Dear Sir/Madam,
My default search engine on Google Chrome keeps getting changed to Yahoo. Therefore, I believe there is Malware on my computer. Could this be checked for please? It is a Windows 8.1 machine.
Any help with this matter would be greatly appreciated.
Thanks,
Kiran.
==========
FRST.txt
==========
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-09-2020
Ran by ron (administrator) on HAL-RON (02-10-2020 13:41:43)
Running from D:\Downloads
Loaded Profiles: ron
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Anaconda\envs\k36\Scripts\jupyter.exe
() [File not signed] C:\Anaconda\envs\k36\Scripts\jupyter-lab.exe
() [File not signed] C:\cygwin64\bin\bash.exe
() [File not signed] C:\Windows\System\HsMgr64.exe
() [File not signed] C:\Windows\SysWOW64\HsMgr.exe
(ANDREA VACONDIO -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 4\creator-ws.exe
(Andy Koppe / Thomas Wolff) [File not signed] C:\cygwin64\bin\mintty.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\My Image Garden\cnmigmain.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CMedia) [File not signed] C:\Program Files\ASUS Xonar Xense Audio\Customapp\AsusAudioCenter.exe
(Deezer -> Deezer) C:\Users\ron\AppData\Local\Programs\deezer.desktop\Deezer.exe <5>
(Foxit Software Incorporated -> Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Shell Extensions\FoxitPrevhost.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <152>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\excel.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ownCloud GmbH -> ownCloud) C:\Program Files (x86)\ownCloud\owncloud.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\12\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\12\bin\postgres.exe <8>
(Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\python.exe <3>
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp -> Realtek) C:\Windows\SwUSB.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe
(RStudio, Inc.) [File not signed] C:\Program Files\RStudio\bin\rstudio.exe
(RStudio, Inc.) [File not signed] C:\Program Files\RStudio\bin\x64\rsession.exe
(Signal Messenger, LLC -> Open Whisper Systems) C:\Users\ron\AppData\Local\Programs\signal-desktop\Signal.exe <5>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sync.com Inc. -> ) C:\Users\ron\AppData\Local\Programs\Sync\sync-worker.exe <3>
(Sync.com Inc. -> Sync.com Inc.) C:\Users\ron\AppData\Local\Programs\Sync\sync-taskbar.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\Syswow64\cmicnfgp.dll [12935168 2014-12-28] (C-Media Corporation) [File not signed]
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2014-12-28] () [File not signed]
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2014-12-28] () [File not signed]
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [868328 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48737752 2020-09-09] (Google LLC -> )
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Google Update] => C:\Users\ron\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-04-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [2374872 2020-06-12] (ownCloud GmbH -> ownCloud)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [404060112 2020-06-20] (Manhattan Engineering Incorporated -> Kite)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90951528 2020-09-22] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\ron\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Opera Browser Assistant] => C:\Users\ron\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3085336 2020-09-29] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\MountPoints2: {f6844e0d-f65e-11e9-bea8-3085a98ce5fe} - "G:\WD SmartWare.exe" autoplay=true
HKLM\...\Windows x64\Print Processors\Canon MG5600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCA.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5600 series: C:\WINDOWS\system32\CNMLMCA.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5600 series XPS: C:\WINDOWS\system32\CNMXLMCA.DLL [408576 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2014-03-17] (CANON INC.) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\Custom64\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-24] (Google LLC -> Google LLC)
Startup: C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk [2019-09-28]
ShortcutTarget: Password Safe.lnk -> C:\Program Files (x86)\Password Safe\pwsafe.exe (SourceForge.net) [File not signed]
Startup: C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sync.LNK [2018-05-05]
ShortcutTarget: Sync.LNK -> C:\Users\ron\AppData\Local\Programs\Sync\sync-taskbar.exe (Sync.com Inc. -> Sync.com Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {048B46DC-0BC5-400F-B9A3-423D55FF0CD5} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {06C14AE8-2154-4138-A74F-27C3C656BD9C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {09D3E962-76AD-4E9F-B020-FB971145B57F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1DDA3249-C1D1-4820-AD47-C03939307421} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23B0C28A-DDFA-4B0D-9460-E131FF2BFF02} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30A7E63F-977E-4AEA-80C5-3015C2B310A4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3487088 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {35CFDE44-C3DA-4B68-B235-5715ED691D10} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CF8ADEA-046C-42FD-A3F6-40D3C675A450} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [994672 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {492F8726-136B-4E52-BB68-0C7B7E2A4D38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-16] (Google Inc -> Google Inc.)
Task: {4C29320E-56C1-46F6-90C7-CB36865F533F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {6343D530-6966-4BD2-8410-B0301EF844BB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {671CA532-4BC6-411B-AD05-9D13C19E5F3C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6DE83157-DE9E-44B0-9017-16C355449356} - System32\Tasks\Opera scheduled assistant Autoupdate 1582299511 => C:\Users\ron\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {7EDA26FF-0346-498C-8286-D5E066AC9D8A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-233570897-2198283788-2588358591-1001Core => C:\Users\ron\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {858AE3F5-2F76-40B4-BD92-CE95B49B19C9} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87C4A64E-1CA5-4263-9D9A-BD588DC8B034} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-233570897-2198283788-2588358591-1001UA => C:\Users\ron\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {96B756A7-D0E6-4B34-AF94-AFEB2A0C6FD5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3D3C8C0-D3F4-4ABB-BE9E-379754139437} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [695664 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9CDA4AD-4917-4E49-A214-5568F84183C2} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B31C2298-D254-4DF5-8BBC-66A9ECD0520F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD38628B-32C9-446F-BE3C-C61B99D6A450} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C4DB7967-E171-40B5-9DF5-344B5DD9D062} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C84E3CE8-99AA-415F-96E6-5822E7C0583D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-16] (Google Inc -> Google Inc.)
Task: {CB539B5D-F137-4388-8067-E92F66E9C7CF} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [70016 2019-05-14] (Oracle America, Inc. -> Oracle Corporation)
Task: {CEB07199-4B4D-42AF-8734-D491FA19CE84} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [754176 2016-07-29] (Oracle Corporation) [File not signed]
Task: {D0671856-6416-4154-9D86-53124C5CACB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9F9566B-E3A7-45D2-9EE0-2FA6C98AEB9A} - System32\Tasks\Opera scheduled Autoupdate 1572432817 => C:\Users\ron\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {E1B3B7E4-058A-49F5-A6C9-316DE98EF023} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{68584B7A-0386-43A8-9926-8CFF586B4014}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{76CC638A-02B0-4AF7-848E-FEF893671806}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ron\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-14]
FireFox:
========
FF DefaultProfile: ny746aeo.default
FF ProfilePath: C:\Users\ron\AppData\Roaming\Mozilla\Firefox\Profiles\ny746aeo.default [2020-01-15]
FF ProfilePath: C:\Users\ron\AppData\Roaming\Mozilla\Firefox\Profiles\9tp68gj4.default-release [2020-10-02]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: PDFsam Enhanced 4 -> C:\Program Files (x86)\PDFsam Enhanced 4\np-previewer.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
Chrome:
=======
CHR Profile: C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default [2020-10-02]
CHR Notifications: Default -> hxxps://alison.com; hxxps://app.chime.aws; hxxps://app.slack.com; hxxps://calendar.google.com; hxxps://conference.blockdownconf.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://support.cloud.google.com; hxxps://www.datacamp.com; hxxps://www.facebook.com; hxxps://www.headmasters.com; hxxps://www.monsterinsights.com; hxxps://www.simplilearn.com
CHR HomePage: Default -> hxxp://www.holasearch.com/?affID=121962&tt=gc_&babsrc=HP_ss&mntrId=86603085A98CE5FE
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/","hxxps://mail.google.com/","hxxp://www.deezer.com/playlist/1290162447"
CHR Extension: (Google Translate) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Slides) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Postman Interceptor) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aicmkgpgakddgnaphhhpliifpcfhicfo [2020-05-20]
CHR Extension: (Docs) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-25]
CHR Extension: (YouTube) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-16]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2020-09-15]
CHR Extension: (Sheets) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Postman) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2020-07-02]
CHR Extension: (EditThisCookie) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-11-30]
CHR Extension: (Google Docs Offline) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-12]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-09-25]
CHR Extension: (Home) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomhhejmlbhdpfjbpgemagmcckjhajgg [2018-05-04]
CHR Extension: (Pinterest Save Button) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-10-02]
CHR Extension: (Grammarly for Chrome) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-10-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-10-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Gmail) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-13]
CHR Extension: (HappyPath) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhcklacellfncndpbedjbdbmligjfcn [2017-09-16]
CHR Profile: C:\Users\ron\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-20]
CHR HKU\S-1-5-21-233570897-2198283788-2588358591-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052944 2020-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-08-25] (Foxit Software Incorporated -> Foxit Software Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2015-02-05] (Microsoft Corporation -> Microsoft Corporation)
R2 KiteService; C:\Program Files\Kite\KiteService.exe [141936 2020-09-22] (Manhattan Engineering Incorporated -> Kite)
S2 MySQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [46693696 2019-04-13] (Oracle America, Inc. -> )
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-02-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-02-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 PDFsam Enhanced 4; C:\Program Files\PDFsam Enhanced 4\ws.exe [2005744 2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PDFsam Enhanced 4 Creator; C:\Program Files\PDFsam Enhanced 4\creator-ws.exe [757496 2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [493544 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
R2 postgresql-x64-12; C:\Program Files\PostgreSQL\12\bin\pg_ctl.exe [116736 2020-04-24] (PostgreSQL Global Development Group) [File not signed]
R2 RealtekWlanU; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2734080 2014-12-28] (C-MEDIA ELECTRONICS INC. -> C-Media Inc)
S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2015-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NVHDA; C:\WINDOWS\system32\drivers\nvhda64v.sys [218968 2018-09-17] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [226304 2014-11-22] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-09-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\ron\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-02 13:41 - 2020-10-02 13:42 - 000000000 ____D C:\FRST
2020-09-25 15:02 - 2020-09-25 15:02 - 000000072 _____ C:\Users\ron\Untitled9.ipynb
2020-09-25 00:37 - 2020-09-25 00:37 - 000026895 _____ C:\Users\ron\Downloads\2020_07_GCP (1).pdf
2020-09-24 23:44 - 2020-09-24 23:44 - 000131276 _____ C:\Users\ron\Downloads\2020_07_to_08.pdf
2020-09-24 14:33 - 2020-09-24 14:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-19 22:27 - 2020-09-24 22:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-16 09:45 - 2020-09-16 09:45 - 000000000 ____D C:\Users\ron\AppData\Local\ownCloud
2020-09-11 12:05 - 2020-09-29 22:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-09-09 10:30 - 2020-09-02 06:52 - 003332608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-09 10:30 - 2020-09-02 06:25 - 003641344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-09 10:30 - 2020-08-29 03:41 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-09 10:30 - 2020-08-27 06:04 - 004169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-09 10:30 - 2020-08-20 21:54 - 022382424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-09 10:30 - 2020-08-20 21:51 - 019805104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-09 10:30 - 2020-08-15 08:22 - 001370680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-09-09 10:30 - 2020-08-15 08:18 - 007363328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-09 10:30 - 2020-08-15 08:18 - 002012928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-09 10:30 - 2020-08-15 08:18 - 000373512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-09 10:30 - 2020-08-15 06:11 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-09 10:30 - 2020-08-15 05:43 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2020-09-09 10:30 - 2020-08-15 05:39 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-09 10:30 - 2020-08-15 05:33 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-09 10:30 - 2020-08-15 05:23 - 001993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-09 10:30 - 2020-08-15 05:17 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-09 10:30 - 2020-08-15 05:17 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2020-09-09 10:30 - 2020-08-15 05:14 - 001442304 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-09 10:30 - 2020-08-15 05:14 - 001383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-09 10:30 - 2020-08-15 05:12 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-09 10:30 - 2020-08-15 05:12 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-09 10:30 - 2020-08-15 05:11 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-09 10:30 - 2020-08-15 05:11 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-09 10:30 - 2020-08-15 05:04 - 001757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-09 10:30 - 2020-08-15 05:02 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-09 10:30 - 2020-08-15 04:59 - 001088512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-09-09 10:30 - 2020-08-15 04:57 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-09 10:30 - 2020-08-15 04:50 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-09 10:30 - 2020-08-13 06:25 - 001308256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-09 10:30 - 2020-08-13 06:24 - 000355576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-09 10:30 - 2020-08-13 05:41 - 025756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-09 10:30 - 2020-08-13 05:17 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-09-09 10:30 - 2020-08-13 05:06 - 020291072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-09 10:30 - 2020-08-13 05:06 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-09 10:30 - 2020-08-13 05:06 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-09-09 10:30 - 2020-08-13 04:50 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-09-09 10:30 - 2020-08-13 04:40 - 000653824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-09-09 10:30 - 2020-08-13 04:37 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-09-09 10:30 - 2020-08-13 04:30 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-09-09 10:30 - 2020-08-13 04:29 - 015480320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-09 10:30 - 2020-08-13 04:26 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-09 10:30 - 2020-08-13 04:20 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-09-09 10:30 - 2020-08-13 04:18 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-09 10:30 - 2020-08-13 04:16 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-09 10:30 - 2020-08-13 04:15 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-09 10:30 - 2020-08-13 04:15 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-09-09 10:30 - 2020-08-13 04:12 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-09 10:30 - 2020-08-13 04:11 - 013862400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-09 10:30 - 2020-08-13 04:04 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-09-09 10:30 - 2020-08-13 03:57 - 004387840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-09 10:30 - 2020-08-13 03:54 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-09-09 10:30 - 2020-08-13 03:53 - 001341952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-09-09 10:30 - 2020-08-13 03:52 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-09-09 10:30 - 2020-08-11 07:19 - 000136824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-09 10:30 - 2020-08-11 07:17 - 000537632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-09-09 10:30 - 2020-08-11 07:16 - 001210112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-09 10:30 - 2020-08-11 07:16 - 000376072 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2020-09-09 10:30 - 2020-08-11 07:12 - 002173376 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-09 10:30 - 2020-08-11 07:12 - 001665104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-09 10:30 - 2020-08-11 05:33 - 001037600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-09 10:30 - 2020-08-11 05:33 - 000450312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-09-09 10:30 - 2020-08-11 05:33 - 000317176 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2020-09-09 10:30 - 2020-08-11 05:31 - 001561296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-09 10:30 - 2020-08-11 05:31 - 001215736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-09 10:30 - 2020-08-11 04:30 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-09-09 10:30 - 2020-08-11 04:03 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-09-09 10:30 - 2020-08-11 04:03 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-09 10:30 - 2020-08-11 04:00 - 003720192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-09 10:30 - 2020-08-11 03:57 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-09 10:30 - 2020-08-11 03:56 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-09 10:30 - 2020-08-11 03:55 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-09 10:30 - 2020-08-11 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-09 10:30 - 2020-08-11 03:44 - 001099264 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-09 10:30 - 2020-08-11 03:44 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-09 10:30 - 2020-08-11 03:41 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-09 10:30 - 2020-08-11 03:32 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-09 10:30 - 2020-08-11 01:44 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-09 10:30 - 2020-08-10 10:18 - 000160144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-09-09 10:30 - 2020-08-10 01:04 - 003223552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-09-09 10:30 - 2020-08-10 01:04 - 001998848 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-09 10:30 - 2020-08-08 14:43 - 001545912 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-09 10:30 - 2020-08-06 14:37 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-09 10:30 - 2020-08-06 14:35 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-07 12:53 - 2020-09-07 12:53 - 000002018 _____ C:\Users\ron\Downloads\invite.ics
2020-09-02 12:42 - 2020-09-02 12:42 - 000000000 ____D C:\Users\ron\.ssh
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-02 13:28 - 2018-05-05 00:43 - 000000000 ____D C:\Users\ron\AppData\Local\Sync.Logs
2020-10-02 12:58 - 2017-09-15 19:18 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-233570897-2198283788-2588358591-1001
2020-10-02 12:45 - 2017-09-15 19:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-10-02 12:42 - 2020-07-02 12:15 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-02 12:42 - 2020-07-02 12:15 - 000002202 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-02 12:42 - 2020-07-02 12:15 - 000002202 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-02 12:42 - 2017-09-16 13:53 - 000003914 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{53E789E7-A7B5-4F94-960F-DE25B549729B}
2020-10-01 12:46 - 2019-01-24 14:39 - 000000000 ____D C:\Users\ron\AppData\Local\ClassicShell
2020-09-30 10:47 - 2019-08-16 09:35 - 000000000 ____D C:\Users\ron\AppData\Roaming\deezer-desktop
2020-09-30 10:17 - 2020-02-21 16:38 - 000004262 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582299511
2020-09-26 01:14 - 2018-10-13 10:13 - 000000000 ____D C:\Users\ron\AppData\Roaming\jupyter
2020-09-25 22:47 - 2017-10-08 20:10 - 000002016 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002016 _____ C:\ProgramData\Desktop\Google Slides.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002014 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002014 _____ C:\ProgramData\Desktop\Google Sheets.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002004 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002004 _____ C:\ProgramData\Desktop\Google Docs.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-25 15:02 - 2018-10-13 10:14 - 000000000 ____D C:\Users\ron\.ipynb_checkpoints
2020-09-25 15:02 - 2017-09-16 13:43 - 000000000 ____D C:\Users\ron
2020-09-25 00:15 - 2017-10-08 19:53 - 002369024 ___SH C:\Users\ron\Documents\Thumbs.db
2020-09-25 00:12 - 2018-02-15 00:47 - 000000000 ___HD C:\Users\ron\Documents\.tmp.drivedownload
2020-09-24 23:32 - 2017-10-04 13:29 - 000210944 _____ C:\Users\ron\AppData\Local\WebpageIcons.db
2020-09-24 14:33 - 2020-01-15 23:22 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-24 14:33 - 2020-01-15 23:22 - 000000000 ____D C:\Users\ron\AppData\LocalLow\Mozilla
2020-09-24 14:33 - 2020-01-15 23:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-24 14:01 - 2014-11-22 02:01 - 000958820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-24 14:01 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2020-09-24 13:57 - 2019-05-24 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-24 13:56 - 2020-01-21 03:05 - 000000000 ____D C:\Users\ron\AppData\Roaming\ownCloud
2020-09-24 13:56 - 2018-05-04 09:40 - 000000000 __RDO C:\Users\ron\OneDrive
2020-09-24 13:55 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-24 13:25 - 2019-08-01 11:40 - 000000000 ____D C:\Users\ron\AppData\Roaming\Slack
2020-09-24 09:42 - 2017-09-16 13:55 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-24 09:42 - 2017-09-16 13:55 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-24 09:42 - 2017-09-16 13:55 - 000002203 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-22 21:45 - 2020-06-05 21:48 - 000000000 ____D C:\Program Files\Kite
2020-09-21 12:01 - 2020-05-14 21:54 - 000000000 ____D C:\Users\ron\AppData\Roaming\Atom
2020-09-21 12:01 - 2020-05-14 21:54 - 000000000 ____D C:\Users\ron\.atom
2020-09-19 09:21 - 2019-10-30 11:53 - 000004032 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1572432817
2020-09-19 09:21 - 2019-10-30 11:53 - 000001371 _____ C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2020-09-18 14:04 - 2019-02-18 13:01 - 000000000 ____D C:\Users\ron\AppData\Local\CrashDumps
2020-09-17 12:56 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-17 12:56 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-16 10:51 - 2019-04-28 19:05 - 000017408 ___SH C:\Users\ron\Desktop\Thumbs.db
2020-09-16 10:46 - 2020-05-24 04:15 - 000000000 ____D C:\Users\ron\AppData\Roaming\Signal
2020-09-16 10:41 - 2020-06-02 12:13 - 000000000 ____D C:\Users\ron\AppData\Roaming\Typora
2020-09-16 10:18 - 2017-09-15 19:12 - 000000000 ____D C:\Users\ron\AppData\Local\Packages
2020-09-16 09:46 - 2020-07-10 17:12 - 000000000 ___SD C:\Users\ron\ownCloud
2020-09-16 09:46 - 2020-06-02 11:54 - 000000000 ___SD C:\Users\ron\mesonomics
2020-09-16 09:46 - 2019-09-28 15:05 - 000000000 ____D C:\Users\ron\AppData\Local\PasswordSafe
2020-09-16 09:45 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-09-15 12:39 - 2020-06-18 12:07 - 000000000 ____D C:\Users\ron\AppData\Roaming\obs-studio
2020-09-15 01:02 - 2018-09-25 07:00 - 000078336 ___SH C:\Users\ron\Downloads\Thumbs.db
2020-09-14 23:01 - 2020-06-18 12:45 - 000000000 ____D C:\Users\ron\AppData\Roaming\vlc
2020-09-14 22:23 - 2020-06-18 12:59 - 000000000 ____D C:\ProgramData\Wondershare Filmora Scrn
2020-09-14 18:15 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-09-14 17:53 - 2017-10-04 13:29 - 000000000 ____D C:\Users\ron\AppData\Local\RStudio-Desktop
2020-09-14 14:08 - 2018-04-24 22:08 - 000000000 ___HD C:\Users\ron\Desktop\.tmp.drivedownload
2020-09-14 13:53 - 2019-11-07 07:43 - 000000000 ____D C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2020-09-14 13:53 - 2019-08-09 13:19 - 000000000 ____D C:\Users\ron\AppData\Local\slack
2020-09-14 13:53 - 2019-08-01 11:40 - 000002159 _____ C:\Users\ron\Desktop\Slack.lnk
2020-09-14 13:53 - 2019-08-01 11:40 - 000000000 ____D C:\Users\ron\AppData\Local\SquirrelTemp
2020-09-13 00:06 - 2020-09-01 11:38 - 000001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-09-12 23:15 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2020-09-12 22:54 - 2013-08-22 15:44 - 000400056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-12 22:52 - 2017-09-19 22:37 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-09-12 22:52 - 2014-11-22 06:25 - 000000000 ___SD C:\WINDOWS\system32\CompatTel
2020-09-12 22:52 - 2013-08-22 16:36 - 000000000 ___RD C:\WINDOWS\ToastData
2020-09-12 22:51 - 2019-01-24 14:32 - 000000000 ____D C:\Users\ron\AppData\Roaming\glogg
2020-09-12 22:37 - 2020-05-24 04:15 - 000002470 _____ C:\Users\ron\Desktop\Signal.lnk
2020-09-11 00:35 - 2019-01-07 12:47 - 000002329 _____ C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2020-09-11 00:35 - 2017-09-17 20:40 - 000003168 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-233570897-2198283788-2588358591-1001
2020-09-09 14:24 - 2020-05-14 21:54 - 000002139 _____ C:\Users\ron\Desktop\Atom.lnk
2020-09-09 14:24 - 2020-05-14 21:54 - 000000000 ____D C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2020-09-09 14:24 - 2020-05-14 21:53 - 000000000 ____D C:\Users\ron\AppData\Local\atom
2020-09-09 11:52 - 2012-07-26 08:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-09 11:50 - 2017-09-15 20:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-09 11:40 - 2017-09-15 20:40 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2020-04-04 16:46 - 2020-04-04 16:46 - 000000000 _____ () C:\Users\ron\.mongorc.js
2020-05-04 16:29 - 2020-05-04 16:29 - 017761912 _____ (EnterpriseDB) C:\Users\ron\edb_psqlodbc.exe
2020-05-04 16:29 - 2020-05-04 16:29 - 175035688 _____ (PostgreSQL Global Development Group) C:\Users\ron\postgresql_96.exe
2020-08-30 14:44 - 2020-08-30 14:45 - 000000000 ____D () C:\Users\ron\reveal.js
2020-06-08 12:46 - 2020-09-18 14:04 - 000000000 _____ () C:\Users\ron\AppData\Roaming\git-cola.launch.pyw.log
2018-04-12 09:50 - 2020-07-20 16:04 - 000000600 _____ () C:\Users\ron\AppData\Local\PUTTY.RND
2018-05-05 00:42 - 2018-05-05 00:42 - 015750144 _____ () C:\Users\ron\AppData\Local\Sync-1525477359.msi
2018-05-05 00:42 - 2018-05-05 00:43 - 000188154 _____ () C:\Users\ron\AppData\Local\Sync-1525477359.msi.log
2017-10-04 13:29 - 2020-09-24 23:32 - 000210944 _____ () C:\Users\ron\AppData\Local\WebpageIcons.db
2019-09-06 10:53 - 2019-09-06 10:53 - 000000000 _____ () C:\Users\ron\AppData\Local\{B5FBF800-A313-42EC-9DE2-26EAC6AE9D30}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-09-29 22:09
==================== End of FRST.txt ========================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-09-2020
Ran by ron (administrator) on HAL-RON (02-10-2020 13:41:43)
Running from D:\Downloads
Loaded Profiles: ron
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Anaconda\envs\k36\Scripts\jupyter.exe
() [File not signed] C:\Anaconda\envs\k36\Scripts\jupyter-lab.exe
() [File not signed] C:\cygwin64\bin\bash.exe
() [File not signed] C:\Windows\System\HsMgr64.exe
() [File not signed] C:\Windows\SysWOW64\HsMgr.exe
(ANDREA VACONDIO -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 4\creator-ws.exe
(Andy Koppe / Thomas Wolff) [File not signed] C:\cygwin64\bin\mintty.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\My Image Garden\cnmigmain.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CMedia) [File not signed] C:\Program Files\ASUS Xonar Xense Audio\Customapp\AsusAudioCenter.exe
(Deezer -> Deezer) C:\Users\ron\AppData\Local\Programs\deezer.desktop\Deezer.exe <5>
(Foxit Software Incorporated -> Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Shell Extensions\FoxitPrevhost.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <152>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\excel.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ownCloud GmbH -> ownCloud) C:\Program Files (x86)\ownCloud\owncloud.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\12\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\12\bin\postgres.exe <8>
(Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\python.exe <3>
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp -> Realtek) C:\Windows\SwUSB.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe
(RStudio, Inc.) [File not signed] C:\Program Files\RStudio\bin\rstudio.exe
(RStudio, Inc.) [File not signed] C:\Program Files\RStudio\bin\x64\rsession.exe
(Signal Messenger, LLC -> Open Whisper Systems) C:\Users\ron\AppData\Local\Programs\signal-desktop\Signal.exe <5>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sync.com Inc. -> ) C:\Users\ron\AppData\Local\Programs\Sync\sync-worker.exe <3>
(Sync.com Inc. -> Sync.com Inc.) C:\Users\ron\AppData\Local\Programs\Sync\sync-taskbar.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\Syswow64\cmicnfgp.dll [12935168 2014-12-28] (C-Media Corporation) [File not signed]
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2014-12-28] () [File not signed]
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2014-12-28] () [File not signed]
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [868328 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48737752 2020-09-09] (Google LLC -> )
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Google Update] => C:\Users\ron\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-04-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [2374872 2020-06-12] (ownCloud GmbH -> ownCloud)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [404060112 2020-06-20] (Manhattan Engineering Incorporated -> Kite)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90951528 2020-09-22] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\ron\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Run: [Opera Browser Assistant] => C:\Users\ron\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3085336 2020-09-29] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\MountPoints2: {f6844e0d-f65e-11e9-bea8-3085a98ce5fe} - "G:\WD SmartWare.exe" autoplay=true
HKLM\...\Windows x64\Print Processors\Canon MG5600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCA.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5600 series: C:\WINDOWS\system32\CNMLMCA.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5600 series XPS: C:\WINDOWS\system32\CNMXLMCA.DLL [408576 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2014-03-17] (CANON INC.) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\Custom64\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-24] (Google LLC -> Google LLC)
Startup: C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk [2019-09-28]
ShortcutTarget: Password Safe.lnk -> C:\Program Files (x86)\Password Safe\pwsafe.exe (SourceForge.net) [File not signed]
Startup: C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sync.LNK [2018-05-05]
ShortcutTarget: Sync.LNK -> C:\Users\ron\AppData\Local\Programs\Sync\sync-taskbar.exe (Sync.com Inc. -> Sync.com Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {048B46DC-0BC5-400F-B9A3-423D55FF0CD5} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {06C14AE8-2154-4138-A74F-27C3C656BD9C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {09D3E962-76AD-4E9F-B020-FB971145B57F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1DDA3249-C1D1-4820-AD47-C03939307421} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23B0C28A-DDFA-4B0D-9460-E131FF2BFF02} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30A7E63F-977E-4AEA-80C5-3015C2B310A4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3487088 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {35CFDE44-C3DA-4B68-B235-5715ED691D10} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CF8ADEA-046C-42FD-A3F6-40D3C675A450} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [994672 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {492F8726-136B-4E52-BB68-0C7B7E2A4D38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-16] (Google Inc -> Google Inc.)
Task: {4C29320E-56C1-46F6-90C7-CB36865F533F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {6343D530-6966-4BD2-8410-B0301EF844BB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {671CA532-4BC6-411B-AD05-9D13C19E5F3C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6DE83157-DE9E-44B0-9017-16C355449356} - System32\Tasks\Opera scheduled assistant Autoupdate 1582299511 => C:\Users\ron\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {7EDA26FF-0346-498C-8286-D5E066AC9D8A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-233570897-2198283788-2588358591-1001Core => C:\Users\ron\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {858AE3F5-2F76-40B4-BD92-CE95B49B19C9} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87C4A64E-1CA5-4263-9D9A-BD588DC8B034} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-233570897-2198283788-2588358591-1001UA => C:\Users\ron\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {96B756A7-D0E6-4B34-AF94-AFEB2A0C6FD5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3D3C8C0-D3F4-4ABB-BE9E-379754139437} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [695664 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9CDA4AD-4917-4E49-A214-5568F84183C2} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950128 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B31C2298-D254-4DF5-8BBC-66A9ECD0520F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD38628B-32C9-446F-BE3C-C61B99D6A450} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C4DB7967-E171-40B5-9DF5-344B5DD9D062} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C84E3CE8-99AA-415F-96E6-5822E7C0583D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-16] (Google Inc -> Google Inc.)
Task: {CB539B5D-F137-4388-8067-E92F66E9C7CF} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [70016 2019-05-14] (Oracle America, Inc. -> Oracle Corporation)
Task: {CEB07199-4B4D-42AF-8734-D491FA19CE84} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [754176 2016-07-29] (Oracle Corporation) [File not signed]
Task: {D0671856-6416-4154-9D86-53124C5CACB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9F9566B-E3A7-45D2-9EE0-2FA6C98AEB9A} - System32\Tasks\Opera scheduled Autoupdate 1572432817 => C:\Users\ron\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {E1B3B7E4-058A-49F5-A6C9-316DE98EF023} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{68584B7A-0386-43A8-9926-8CFF586B4014}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{76CC638A-02B0-4AF7-848E-FEF893671806}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ron\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-14]
FireFox:
========
FF DefaultProfile: ny746aeo.default
FF ProfilePath: C:\Users\ron\AppData\Roaming\Mozilla\Firefox\Profiles\ny746aeo.default [2020-01-15]
FF ProfilePath: C:\Users\ron\AppData\Roaming\Mozilla\Firefox\Profiles\9tp68gj4.default-release [2020-10-02]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: PDFsam Enhanced 4 -> C:\Program Files (x86)\PDFsam Enhanced 4\np-previewer.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
Chrome:
=======
CHR Profile: C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default [2020-10-02]
CHR Notifications: Default -> hxxps://alison.com; hxxps://app.chime.aws; hxxps://app.slack.com; hxxps://calendar.google.com; hxxps://conference.blockdownconf.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://support.cloud.google.com; hxxps://www.datacamp.com; hxxps://www.facebook.com; hxxps://www.headmasters.com; hxxps://www.monsterinsights.com; hxxps://www.simplilearn.com
CHR HomePage: Default -> hxxp://www.holasearch.com/?affID=121962&tt=gc_&babsrc=HP_ss&mntrId=86603085A98CE5FE
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/","hxxps://mail.google.com/","hxxp://www.deezer.com/playlist/1290162447"
CHR Extension: (Google Translate) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Slides) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Postman Interceptor) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aicmkgpgakddgnaphhhpliifpcfhicfo [2020-05-20]
CHR Extension: (Docs) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-25]
CHR Extension: (YouTube) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-16]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2020-09-15]
CHR Extension: (Sheets) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Postman) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2020-07-02]
CHR Extension: (EditThisCookie) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-11-30]
CHR Extension: (Google Docs Offline) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-12]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-09-25]
CHR Extension: (Home) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomhhejmlbhdpfjbpgemagmcckjhajgg [2018-05-04]
CHR Extension: (Pinterest Save Button) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-10-02]
CHR Extension: (Grammarly for Chrome) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-10-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-10-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Gmail) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-13]
CHR Extension: (HappyPath) - C:\Users\ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhcklacellfncndpbedjbdbmligjfcn [2017-09-16]
CHR Profile: C:\Users\ron\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-20]
CHR HKU\S-1-5-21-233570897-2198283788-2588358591-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052944 2020-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-08-25] (Foxit Software Incorporated -> Foxit Software Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2015-02-05] (Microsoft Corporation -> Microsoft Corporation)
R2 KiteService; C:\Program Files\Kite\KiteService.exe [141936 2020-09-22] (Manhattan Engineering Incorporated -> Kite)
S2 MySQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [46693696 2019-04-13] (Oracle America, Inc. -> )
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-02-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-02-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 PDFsam Enhanced 4; C:\Program Files\PDFsam Enhanced 4\ws.exe [2005744 2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PDFsam Enhanced 4 Creator; C:\Program Files\PDFsam Enhanced 4\creator-ws.exe [757496 2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [493544 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
R2 postgresql-x64-12; C:\Program Files\PostgreSQL\12\bin\pg_ctl.exe [116736 2020-04-24] (PostgreSQL Global Development Group) [File not signed]
R2 RealtekWlanU; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2734080 2014-12-28] (C-MEDIA ELECTRONICS INC. -> C-Media Inc)
S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2015-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NVHDA; C:\WINDOWS\system32\drivers\nvhda64v.sys [218968 2018-09-17] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [226304 2014-11-22] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-09-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\ron\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-02 13:41 - 2020-10-02 13:42 - 000000000 ____D C:\FRST
2020-09-25 15:02 - 2020-09-25 15:02 - 000000072 _____ C:\Users\ron\Untitled9.ipynb
2020-09-25 00:37 - 2020-09-25 00:37 - 000026895 _____ C:\Users\ron\Downloads\2020_07_GCP (1).pdf
2020-09-24 23:44 - 2020-09-24 23:44 - 000131276 _____ C:\Users\ron\Downloads\2020_07_to_08.pdf
2020-09-24 14:33 - 2020-09-24 14:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-19 22:27 - 2020-09-24 22:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-16 09:45 - 2020-09-16 09:45 - 000000000 ____D C:\Users\ron\AppData\Local\ownCloud
2020-09-11 12:05 - 2020-09-29 22:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-09-09 10:30 - 2020-09-02 06:52 - 003332608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-09 10:30 - 2020-09-02 06:25 - 003641344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-09 10:30 - 2020-08-29 03:41 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-09 10:30 - 2020-08-27 06:04 - 004169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-09 10:30 - 2020-08-20 21:54 - 022382424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-09 10:30 - 2020-08-20 21:51 - 019805104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-09 10:30 - 2020-08-15 08:22 - 001370680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-09-09 10:30 - 2020-08-15 08:18 - 007363328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-09 10:30 - 2020-08-15 08:18 - 002012928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-09 10:30 - 2020-08-15 08:18 - 000373512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-09 10:30 - 2020-08-15 06:11 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-09 10:30 - 2020-08-15 05:43 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2020-09-09 10:30 - 2020-08-15 05:39 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-09 10:30 - 2020-08-15 05:33 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-09 10:30 - 2020-08-15 05:23 - 001993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-09 10:30 - 2020-08-15 05:17 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-09 10:30 - 2020-08-15 05:17 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2020-09-09 10:30 - 2020-08-15 05:14 - 001442304 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-09 10:30 - 2020-08-15 05:14 - 001383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-09 10:30 - 2020-08-15 05:12 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-09 10:30 - 2020-08-15 05:12 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-09 10:30 - 2020-08-15 05:11 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-09 10:30 - 2020-08-15 05:11 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-09 10:30 - 2020-08-15 05:04 - 001757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-09 10:30 - 2020-08-15 05:02 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-09 10:30 - 2020-08-15 04:59 - 001088512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-09-09 10:30 - 2020-08-15 04:57 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-09 10:30 - 2020-08-15 04:55 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-09 10:30 - 2020-08-15 04:50 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-09 10:30 - 2020-08-13 06:25 - 001308256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-09 10:30 - 2020-08-13 06:24 - 000355576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-09 10:30 - 2020-08-13 05:41 - 025756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-09 10:30 - 2020-08-13 05:17 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-09-09 10:30 - 2020-08-13 05:06 - 020291072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-09 10:30 - 2020-08-13 05:06 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-09 10:30 - 2020-08-13 05:06 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-09-09 10:30 - 2020-08-13 04:50 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-09-09 10:30 - 2020-08-13 04:40 - 000653824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-09-09 10:30 - 2020-08-13 04:37 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-09-09 10:30 - 2020-08-13 04:30 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-09-09 10:30 - 2020-08-13 04:29 - 015480320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-09 10:30 - 2020-08-13 04:26 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-09 10:30 - 2020-08-13 04:20 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-09-09 10:30 - 2020-08-13 04:18 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-09 10:30 - 2020-08-13 04:16 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-09 10:30 - 2020-08-13 04:15 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-09 10:30 - 2020-08-13 04:15 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-09-09 10:30 - 2020-08-13 04:12 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-09 10:30 - 2020-08-13 04:11 - 013862400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-09 10:30 - 2020-08-13 04:04 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-09-09 10:30 - 2020-08-13 03:57 - 004387840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-09 10:30 - 2020-08-13 03:54 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-09-09 10:30 - 2020-08-13 03:53 - 001341952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-09-09 10:30 - 2020-08-13 03:52 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-09-09 10:30 - 2020-08-11 07:19 - 000136824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-09 10:30 - 2020-08-11 07:17 - 000537632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-09-09 10:30 - 2020-08-11 07:16 - 001210112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-09 10:30 - 2020-08-11 07:16 - 000376072 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2020-09-09 10:30 - 2020-08-11 07:12 - 002173376 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-09 10:30 - 2020-08-11 07:12 - 001665104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-09 10:30 - 2020-08-11 05:33 - 001037600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-09 10:30 - 2020-08-11 05:33 - 000450312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-09-09 10:30 - 2020-08-11 05:33 - 000317176 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2020-09-09 10:30 - 2020-08-11 05:31 - 001561296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-09 10:30 - 2020-08-11 05:31 - 001215736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-09 10:30 - 2020-08-11 04:30 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-09-09 10:30 - 2020-08-11 04:03 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-09-09 10:30 - 2020-08-11 04:03 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-09 10:30 - 2020-08-11 04:00 - 003720192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-09 10:30 - 2020-08-11 03:57 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-09 10:30 - 2020-08-11 03:56 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-09 10:30 - 2020-08-11 03:55 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-09 10:30 - 2020-08-11 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-09 10:30 - 2020-08-11 03:44 - 001099264 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-09 10:30 - 2020-08-11 03:44 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-09 10:30 - 2020-08-11 03:41 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-09 10:30 - 2020-08-11 03:32 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-09 10:30 - 2020-08-11 01:44 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-09 10:30 - 2020-08-10 10:18 - 000160144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-09-09 10:30 - 2020-08-10 01:04 - 003223552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-09-09 10:30 - 2020-08-10 01:04 - 001998848 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-09-09 10:30 - 2020-08-10 01:04 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-09 10:30 - 2020-08-08 14:43 - 001545912 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-09 10:30 - 2020-08-06 14:37 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-09 10:30 - 2020-08-06 14:35 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-07 12:53 - 2020-09-07 12:53 - 000002018 _____ C:\Users\ron\Downloads\invite.ics
2020-09-02 12:42 - 2020-09-02 12:42 - 000000000 ____D C:\Users\ron\.ssh
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-02 13:28 - 2018-05-05 00:43 - 000000000 ____D C:\Users\ron\AppData\Local\Sync.Logs
2020-10-02 12:58 - 2017-09-15 19:18 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-233570897-2198283788-2588358591-1001
2020-10-02 12:45 - 2017-09-15 19:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-10-02 12:42 - 2020-07-02 12:15 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-02 12:42 - 2020-07-02 12:15 - 000002202 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-02 12:42 - 2020-07-02 12:15 - 000002202 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-02 12:42 - 2017-09-16 13:53 - 000003914 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{53E789E7-A7B5-4F94-960F-DE25B549729B}
2020-10-01 12:46 - 2019-01-24 14:39 - 000000000 ____D C:\Users\ron\AppData\Local\ClassicShell
2020-09-30 10:47 - 2019-08-16 09:35 - 000000000 ____D C:\Users\ron\AppData\Roaming\deezer-desktop
2020-09-30 10:17 - 2020-02-21 16:38 - 000004262 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582299511
2020-09-26 01:14 - 2018-10-13 10:13 - 000000000 ____D C:\Users\ron\AppData\Roaming\jupyter
2020-09-25 22:47 - 2017-10-08 20:10 - 000002016 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002016 _____ C:\ProgramData\Desktop\Google Slides.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002014 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002014 _____ C:\ProgramData\Desktop\Google Sheets.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002004 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000002004 _____ C:\ProgramData\Desktop\Google Docs.lnk
2020-09-25 22:47 - 2017-10-08 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-25 15:02 - 2018-10-13 10:14 - 000000000 ____D C:\Users\ron\.ipynb_checkpoints
2020-09-25 15:02 - 2017-09-16 13:43 - 000000000 ____D C:\Users\ron
2020-09-25 00:15 - 2017-10-08 19:53 - 002369024 ___SH C:\Users\ron\Documents\Thumbs.db
2020-09-25 00:12 - 2018-02-15 00:47 - 000000000 ___HD C:\Users\ron\Documents\.tmp.drivedownload
2020-09-24 23:32 - 2017-10-04 13:29 - 000210944 _____ C:\Users\ron\AppData\Local\WebpageIcons.db
2020-09-24 14:33 - 2020-01-15 23:22 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-24 14:33 - 2020-01-15 23:22 - 000000000 ____D C:\Users\ron\AppData\LocalLow\Mozilla
2020-09-24 14:33 - 2020-01-15 23:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-24 14:01 - 2014-11-22 02:01 - 000958820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-24 14:01 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2020-09-24 13:57 - 2019-05-24 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-24 13:56 - 2020-01-21 03:05 - 000000000 ____D C:\Users\ron\AppData\Roaming\ownCloud
2020-09-24 13:56 - 2018-05-04 09:40 - 000000000 __RDO C:\Users\ron\OneDrive
2020-09-24 13:55 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-24 13:25 - 2019-08-01 11:40 - 000000000 ____D C:\Users\ron\AppData\Roaming\Slack
2020-09-24 09:42 - 2017-09-16 13:55 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-24 09:42 - 2017-09-16 13:55 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-24 09:42 - 2017-09-16 13:55 - 000002203 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-22 21:45 - 2020-06-05 21:48 - 000000000 ____D C:\Program Files\Kite
2020-09-21 12:01 - 2020-05-14 21:54 - 000000000 ____D C:\Users\ron\AppData\Roaming\Atom
2020-09-21 12:01 - 2020-05-14 21:54 - 000000000 ____D C:\Users\ron\.atom
2020-09-19 09:21 - 2019-10-30 11:53 - 000004032 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1572432817
2020-09-19 09:21 - 2019-10-30 11:53 - 000001371 _____ C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2020-09-18 14:04 - 2019-02-18 13:01 - 000000000 ____D C:\Users\ron\AppData\Local\CrashDumps
2020-09-17 12:56 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-17 12:56 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-16 10:51 - 2019-04-28 19:05 - 000017408 ___SH C:\Users\ron\Desktop\Thumbs.db
2020-09-16 10:46 - 2020-05-24 04:15 - 000000000 ____D C:\Users\ron\AppData\Roaming\Signal
2020-09-16 10:41 - 2020-06-02 12:13 - 000000000 ____D C:\Users\ron\AppData\Roaming\Typora
2020-09-16 10:18 - 2017-09-15 19:12 - 000000000 ____D C:\Users\ron\AppData\Local\Packages
2020-09-16 09:46 - 2020-07-10 17:12 - 000000000 ___SD C:\Users\ron\ownCloud
2020-09-16 09:46 - 2020-06-02 11:54 - 000000000 ___SD C:\Users\ron\mesonomics
2020-09-16 09:46 - 2019-09-28 15:05 - 000000000 ____D C:\Users\ron\AppData\Local\PasswordSafe
2020-09-16 09:45 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-09-15 12:39 - 2020-06-18 12:07 - 000000000 ____D C:\Users\ron\AppData\Roaming\obs-studio
2020-09-15 01:02 - 2018-09-25 07:00 - 000078336 ___SH C:\Users\ron\Downloads\Thumbs.db
2020-09-14 23:01 - 2020-06-18 12:45 - 000000000 ____D C:\Users\ron\AppData\Roaming\vlc
2020-09-14 22:23 - 2020-06-18 12:59 - 000000000 ____D C:\ProgramData\Wondershare Filmora Scrn
2020-09-14 18:15 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-09-14 17:53 - 2017-10-04 13:29 - 000000000 ____D C:\Users\ron\AppData\Local\RStudio-Desktop
2020-09-14 14:08 - 2018-04-24 22:08 - 000000000 ___HD C:\Users\ron\Desktop\.tmp.drivedownload
2020-09-14 13:53 - 2019-11-07 07:43 - 000000000 ____D C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2020-09-14 13:53 - 2019-08-09 13:19 - 000000000 ____D C:\Users\ron\AppData\Local\slack
2020-09-14 13:53 - 2019-08-01 11:40 - 000002159 _____ C:\Users\ron\Desktop\Slack.lnk
2020-09-14 13:53 - 2019-08-01 11:40 - 000000000 ____D C:\Users\ron\AppData\Local\SquirrelTemp
2020-09-13 00:06 - 2020-09-01 11:38 - 000001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-09-12 23:15 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2020-09-12 22:54 - 2013-08-22 15:44 - 000400056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-12 22:52 - 2017-09-19 22:37 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-09-12 22:52 - 2014-11-22 06:25 - 000000000 ___SD C:\WINDOWS\system32\CompatTel
2020-09-12 22:52 - 2013-08-22 16:36 - 000000000 ___RD C:\WINDOWS\ToastData
2020-09-12 22:51 - 2019-01-24 14:32 - 000000000 ____D C:\Users\ron\AppData\Roaming\glogg
2020-09-12 22:37 - 2020-05-24 04:15 - 000002470 _____ C:\Users\ron\Desktop\Signal.lnk
2020-09-11 00:35 - 2019-01-07 12:47 - 000002329 _____ C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2020-09-11 00:35 - 2017-09-17 20:40 - 000003168 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-233570897-2198283788-2588358591-1001
2020-09-09 14:24 - 2020-05-14 21:54 - 000002139 _____ C:\Users\ron\Desktop\Atom.lnk
2020-09-09 14:24 - 2020-05-14 21:54 - 000000000 ____D C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2020-09-09 14:24 - 2020-05-14 21:53 - 000000000 ____D C:\Users\ron\AppData\Local\atom
2020-09-09 11:52 - 2012-07-26 08:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-09 11:50 - 2017-09-15 20:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-09 11:40 - 2017-09-15 20:40 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2020-04-04 16:46 - 2020-04-04 16:46 - 000000000 _____ () C:\Users\ron\.mongorc.js
2020-05-04 16:29 - 2020-05-04 16:29 - 017761912 _____ (EnterpriseDB) C:\Users\ron\edb_psqlodbc.exe
2020-05-04 16:29 - 2020-05-04 16:29 - 175035688 _____ (PostgreSQL Global Development Group) C:\Users\ron\postgresql_96.exe
2020-08-30 14:44 - 2020-08-30 14:45 - 000000000 ____D () C:\Users\ron\reveal.js
2020-06-08 12:46 - 2020-09-18 14:04 - 000000000 _____ () C:\Users\ron\AppData\Roaming\git-cola.launch.pyw.log
2018-04-12 09:50 - 2020-07-20 16:04 - 000000600 _____ () C:\Users\ron\AppData\Local\PUTTY.RND
2018-05-05 00:42 - 2018-05-05 00:42 - 015750144 _____ () C:\Users\ron\AppData\Local\Sync-1525477359.msi
2018-05-05 00:42 - 2018-05-05 00:43 - 000188154 _____ () C:\Users\ron\AppData\Local\Sync-1525477359.msi.log
2017-10-04 13:29 - 2020-09-24 23:32 - 000210944 _____ () C:\Users\ron\AppData\Local\WebpageIcons.db
2019-09-06 10:53 - 2019-09-06 10:53 - 000000000 _____ () C:\Users\ron\AppData\Local\{B5FBF800-A313-42EC-9DE2-26EAC6AE9D30}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-09-29 22:09
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-09-2020
Ran by ron (02-10-2020 13:43:05)
Running from D:\Downloads
Windows 8.1 (Update) (X64) (2017-09-16 12:51:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-233570897-2198283788-2588358591-500 - Administrator - Disabled)
Guest (S-1-5-21-233570897-2198283788-2588358591-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-233570897-2198283788-2588358591-1005 - Limited - Enabled)
ron (S-1-5-21-233570897-2198283788-2588358591-1001 - Administrator - Enabled) => C:\Users\ron
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
${{arpDisplayName}} (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cufft_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
7-Zip 17.01 beta (x64) (HKLM\...\7-Zip) (Version: 17.01 beta - Igor Pavlov)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: 6.3.6.0 - iMobie Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Application Insights Tools for Visual Studio 2013 (HKLM-x32\...\{873F2D30-973B-415E-9BCA-E465AF816CCF}) (Version: 2.5 - Microsoft Corporation) Hidden
ASUS Xonar Xense Audio (HKLM-x32\...\{8FFA0EAF-5AFB-4492-B5F7-C56B03DF08DF}) (Version: 1.00.0003 - ASUSTeK Computer Inc.)
Atom (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\atom) (Version: 1.51.0 - GitHub Inc.)
AWS Command Line Interface (HKLM\...\{15B28B6C-1E1C-4D5F-954E-256FE269F541}) (Version: 1.16.240 - Amazon Web Services Developer Relations)
AzureTools.Notifications (HKLM-x32\...\{3FBFCF2C-392A-4632-9442-14C305B44D5E}) (Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Backup and Sync from Google (HKLM\...\{B109BD68-709A-485B-97E6-651FEB234AC9}) (Version: 3.51.3307.8076 - Google, Inc.)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (HKLM-x32\...\{594DB57D-58D1-4AA3-AE6C-BF99484F52F8}) (Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (HKLM-x32\...\{28C7344F-E894-4CF5-8D05-EDC7ED71796C}) (Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Beyond Compare 4.2.6 (HKLM\...\BeyondCompare4_is1) (Version: 4.2.6.23150 - Scooter Software)
Blend for Visual Studio 2013 (HKLM-x32\...\{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (HKLM-x32\...\{9ED1634C-4E71-4992-A1BA-7C4BE6EE39E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (HKLM-x32\...\{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build Tools - amd64 (HKLM\...\{DE293220-4F3A-40C8-B825-E151A231455A}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{20C6C9E5-B5B0-40A2-8ACD-EF08A9562A5B}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (HKLM\...\{ACE05087-00E9-480F-A955-1C3D7B977A7D}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (HKLM-x32\...\{2F2A7D0D-C28D-4953-A59A-A5EF1171E03F}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.01 - Canon Inc.)
Canon MG5600 series On-screen Manual (HKLM-x32\...\Canon MG5600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon MG5600 series User Registration (HKLM-x32\...\Canon MG5600 series User Registration) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Core Temp 1.13 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.13 - ALCPU)
CUBLAS Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cublas_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUBLAS Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cublas_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUDA Documentation (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_documentation_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUDA Profiler Tools (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvprof_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUDA Toolkit (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAToolkit_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUDA Version (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAVersion_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUDART Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cudart_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUFFT Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cufft_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
cuobjdump (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cuobjdump_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUPTI (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cupti_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CURAND Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_curand_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CURAND Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_curand_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUSOLVER Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusolver_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUSOLVER Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusolver_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUSPARSE Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusparse_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
CUSPARSE Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusparse_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
DBeaver 6.2.4 (HKLM\...\DBeaver) (Version: 6.2.4 - DBeaver Corp)
Deezer 4.16.3 (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\67490f87-0893-5593-ae76-b1e5d0acd13f) (Version: 4.16.3 - Deezer)
Deezer 4.19.10 (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\{67490f87-0893-5593-ae76-b1e5d0acd13f}) (Version: 4.19.10 - Deezer)
Demo Suite (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_demo_suite_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
Disassembler (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvdisasm_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 411.31 - NVIDIA Corporation) Hidden
Dotfuscator and Analytics Community Edition (HKLM-x32\...\{2386192E-D6DB-4AD2-9564-65586A0AE53E}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Entity Framework 6.1.3 Tools for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
FileZilla Client 3.45.1 (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\FileZilla Client) (Version: 3.45.1 - Tim Kosse)
FlashBack Express 5 (HKLM-x32\...\FlashBack Express 5) (Version: 5.36.0.4417 - Blueberry Software (UK) Ltd.)
Fortran Examples (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_fortran_examples_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.2.25013 - Foxit Software Inc.)
Git version 2.25.1 (HKLM\...\Git_is1) (Version: 2.25.1 - The Git Development Community)
git-cola (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\git-cola) (Version: 3.7 - )
glogg (HKLM-x32\...\glogg) (Version: v1.1.4-x86_64 - )
Google Ads Editor (HKLM-x32\...\{0630E221-E3C9-11EA-B475-DC4A3E998CF6}) (Version: 13.4.4.0 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GPU Library Advisor (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_gpu_library_advisor_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
Grammarly for Microsoft® Office Suite (HKLM\...\{F0E0C340-6901-47B9-B2E6-F9A4CCAE6C75}) (Version: 6.7.190 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\{92a2ef9a-75ce-46ea-92d9-5774c698c9ee}) (Version: 6.7.190 - Grammarly)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
iTunes (HKLM\...\{ABCE8B41-D52C-4304-A5B9-2445AA8B4D4B}) (Version: 12.9.6.3 - Apple Inc.)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Kit SDK de vérification de Visual Studio 2012 - fra (HKLM-x32\...\{8A3862F9-F587-3DFA-AAFC-C1F0E116F05C}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
Kite (HKLM\...\Kite) (Version: - Manhattan Engineering Inc)
LocalESPC Dev12 (HKLM-x32\...\{492498A3-F88C-FE2F-755C-9B1B91724CA5}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (HKLM-x32\...\{B1C38F27-D377-8C98-D98D-29B67C0B978D}) (Version: 8.100.25984 - Microsoft) Hidden
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
MEMCHECK (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_memcheck_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
Memory Profiler (HKLM-x32\...\{4522FE06-850C-4106-AB9E-B32C1462DF8B}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Memory Profiler (HKLM-x32\...\{57960F45-EDBA-4EFA-94D8-0C6FB5CCF11E}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
MergeModule_x64 (HKLM\...\{8B591A6B-253E-4E62-B2A8-3668CDA0A907}) (Version: 11.0.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{51B45206-47B1-4B51-B46A-330B9156D6C1}) (Version: 11.0.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.5267.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Teams) (Version: 1.3.00.21759 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.27.2 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 5 (HKLM-x32\...\{693b15f4-4a52-402e-a7ea-862b20443883}) (Version: 12.0.40629 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MongoDB Compass (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\MongoDBCompass) (Version: 1.20.5 - MongoDB Inc)
Mozilla Firefox 80.0.1 (x64 en-GB) (HKLM\...\Mozilla Firefox 80.0.1 (x64 en-GB)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.2.1 - Mozilla)
Mozilla Thunderbird 78.2.2 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 78.2.2 (x86 en-US)) (Version: 78.2.2 - Mozilla)
MySQL Connector C++ 8.0 (HKLM\...\{80A4FABD-6281-40ED-8FA8-61208D7EA5C5}) (Version: 8.0.16 - Oracle Corporation)
MySQL Connector J (HKLM-x32\...\{D2B7A080-0321-4543-80C1-3216B5A0B703}) (Version: 8.0.16 - Oracle Corporation)
MySQL Connector Net 8.0.15 (HKLM-x32\...\{C52EF11C-FD2C-4645-B851-F213C11E6FBE}) (Version: 8.0.15 - Oracle)
MySQL Connector/ODBC 8.0 (HKLM\...\{A6302E15-2BC2-47E1-9080-BBB7CACEE11B}) (Version: 8.0.16 - Oracle Corporation)
MySQL Documents 8.0 (HKLM-x32\...\{9AF28A89-AAB5-4521-BAD5-6A97F39272D7}) (Version: 8.0.16 - Oracle Corporation)
MySQL for Visual Studio 1.2.8 (HKLM-x32\...\{8FAF420D-7967-44AC-B8B1-F7067944F904}) (Version: 1.2.8 - Oracle)
MySQL Installer - Community (HKLM-x32\...\{71C466E1-2901-483E-879D-57B100926B92}) (Version: 1.4.29.0 - Oracle Corporation)
MySQL Installer for Windows - Community (HKLM-x32\...\{0D4C6A5D-CA41-470D-A34B-355C9BD7433B}) (Version: 1.4.30.0 - Oracle Corporation)
MySQL Notifier 1.1.7 (HKLM-x32\...\{724CDD73-430E-47DA-8F4E-7DF2000BA268}) (Version: 1.1.7 - Oracle)
MySQL Router 8.0 (HKLM\...\{E5A421DC-CAA3-4604-8026-9F64A04084CD}) (Version: 8.0.16 - Oracle Corporation)
MySQL Server 8.0 (HKLM\...\{87210B05-B03F-4F6D-A217-D20F19746EAC}) (Version: 8.0.16 - Oracle Corporation)
MySQL Shell 8.0.15 (HKLM\...\{E1B8F0C7-5D8D-416F-B20C-0745DE10FA9A}) (Version: 8.0.15 - Oracle and/or its affiliates)
MySQL Workbench 8.0 CE (HKLM\...\{C806C745-44EB-4934-8531-7A38D4C75E62}) (Version: 8.0.16 - Oracle Corporation)
Neo4j Desktop 1.0.20 (HKLM\...\14c7e06f-6a3b-5e4e-9e0c-ebe055b1b752) (Version: 1.0.20 - Neo4j Inc.)
Neo4j Desktop 1.0.24 (only current user) (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\14c7e06f-6a3b-5e4e-9e0c-ebe055b1b752) (Version: 1.0.24 - Neo4j Inc.)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NPP Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_npp_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NPP Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_npp_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
nvcc (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvcc_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVGRAPH Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvgraph_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVGRAPH Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvgraph_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 411.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 411.31 - NVIDIA Corporation)
NVIDIA CUDA Development 10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADevelopment_10.0) (Version: 10.0 - NVIDIA Corporation)
NVIDIA CUDA Documentation 10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocument_10.0) (Version: 10.0 - NVIDIA Corporation)
NVIDIA CUDA Runtime 10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDARuntimes_10.0) (Version: 10.0 - NVIDIA Corporation)
NVIDIA CUDA Samples 10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_samples_10.0) (Version: 10.0 - NVIDIA Corporation)
NVIDIA CUDA Visual Studio Integration 10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_visual_studio_integration_10.0) (Version: 10.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Graphics Driver 411.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 411.31 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 411.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 411.31 - NVIDIA Corporation)
NVIDIA Nsight Compute v1.0 (HKLM\...\{3A63BBE3-1FA5-4500-B580-BA102E59C55C}) (Version: 1.0.18227.2207 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 6.0.0.18227 (HKLM\...\{06D6D3DB-339A-4FCC-A049-1F289C17A25E}) (Version: 6.0.0.18227 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 - NVIDIA Corporation)
NVML Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvml_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
nvprune (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvprune_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVRTC Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvrtc_dev_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVRTC Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvrtc_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
NVTX Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvtx_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
Occupancy Calculator (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_occupancy_calculator_10.0) (Version: 10.0 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5267.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5267.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5267.1000 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenVPN 2.4.7-I603 (HKLM\...\OpenVPN) (Version: 2.4.7-I603 - OpenVPN Technologies, Inc.)
Opera Stable 70.0.3728.189 (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Opera 70.0.3728.189) (Version: 70.0.3728.189 - Opera Software)
ownCloud (HKLM-x32\...\{524938D1-2460-4AA7-8F87-2188F2FEDCFB}) (Version: 2.6.3.13551 - ownCloud GmbH)
Pandoc 2.9.2.1 (HKLM\...\{F9F08465-924D-4077-8DF9-38D612F057E1}) (Version: 2.9.2.1 - John MacFarlane)
Password Safe (32-bit) (HKLM-x32\...\Password Safe) (Version: 3.49.1 - Rony Shapiro)
PDFsam Basic (HKLM-x32\...\{958E80E8-BB6E-47F6-98F3-E365959A197D}) (Version: 3.30.3.0 - Andrea Vacondio)
PDFsam Enhanced 4 (HKLM-x32\...\PDFsam Enhanced 4) (Version: 4.0.3.32301 - Copyright 2017 Andrea Vacondio)
PDFsam Enhanced 4 Asian Fonts Pack (HKLM\...\{23186912-8615-4924-B677-D032739A0861}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Convert Module (HKLM\...\{82E16ABB-95AB-43E7-A402-1638B03C8391}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Create Module (HKLM\...\{DB8BDD2C-FA37-4B7C-B43A-443FB1D268F6}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Edit Module (HKLM\...\{93082EB3-E24B-44A0-9ACB-F1F700F8977F}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Forms Module (HKLM\...\{D66F2332-0894-4B48-99E7-3C25C108ECE8}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Insert Module (HKLM\...\{57DCEFC3-54A2-40C8-B833-3CAE945FFC0C}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 OCR Module (HKLM\...\{41B8D2E1-47FC-4BB4-A4EA-BC2F1471996D}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Review Module (HKLM\...\{A8BEAD35-464C-459E-B572-06CF3270370D}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Secure Module (HKLM\...\{C66640E8-BAEB-43FB-BE87-C184E866405F}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 View Module (HKLM\...\{193A600E-D248-4D12-95BE-8FD5B25DD0AD}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PlayMemories Home (HKLM-x32\...\{AEB04E0E-0A28-4014-A96A-282E43B7227B}) (Version: 6.0.00.12211 - Sony Corporation)
PMB_ModeEditor (HKLM-x32\...\{F8063714-BD75-42DC-8FAA-D0E1EED92519}) (Version: 11.0.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{CF081855-ED80-445A-BF63-025584939230}) (Version: 11.0.00 - Sony Corporation) Hidden
PostgreSQL 12 (HKLM\...\PostgreSQL 12) (Version: 12 - PostgreSQL Global Development Group)
Postman-win64-7.8.0 (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Postman) (Version: 7.8.0 - Postman)
PowerShellIntegration.Notifications (HKLM-x32\...\{0B48F5AE-6A17-49C1-8C65-81C6F74E6CF2}) (Version: 2.6.0.0 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Progress Telerik Fiddler (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Fiddler2) (Version: 5.0.20182.28034 - Telerik)
psqlODBC 11.01.0000 (HKLM\...\psqlODBC 11.01.0000-2) (Version: 11.01.0000-2 - EnterpriseDB)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
PyCharm Community Edition 2019.3.3 (HKLM-x32\...\PyCharm Community Edition 2019.3.3) (Version: 193.6494.30 - JetBrains s.r.o.)
Python 3.6.5 (Anaconda3 5.2.0 64-bit) (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\Python 3.6.5 (Anaconda3 5.2.0 64-bit)) (Version: 5.2.0 - Anaconda, Inc.)
Python Tools Redirection Template (HKLM-x32\...\{2881CFB4-71F9-40C7-8228-6395117C0EDA}) (Version: 1.3 - Microsoft Corporation) Hidden
R for Windows 3.4.2 (HKLM\...\R for Windows 3.4.2_is1) (Version: 3.4.2 - R Core Team)
R for Windows 3.5.1 (HKLM\...\R for Windows 3.5.1_is1) (Version: 3.5.1 - R Core Team)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0267 - )
RStudio (HKLM-x32\...\RStudio) (Version: 1.0.153 - RStudio)
SDK de comprobación de Visual Studio 2012 - esn (HKLM-x32\...\{90EF884E-5253-324C-9C11-63C9DA16BF0C}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
Signal 1.36.1 (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 1.36.1 - Open Whisper Systems)
Skype version 8.64 (HKLM-x32\...\Skype_is1) (Version: 8.64 - Skype Technologies S.A.)
Slack (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\slack) (Version: 4.9.0 - Slack Technologies Inc.)
Strawberry Perl (64-bit) (HKLM\...\{C78E6EDD-70D2-1014-96E1-D7907CD34131}) (Version: 5.28.1001 - strawberryperl.com project)
Sync (HKLM-x32\...\{96855E80-23DA-11E2-BDFB-09006188709B}) (Version: 1.3.3.1292 - Sync)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Team Explorer for Microsoft Visual Studio 2013 (HKLM-x32\...\{C9E7751E-88ED-36CF-B610-71A1D262E906}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
TypeScript Power Tool (HKLM-x32\...\{6098D454-CB7B-44C2-8615-D869FD9655C7}) (Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{0E4A9B1A-12D2-4827-BE61-44DBD72797FB}) (Version: 1.0.5.0 - Microsoft Corporation) Hidden
Typora version 0.9.89 (HKLM\...\{37771A20-7167-44C0-B322-FD3E54C56156}_is1) (Version: 0.9.89 - typora.io)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VS Update core components (HKLM-x32\...\{7CE8C6D0-6EA4-34C3-A4ED-8C28A1D67228}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (HKLM-x32\...\{46910786-E4AC-41E4-A4A0-C086EA85242D}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{BF3E2194-F89B-44FB-A801-464BF787599F}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
WinEdt (HKLM-x32\...\WinEdt_is1) (Version: - WinEdt Team)
Wondershare Filmora Scrn(Build 2.0.1) (HKLM\...\Wondershare Filmora Scrn_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Zoom (HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
Пакет Visual Studio 2012 Verification SDK - rus (HKLM-x32\...\{977CABC5-7B4B-3AE4-8E1B-56C673C1D638}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-06] (Canon Inc.)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-22] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-09-17] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-09-17] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\ron\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\ron\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\ron\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.190\B712F5FC58\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\ron\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.190\B712F5FC58\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\ron\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ron\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-233570897-2198283788-2588358591-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\ron\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ AAASyncNo] -> {CD0DD5EC-23D2-4AE0-A111-C7B89038E695} => C:\ProgramData\Sync.Com DLL\overlay.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ AAASyncProg] -> {9A1FA446-6778-4A02-883B-3100549CF193} => C:\ProgramData\Sync.Com DLL\overlay.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ AAASyncRoot] -> {B57A832B-F40A-4A9D-A0F5-49E7D17B8EE4} => C:\ProgramData\Sync.Com DLL\overlay.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ AAASyncSkip] -> {AFE40DBB-AB20-4979-B0D2-483B6866C8C9} => C:\ProgramData\Sync.Com DLL\overlay.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ AAASyncYes] -> {9C569020-57C0-4CE0-9605-8AD42F4B1C7F} => C:\ProgramData\Sync.Com DLL\overlay.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2020-06-12] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2020-06-12] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2020-06-12] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2020-06-12] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2020-06-12] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> )
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-08-19] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers1: [QuickShare] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} => -> No File
ContextMenuHandlers1: [SyncComContextShlExt] -> {0dcd9583-eb2f-4e08-a146-885c923c0833} => C:\ProgramData\Sync.Com DLL\rclick.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ContextMenuHandlers3: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Program Files (x86)\ownCloud\shellext_x64\OCContextMenu.dll [2020-06-12] (ownCloud GmbH -> ownCloud GmbH)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Utilities\bin\x64\TxView.dll [2010-06-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers4: [SyncComContextShlExt] -> {0dcd9583-eb2f-4e08-a146-885c923c0833} => C:\ProgramData\Sync.Com DLL\rclick.dll [2018-05-05] (Sync.com Inc.) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-08-19] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop
ShortcutWithArgument: C:\Users\ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Anaconda\Scripts\activate.bat C:\Anaconda
==================== Loaded Modules (Whitelisted) =============
2018-04-09 07:12 - 2012-08-08 21:56 - 000863232 _____ ( Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\P2PLib.dll
2017-09-28 23:49 - 2016-01-18 13:02 - 000351232 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\MFP\CNMFP.dll
2020-09-12 22:37 - 2020-09-11 02:51 - 003102208 _____ () [File not signed] \\?\C:\Users\ron\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@journeyapps\sqlcipher\lib\binding\electron-v8.3-win32-x64\node_sqlite3.node
2020-09-12 22:37 - 2020-09-11 02:51 - 000190464 _____ () [File not signed] \\?\C:\Users\ron\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\curve25519-n\build\Release\curve.node
2020-09-12 22:37 - 2020-09-11 02:51 - 000214016 _____ () [File not signed] \\?\C:\Users\ron\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node
2020-09-12 22:37 - 2020-09-11 02:51 - 000169984 _____ () [File not signed] \\?\C:\Users\ron\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\ref-napi\build\Release\binding.node
2020-09-12 22:37 - 2020-09-11 02:51 - 010392064 _____ () [File not signed] \\?\C:\Users\ron\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\ringrtc\build\win32\libringrtc.node
2020-09-12 22:37 - 2020-09-11 02:51 - 000169984 _____ () [File not signed] \\?\C:\Users\ron\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\zkgroup\node_modules\ref-napi\build\Release\binding.node
2019-04-25 12:04 - 2019-02-26 01:52 - 000014848 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\markupsafe\_speedups.cp36-win_amd64.pyd
2019-04-25 12:04 - 2019-03-11 21:38 - 000033280 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\pvectorc.cp36-win_amd64.pyd
2019-04-25 12:04 - 2019-03-25 15:28 - 000010240 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\tornado\speedups.cp36-win_amd64.pyd
2020-04-07 16:20 - 2018-05-09 01:26 - 000011264 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\win32\_win32sysloader.pyd
2020-04-07 16:20 - 2018-05-09 01:26 - 000137216 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\win32\pywintypes36.dll
2020-04-07 16:20 - 2018-05-09 01:26 - 000131584 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\win32\win32api.pyd
2019-02-18 19:01 - 2018-12-17 21:44 - 000069120 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\winpty\cywinpty.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000050688 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\_device.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000059904 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\_poll.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000046080 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\_proxy_steerable.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000028672 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\_version.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000068096 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\constants.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000064512 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\context.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000030720 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\error.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000086016 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\message.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000134656 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\socket.cp36-win_amd64.pyd
2019-04-25 12:05 - 2019-02-26 03:38 - 000041472 _____ () [File not signed] C:\Anaconda\envs\k36\lib\site-packages\zmq\backend\cython\utils.cp36-win_amd64.pyd
2018-03-28 08:12 - 2018-03-28 08:12 - 000282112 _____ () [File not signed] C:\Anaconda\envs\k36\Library\bin\libsodium.dll
2020-04-07 16:20 - 2018-05-09 01:27 - 000552448 _____ () [File not signed] C:\Anaconda\envs\k36\Library\bin\pythoncom36.dll
2020-08-03 16:07 - 2020-06-22 15:39 - 001543168 _____ () [File not signed] C:\Anaconda\envs\k36\Library\bin\sqlite3.dll
2018-02-02 19:44 - 2018-02-02 19:44 - 002509089 _____ () [File not signed] C:\Anaconda\envs\k36\Library\bin\winpty.dll
2018-04-17 16:07 - 2019-07-28 17:51 - 000307731 _____ () [File not signed] C:\cygwin64\bin\cygncursesw-10.dll
2018-04-17 16:07 - 2017-02-13 20:45 - 000224275 _____ () [File not signed] C:\cygwin64\bin\cygreadline7.dll
2020-06-18 13:00 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-06-18 13:00 - 2016-10-08 16:48 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2019-05-24 14:42 - 2020-09-22 21:38 - 002072064 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-05-24 14:42 - 2020-09-22 21:38 - 000310784 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-05-24 14:42 - 2020-09-22 21:38 - 006903808 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-04-09 07:12 - 2013-02-27 17:17 - 000221184 _____ () [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\EnumDevLib.dll
2017-09-19 22:19 - 2014-12-28 23:08 - 000143360 ____N () [File not signed] C:\Program Files\ASUS Xonar Xense Audio\Customapp\VmixP8.dll
2020-05-03 18:22 - 2020-04-24 04:56 - 000296448 _____ () [File not signed] C:\Program Files\PostgreSQL\12\bin\LIBPQ.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 002269696 _____ () [File not signed] C:\Program Files\PostgreSQL\12\bin\libxml2.dll
2018-09-11 19:11 - 2018-07-02 10:07 - 030811648 _____ () [File not signed] C:\Program Files\R\R-3.5.1\bin\x64\R.dll
2018-09-11 19:11 - 2018-07-02 10:07 - 000312794 _____ () [File not signed] C:\Program Files\R\R-3.5.1\bin\x64\Rblas.dll
2018-09-11 19:11 - 2018-07-02 10:06 - 000322525 _____ () [File not signed] C:\Program Files\R\R-3.5.1\bin\x64\Rgraphapp.dll
2018-09-11 19:11 - 2018-07-02 10:06 - 000066785 _____ () [File not signed] C:\Program Files\R\R-3.5.1\bin\x64\Riconv.dll
2018-09-11 19:11 - 2018-07-02 10:08 - 002741760 _____ () [File not signed] C:\Program Files\R\R-3.5.1\bin\x64\Rlapack.dll
2018-09-11 19:12 - 2018-07-02 10:10 - 000296448 _____ () [File not signed] C:\Program Files\R\R-3.5.1\library\graphics\libs\x64\graphics.dll
2018-09-11 19:12 - 2018-07-02 10:10 - 001177600 _____ () [File not signed] C:\Program Files\R\R-3.5.1\library\grDevices\libs\x64\grDevices.dll
2018-09-11 19:12 - 2018-07-02 10:11 - 000043008 _____ () [File not signed] C:\Program Files\R\R-3.5.1\library\methods\libs\x64\methods.dll
2018-09-11 19:12 - 2018-07-02 10:10 - 000657920 _____ () [File not signed] C:\Program Files\R\R-3.5.1\library\stats\libs\x64\stats.dll
2018-09-11 19:12 - 2018-07-02 10:08 - 000089600 _____ () [File not signed] C:\Program Files\R\R-3.5.1\library\tools\libs\x64\tools.dll
2018-09-11 19:12 - 2018-07-02 10:09 - 000137728 _____ () [File not signed] C:\Program Files\R\R-3.5.1\library\utils\libs\x64\utils.dll
2018-09-11 19:12 - 2018-07-02 10:07 - 003779137 _____ () [File not signed] C:\Program Files\R\R-3.5.1\modules\x64\internet.dll
2014-10-16 11:34 - 2014-10-16 11:34 - 021565880 _____ () [File not signed] C:\Program Files\RStudio\bin\icudt53.dll
2014-10-16 11:34 - 2014-10-16 11:34 - 003758809 _____ () [File not signed] C:\Program Files\RStudio\bin\icuin53.dll
2014-10-16 11:33 - 2014-10-16 11:33 - 002093901 _____ () [File not signed] C:\Program Files\RStudio\bin\icuuc53.dll
2014-10-23 11:27 - 2014-10-23 11:27 - 000119822 _____ () [File not signed] C:\Program Files\RStudio\bin\libgcc_s_dw2-1.dll
2014-10-23 11:27 - 2014-10-23 11:27 - 001026574 _____ () [File not signed] C:\Program Files\RStudio\bin\libstdc++-6.dll
2014-09-19 13:37 - 2014-09-19 13:37 - 021008384 _____ () [File not signed] C:\Program Files\RStudio\bin\rsclang\x86_64\libclang.dll
2019-11-20 11:48 - 2020-04-03 10:23 - 001991168 _____ () [File not signed] C:\Users\ron\AppData\Local\Programs\deezer.desktop\ffmpeg.dll
2019-11-20 11:48 - 2020-04-03 10:23 - 000115712 _____ () [File not signed] C:\Users\ron\AppData\Local\Programs\deezer.desktop\libegl.dll
2019-11-20 11:48 - 2020-04-03 10:23 - 004636672 _____ () [File not signed] C:\Users\ron\AppData\Local\Programs\deezer.desktop\libglesv2.dll
2020-05-24 04:15 - 2020-09-11 02:51 - 002338304 _____ () [File not signed] C:\Users\ron\AppData\Local\Programs\signal-desktop\ffmpeg.dll
2020-05-24 04:15 - 2020-09-11 02:51 - 000376320 _____ () [File not signed] C:\Users\ron\AppData\Local\Programs\signal-desktop\libegl.dll
2020-05-24 04:15 - 2020-09-11 02:51 - 007947776 _____ () [File not signed] C:\Users\ron\AppData\Local\Programs\signal-desktop\libglesv2.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 000114176 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_ctypes.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000172544 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_elementtree.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 002250240 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_hashlib.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000032256 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_multiprocessing.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000046080 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_psutil_windows.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000047616 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_socket.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 002819584 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_ssl.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000026112 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\_yappi.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000080896 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\bz2.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000016384 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\common.time34.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000007680 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\hashobjs_ext.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000301568 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\PIL._imaging.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000168448 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\pyexpat.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 001084416 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\pysqlite2._sqlite.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000548864 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\pythoncom27.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 000137728 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\pywintypes27.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 000010752 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\select.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000020992 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\thumbnails_ext.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000689664 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\unicodedata.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000119808 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\usb_ext.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000128512 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32api.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000438784 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32com.shell.shell.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000011776 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32crypt.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000023040 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32event.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000149504 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32file.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000223232 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32gui.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000048128 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32inet.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000029696 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32pdh.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000027648 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32pipe.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000044032 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32process.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000020480 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32profile.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000136192 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32security.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000026624 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\win32ts.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000034816 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\windows.conditional.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000038400 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\windows.connectivity.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000071680 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\windows.device_monitor.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000109056 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\windows.volumes.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000020480 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\windows.winwrap.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 001325056 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wx._controls_.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 001489408 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wx._core_.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 001007104 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wx._gdi_.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000103424 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wx._html2.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 000916992 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wx._misc_.pyd
2020-09-25 22:48 - 2020-09-25 22:48 - 001039872 _____ () [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wx._windows_.pyd
2019-02-18 17:37 - 2019-02-18 17:37 - 000262144 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\_yaml.cp36-win_amd64.pyd
2019-02-18 12:07 - 2019-02-18 12:07 - 033107591 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\.libs\libopenblas.IPBC74C7KURV7CB2PKT5Z5FNR3SIBV4J.gfortran-win_amd64.dll
2019-02-18 12:07 - 2019-02-18 12:07 - 000101376 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\core\_multiarray_tests.cp36-win_amd64.pyd
2019-02-18 12:07 - 2019-02-18 12:07 - 002494976 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\core\_multiarray_umath.cp36-win_amd64.pyd
2019-02-18 12:07 - 2019-02-18 12:07 - 000078336 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\fft\fftpack_lite.cp36-win_amd64.pyd
2019-02-18 12:07 - 2019-02-18 12:07 - 000131072 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\linalg\_umath_linalg.cp36-win_amd64.pyd
2019-02-18 12:07 - 2019-02-18 12:07 - 000023552 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\linalg\lapack_lite.cp36-win_amd64.pyd
2019-02-18 12:07 - 2019-02-18 12:07 - 000700928 _____ () [File not signed] C:\Users\ron\AppData\Roaming\Python\Python36\site-packages\numpy\random\mtrand.cp36-win_amd64.pyd
2017-09-28 23:49 - 2016-11-24 10:24 - 000241152 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\AddOn\MovieCapture\cnmignsrcliwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:24 - 000105472 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\AddOn\PhotoSharing\cnmigphotosharingwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:32 - 000065536 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\cnmigfaceidlibwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:22 - 000262144 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\cnmigimagefixwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:33 - 000119808 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\cnmigpdcwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:22 - 000113152 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\cnmigpdfeditorwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:21 - 000099328 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\cnmigpdfreaderwrapper.dll
2017-09-28 23:49 - 2016-11-24 10:23 - 000180736 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\My Image Garden\cnmigsurveywrapper.dll
2017-09-28 23:49 - 2016-06-09 13:35 - 000588800 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2017-09-28 23:50 - 2014-01-15 15:12 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL
2017-09-28 23:50 - 2014-01-15 15:10 - 000307712 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2017-09-28 23:49 - 2016-11-24 10:23 - 001777152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\AddOn\PhotoSharing\CNMIGPS2LIB.dll
2017-09-28 23:49 - 2016-11-24 10:22 - 000013824 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\cnmigsurveyitemlist.dll
2017-09-28 23:49 - 2016-03-10 16:17 - 000425984 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\cnpapgmg.dll
2017-09-28 23:49 - 2016-03-10 16:18 - 000589824 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\FaceIDLib.dll
2017-09-28 23:49 - 2016-03-10 16:17 - 001228800 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\pafcv2.dll
2017-09-28 23:49 - 2016-03-10 16:18 - 000943104 _____ (Canon Inc.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\PDC.dll
2017-09-28 23:49 - 2016-03-10 16:18 - 000344064 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\sledge_v2.dll
2017-09-28 23:49 - 2016-03-10 16:18 - 001496064 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\My Image Garden\VIR_FDFA.dll
2017-09-28 23:49 - 2016-06-09 11:57 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2017-09-28 23:50 - 2014-03-17 19:15 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2017-09-19 22:19 - 2014-12-28 23:08 - 000430080 ____N (C-Media Electronics Inc.) [File not signed] C:\Program Files\ASUS Xonar Xense Audio\CustomApp\cmdevice.dll
2017-09-19 22:19 - 2014-12-28 23:08 - 000122880 ____N (C-Media Electronics Inc.) [File not signed] C:\Windows\System\HsSrv64.dll
2015-02-17 07:15 - 2015-02-17 07:15 - 000033280 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qgif.dll
2015-02-17 07:15 - 2015-02-17 07:15 - 000035328 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qico.dll
2015-02-17 07:15 - 2015-02-17 07:15 - 000247296 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qjpeg.dll
2015-02-17 07:28 - 2015-02-17 07:28 - 000367104 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qmng.dll
2015-02-17 07:18 - 2015-02-17 07:18 - 000029184 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qsvg.dll
2015-02-17 07:28 - 2015-02-17 07:28 - 000028160 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qtga.dll
2015-02-17 07:28 - 2015-02-17 07:28 - 000433664 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\imageformats\qtiff.dll
2015-02-17 07:16 - 2015-02-17 07:16 - 001324544 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\plugins\platforms\qwindows.dll
2015-05-06 23:12 - 2015-05-06 23:12 - 004830208 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Core.dll
2015-02-17 07:01 - 2015-02-17 07:01 - 005219328 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Gui.dll
2015-02-17 08:00 - 2015-02-17 08:00 - 000784384 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Multimedia.dll
2015-02-17 08:02 - 2015-02-17 08:02 - 000110592 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5MultimediaWidgets.dll
2015-02-17 06:56 - 2015-02-17 06:56 - 001513472 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Network.dll
2015-02-17 07:12 - 2015-02-17 07:12 - 000335360 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5OpenGL.dll
2015-02-17 08:08 - 2015-02-17 08:08 - 000229376 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Positioning.dll
2015-02-17 07:13 - 2015-02-17 07:13 - 000352768 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5PrintSupport.dll
2015-02-17 07:32 - 2015-02-17 07:32 - 004129280 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Qml.dll
2015-02-17 07:41 - 2015-02-17 07:41 - 003718144 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Quick.dll
2015-02-17 07:56 - 2015-02-17 07:56 - 000199680 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Sensors.dll
2015-02-17 06:55 - 2015-02-17 06:55 - 000259072 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Sql.dll
2015-02-17 07:18 - 2015-02-17 07:18 - 000329216 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Svg.dll
2015-02-17 08:07 - 2015-02-17 08:07 - 000117760 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5WebChannel.dll
2015-02-17 10:39 - 2015-02-17 10:39 - 033309696 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5WebKit.dll
2015-02-17 10:41 - 2015-02-17 10:41 - 000273408 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5WebKitWidgets.dll
2015-02-17 07:08 - 2015-02-17 07:08 - 006472192 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\RStudio\bin\Qt5Widgets.dll
2018-04-17 16:07 - 2015-02-20 18:07 - 001033235 _____ (Free Software Foundation) [File not signed] C:\cygwin64\bin\cygiconv-2.dll
2018-04-17 16:07 - 2016-10-23 07:34 - 000042515 _____ (Free Software Foundation) [File not signed] C:\cygwin64\bin\cygintl-8.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 001872271 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\12\bin\libiconv-2.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 000829175 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\12\bin\libintl-8.dll
2018-10-19 14:28 - 2018-10-19 14:28 - 003512832 _____ (FreeImage) [File not signed] C:\Users\ron\AppData\Local\Programs\Sync\FreeImage.dll
2017-11-27 12:37 - 2017-08-28 11:30 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-02-18 19:00 - 2019-02-01 13:57 - 000451072 _____ (iMatix Corporation) [File not signed] C:\Anaconda\envs\k36\Library\bin\libzmq-mt-4_3_1.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2014-10-23 11:27 - 2014-10-23 11:27 - 000049152 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files\RStudio\bin\libwinpthread-1.dll
2019-04-25 12:02 - 2019-02-22 03:30 - 000052224 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_asyncio.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000081920 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_bz2.pyd
2019-05-01 06:37 - 2019-02-22 03:30 - 000124928 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_ctypes.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000259584 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_decimal.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000201728 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_elementtree.pyd
2019-04-25 12:02 - 2019-02-22 03:33 - 001686016 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_hashlib.pyd
2019-04-25 12:02 - 2019-02-22 03:31 - 000249856 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_lzma.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000022016 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_multiprocessing.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000034816 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_overlapped.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000065536 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_socket.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000076288 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_sqlite3.pyd
2019-04-25 12:02 - 2019-02-22 03:33 - 002140672 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\_ssl.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000193024 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\pyexpat.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000019456 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\select.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000898048 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\DLLs\unicodedata.pyd
2019-04-25 12:02 - 2019-02-22 03:30 - 000051200 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\python3.dll
2019-04-25 12:02 - 2019-02-22 03:30 - 003618816 _____ (Python Software Foundation) [File not signed] C:\Anaconda\envs\k36\python36.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\python27.dll
2018-04-09 07:12 - 2015-03-26 10:39 - 000552960 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlLib.dll
2018-04-09 07:12 - 2012-09-13 09:25 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\IpLib.dll
2018-04-09 07:12 - 2015-02-05 13:58 - 000098304 _____ (Realtek) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlICS.dll
2018-04-09 07:12 - 2015-03-30 10:39 - 000274432 _____ (Realtek) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlIhvOid.dll
2018-04-09 07:12 - 2012-06-22 16:01 - 000044544 _____ (Realtek) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlQRCode.dll
2018-04-17 16:07 - 2020-06-01 10:00 - 003538235 _____ (Red Hat) [File not signed] C:\cygwin64\bin\cygwin1.dll
2018-05-05 00:48 - 2018-05-05 00:48 - 001462272 _____ (Sync.com Inc.) [File not signed] C:\ProgramData\Sync.Com DLL\overlay.dll
2018-05-05 00:48 - 2018-05-05 00:48 - 001136640 _____ (Sync.com Inc.) [File not signed] C:\ProgramData\Sync.Com DLL\rclick.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 021529088 _____ (The ICU Project) [File not signed] C:\Program Files\PostgreSQL\12\bin\icudt53.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 001844224 _____ (The ICU Project) [File not signed] C:\Program Files\PostgreSQL\12\bin\icuin53.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 001317376 _____ (The ICU Project) [File not signed] C:\Program Files\PostgreSQL\12\bin\icuuc53.dll
2018-04-09 07:12 - 2009-07-23 17:32 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\LIBEAY32.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 002842112 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\12\bin\libcrypto-1_1-x64.dll
2020-05-03 18:18 - 2020-04-24 04:56 - 000680960 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\12\bin\libssl-1_1-x64.dll
2020-06-18 13:00 - 2016-10-08 16:49 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wxbase30u_net_vc90_x64.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wxbase30u_vc90_x64.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wxmsw30u_adv_vc90_x64.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wxmsw30u_core_vc90_x64.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wxmsw30u_html_vc90_x64.dll
2020-09-25 22:48 - 2020-09-25 22:48 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\ron\AppData\Local\Temp\_MEI129682\wxmsw30u_webview_vc90_x64.dll
2017-10-01 23:01 - 2017-05-24 04:45 - 000877104 _____ (捷而思股份有限公司 -> jrsys Inc. hxxp://www.jrsys.com.tw/) [File not signed] C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\jrsys\x86\jrsysCryptoDll.dll
2017-10-01 23:01 - 2017-05-24 04:45 - 000053808 _____ (捷而思股份有限公司 -> jrsys Inc. hxxp://www.jrsys.com.tw/) [File not signed] C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\jrsys\x86\jrsysMSCryptoDll.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2020-06-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2020-06-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFsam Enhanced 4 Helper -> {952B1B0C-7ABC-49DD-8CC8-A7E73675E4F0} -> C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-helper.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - PDFsam Enhanced 4 Toolbar - {C33F5D76-0A77-4A99-8274-54AD52AF7D1B} - C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-plugin.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-09-16] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v10.0\bin;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v10.0\libnvvp;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\PuTTY\;C:\Program Files\Microsoft VS Code\bin;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\Program Files\Amazon\AWSCLI\bin;C:\Program Files\Git\cmd;C:\Program Files\Pandoc\;C:\Anaconda\envs\k36;C:\ProgramData\chocolatey\bin;
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ron\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_2420.jpg
DNS Servers: 192.168.50.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\StartupApproved\StartupFolder: => "Password Safe.lnk"
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-233570897-2198283788-2588358591-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E353A4F8-BD1B-4C1F-96F0-5B1890807C12}] => (Allow) C:\Users\ron\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C699647F-B190-4436-BF9C-69E7FEFB196D}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{6EA4DA27-B842-401B-B586-D8EE4880343E}] => (Allow) LPort=1542
FirewallRules: [{FC125CDA-DED1-41E7-A6CD-78EDE8B0F4C7}] => (Allow) LPort=1542
FirewallRules: [{265E7481-F779-46D5-88FF-EA5A8DAF447A}] => (Allow) LPort=53
FirewallRules: [{BC177F63-8B10-46F1-9F14-22BD9C6117F0}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1360F953-080A-4680-9677-EB0718EC42A6}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F39BC5A5-AD17-4EED-9FB4-B483E9A852EF}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{55898D68-96FA-4936-A681-8BCF60F2356F}] => (Allow) LPort=53
FirewallRules: [{98C28FAB-AD17-4B98-83FB-FF1E3E91BE9F}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F4F931E8-11C1-4752-A096-783905DDF093}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1AB4A01F-9259-4C9A-8A30-50BA987E8A36}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{101020EC-3743-4DC3-A1BB-92152181D348}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [TCP Query User{E2E18907-7812-4C24-92F8-A1E1A67C120C}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [UDP Query User{0695CF40-8A31-4DEA-8065-DA797204A192}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [TCP Query User{5DCCD1FA-476D-47A3-BB6D-DC50014D23C1}C:\users\ron\appdata\local\programs\neo4j-desktop\neo4j desktop.exe] => (Block) C:\users\ron\appdata\local\programs\neo4j-desktop\neo4j desktop.exe (Neo4j, Inc. -> Neo4j Inc.)
FirewallRules: [UDP Query User{741F5D19-06F5-48F0-841B-104D70DEE68C}C:\users\ron\appdata\local\programs\neo4j-desktop\neo4j desktop.exe] => (Block) C:\users\ron\appdata\local\programs\neo4j-desktop\neo4j desktop.exe (Neo4j, Inc. -> Neo4j Inc.)
FirewallRules: [{340B985E-4CA7-41FD-8D45-F683614A579A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{70F7D928-8AF6-487E-86FB-81E8BE02289E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{80F124F6-F1CF-4079-B3AE-68C09CBC81B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DDF9849E-0A1C-45F2-8ED9-731DE801634E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{91B82CB8-D58D-4313-A7CF-6D11ACDE9493}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{3A0205A5-85D5-43A6-9D69-3DC3CD8DDA7F}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [UDP Query User{AEC6F79C-D2E2-4119-AC89-F8793738A3BA}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [TCP Query User{97396227-7CFF-43B1-9115-CBF9E429A84E}C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe] => (Allow) C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [UDP Query User{7AA0DCF3-1BC7-47AB-B180-525BADE60342}C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe] => (Allow) C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [TCP Query User{4469C49A-91A4-4364-9374-84A8062E9717}C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe] => (Block) C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [UDP Query User{A6F95C09-4F68-45AA-B7DB-5DDF94DDAE55}C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe] => (Block) C:\users\ron\appdata\local\programs\deezer.desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [{29B1F58F-4C22-409F-92BE-D3520B085963}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23533FBB-1311-459A-BBE8-0CC157606617}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C461F2C-37DD-42E5-8DDA-7AD67EA6F743}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B99A4AE-AC8A-465A-A1AC-69ABE92BB799}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B15A643D-AD01-4593-BCFD-D7BCA22CA7C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7609380D-E16A-4C46-9842-C80C02E4578C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D325A135-2F37-4123-832D-FC4B33C4B154}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{77E56EE0-ED07-4CE1-81DA-5CA59A3937A9}] => (Allow) LPort=3306
FirewallRules: [{1854609A-C41B-4B67-AD5D-5573F9AED676}] => (Allow) LPort=33060
FirewallRules: [TCP Query User{B32648E9-3B5B-464C-ABA4-425BF0CC2520}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project)
FirewallRules: [UDP Query User{D49805BA-5D44-4AF7-B91B-B0DE266660C5}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project)
FirewallRules: [{C1403061-D520-46CC-8EE6-789BE34150AD}] => (Block) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project)
FirewallRules: [{86FAAE7E-C9BB-4B0F-BB8E-7FF454340A66}] => (Block) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project)
FirewallRules: [{45DAA289-1C30-42D0-8CDE-CE7EE0831A9E}] => (Allow) C:\Users\ron\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D5C60C09-9BC6-463E-81B9-B1F1F709792D}] => (Allow) C:\Users\ron\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{20CD8E2B-7CD6-48C5-B7EA-F2ACBEB3D953}C:\programdata\oracle\java\javapath_target_531963703\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_531963703\java.exe
FirewallRules: [UDP Query User{4D6E129C-36DA-4655-80D6-6D0100EFDD50}C:\programdata\oracle\java\javapath_target_531963703\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_531963703\java.exe
FirewallRules: [{6A724D1A-6D7F-4905-A862-B4B87179F831}] => (Block) C:\programdata\oracle\java\javapath_target_531963703\java.exe
FirewallRules: [{14020B23-1EFA-41C2-BA12-0AE89A151B5B}] => (Block) C:\programdata\oracle\java\javapath_target_531963703\java.exe
FirewallRules: [{C5305FCA-BB20-40F1-A67D-1B2BAC7E9AB7}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C2B13C58-63A2-4533-9FD6-2EBB65D0420D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{501E9A84-0EEF-456D-BB94-9FDC878B6CFB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{9827DED6-B362-4F2C-8AE6-B22A6C44338B}C:\program files\dbeaver\dbeaver.exe] => (Allow) C:\program files\dbeaver\dbeaver.exe (DBeaver Corp -> )
FirewallRules: [UDP Query User{11707E6B-BC86-4924-83A3-3C61467455C4}C:\program files\dbeaver\dbeaver.exe] => (Allow) C:\program files\dbeaver\dbeaver.exe (DBeaver Corp -> )
FirewallRules: [{775DCBBD-6C3E-409C-A1DD-E7CEE9011CBA}] => (Block) C:\program files\dbeaver\dbeaver.exe (DBeaver Corp -> )
FirewallRules: [{DC1749F6-D397-4055-B278-279789D63170}] => (Block) C:\program files\dbeaver\dbeaver.exe (DBeaver Corp -> )
FirewallRules: [{FAB51A6A-C87F-4DA5-A272-A96790992619}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D682846E-AC2A-40A1-9DD6-C11BB98AD6FA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{4BA0BDD6-7B80-4C2A-83CE-E3780EAC182D}C:\users\ron\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{D93AB094-67E3-4762-9C69-2BE6A54831AC}C:\users\ron\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{3EDF0CF6-EBF2-4FBF-851A-6BA077B5C1BE}C:\users\ron\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [UDP Query User{4054B10B-30AF-40C3-A309-469F65D12BF6}C:\users\ron\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [TCP Query User{FCB1CF3E-1EA1-4C5E-A572-439174DB0EA2}C:\users\ron\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\67.0.3575.79\opera.exe => No File
FirewallRules: [UDP Query User{DB182E8D-9CBA-4DF1-8D06-656833F4CED0}C:\users\ron\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\67.0.3575.79\opera.exe => No File
FirewallRules: [TCP Query User{7748A41F-E74E-4778-9FF4-89BD8EDF46C3}C:\users\ron\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [UDP Query User{90250903-32D5-4065-BD1E-68BBD38DDBDF}C:\users\ron\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Block) C:\users\ron\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [{7B457B93-8493-4036-8A1A-EF944CEB56A0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{961C02AC-1378-4E26-9C90-8A9DAF17BE24}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38FE7E6A-8FDC-47CE-90C2-F7DEB5BEBE61}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
17-09-2020 13:12:31 Scheduled Checkpoint
25-09-2020 12:47:08 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name: Realtek RTL8811AU Wireless LAN 802.11ac USB 2.0 Network Adapter
Description: Realtek RTL8811AU Wireless LAN 802.11ac USB 2.0 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RtlWlanu
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Visual Studio Location Simulator Sensor
Description: Microsoft Visual Studio Location Simulator Sensor
Class Guid: {5175d334-c371-4806-b3ba-71fd53c9258d}
Manufacturer: Microsoft Corporation
Service: SensorsSimulatorDriver
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: ========================
Application errors:
==================
Error: (10/02/2020 01:27:48 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005).
Error: (10/02/2020 12:58:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1516
Error: (10/02/2020 12:58:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1516
Error: (10/02/2020 12:58:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/30/2020 02:53:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1500
Error: (09/30/2020 02:53:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1500
Error: (09/30/2020 02:53:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/30/2020 02:49:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NVDisplay.Container.exe, version: 1.11.2451.4491, time stamp: 0x5b483088
Faulting module name: DisplayDriverRAS.dll, version: 1.10.0.0, time stamp: 0x5b9038f5
Exception code: 0xc0000005
Fault offset: 0x0000000000037512
Faulting process ID: 0x544c
Faulting application start time: 0x01d6972e7ffc63a8
Faulting application path: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Faulting module path: C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverRAS\DisplayDriverRAS.dll
Report ID: b87c3f0b-0323-11eb-bec6-3085a98ce5fe
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (10/02/2020 12:58:10 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (09/30/2020 02:53:33 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (09/30/2020 02:49:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (09/30/2020 02:34:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (09/30/2020 12:35:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (09/30/2020 12:22:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (09/30/2020 12:08:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (09/30/2020 11:54:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Windows Defender:
===================================
Date: 2020-10-02 13:27:45.522
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {7080B37A-D057-4090-B59F-06C7D32EA7E9}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-24 15:31:57.868
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8D0D2E52-FFE2-412B-9209-6A62E8DECC0B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-24 14:23:15.640
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {6E4D825D-FBF4-419A-B9E1-5C00B7A0E750}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-24 14:17:10.845
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {19DBA195-F05A-446C-A576-2DE951130663}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-17 13:07:34.041
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {A39DE1FF-F351-473E-8BAC-55FFA94E46C6}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-28 11:16:35.444
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.323.2091.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17400.5
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2020-09-28 11:16:35.443
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.323.2091.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17400.5
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2020-09-28 11:16:35.443
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.323.2091.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17400.5
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===================================
Date: 2020-10-02 13:42:49.869
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-02 13:42:49.555
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-02 13:42:49.105
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-02 13:42:48.791
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-02 13:42:27.895
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-02 13:42:27.583
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-02 13:41:58.274
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-02 13:41:57.951
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1402 04/19/2012
Motherboard: ASUSTeK COMPUTER INC. Crosshair V Formula
Processor: AMD FX-8350 Eight-Core Processor
Percentage of memory in use: 41%
Total physical RAM: 32712.27 MB
Available physical RAM: 19050.54 MB
Total Virtual: 59336.27 MB
Available Virtual: 30780.16 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.6 GB) (Free:75.49 GB) NTFS
Drive d: (Data) (Fixed) (Total:2794.39 GB) (Free:1163.15 GB) NTFS
\\?\Volume{975cd8ad-9a3f-11e7-be6e-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.04 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 675DB0D7)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.6 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt
Edited by rocket-ron, 02 October 2020 - 06:49 AM.