [{A15D0385-87B5-4008-A660-78A7591CF107}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{62504EE4-0114-498D-AC5B-16722D3B2661}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [UDP Query User{5D3CAED4-8A4F-46D2-9071-F54587CF9804}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{6953D862-FCEA-4FEA-A7AF-BD629BA183C6}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{A4ED331C-7933-4C8C-A80C-0071E90BC142}] => (Allow) D:\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{05104AAE-0ED2-42FA-87D8-D4AF39930981}] => (Allow) D:\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{8A845BF5-6C08-4507-B0DA-E27E115BECCE}] => (Allow) D:\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{F7A62EAD-A1E5-4F8F-A749-087EDC00B1C1}] => (Allow) D:\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{EF167903-A171-411E-8E72-5135C77A5FB2}] => (Allow) D:\SteamLibrary\steamapps\common\Rush\Rushx64.exe (Asobo Studio - MMS) [File not signed]
FirewallRules: [{1E5ACE22-5000-4C6D-AC18-3FFC479118AB}] => (Allow) D:\SteamLibrary\steamapps\common\Rush\Rushx64.exe (Asobo Studio - MMS) [File not signed]
FirewallRules: [{BB9C32A4-D1CA-4321-89F0-FCC8F1EE6A10}] => (Allow) D:\SteamLibrary\steamapps\common\Fishing Planet\FishingPlanet.exe () [File not signed]
FirewallRules: [{38997EB3-A007-41CD-841B-FAE4EED1AF2B}] => (Allow) D:\SteamLibrary\steamapps\common\Fishing Planet\FishingPlanet.exe () [File not signed]
FirewallRules: [{9D4714DC-C0BD-48EC-9C82-1A0D4FE70A7A}] => (Allow) D:\SteamLibrary\steamapps\common\CookingSimulator\CookingSim.exe () [File not signed]
FirewallRules: [{1925F561-A6E7-4EBA-A452-01238F110AAE}] => (Allow) D:\SteamLibrary\steamapps\common\CookingSimulator\CookingSim.exe () [File not signed]
FirewallRules: [{DD47101C-0EE7-4E73-8489-7CA4AF5A0E58}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{7CA9FE4C-50B4-4DBA-A948-4166A7B81D9F}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{0757A570-4721-452B-8013-A8F5D4CE46AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0B48645D-E096-45BB-853A-AFB563F887BF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A5F18AB9-C14E-4A8B-956A-D4214A8427B1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D96166F6-39EE-4D6A-BEDB-13AD120E80F0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A0ACE425-AB81-4A7F-9FBE-EC81F2412DA9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{8F5A82EE-8894-44C7-9D50-DB2F08691633}D:\ubisoft games\ghost recon breakpoint\grb.exe] => (Allow) D:\ubisoft games\ghost recon breakpoint\grb.exe No File
FirewallRules: [TCP Query User{986B9F9E-7A92-4E4B-B9CA-2B72C1A346EB}D:\ubisoft games\ghost recon breakpoint\grb.exe] => (Allow) D:\ubisoft games\ghost recon breakpoint\grb.exe No File
FirewallRules: [{353F93D4-221A-4FD9-88F3-D446DB81D285}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{04C6AAB2-F25F-458D-9CBD-3385682B781B}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{D242E58C-580E-4B8F-BDE9-27D09E1D0E53}] => (Block) C:\program files (x86)\origin games\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe No File
FirewallRules: [{47880ACC-5336-4F4D-87C7-CBA667F1C288}] => (Block) C:\program files (x86)\origin games\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe No File
FirewallRules: [UDP Query User{972F8D68-065A-4202-8C18-161463FC4AC0}C:\program files (x86)\origin games\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\origin games\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe No File
FirewallRules: [TCP Query User{F9990E9E-6B31-4CF0-8D57-EF61E351EFCB}C:\program files (x86)\origin games\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\origin games\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe No File
FirewallRules: [{6FF8BFBD-4B46-4537-9CFB-34A135844CA4}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)
FirewallRules: [UDP Query User{ABD2B906-B473-49A6-AF2B-D46BF0C194EA}C:\users\feng vang\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\feng vang\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EFA3FC4C-34A5-4096-8F18-A83E91B80835}C:\users\feng vang\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\feng vang\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DBA93949-361A-4450-9AD2-62896ED36557}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{0C519255-3F85-4105-8FEF-EFA223F659C1}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{20469E8C-669A-4EEC-BEB7-0BE8FE82BC1C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{9C9716A1-D0D5-47AD-B7EA-8A4EA7B1BE71}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{E64DA161-405F-4C62-9DB5-ECD470C3C0AA}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{E44E50C7-430D-454C-93E1-CF0567C8874D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{13D35432-9A6E-4D62-85A1-C60F7A20D083}] => (Allow) D:\SteamLibrary\steamapps\common\Injustice2\Binaries\Retail\Injustice2.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{0428B3F3-9525-44CB-9D8B-C0B6E9208B33}] => (Allow) D:\SteamLibrary\steamapps\common\Injustice2\Binaries\Retail\Injustice2.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{174E63E8-FA45-4D54-88B7-7914FBD18340}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{59A38AE9-7F06-4C05-BBD0-4460BC987667}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{B4F04FBD-8DD7-4F8C-98AC-A385CADA9D01}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{297BCDC2-23D7-4947-8DFA-4AB5B05F6E09}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C13AA1A3-0562-4821-8388-77A07055D5B2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{481C971F-7D85-476D-B886-D3115D519A87}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{534918A6-A1FB-4EB2-9BC8-D658BFE99C6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DDDD60D6-9468-4AB0-91F1-FB97E1F60EA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05F17E8E-6EDF-4926-93A5-2DCED28F097E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C135B485-E49D-4C50-B8B0-E2BEE0E2FEC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{43F84450-1025-4B56-AC02-EE419D0F589C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{10DD1EB7-A86F-43E8-A4B9-D628E84904DC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{B3C3EDDD-82E2-4EAD-9D1A-CB237E54B3D7}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{450554EE-4410-4AA5-A1DA-9C918F3C6723}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{E0EBE53E-D39E-4773-BBCE-B70A1F9121E6}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D42F5906-6FA4-48F0-9515-EA48ED117EFD}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1D030D9D-BF95-4116-873C-4AF94F0B963D}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{78F87F69-4662-4245-B55A-0A380754F1B3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{25AEA19A-9E72-430C-9B81-BCAD3BB68E33}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{E40B4D3E-EA23-4A41-8CCD-39EB2E641270}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{C2C28AAB-E5F6-4C1D-955E-BA57EA7F1230}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0F8D137F-6455-4554-8DBD-F04EEA280D63}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{A708A2BA-FAE9-4D33-A2AE-5035D6B744A6}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{4F1D20B7-9F99-4010-882E-1A04EDF1DB07}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{AE2DB762-3EAF-4B87-803F-9F623E7ADD61}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{803C8A01-DCA6-43E7-8AC2-E1AB2F47E913}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6EC605DD-3B01-4BBB-AA3C-7A019C787E3A}] => (Allow) C:\Users\Feng Vang\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2BA5B2E3-3B2E-45B4-9057-2A7CEA1E91EC}] => (Allow) C:\Users\Feng Vang\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{D2336968-8A22-45F3-BE84-0CB5063756B9}D:\overwatch\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch\overwatch.exe No File
FirewallRules: [UDP Query User{4296539D-68C3-4EFD-96DD-96C4C86E465B}D:\overwatch\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch\overwatch.exe No File
FirewallRules: [{C0DB927C-710F-4641-A4B0-82CF0FB88348}] => (Allow) D:\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{04E94F4A-0E81-4B42-BD11-427C9D307D2F}] => (Allow) D:\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{693405E8-C109-4529-AA2E-DDDDF15FE4FE}] => (Allow) D:\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{4D571989-7796-4881-BAF8-7E15A9C62420}] => (Allow) D:\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{3490A2FB-A12C-4238-A5E6-2F0BB3A22F31}] => (Allow) D:\SteamLibrary\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{67F754C3-7B1B-4709-88F8-E5429D4166CD}] => (Allow) D:\SteamLibrary\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{581EC2EF-48B1-4F52-8B88-075F4FC7AD7A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29D47927-7E58-48D4-B4AD-16CCE6D67D17}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B842D77-A606-4772-8C88-FB167046059E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{31EA6E9B-1F45-4245-B0D7-E31962176E41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F36CF37F-A631-4A7D-9A60-DBFA1FE8249D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A3BE31A-058E-4D40-9E33-726B061992DA}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8E0B5668-F7B1-4E10-B91C-574D0FE8928D}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{004DF60E-CE9F-40C3-91FD-C37DD777E5CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9823462B-2402-4823-937F-E25B18A40F3D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D8A8E99A-7752-4921-8439-0AB561D9DCF7}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{09F5C605-CC09-460D-8DF9-6758520FC3DE}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{61BD79D0-7C8C-49D1-8684-15A24F55FCC7}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{F5CAC701-594B-4AC3-AF45-0E7D329392D2}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{6725CE45-60F5-471B-91CD-F7CA442DA400}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{F32CF88A-9C23-4ECA-B1DD-A424A2BEB102}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
 
==================== Restore Points =========================
 
10-10-2019 19:23:49 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/11/2019 10:46:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6472,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (10/11/2019 10:38:34 AM) (Source: SetupARService) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/11/2019 04:41:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (10/11/2019 04:41:06 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (10/11/2019 04:41:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (10/11/2019 04:41:06 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (10/11/2019 04:39:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10212,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (10/11/2019 03:46:39 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15856,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
 
System errors:
=============
Error: (10/09/2019 09:08:18 PM) (Source: DCOM) (EventID: 10010) (User: FENG-PC)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (10/09/2019 09:08:18 PM) (Source: DCOM) (EventID: 10010) (User: FENG-PC)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (10/05/2019 12:00:38 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.
 
Error: (10/05/2019 12:00:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
 
Error: (10/04/2019 11:59:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJBMP-MICROSOFT.WINDOWSSTORE.
 
Error: (10/04/2019 06:07:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/04/2019 06:07:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (10/04/2019 04:00:53 AM) (Source: DCOM) (EventID: 10010) (User: FENG-PC)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.
 
 
Windows Defender:
===================================
Date: 2019-10-10 20:31:33.126
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Bluteal!rfn
ID: 2147724737
Severity: Severe
Category: Trojan
Path: file:_C:\WINDOWS\system32\winscomrssrv.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.303.1350.0, AS: 1.303.1350.0, NIS: 1.303.1350.0
Engine Version: AM: 1.1.16400.2, NIS: 1.1.16400.2
 
Date: 2019-10-06 11:39:48.138
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8E04B8CA-23AC-4ACA-A299-762A656A36BD}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-10-03 16:58:14.384
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {62E55B33-2928-4244-95F0-891C7F05C568}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-10-02 15:07:31.952
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Tiggre!plock
ID: 2147723626
Severity: Severe
Category: Trojan
Path: file:_C:\WINDOWS\system32\StartupCheckLibrary.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.303.728.0, AS: 1.303.728.0, NIS: 1.303.728.0
Engine Version: AM: 1.1.16400.2, NIS: 1.1.16400.2
 
Date: 2019-10-02 15:07:21.946
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E6215FC0-4276-40FD-8366-3F1EC63F26DA}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-10-10 09:36:44.975
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.303.1283.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16400.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. F14 03/14/2019
Motherboard: Gigabyte Technology Co., Ltd. B360M DS3H
Processor: Intel® Core™ i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 32%
Total physical RAM: 16315.85 MB
Available physical RAM: 10964.75 MB
Total Virtual: 18747.85 MB
Available Virtual: 11421.17 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:446.53 GB) (Free:154.9 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1064.26 GB) NTFS
Drive e: () (Fixed) (Total:465.76 GB) (Free:462.51 GB) NTFS
 
\\?\Volume{45e01d32-b283-4f49-9adc-edb58ad5967d}\ () (Fixed) (Total:0.49 GB) (Free:0.03 GB) NTFS
\\?\Volume{8f1827f6-0925-4318-b866-be418fd624d7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: F5D248D7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 8C8B034A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements

#2
RKinner
Posted 11 October 2019 - 04:16 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   848bytes   147 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 


  • 0

#3
fengvang24
Posted 11 October 2019 - 11:56 PM

fengvang24

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-10-2019 01

Ran by Feng Vang (11-10-2019 22:50:47) Run:2
Running from C:\Users\Feng Vang\Downloads
Loaded Profiles: Feng Vang (Available Profiles: Feng Vang)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Task: {F8F6A4C6-416C-405E-B57C-373C3E22FE13} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
CMD: mkdir  C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer
CMD: mkdir  C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
 
 
 
 
 
*****************
 
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F8F6A4C6-416C-405E-B57C-373C3E22FE13}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8F6A4C6-416C-405E-B57C-373C3E22FE13}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\WDI\SrvHost => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\SrvHost" => removed successfully
 
========= mkdir  C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer =========
 
 
========= End of CMD: =========
 
 
========= mkdir  C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database =========
 
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 22:51:03 ====

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-10-2019 01

Ran by Feng Vang (administrator) on FENG-PC (Gigabyte Technology Co., Ltd. B360M-DS3H) (11-10-2019 22:53:14)
Running from C:\Users\Feng Vang\Downloads
Loaded Profiles: Feng Vang (Available Profiles: Feng Vang)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Amazon Services LLC -> Amazon) C:\Users\Feng Vang\AppData\Roaming\Chime\Chime.exe
(Amazon Services LLC -> The CefSharp Authors) C:\Users\Feng Vang\AppData\Roaming\Chime\CefSharp.BrowserSubprocess.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel® Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(London Trust Media Incorporated -> ) C:\Program Files\Private Internet Access\pia-service.exe
(London Trust Media Incorporated -> London Trust Media Incorporated) C:\Program Files\Private Internet Access\pia-client.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.32.14001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.32.14001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19091.313.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c7bdd6222811a2ee\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c7bdd6222811a2ee\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [757184 2018-06-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\FocusriteUSB\Focusrite Notifier.exe [3949568 2019-06-20] (Focusrite Audio Engineering, Ltd.) [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-08-27] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\Run: [Chime] => C:\Users\Feng Vang\AppData\Roaming\Chime\Chime.exe [7571624 2019-09-17] (Amazon Services LLC -> Amazon)
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3211040 2019-10-02] (Valve -> Valve Corporation)
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\Run: [Private Internet Access] => C:\Program Files\Private Internet Access\pia-client.exe [3978208 2019-08-26] (London Trust Media Incorporated -> London Trust Media Incorporated)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {075ACC3E-152D-4A1B-B43A-25CAE917E6BD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {139CD5E6-DA4B-4033-899B-934B53BEC695} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {293B1BB9-911E-40B1-BC22-23832944C3EC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33A4D2B3-5A6F-4A7F-8EE6-953624699020} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {456D4E72-0297-458D-BF44-F3B53E0316CD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4AE247DD-F089-4C48-A55B-70483C0D2668} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {507CAE63-1A58-4543-99E1-E96649EBAC10} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {5570C986-9C2D-416D-95AB-CE3B72D72F4A} - System32\Tasks\D3DGearRawFrameCaptureTask => D:\SteamLibrary\D3DGear.exe
Task: {5A052A5C-5C9B-48CB-8830-08531A926E9A} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {6E379FF1-EDED-45AB-B109-553AA49443C4} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {6E9545C9-436D-4717-96FB-3B34C63ECAFE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70660537-BA4F-4051-8570-7FAAB21A0DCC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {70722A5E-715B-4E88-B99E-4563A2CE32A5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {761FA6EF-CD10-4717-9F0D-1E984D59D3BE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
Task: {764CFDE2-ADFA-4447-B9D6-3EB0A1D0A587} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7EC6C26E-F3E1-4A31-A0FE-040F75AA674B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {86076F54-EE7D-4643-BBE8-AA727F529B98} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DC15BB9-67B8-4F19-9ABB-C07471D23B71} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACC1F793-6D6E-49D9-A812-1BFA6693BAB8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B007D3AA-DB5F-4B7E-B4E3-34723F9D3E25} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5FB0B85-4CF2-44E3-B01F-737EE756CD4D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {B854DF22-3DA5-445A-B638-5AF1AB1492FD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEA71830-5F3A-42F1-BE33-8595EF755001} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [781808 2019-04-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {C7B68DE2-B825-429C-A518-6418D83A9CC5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D3B33B90-A712-41B3-ACA3-81B7E75AB129} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {D42377E8-FBA5-4783-B49C-B921B9240715} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4BC883C-0DBF-44A8-82DB-B8A7D9AE40FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DB5F02D0-3F61-4BED-A73D-ECA2AA36426F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD9F80C5-7C55-46E9-AAFE-B2969B6F4EE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-11] (Google Inc -> Google LLC)
Task: {E5A07EDD-D578-427D-8599-5CDD1530C93C} - System32\Tasks\CorelUpdateHelperTask-C0203F81333B839EBCE7637377C02B51 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {E9B19420-7596-4C2E-8B28-A6B2401A8BB5} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
Task: {F48A0087-C0A8-4103-91DF-670DE4B6E139} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F5AE2B15-6654-4CA5-8A44-9D8787B331F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-11] (Google Inc -> Google LLC)
Task: {FA7C4E37-2545-4CCA-802B-9D38BB7715BF} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{47025474-2192-47df-8fcd-2616610a39ef}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{47025474-2192-47df-8fcd-2616610a39ef}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{822c01f4-9ad1-4cb3-abe5-413dd6103059}: [DhcpNameServer] 172.20.10.1
 
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-410341470-1476927905-1517334712-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-09-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-09-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-03] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: 9c291n8a.default
FF ProfilePath: C:\Users\Feng Vang\AppData\Roaming\Mozilla\Firefox\Profiles\9c291n8a.default [2019-10-06]
FF ProfilePath: C:\Users\Feng Vang\AppData\Roaming\Mozilla\Firefox\Profiles\kr0wpgkh.default-release [2019-10-11]
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-09-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-09-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR Profile: C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default [2019-10-11]
CHR Extension: (Slides) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-11]
CHR Extension: (Docs) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-11]
CHR Extension: (Google Drive) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-11]
CHR Extension: (YouTube) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-11]
CHR Extension: (Sheets) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-12]
CHR Extension: (AdBlock) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-10-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\Feng Vang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-25]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11634696 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [34664 2019-09-25] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [101224 2019-09-25] (IDSA Production signing key -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-06-13] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel® Software Development Products -> )
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.32.14001.0_x64__8wekyb3d8bbwe\GamingServices.exe [21640 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.32.14001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21640 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2348336 2019-09-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3228464 2019-09-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 PrivateInternetAccessService; C:\Program Files\Private Internet Access\pia-service.exe [1073664 2019-08-26] (London Trust Media Incorporated -> )
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Rockstar Service; D:\Launcher\Rockstar Launcher\RockstarService.exe [471696 2019-09-25] (Rockstar Games, Inc. -> Rockstar Games)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [757184 2018-06-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RunSwUSB; C:\Windows\runSW.exe [59232 2018-02-07] (Realtek Semiconductor Corp. -> )
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2019-05-23] () [File not signed]
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [195832 2018-12-19] (Intel® Software Development Products -> )
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel® Software Development Products -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2236360 2019-05-10] (Wacom Technology Corporation -> Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c7bdd6222811a2ee\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c7bdd6222811a2ee\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [2807664 2019-09-05] (BattlEye Innovations e.K. -> )
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-05-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-05-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [101304 2019-06-20] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_1b21574792f7489c\gameflt.sys [71216 2019-09-27] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c7bdd6222811a2ee\nvlddmkm.sys [22377560 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1131024 2018-10-23] (Realtek Semiconductor Corp. -> Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [8206848 2019-03-18] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 tap-pia-0901; C:\WINDOWS\System32\drivers\tap-pia-0901.sys [39432 2019-05-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 UcmCxUcsiNvppc; C:\WINDOWS\System32\drivers\UcmCxUcsiNvppc.sys [715680 2019-08-16] (NVIDIA Corporation -> NVIDIA Corporation)
R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49216 2019-03-25] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46688 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [350136 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_f6a7534fb0f98a2f\xvdd.sys [450584 2019-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-10-11 18:33 - 2019-10-11 18:33 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Tempzxpsign826b27c8205af5f5
2019-10-11 16:18 - 2019-10-11 22:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-11 11:22 - 2019-10-11 11:22 - 006505409 _____ C:\Users\Feng Vang\Downloads\ninja-forms.3.4.20.zip
2019-10-11 11:02 - 2019-10-11 11:02 - 002979663 _____ C:\Users\Feng Vang\Downloads\wpforms-lite.1.5.5.1.zip
2019-10-11 00:33 - 2019-10-11 00:33 - 000002768 _____ C:\Users\Feng Vang\AppData\Local\recently-used.xbel
2019-10-10 20:54 - 2019-10-10 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2019-10-10 20:52 - 2019-10-10 20:54 - 000000000 ____D C:\xampp
2019-10-10 09:40 - 2019-10-10 09:40 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 019811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 004129616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 002422592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-10 09:40 - 2019-10-10 09:40 - 002314648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-10 09:40 - 2019-10-10 09:40 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 001152016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-10-10 09:40 - 2019-10-10 09:40 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 022628352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 018019840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 017787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 009928504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 006517640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 006232064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 005915648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 004012544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 003701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002762504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-10-10 09:39 - 2019-10-10 09:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-10-10 09:39 - 2019-10-10 09:39 - 002723328 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 002703360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002456064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002236144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 002000168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001730560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001664928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001439744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 001394488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001217904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 001084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000890472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000880088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000856576 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-10 09:39 - 2019-10-10 09:39 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000829536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000774672 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000758584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000516408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000466416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000412152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-10 09:39 - 2019-10-10 09:39 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-10 09:39 - 2019-10-10 09:39 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-10-10 09:39 - 2019-10-10 09:39 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-10-10 09:39 - 2019-10-10 09:39 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-10-10 09:39 - 2019-10-10 09:39 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-10-10 09:39 - 2019-10-10 09:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-10-10 09:36 - 2019-09-19 21:36 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-10-10 09:36 - 2019-09-19 21:14 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-10-09 15:59 - 2019-10-09 15:59 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Tempzxpsignb8ceb8e0fa6a620d
2019-10-08 14:51 - 2019-10-08 14:51 - 000003328 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-C0203F81333B839EBCE7637377C02B51
2019-10-07 05:31 - 2019-10-11 22:51 - 000001899 _____ C:\Users\Feng Vang\Downloads\Fixlog.txt
2019-10-07 05:31 - 2019-10-11 10:41 - 000000000 ____D C:\Users\Feng Vang\Downloads\FRST-OlderVersion
2019-10-06 15:43 - 2019-10-06 15:57 - 000000000 ____D C:\Users\Feng Vang\.koala
2019-10-06 15:43 - 2019-10-06 15:43 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Koala
2019-10-06 15:42 - 2019-10-06 15:42 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koala
2019-10-06 15:41 - 2019-10-06 15:46 - 000000000 ____D C:\Program Files (x86)\Koala
2019-10-06 15:36 - 2019-10-06 15:47 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\npm
2019-10-06 15:36 - 2019-10-06 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2019-10-06 15:36 - 2019-10-06 15:36 - 000000000 ____D C:\nodejs
2019-10-06 15:33 - 2019-10-06 15:37 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\npm-cache
2019-10-06 15:33 - 2019-10-06 15:33 - 000000000 ____D C:\Users\Feng Vang\.config
2019-10-06 15:32 - 2019-10-06 15:32 - 000000000 _____ C:\Users\Feng Vang\.node_repl_history
2019-10-06 14:38 - 2019-10-11 22:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-06 14:38 - 2019-10-11 19:41 - 000000000 ____D C:\Users\Feng Vang\AppData\LocalLow\Mozilla
2019-10-06 14:38 - 2019-10-11 16:27 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-06 14:38 - 2019-10-06 14:38 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Mozilla
2019-10-06 14:38 - 2019-10-06 14:38 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Mozilla
2019-10-06 14:38 - 2019-10-06 14:38 - 000000000 ____D C:\ProgramData\Mozilla
2019-10-06 14:09 - 2019-10-06 14:09 - 000000263 _____ C:\Users\Feng Vang\Downloads\SearchReg.txt
2019-10-06 14:05 - 2019-10-06 14:06 - 000000262 _____ C:\Users\Feng Vang\Downloads\Search.txt
2019-10-05 12:32 - 2019-10-11 10:48 - 000063795 _____ C:\Users\Feng Vang\Downloads\Addition.txt
2019-10-05 12:31 - 2019-10-11 22:53 - 000032603 _____ C:\Users\Feng Vang\Downloads\FRST.txt
2019-10-05 12:31 - 2019-10-11 22:53 - 000000000 ____D C:\FRST
2019-10-05 12:30 - 2019-10-11 10:41 - 001615872 _____ (Farbar) C:\Users\Feng Vang\Downloads\FRST64.exe
2019-10-04 18:09 - 2019-10-04 18:09 - 000000000 ____D C:\Users\Feng Vang\Documents\GTA San Andreas User Files
2019-10-04 11:14 - 2019-10-04 11:14 - 000001157 _____ C:\Users\Feng Vang\Desktop\Grand Theft Auto San Andreas.lnk
2019-10-04 11:09 - 2019-10-04 11:14 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2019-10-04 11:09 - 2019-10-04 11:09 - 000000778 _____ C:\Users\Feng Vang\Desktop\Rockstar Games Launcher.lnk
2019-10-04 11:09 - 2019-10-04 11:09 - 000000000 ____D C:\ProgramData\Rockstar Games
2019-10-03 23:32 - 2019-10-11 18:33 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-10-03 23:32 - 2019-10-11 18:33 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-10-03 23:32 - 2019-10-03 23:32 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-10-03 17:28 - 2019-10-03 17:28 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-10-03 17:28 - 2019-10-03 17:28 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 001012640 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 001012640 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 000876448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 000876448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 000447120 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 000351912 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-10-03 16:59 - 2019-09-27 13:43 - 000301472 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-10-03 16:59 - 2019-09-27 13:43 - 000301472 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-10-03 16:59 - 2019-09-27 13:43 - 000273312 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-10-03 16:59 - 2019-09-27 13:43 - 000273312 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-10-03 16:59 - 2019-09-27 13:42 - 011561728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-10-03 16:59 - 2019-09-27 13:42 - 009936640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 002051728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 001551448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 001477720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 001247192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 001140640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000999840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000959632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000823768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000813008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000676952 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000659544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000633432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000571864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2019-10-03 16:59 - 2019-09-27 13:41 - 000544672 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-10-03 16:59 - 2019-09-27 13:41 - 000523736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 040445368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 035334104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 017301464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 014922656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 005358680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 004697504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-10-03 16:59 - 2019-09-27 13:40 - 000858712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2019-10-03 16:59 - 2019-09-27 13:40 - 000450976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2019-10-03 16:59 - 2019-09-26 20:20 - 000074045 _____ C:\WINDOWS\system32\nvinfo.pb
2019-10-03 15:18 - 2019-10-03 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-10-01 14:04 - 2019-10-01 14:04 - 000000919 _____ C:\Users\Feng Vang\Documents\equity_award_pdf_report.pdf
2019-10-01 14:03 - 2019-10-01 14:03 - 000000896 _____ C:\Users\Feng Vang\Documents\detailed_tax_report.pdf
2019-10-01 11:10 - 2019-10-01 11:19 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\calibre-cache
2019-10-01 11:09 - 2019-10-01 11:21 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\calibre
2019-10-01 11:09 - 2019-10-01 11:17 - 000000000 ____D C:\Users\Feng Vang\Calibre Library
2019-09-28 20:35 - 2019-10-03 15:18 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-09-28 20:35 - 2019-10-03 15:18 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-09-28 20:30 - 2019-09-28 20:30 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-09-28 20:14 - 2019-09-28 20:23 - 000000000 ____D C:\Program Files\Microsoft Office
2019-09-27 22:43 - 2019-10-10 13:17 - 000000000 ____D C:\Windows.old
2019-09-27 22:34 - 2019-09-27 22:43 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-09-27 22:33 - 2019-09-27 22:34 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-09-27 22:33 - 2019-09-27 22:33 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-09-27 22:31 - 2019-09-27 22:31 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 007848192 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 006425600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 006227624 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 006164480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 006084048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 005865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 005764872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 005105152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 004612520 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 004046336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 003964056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 003742032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 003386880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 003184128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 003105280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002821120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 002772032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002258856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002160640 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002132280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002120272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 002069504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001957008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001913296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001845408 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001788728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-09-27 22:31 - 2019-09-27 22:31 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001664376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001616784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 001510752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001383856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-09-27 22:31 - 2019-09-27 22:31 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001297936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001261800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001244944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 001178816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001150240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001054872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001047968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001036800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000944664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000904704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000833312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000792296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000759488 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000732176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000656960 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000551952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000541480 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-09-27 22:31 - 2019-09-27 22:31 - 000487576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11on12.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000449888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000442704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-09-27 22:31 - 2019-09-27 22:31 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000398728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000342896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000334936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000293344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgmgr32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000223032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000176152 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000140496 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000119840 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000100664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000092624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000079376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devrtl.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000052752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-09-27 22:31 - 2019-09-27 22:31 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000021544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-09-27 22:31 - 2019-09-27 22:31 - 000011576 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2019-09-27 22:31 - 2019-09-27 22:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-09-27 22:28 - 2019-09-27 22:28 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-09-27 22:28 - 2019-09-27 22:28 - 000000000 ____D C:\Program Files\MSBuild
2019-09-27 22:28 - 2019-09-27 22:28 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-09-27 22:28 - 2019-03-01 18:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-09-27 22:28 - 2019-03-01 18:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-09-27 22:28 - 2019-03-01 18:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-09-27 22:28 - 2019-02-05 19:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-09-27 22:28 - 2019-02-05 19:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-09-27 22:28 - 2019-02-05 19:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-09-27 21:53 - 2019-10-11 10:44 - 000845124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-27 21:51 - 2019-09-27 21:51 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-09-27 21:50 - 2019-09-27 21:50 - 000000020 ___SH C:\Users\Feng Vang\ntuser.ini
2019-09-27 21:49 - 2019-10-11 22:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-27 21:49 - 2019-10-11 22:51 - 000003134 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-09-27 21:49 - 2019-10-11 16:43 - 000004158 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2E641F8F-3A38-4E2E-81A9-5749FF524F7E}
2019-09-27 21:49 - 2019-10-10 18:09 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-410341470-1476927905-1517334712-1001
2019-09-27 21:49 - 2019-10-08 11:35 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-09-27 21:49 - 2019-10-08 11:35 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-09-27 21:49 - 2019-09-27 21:49 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-09-27 21:49 - 2019-09-27 21:49 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-09-27 21:49 - 2019-09-27 21:49 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-09-27 21:49 - 2019-09-27 21:49 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2019-09-27 21:49 - 2019-09-27 21:49 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-27 21:49 - 2019-09-27 21:49 - 000002738 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2019-09-27 21:49 - 2019-09-27 21:49 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2019-09-27 21:49 - 2019-09-27 21:49 - 000002568 _____ C:\WINDOWS\system32\Tasks\D3DGearRawFrameCaptureTask
2019-09-27 21:49 - 2019-09-27 21:49 - 000002440 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2019-09-27 21:49 - 2019-09-27 21:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\SmartFTP
2019-09-27 21:49 - 2019-09-27 21:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-410341470-1476927905-1517334712-1001
2019-09-27 21:49 - 2019-09-27 21:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2019-09-27 21:46 - 2019-10-10 18:09 - 000002412 _____ C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-27 21:46 - 2019-10-06 15:43 - 000000000 ____D C:\Users\Feng Vang
2019-09-27 21:46 - 2019-09-27 21:46 - 000000000 ____D C:\ProgramData\USOShared
2019-09-27 21:44 - 2019-09-09 10:44 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-09-27 21:43 - 2019-10-11 22:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-27 21:43 - 2019-09-28 20:24 - 005196688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-27 21:13 - 2019-10-10 13:17 - 000000000 ___DC C:\WINDOWS\Panther
2019-09-27 21:07 - 2019-09-27 21:13 - 000000000 ____D C:\ESD
2019-09-27 21:04 - 2019-09-27 21:04 - 000000000 ___HD C:\$Windows.~WS
2019-09-27 13:30 - 2019-09-27 13:30 - 000081440 _____ C:\WINDOWS\dxdiag.txt
2019-09-27 12:50 - 2019-09-27 12:50 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Macromedia
2019-09-26 18:10 - 2019-09-26 18:10 - 000020532 _____ C:\Users\Feng Vang\Documents\LRCCD Transcript Unofficial.pdf
2019-09-26 15:25 - 2019-09-27 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-09-26 15:25 - 2019-09-26 15:25 - 000000000 ____D C:\Program Files (x86)\Intel
2019-09-25 15:10 - 2019-09-25 15:10 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Tempzxpsign1e53e69327de9465
2019-09-25 15:08 - 2019-09-25 15:08 - 000001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2017.lnk
2019-09-25 15:06 - 2019-09-25 15:06 - 000001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2019.lnk
2019-09-25 05:34 - 2019-09-25 05:34 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CC 2017.lnk
2019-09-24 17:04 - 2019-09-25 15:08 - 000000000 ____D C:\Users\Public\Documents\Adobe
2019-09-24 17:04 - 2019-09-25 15:08 - 000000000 ____D C:\ProgramData\Documents\Adobe
2019-09-24 17:04 - 2019-09-24 17:04 - 000001271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2019.lnk
2019-09-24 17:03 - 2019-09-24 17:03 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2019-09-24 17:03 - 2019-09-24 17:03 - 000000000 ____D C:\ProgramData\Documents\AdobeInstalledCodecs
2019-09-24 13:12 - 2019-09-24 13:12 - 000000000 ____D C:\Users\Feng Vang\Documents\Frontier Developments
2019-09-24 13:12 - 2019-09-24 13:12 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Frontier Developments
2019-09-24 13:12 - 2019-09-24 13:12 - 000000000 ____D C:\ProgramData\Frontier Developments
2019-09-24 13:07 - 2019-09-24 13:07 - 000000222 _____ C:\Users\Feng Vang\Desktop\Planet Zoo.url
2019-09-23 15:25 - 2019-09-23 15:25 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2019.lnk
2019-09-21 00:12 - 2019-10-08 20:44 - 000000600 _____ C:\Users\Feng Vang\AppData\Roaming\winscp.rnd
2019-09-21 00:09 - 2019-09-21 00:09 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2019-09-21 00:09 - 2019-09-21 00:09 - 000000000 ____D C:\Program Files (x86)\WinSCP
2019-09-20 21:42 - 2019-09-20 21:42 - 000279019 _____ C:\Users\Feng Vang\Documents\FCFA60.1.2_19-20_SAP_Appeal.pdf
2019-09-19 22:02 - 2019-09-19 22:02 - 000000000 ____D C:\Users\Feng Vang\Documents\Larian Studios
2019-09-19 22:01 - 2019-09-19 22:02 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\LarianLauncher
2019-09-19 20:56 - 2019-09-19 20:56 - 000000000 ____D C:\Users\Feng Vang\Documents\Call of Duty Modern Warfare
2019-09-19 18:51 - 2019-09-19 18:51 - 000037145 _____ C:\Users\Feng Vang\Documents\Feng-Resume.pdf
2019-09-19 16:20 - 2019-09-27 21:46 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2019-09-19 16:19 - 2019-09-27 21:46 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2019-09-19 16:19 - 2019-09-20 18:20 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-09-19 16:19 - 2019-09-19 16:20 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-09-12 15:30 - 2019-09-12 15:30 - 000000000 ____D C:\Users\Feng Vang\AppData\LocalLow\Ookla
2019-09-12 15:29 - 2019-09-27 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speedtest By Ookla
2019-09-12 15:29 - 2019-09-12 15:29 - 000000000 ____D C:\Program Files\Speedtest
2019-09-12 14:18 - 2019-09-27 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-09-12 14:18 - 2019-09-12 14:18 - 000000000 ____D C:\Program Files\iPod
2019-09-12 14:17 - 2019-09-12 14:18 - 000000000 ____D C:\Program Files\iTunes
2019-09-12 14:15 - 2019-09-12 14:15 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-10-11 22:52 - 2019-08-11 11:48 - 000000000 ____D C:\ProgramData\VMware
2019-10-11 22:52 - 2019-05-24 22:52 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\WTablet
2019-10-11 22:52 - 2019-05-11 23:16 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-11 22:52 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-11 22:51 - 2019-05-11 23:25 - 000008607 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2019-10-11 22:51 - 2019-05-11 23:24 - 000017600 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2019-10-11 22:51 - 2019-05-11 23:24 - 000012561 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2019-10-11 22:51 - 2019-03-18 21:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-10-11 15:37 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
2019-10-11 12:27 - 2019-05-14 22:12 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Code
2019-10-11 10:41 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-11 04:41 - 2019-05-12 00:46 - 000000000 ____D C:\ProgramData\Origin
2019-10-10 18:29 - 2019-07-25 16:12 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Origin
2019-10-10 18:18 - 2019-05-13 13:01 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2019-10-10 18:09 - 2019-05-12 14:06 - 000000000 ___RD C:\Users\Feng Vang\OneDrive
2019-10-10 13:37 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-10 10:25 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-10 09:43 - 2019-05-12 02:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-10 09:41 - 2019-05-12 02:04 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-10 09:41 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-09 15:59 - 2019-05-12 14:04 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Adobe
2019-10-09 02:40 - 2019-06-29 00:27 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\vlc
2019-10-07 15:32 - 2019-07-25 16:12 - 000000000 ____D C:\Program Files (x86)\Origin
2019-10-05 17:31 - 2019-05-12 00:42 - 000000000 ____D C:\Program Files (x86)\Steam
2019-10-05 15:54 - 2019-05-11 23:21 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\PlaceholderTileLogoFolder
2019-10-05 15:47 - 2019-05-17 23:24 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Jagex
2019-10-05 15:47 - 2019-05-17 23:24 - 000000000 ____D C:\ProgramData\Jagex
2019-10-04 23:59 - 2019-05-12 14:04 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Packages
2019-10-04 18:09 - 2019-05-13 02:39 - 000000000 ____D C:\Users\Feng Vang\Documents\Rockstar Games
2019-10-04 18:09 - 2019-03-18 22:00 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2019-10-04 18:09 - 2019-03-18 22:00 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2019-10-04 18:09 - 2019-03-18 22:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2019-10-04 18:09 - 2019-03-18 22:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2019-10-04 18:09 - 2019-03-18 21:57 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2019-10-04 18:09 - 2019-03-18 21:57 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2019-10-04 18:09 - 2019-03-18 21:57 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2019-10-04 18:09 - 2019-03-18 21:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2019-10-04 18:09 - 2019-03-18 21:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2019-10-04 18:09 - 2019-03-18 21:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2019-10-04 18:09 - 2019-03-18 21:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2019-10-04 11:10 - 2019-05-13 02:39 - 000000000 ____D C:\Program Files\Rockstar Games
2019-10-04 11:10 - 2019-05-13 02:39 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-10-04 11:09 - 2019-05-13 02:39 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Rockstar Games
2019-10-04 11:09 - 2019-05-12 00:47 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\D3DSCache
2019-10-04 11:09 - 2019-05-11 23:17 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-03 17:47 - 2019-06-13 13:22 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Ubisoft Game Launcher
2019-10-03 17:31 - 2019-05-11 23:16 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-10-03 17:28 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\servicing
2019-10-03 17:02 - 2019-05-11 23:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-10-03 15:17 - 2019-05-15 00:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-02 14:57 - 2019-05-12 13:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-09-30 23:15 - 2019-05-19 00:04 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\uTorrent
2019-09-30 23:12 - 2019-05-19 00:04 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\BitTorrentHelper
2019-09-28 20:30 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-09-28 18:52 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-09-27 22:43 - 2019-08-30 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II
2019-09-27 22:43 - 2019-08-30 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite USB
2019-09-27 22:43 - 2019-08-30 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2019-09-27 22:43 - 2019-08-11 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2019-09-27 22:43 - 2019-07-26 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-09-27 22:43 - 2019-07-25 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2019-09-27 22:43 - 2019-06-29 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-09-27 22:43 - 2019-06-11 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2019-09-27 22:43 - 2019-05-24 22:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2019-09-27 22:43 - 2019-05-21 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2019-09-27 22:43 - 2019-05-17 23:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jagex
2019-09-27 22:43 - 2019-05-17 02:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield™ V
2019-09-27 22:43 - 2019-05-15 00:56 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-09-27 22:43 - 2019-05-13 00:26 - 000000000 ____D C:\Program Files\Intel
2019-09-27 22:43 - 2019-05-13 00:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2019-09-27 22:43 - 2019-05-12 01:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2019-09-27 22:43 - 2019-05-12 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2019-09-27 22:43 - 2019-05-11 23:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2019-09-27 22:43 - 2019-05-11 23:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-09-27 22:43 - 2019-05-11 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-09-27 22:43 - 2019-03-18 21:56 - 000000000 ____D C:\WINDOWS\Setup
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Catroot2.old
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-09-27 22:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-27 22:43 - 2019-03-18 21:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-09-27 22:43 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-09-27 22:34 - 2019-05-21 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2019-09-27 22:33 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-09-27 22:33 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-09-27 22:32 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-27 22:32 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-27 21:52 - 2019-05-12 02:02 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-09-27 21:51 - 2019-06-12 11:54 - 001149576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2019-09-27 21:51 - 2019-06-12 11:54 - 000178848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2019-09-27 21:51 - 2019-06-12 11:54 - 000052360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2019-09-27 21:50 - 2019-05-12 14:04 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-09-27 21:50 - 2019-05-12 14:04 - 000000000 ___RD C:\Users\Feng Vang\3D Objects
2019-09-27 21:50 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-09-27 21:50 - 2019-03-18 21:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-09-27 21:49 - 2019-05-17 23:24 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OldSchool RuneScape
2019-09-27 21:49 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-09-27 21:47 - 2019-03-18 21:52 - 000000000 __RSD C:\WINDOWS\Media
2019-09-27 21:46 - 2019-08-14 04:00 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7
2019-09-27 21:46 - 2019-08-10 00:39 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2019-09-27 21:46 - 2019-08-08 18:49 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac
2019-09-27 21:46 - 2019-06-13 13:22 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-09-27 21:46 - 2019-06-02 10:21 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iRacing
2019-09-27 21:46 - 2019-05-24 22:36 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chime
2019-09-27 21:46 - 2019-05-21 14:13 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2019-09-27 21:46 - 2019-05-13 01:48 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-09-27 21:46 - 2019-05-11 23:22 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-09-27 16:40 - 2019-09-10 14:21 - 005001984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-09-27 16:40 - 2019-09-10 14:21 - 004263296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-09-27 15:53 - 2019-06-12 11:52 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\PackageStaging
2019-09-27 15:49 - 2019-06-13 18:08 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\ElevatedDiagnostics
2019-09-27 13:21 - 2019-05-12 14:03 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.old
2019-09-27 13:16 - 2019-05-13 01:53 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\CrashDumps
2019-09-27 13:00 - 2019-05-15 00:49 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-09-27 12:49 - 2019-05-11 23:22 - 000000000 ____D C:\ProgramData\Packages
2019-09-26 18:00 - 2019-05-12 14:04 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\ConnectedDevicesPlatform
2019-09-25 15:09 - 2019-05-15 00:44 - 000000000 ____D C:\Users\Feng Vang\Documents\Adobe
2019-09-25 15:08 - 2019-05-15 00:49 - 000000000 ____D C:\Program Files\Adobe
2019-09-25 15:06 - 2019-05-15 00:41 - 000000000 ____D C:\ProgramData\Adobe
2019-09-25 15:05 - 2019-05-15 00:41 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Adobe
2019-09-24 14:51 - 2019-07-07 14:50 - 000000000 ____D C:\Program Files (x86)\Corel
2019-09-24 12:57 - 2019-05-11 23:21 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-23 15:25 - 2019-05-15 00:49 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-09-21 02:41 - 2019-05-12 01:39 - 000000000 ____D C:\Users\Feng Vang\AppData\Local\Battle.net
2019-09-21 00:06 - 2019-05-14 22:39 - 000000000 ____D C:\Program Files\SmartFTP Client
2019-09-20 09:40 - 2019-05-17 23:38 - 000000024 _____ C:\Users\Feng Vang\jagexappletviewer.preferences
2019-09-20 09:37 - 2019-05-17 23:38 - 000000048 _____ C:\Users\Feng Vang\jagex_cl_oldschool_LIVE.dat
2019-09-20 09:37 - 2019-05-17 23:38 - 000000024 _____ C:\Users\Feng Vang\random.dat
2019-09-19 17:27 - 2019-05-24 22:36 - 000000000 ____D C:\Users\Feng Vang\AppData\Roaming\Chime
2019-09-19 14:29 - 2019-05-11 23:20 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-15 18:31 - 2019-05-11 23:24 - 000013098 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2019-09-15 14:35 - 2019-06-11 15:33 - 000000000 ____D C:\Users\Feng Vang\Documents\American Truck Simulator
2019-09-12 14:15 - 2019-07-28 11:42 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
 
==================== Files in the root of some directories ================
 
2019-09-21 00:12 - 2019-10-08 20:44 - 000000600 _____ () C:\Users\Feng Vang\AppData\Roaming\winscp.rnd
2019-05-25 22:32 - 2019-05-25 22:32 - 000001456 _____ () C:\Users\Feng Vang\AppData\Local\Adobe Save for Web 13.0 Prefs
2019-05-17 11:53 - 2019-05-17 11:53 - 000000000 _____ () C:\Users\Feng Vang\AppData\Local\oobelibMkey.log
2019-10-11 00:33 - 2019-10-11 00:33 - 000002768 _____ () C:\Users\Feng Vang\AppData\Local\recently-used.xbel
 
==================== SigCheck ===============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-10-2019 01

Ran by Feng Vang (11-10-2019 22:54:21)
Running from C:\Users\Feng Vang\Downloads
Windows 10 Home Version 1903 18362.418 (X64) (2019-09-28 04:50:02)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
80969055B5E144BC9993 (S-1-5-21-410341470-1476927905-1517334712-1009 - Limited - Enabled)
Administrator (S-1-5-21-410341470-1476927905-1517334712-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-410341470-1476927905-1517334712-503 - Limited - Disabled)
E1476EE7E8FB4B1E8146 (S-1-5-21-410341470-1476927905-1517334712-1008 - Limited - Enabled)
Feng Vang (S-1-5-21-410341470-1476927905-1517334712-1001 - Administrator - Enabled) => C:\Users\Feng Vang
Guest (S-1-5-21-410341470-1476927905-1517334712-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-410341470-1476927905-1517334712-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
Adobe (HKLM\...\{3A8DC48F-607D-4394-8C04-EA9F5186348D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
adobe (HKLM\...\{F5E6F3F4-C3CB-4A34-B690-F3F8AF571B0E}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1) (Version: 16.1 - Adobe Systems Incorporated)
Adobe Animate 2019 (HKLM-x32\...\FLPR_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_0_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe InDesign 2019 (HKLM-x32\...\IDSN_14_0_3) (Version: 14.0.3 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Adobe Premiere (HKLM\...\{C1CB876C-A08E-4692-B525-42848BD154D7}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_0) (Version: 11.1.0 - Adobe Systems Incorporated)
Amazon Chime (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\{D9D58C68-544A-4C36-B6B4-62D0F9505765}_is1) (Version: 4.25.9339.1 - Amazon.com, Inc.)
Amazon Kindle (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.2.2 - Electronic Arts, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version:  - Ubisoft)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.61.35422 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
Corel Painter Essentials 6 - Content (HKLM\...\{56F051E4-C179-425E-9AA8-4B3FBC2F05B7}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - Core (HKLM\...\{FA3FA2BE-94D1-41CA-89BF-29AE2EB61E46}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - CT (HKLM\...\{404B42A1-47EF-44D5-B390-E0CB3F879497}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - DE (HKLM\...\{13CD16A8-0B5E-469D-A8C2-1BD41B58999F}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - EN (HKLM\...\{1B3DFFA0-0CE7-4607-8E55-FB64B8628995}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - FR (HKLM\...\{E39BC105-2204-4BA8-BB9F-D08E5BDD1493}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - IPM (HKLM\...\{B1AA1DD1-FC10-499C-B802-6C9558CBBC1A}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - IPM Content (HKLM\...\{68FC3BC5-C3AA-4B36-86F7-D4ED105E1D7B}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 - JP (HKLM\...\{9BAC9F81-DE28-450F-B0F8-C319D08C2A6A}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Essentials 6 (HKLM\...\_{0EDEDA40-4B3A-46D0-A0D8-0FE8834390DE}) (Version: 6.1.0.238 - Corel Corpopration)
Corel Painter Essentials 6 (HKLM\...\{D5ACBF88-A251-4E63-8DFE-1EF7491D601E}) (Version: 6.1 - Corel Corporation) Hidden
Corel Painter Thumbnail Previewer (HKLM\...\{50139369-99B2-496A-8726-D3DC5D6D4235}) (Version: 18.0 - Corel Corporation)
Corel Update Manager (HKLM\...\{5039B7BE-F79B-4121-A9D3-D66ED4169414}) (Version: 2.11.552 - Corel corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{466EA30A-9B38-4AD2-A6B0-18D6E0C1A848}) (Version: 1.1.206.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FB360 Spatial Workstation AAX version 3.3 (HKLM\...\FB360 Spatial Workstation AAX_is1) (Version: 3.3 - )
Focusrite USB 4.63.23.563 (HKLM\...\Focusrite USB_is1) (Version: 4.63.23.563 - Focusrite Audio Engineering, Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Grand Theft Auto: San Andreas (HKLM-x32\...\Grand Theft Auto: San Andreas) (Version: 1.0.0.22 - Rockstar Games)
ICA (HKLM\...\{0EDEDA40-4B3A-46D0-A0D8-0FE8834390DE}) (Version: 6.1 - Corel Corpopration) Hidden
Inkscape 0.92.4 (HKLM-x32\...\Inkscape) (Version: 0.92.4 - Inkscape Project)
Intel Driver && Support Assistant (HKLM-x32\...\{C2BB0965-B84D-4689-A4B0-AA40250C5C4D}) (Version: 19.9.38.6 - Intel) Hidden
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{f4fb06ec-c4f2-465a-a239-9c8bd6fd7108}) (Version: 19.9.38.6 - Intel)
iTunes (HKLM\...\{D6969886-0A8A-46BF-A3FA-D6CD43FC8F85}) (Version: 12.10.0.7 - Apple Inc.)
Koala -- A cool tool for web developers (HKLM-x32\...\Koala) (Version: 2.3.0 - koala-app.com)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.12026.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.39.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 69.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 69.0.3 (x64 en-US)) (Version: 69.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.2 - Mozilla)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version:  - Native Instruments)
Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version:  - Native Instruments)
Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Node.js (HKLM\...\{23A34EBD-AE97-4FB3-8542-501FBA47EA98}) (Version: 10.16.3 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Graphics Driver 436.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.38.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.38.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
OpenIV (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\OpenIV) (Version: 3.1.1033 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 10.5.48.31055 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Private Internet Access (HKLM\...\{33023371-7761-4F81-BBB1-0E0D0D175ACF}) (Version: 1.4.0+03180 - London Trust Media, Inc.)
PS4 Remote Play (HKLM-x32\...\{856AD2B5-7C4C-4BCA-90C0-48010DAD701F}) (Version: 2.8.0.03041 - Sony Interactive Entertainment Inc.)
Python 3.7.4 (64-bit) (HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\{8ae589dd-de2e-42cd-af56-102374115fee}) (Version: 3.7.4150.0 - Python Software Foundation)
Python 3.7.4 Add to Path (64-bit) (HKLM\...\{16AB56AD-A068-4407-B239-25D2A507743D}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Core Interpreter (64-bit) (HKLM\...\{92A73F83-DC16-4316-945A-B66BC12362A7}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Development Libraries (64-bit) (HKLM\...\{B86709C3-962E-4C62-BF25-CF8D06267D72}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Documentation (64-bit) (HKLM\...\{4BC82D3B-BBC7-4BAF-899D-10AF5745E4AB}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Executables (64-bit) (HKLM\...\{6DDB726E-09CE-44B4-A129-B62AD1604A95}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 pip Bootstrap (64-bit) (HKLM\...\{F92D31AF-F447-4A85-B0FD-CE6378F7625A}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Standard Library (64-bit) (HKLM\...\{5BF79310-A787-430F-93DD-CC8A9787679D}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Tcl/Tk Support (64-bit) (HKLM\...\{E5B772D5-8CCD-461B-BC60-B10DFB5704AB}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Test Suite (64-bit) (HKLM\...\{794D5EC8-A92F-4969-A318-449C2E71D8C4}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Utility Scripts (64-bit) (HKLM\...\{16F74529-EDE0-4BBD-B2AF-89AF9C696EA8}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{D722DA3A-92F5-454A-BD5D-A48C94D82300}) (Version: 3.7.6762.0 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.5.121 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.2.5 - Rockstar Games)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
Speedtest by Ookla (HKLM\...\{47EB4D56-9DDA-422E-A769-172304E3BB09}) (Version: 1.2.29.001 - Ookla)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.47527 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.55.108.1020 - Electronic Arts Inc.)
TP-Link Archer T4U Driver (HKLM-x32\...\{4805DC86-DEBF-4A5C-B9C4-291FA6441548}) (Version: 2.1.0 - TP-Link)
TransMac version 12.4 (HKLM-x32\...\TransMac_is1) (Version: 12.4 - Acute Systems)
Uplay (HKLM-x32\...\Uplay) (Version: 88.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VMware Player (HKLM\...\{7F9DD9E6-685C-46C6-9430-D91B0DF932BB}) (Version: 14.1.7 - VMware, Inc.)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.34-3 - Wacom Technology Corp.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinSCP 5.15.4 (HKLM-x32\...\winscp3_is1) (Version: 5.15.4 - Martin Prikryl)
XAMPP (HKLM\...\xampp) (Version: 7.3.10-0 - Bitnami)
 
Packages:
=========
Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_20.1.12.4_x64__adky2gkssdxte [2019-09-27] (Adobe Systems Incorporated)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.22.7.0_x86__kgqvnymyfvs32 [2019-10-04] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1600.3.0_x86__kgqvnymyfvs32 [2019-10-04] (king.com)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-09-28] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-09-28] (Microsoft Corporation)
Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.351.461.2_x64__8wekyb3d8bbwe [2019-10-04] (Microsoft Studios)
Forza Horizon 4 Formula Drift Car Pack -> C:\Program Files\WindowsApps\Microsoft.FormulaDriftCarPack_1.0.3.2_neutral__8wekyb3d8bbwe [2019-05-12] (Microsoft Studios)
Gaming Services -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.32.14001.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-10-04] (HP Inc.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-10-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-04] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-10-05] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.94.574.0_x64__mcm4njqhnhss8 [2019-10-05] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-10-04] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.136.0_x64__dt26b99r8h8gj [2019-09-27] (Realtek Semiconductor Corp)
Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_1909.1001.12.0_x64__8wekyb3d8bbwe [2019-10-05] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-410341470-1476927905-1517334712-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-410341470-1476927905-1517334712-1001_Classes\CLSID\{85A6BE02-117C-4C76-B352-CE8D2AF1F526}\localserver32 -> "C:\Program Files\SmartFTP Client\SmartFTP.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-410341470-1476927905-1517334712-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-05-19] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2019-03-25] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2019-03-25] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c7bdd6222811a2ee\nvshext.dll [2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.WVC1] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.WMV3] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.MJPG] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.M4S2] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.FVFW] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.MP4V] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.FFVH] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.H264] => C:\Windows\SysWOW64\d3dgeardecoder.dll [143968 2019-02-16] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Feng Vang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6c0b951e69aa5b9e\Koala.lnk -> C:\Program Files (x86)\Koala\Koala.exe (The NWJS Community) -> --user-data-dir="C:\Users\Feng Vang\AppData\Local\Koala\User Data" --profile-directory=Default --app-id=nbcfhoaboniogapedbkoengejahmpnbi
 
==================== Loaded Modules (Whitelisted) ==============
 
2019-05-24 22:36 - 2019-09-17 21:09 - 003472384 _____ ( ) [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\AudioClient.dll
2019-05-24 22:36 - 2019-09-17 21:09 - 008079360 _____ ( ) [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\MediaClient.dll
2019-05-24 22:36 - 2019-09-17 21:09 - 000257536 _____ ( ) [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\MediaContext.dll
2019-05-24 22:36 - 2019-09-17 21:09 - 003471872 _____ ( ) [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\ScreenClient.dll
2019-04-21 01:33 - 2019-04-21 01:33 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-04-21 01:32 - 2019-04-21 01:32 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-04-21 01:33 - 2019-04-21 01:33 - 000649216 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-04-21 01:32 - 2019-04-21 01:32 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-04-21 01:33 - 2019-04-21 01:33 - 000367104 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-05-24 22:36 - 2019-07-16 01:11 - 000859648 _____ () [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\CefSharp.BrowserSubprocess.Core.dll
2019-05-24 22:36 - 2019-07-16 01:11 - 001257984 _____ () [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\CefSharp.Core.dll
2019-05-24 22:36 - 2019-07-16 01:11 - 070447616 _____ () [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\libcef.dll
2019-05-24 22:36 - 2019-07-16 01:11 - 001084416 _____ (Robert Simpson, et al.) [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\x86\SQLite.Interop.dll
2019-05-24 22:36 - 2019-07-16 01:11 - 000433664 _____ (The Chromium Authors) [File not signed] C:\Users\Feng Vang\AppData\Roaming\Chime\chrome_elf.dll
2019-07-25 16:12 - 2019-07-25 16:12 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-07-25 16:12 - 2019-07-25 16:12 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-07-25 16:12 - 2019-07-25 16:12 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-10-07 15:32 - 2019-07-25 16:12 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-10-07 15:32 - 2019-07-25 16:12 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-10-07 15:32 - 2019-07-25 16:12 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-10-07 15:32 - 2019-07-25 16:12 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-10-07 15:32 - 2019-07-25 16:12 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\PACE:E2F2E09B320E5E3F [217]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-09-15 00:31 - 2018-09-15 00:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%D3DGEARPATH%;d:\steamlibrary;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\nodejs\
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Feng Vang\Pictures\sunset-over-manhattan-bridge-8u-1080p.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Focusrite Notifier"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-410341470-1476927905-1517334712-1001\...\StartupApproved\Run: => "Steam"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{EF53A66F-9E9C-4092-9D4C-6E69263B6BC6}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [TCP Query User{15973975-FB66-4E9B-909A-3FDD753772A2}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [UDP Query User{C815D2B9-370D-4459-AA42-E27C47A71D32}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [TCP Query User{2FCA32AF-65FF-48C1-BC75-52E19C2C8782}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [{DBC08052-5FD7-47E7-BB32-35F6FE9728D7}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{103842E8-99DD-48A7-9EA0-AB028292EAF3}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{F6F0B682-FF9F-43A9-81C0-E895D16C4CCD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FDAF666A-387B-44CD-B222-AE0C567F15C6}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{9F4BF7FA-2902-4CDF-B298-992D0A77B5C2}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{0D41EF0D-0F4D-4500-8893-7CCE4AB056A8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{3356EFB2-1AC1-4430-A563-A90AF7EE3189}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [UDP Query User{6904B00F-FE21-4C87-AA89-A79A29318D33}D:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe No File
FirewallRules: [TCP Query User{24A42F9B-7C3B-4B31-AF11-42323AFD6DEB}D:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe No File
FirewallRules: [{0648E5B9-6357-4E13-80C9-47CD3B96A8E6}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{C74CFCAF-2ED0-40C9-A761-B19DC618C8DD}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{69B3F1F0-F8A9-4B3D-9010-FF22EADA8BD2}D:\overwatch\call of duty modern warfare beta\modernwarfare.exe] => (Allow) D:\overwatch\call of duty modern warfare beta\modernwarfare.exe No File
FirewallRules: [TCP Query User{DD1C2562-558E-41F2-BA5C-7DBF57C21227}D:\overwatch\call of duty modern warfare beta\modernwarfare.exe] => (Allow) D:\overwatch\call of duty modern warfare beta\modernwarfare.exe No File
FirewallRules: [{63E56A51-DD4D-4EC0-922F-3B75A3FA16C4}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2E25CD8C-6E25-4953-BCF7-AACC981948D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B54FED40-5530-46C8-ADEB-B35B2E49BCB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DBF0FB3C-182E-459F-973F-9FC9EEB06664}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D435E9A-599B-4F99-A713-C52AD7C39F61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{DE4492F4-7CBF-459D-883D-DE45700F1A21}C:\program files (x86)\ubisoft\ubisoft game launcher\games\ghost recon breakpoint\grb_upp.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\ghost recon breakpoint\grb_upp.exe No File
FirewallRules: [TCP Query User{C38DAE61-188C-45CA-93B1-310A954B02EC}C:\program files (x86)\ubisoft\ubisoft game launcher\games\ghost recon breakpoint\grb_upp.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\ghost recon breakpoint\grb_upp.exe No File
FirewallRules: [{9F8D56E8-16AC-4624-A6C5-B3F03C5E44D3}] => (Allow) D:\Ubisoft Games\Assassin's Creed Odyssey\ACOdyssey.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{7C0990C3-6A91-4CF9-97CF-227E0347E961}D:\overwatch\overwatch\_retail_\overwatch.exe] => (Allow) D:\overwatch\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D4749253-7A0E-4942-8ADA-771A79792E21}D:\overwatch\overwatch\_retail_\overwatch.exe] => (Allow) D:\overwatch\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7A6C777A-FC6A-4745-9160-57411D0A44AF}] => (Allow) D:\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{0EB382DD-970F-4D2E-97A4-52EDBAAA21B9}] => (Allow) D:\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{224F16A5-9516-4106-B117-25E19AB4D5D3}] => (Allow) D:\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{49803158-E82B-4B1B-8765-AEB0B44E74D3}] => (Allow) D:\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{0E04F21B-05F0-4822-9E66-6D257803E4F4}] => (Allow) D:\SteamLibrary\steamapps\common\Toy Story 3\Game-TS3.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{336EA910-FA0F-45C1-A1E9-033984BB0208}] => (Allow) D:\SteamLibrary\steamapps\common\Toy Story 3\Game-TS3.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{AE9B12D5-71A0-47BF-8F2B-8E7097A0B0EF}] => (Allow) C:\Program Files\Avid\Avid Link\AvidAppManHelper.exe No File
FirewallRules: [{207CB466-00D6-449C-9B57-E5540FEE846A}] => (Allow) C:\Program Files\Avid\Avid Link\Avid Link.exe No File
FirewallRules: [{B9AA71AD-9E61-4F10-86B8-DF58FFE7EE0D}] => (Allow) C:\Program Files\Avid\Avid Link\jre\bin\java.exe No File
FirewallRules: [{A15D0385-87B5-4008-A660-78A7591CF107}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{62504EE4-0114-498D-AC5B-16722D3B2661}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [UDP Query User{5D3CAED4-8A4F-46D2-9071-F54587CF9804}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{6953D862-FCEA-4FEA-A7AF-BD629BA183C6}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{A4ED331C-7933-4C8C-A80C-0071E90BC142}] => (Allow) D:\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{05104AAE-0ED2-42FA-87D8-D4AF39930981}] => (Allow) D:\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{8A845BF5-6C08-4507-B0DA-E27E115BECCE}] => (Allow) D:\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{F7A62EAD-A1E5-4F8F-A749-087EDC00B1C1}] => (Allow) D:\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{EF167903-A171-411E-8E72-5135C77A5FB2}] => (Allow) D:\SteamLibrary\steamapps\common\Rush\Rushx64.exe (Asobo Studio - MMS) [File not signed]
FirewallRules: [{1E5ACE22-5000-4C6D-AC18-3FFC479118AB}] => (Allow) D:\SteamLibrary\steamapps\common\Rush\Rushx64.exe (Asobo Studio - MMS) [File not signed]
FirewallRules: [{BB9C32A4-D1CA-4321-89F0-FCC8F1EE6A10}] => (Allow) D:\SteamLibrary\steamapps\common\Fishing Planet\FishingPlanet.exe () [File not signed]
FirewallRules: [{38997EB3-A007-41CD-841B-FAE4EED1AF2B}] => (Allow) D:\SteamLibrary\steamapps\common\Fishing Planet\FishingPlanet.exe () [File not signed]
FirewallRules: [{9D4714DC-C0BD-48EC-9C82-1A0D4FE70A7A}] => (Allow) D:\SteamLibrary\steamapps\common\CookingSimulator\CookingSim.exe () [File not signed]
FirewallRules: [{1925F561-A6E7-4EBA-A452-01238F110AAE}] => (Allow) D:\SteamLibrary\steamapps\common\CookingSimulator\CookingSim.exe () [File not signed]
FirewallRules: [{DD47101C-0EE7-4E73-8489-7CA4AF5A0E58}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{7CA9FE4C-50B4-4DBA-A948-4166A7B81D9F}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{0757A570-4721-452B-8013-A8F5D4CE46AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0B48645D-E096-45BB-853A-AFB563F887BF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A5F18AB9-C14E-4A8B-956A-D4214A8427B1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D96166F6-39EE-4D6A-BEDB-13AD120E80F0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A0ACE425-AB81-4A7F-9FBE-EC81F2412DA9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{8F5A82EE-8894-44C7-9D50-DB2F08691633}D:\ubisoft games\ghost recon breakpoint\grb.exe] => (Allow) D:\ubisoft games\ghost recon breakpoint\grb.exe No File
FirewallRules: [TCP Query User{986B9F9E-7A92-4E4B-B9CA-2B72C1A346EB}D:\ubisoft games\ghost recon breakpoint\grb.exe] => (Allow) D:\ubisoft games\ghost recon breakpoint\grb.exe No File
FirewallRules: [{353F93D4-221A-4FD9-88F3-D446DB81D285}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{04C6AAB2-F25F-458D-9CBD-3385682B781B}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{D242E58C-580E-4B8F-BDE9-27D09E1D0E53}] => (Block) C:\program files (x86)\origin games\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe No File
FirewallRules: [{47880ACC-5336-4F4D-87C7-CBA667F1C288}] => (Block) C:\program files (x86)\origin games\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe No File
FirewallRules: [UDP Query User{972F8D68-065A-4202-8C18-161463FC4AC0}C:\program files (x86)\origin games\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\origin games\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe No File
FirewallRules: [TCP Query User{F9990E9E-6B31-4CF0-8D57-EF61E351EFCB}C:\program files (x86)\origin games\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\origin games\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe No File
FirewallRules: [{6FF8BFBD-4B46-4537-9CFB-34A135844CA4}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)
FirewallRules: [UDP Query User{ABD2B906-B473-49A6-AF2B-D46BF0C194EA}C:\users\feng vang\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\feng vang\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EFA3FC4C-34A5-4096-8F18-A83E91B80835}C:\users\feng vang\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\feng vang\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DBA93949-361A-4450-9AD2-62896ED36557}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{0C519255-3F85-4105-8FEF-EFA223F659C1}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{20469E8C-669A-4EEC-BEB7-0BE8FE82BC1C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{9C9716A1-D0D5-47AD-B7EA-8A4EA7B1BE71}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{E64DA161-405F-4C62-9DB5-ECD470C3C0AA}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{E44E50C7-430D-454C-93E1-CF0567C8874D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{13D35432-9A6E-4D62-85A1-C60F7A20D083}] => (Allow) D:\SteamLibrary\steamapps\common\Injustice2\Binaries\Retail\Injustice2.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{0428B3F3-9525-44CB-9D8B-C0B6E9208B33}] => (Allow) D:\SteamLibrary\steamapps\common\Injustice2\Binaries\Retail\Injustice2.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{174E63E8-FA45-4D54-88B7-7914FBD18340}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{59A38AE9-7F06-4C05-BBD0-4460BC987667}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{B4F04FBD-8DD7-4F8C-98AC-A385CADA9D01}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{297BCDC2-23D7-4947-8DFA-4AB5B05F6E09}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C13AA1A3-0562-4821-8388-77A07055D5B2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{481C971F-7D85-476D-B886-D3115D519A87}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{534918A6-A1FB-4EB2-9BC8-D658BFE99C6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DDDD60D6-9468-4AB0-91F1-FB97E1F60EA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05F17E8E-6EDF-4926-93A5-2DCED28F097E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C135B485-E49D-4C50-B8B0-E2BEE0E2FEC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{43F84450-1025-4B56-AC02-EE419D0F589C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{10DD1EB7-A86F-43E8-A4B9-D628E84904DC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{B3C3EDDD-82E2-4EAD-9D1A-CB237E54B3D7}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{450554EE-4410-4AA5-A1DA-9C918F3C6723}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{E0EBE53E-D39E-4773-BBCE-B70A1F9121E6}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D42F5906-6FA4-48F0-9515-EA48ED117EFD}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1D030D9D-BF95-4116-873C-4AF94F0B963D}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{78F87F69-4662-4245-B55A-0A380754F1B3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{25AEA19A-9E72-430C-9B81-BCAD3BB68E33}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{E40B4D3E-EA23-4A41-8CCD-39EB2E641270}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{C2C28AAB-E5F6-4C1D-955E-BA57EA7F1230}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0F8D137F-6455-4554-8DBD-F04EEA280D63}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{A708A2BA-FAE9-4D33-A2AE-5035D6B744A6}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{4F1D20B7-9F99-4010-882E-1A04EDF1DB07}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{AE2DB762-3EAF-4B87-803F-9F623E7ADD61}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{803C8A01-DCA6-43E7-8AC2-E1AB2F47E913}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6EC605DD-3B01-4BBB-AA3C-7A019C787E3A}] => (Allow) C:\Users\Feng Vang\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2BA5B2E3-3B2E-45B4-9057-2A7CEA1E91EC}] => (Allow) C:\Users\Feng Vang\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{D2336968-8A22-45F3-BE84-0CB5063756B9}D:\overwatch\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch\overwatch.exe No File
FirewallRules: [UDP Query User{4296539D-68C3-4EFD-96DD-96C4C86E465B}D:\overwatch\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch\overwatch.exe No File
FirewallRules: [{C0DB927C-710F-4641-A4B0-82CF0FB88348}] => (Allow) D:\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{04E94F4A-0E81-4B42-BD11-427C9D307D2F}] => (Allow) D:\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{693405E8-C109-4529-AA2E-DDDDF15FE4FE}] => (Allow) D:\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{4D571989-7796-4881-BAF8-7E15A9C62420}] => (Allow) D:\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{3490A2FB-A12C-4238-A5E6-2F0BB3A22F31}] => (Allow) D:\SteamLibrary\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{67F754C3-7B1B-4709-88F8-E5429D4166CD}] => (Allow) D:\SteamLibrary\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{581EC2EF-48B1-4F52-8B88-075F4FC7AD7A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29D47927-7E58-48D4-B4AD-16CCE6D67D17}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B842D77-A606-4772-8C88-FB167046059E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{31EA6E9B-1F45-4245-B0D7-E31962176E41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F36CF37F-A631-4A7D-9A60-DBFA1FE8249D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A3BE31A-058E-4D40-9E33-726B061992DA}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8E0B5668-F7B1-4E10-B91C-574D0FE8928D}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{004DF60E-CE9F-40C3-91FD-C37DD777E5CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9823462B-2402-4823-937F-E25B18A40F3D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D8A8E99A-7752-4921-8439-0AB561D9DCF7}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{09F5C605-CC09-460D-8DF9-6758520FC3DE}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{61BD79D0-7C8C-49D1-8684-15A24F55FCC7}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{F5CAC701-594B-4AC3-AF45-0E7D329392D2}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{6725CE45-60F5-471B-91CD-F7CA442DA400}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{F32CF88A-9C23-4ECA-B1DD-A424A2BEB102}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
 
==================== Restore Points =========================
 
10-10-2019 19:23:49 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/11/2019 10:52:02 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
 
System errors:
=============
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. F14 03/14/2019
Motherboard: Gigabyte Technology Co., Ltd. B360M DS3H
Processor: Intel® Core™ i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 31%
Total physical RAM: 16315.85 MB
Available physical RAM: 11257.89 MB
Total Virtual: 18747.85 MB
Available Virtual: 12004.91 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:446.53 GB) (Free:154.2 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1064.26 GB) NTFS
Drive e: () (Fixed) (Total:465.76 GB) (Free:462.51 GB) NTFS
 
\\?\Volume{45e01d32-b283-4f49-9adc-edb58ad5967d}\ () (Fixed) (Total:0.49 GB) (Free:0.03 GB) NTFS
\\?\Volume{8f1827f6-0925-4318-b866-be418fd624d7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: F5D248D7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 8C8B034A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 


  • 0

#4
RKinner
Posted 12 October 2019 - 05:48 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Looks like that got it. 

 

You have an odd error:

Application errors:
==================
Error: (10/11/2019 10:52:02 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 

 

This appears to be caused by your Realtek driver.  I would try updating by downloading the latest driver directly from Realtek:

 

https://www.realtek....xpress-software

 

the second link to:

Win10 Auto Installation Program (SId:1152921504628168251) 10.036 2019/09/27 10 MB

 

is what you want.  Hit the download button at the start of the line.  It will take you to a page that wants an email address.  Give it an email then Download File.  The next page is an odd captcha where you have to add the two numbers together instead of just copying what they give you.  This will download a zip file.  Save it then right click and Extract All, extract.  Double click on the folder until you get some files then scroll down to setup (.exe) and right click and Run As Admin.

 

Other than that I think you are good to go and can cleanup:

 

Time to clean up:
If we used FRST to clean your PC:

right click on FRST.exe or FRST64.exe (whichever you used) and rename it to uninstall.exe.  Then right click on uninstall.exe and Run as Admin.

 

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan.  Go slow and uncheck the optional stuff.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions.


If you use Chrome/Firefox/Edge then get the Ublock Origin extension.  For IE go to adblockplus.org  and get the program.
If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox. Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
(If it complains about Chrome still running you can stop it with Task Manager or go into Chrome then go to:

chrome://settings/

Hit Advanced at the bottom of the page then scroll down to near the bottom where it says System.

Change
Continue running background apps when Google Chrome is closed
to Off (slide the blue thing to the left and it turns brown)
Close Chrome.


If the browser is still slow then go in and disable all of your extensions, close the browser and Optimize with SpeedyFox then restart the browser.  If that helps then one or more of your extensions is at fault.  Go back in and turn them on one at a time and see if you can figure out which ones slow things down the most.

If you are a Facebook user get the FB Purity extension for your browser:
http://www.fbpurity.com/
This will stop all of the suggested pages and ads so that Facebook loads much quicker.


Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combeforeyouopen them.

Due to a recent rise in the number of Cryptolocker infections I am now recommending you install:

https://www.bleeping...somware/dl/306/
It's currently a free version.

If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.  See http://www.king5.com...ted-1344185.phpfor why encryption is important.  If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.

Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
http://www.java.com/...lugin_cache.xml
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not the latest.  If in doubt uninstall all.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.

If you are running Win 10 you probably want OpenShell:

https://github.com/O...Open-Shell-Menu

  This program will make Win 10 act like Win 7 with the same controls you are used to.
Download Link:
https://github.com/O...tup_4_4_131.exe


Recommended software: (I'm not saying you should download these just that if you have a need for a new program these are safe and work)  
Compression:  7-zip.  Avoid WinRar and WinZip as the free versions have adware.
Video Player:  VLC  Unlike Windows Media Player it never seems to need extra files to work.
Office like free program:  Open Office: https://www.openoffice.org/download/
or
LibreOffice: https://www.libreoffice.org/
Free Anti-Virus:  Avast
Free Malware prevention:  MBAM: Free version at https://www.malwareb...m/mwb-download/
Can run with your anti-virus.
Paid Anti-Virus:  Kaspersky or BitDefender
Utilities:
Root Kit Detector:  MBAR: https://www.malwareb...om/antirootkit/
Process Explorer:  Show you what is running on the PC.  Like Task manager but better:  http://live.sysinter...com/procexp.exe
WhoCrashed: Why did your system crash?
http://www.resplendence.com/downloads
Then click on Download free home edition
where it says:
WhoCrashed 5.51
Comprehensible crash dump analysis tool
for Windows 10/8.1/8/7/Vista/XP/2012/2008/2003 (x86 and x64)
System Health:
Speccy:  
http://www.filehippo...download_speccy(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Decline CCleaner if offered.  Pay attention to SMART info on your hard drives and to temps.  If in doubt about temps try:
SpeedFan:  Try speedfan
http://www.filehippo...nload_speedfan/
Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.
Video Downloader Professional  To save online video.   This extension (available for Chrome or Firefox)  allows you to start a recording and then switch to a different window and record another video.

With Win 10 only there is a new Game recorder program.  It's supposed to only work for games but it works nicely to record any video you watch.  Hit the Win key + Alt + r to start the recorder.  The first time it asks you if it is looking at a game.  Just tell it yes.  After that it starts recording whenever you bring it up.  Videos are saved to the Captures folder under Videos.  You can only record what you watch so limited to only one video at a time.  Best to go to full screen before starting the recorder.

Avoid:  
Advanced System Care
SuperAntiSpyware
HitmanPro
Spybot S&D
Any P2P software especially if it comes from Conduit.
Registry Cleaners
Driver updating software.
PC fixing or Speed up software.
Running more than one anti-virus.
Seagate hard drives.  If you have one it's going to fail on you so backup your data now!

 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP