Featured Post

Best antivirus in 2020: Free antivirus and paid software - Tom's Guide UK

Image
Best antivirus in 2020: Free antivirus and paid software - Tom's Guide UKBest antivirus in 2020: Free antivirus and paid software - Tom's Guide UKPosted: 02 Jul 2020 06:59 AM PDTEvery Windows PC needs to be running one of the best antivirus programs, even if that program happens to be one of the best free antivirus programs.  The Windows Defender antivirus software built into Windows 10 is very good, but while it certainly holds its own against other free rivals, it still can't quite match the features or protection of the best paid antivirus offerings.Best Antivirus: Top 7 Paid antivirus suites offer you a plethora of features that often go far beyond basic malware protection. You can get dedicated defenses against ransomware and webcam hijacking, extra functions such as file shredding or system optimization, and even features that compete with stand-alone services like password managers, cloud-backup solutions or identity-theft protection.Antivirus makers normal…

Intermittent issues accessing Google sites - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

For maybe past 10 days or so I have had intermittent issues accessing google.com sites.  I thought it was a DNS-related issue.  Happens in Chrome and Firefox.  It happens doing searches in address bar set to google, using maps.google.com, using Gmail (https://mail.google.com/) - non google.com domains have been fine.  Youtube has been fine as well as like google.co.uk, google.co.jp.  Sometimes when have these issues, Chrome in incognito mode is fine.  I have reset router, changed DNS servers, removed extensions, put extensions back, uninstalled and reinstalled Chrome.  It was suggested I post here.  Thanks in advance.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by Richard (administrator) on DIGITALSTORM-PC (14-06-2020 01:55:13)
Running from C:\Users\Richard\Desktop\malware
Loaded Profiles: Richard
Platform: Windows 10 Pro Version 1903 18362.900 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\SpiderOakONE\windows_dir_watcher.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\iCUE.exe
(FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe
(FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <39>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avpui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_2eaf9d620160f138\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Plantronics Inc -> Plantronics, Inc.) C:\Program Files (x86)\Plantronics\Spokes3G\SpokesUpdateService.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(SpiderOak) [File not signed] C:\Program Files\SpiderOakONE\SpiderOakONE.exe <2>
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2020-04-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [876536 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [526648 2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [PLTHub.exe] => C:\Program Files (x86)\Plantronics\Spokes3G\PLTHub.exe [2866792 2020-05-21] (Plantronics Inc -> Plantronics, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\iCUE Launcher.exe [410152 2020-04-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Run: [Steam] => D:\Programs\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Run: [SpiderOakONE] => C:\Program Files\SpiderOakONE\SpiderOakONE.exe [67072 2018-01-31] (SpiderOak) [File not signed]
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5417008 2020-05-03] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Run: [Dashlane] => C:\Users\Richard\AppData\Roaming\Dashlane\Dashlane.exe [321536 2020-02-11] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Run: [DashlanePlugin] => C:\Users\Richard\AppData\Roaming\Dashlane\DashlanePlugin.exe [342528 2020-02-11] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-08-12] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24137712 2019-11-11] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> )
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Run: [PTOneClick] => C:\Users\Richard\AppData\Local\Webex\Webex\Applications\ptoneclk.exe [7184120 2020-03-28] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1951264 2020-02-11] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2417016 2020-05-15] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [807936 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2019-12-02] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\DYMO LabelWriter Monitor: C:\Windows\system32\LW400MON.DLL [16384 2018-07-27] (Microsoft Windows Hardware Compatibility Publisher -> DYMO Corp.)
HKLM\...\Print\Monitors\novaPDF OEM 7 Monitor: C:\Windows\system32\novamnv7.dll [33056 2014-06-16] (Softland S.R.L. -> Softland)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\Installer\setup.exe [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2014-09-24] (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2019-11-12]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09E49C80-3A9A-4DBF-AD3B-FEE623DF0913} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-08] (Google Inc -> Google Inc.)
Task: {0E2B5F3A-C7A7-458E-B030-B1063DC12438} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-11] (Adobe Inc. -> Adobe)
Task: {0E3F48EE-CFFB-48E1-ABA6-30B2B7378BA8} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2020-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {154AFA1B-9B09-4180-ABB6-AA4150C5F624} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23755640 2020-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {1DFCBC99-B1B2-48AD-951B-AD0144D9A61C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-11] (Adobe Inc. -> Adobe)
Task: {2F2DC1F6-1B6D-40BF-ADB4-4360F4860737} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124744 2020-06-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {3FB1B9C5-C545-45EB-8377-7EDFC74FCDA7} - System32\Tasks\AdobeAAMUpdater-1.0-DIGITALSTORM-PC-Richard => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5EB503A6-7EC0-44C2-A3F3-E02FDE4D1AA6} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.)
Task: {6E9F0880-601F-4DF3-B729-EE0B3DE83047} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2020-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {708F4694-A853-457C-BCBD-0459730D4E02} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1321344 2020-06-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E63EAC7-428C-40DC-896C-2413A227471A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-08] (Google Inc -> Google Inc.)
Task: {953C58F3-4156-4E75-8FC7-08CB75F47089} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BCC70E4A-B3A3-4203-8883-F3CBF151DDFC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {D3E9519C-BF5E-44AD-9E40-6F5C4E1F1B29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {F2A3E5F0-15A1-418C-9BA4-88EC1BBD8ABA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124744 2020-06-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8B2B7AE-18B0-436F-9264-F1006D7D6934} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23755640 2020-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8D10373-4C06-46F3-B434-6399E58DF658} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2020-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: 127.0.0.1 view-localhost # view localhost server
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b0d226c1-afd7-4d74-a8c5-6e215003db65}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\IEExt\ie_plugin.dll [2020-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2020-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: No Name -> {A6381AA9-C661-4D16-B0A0-3F6A1E967021}' -> No File
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\IEExt\ie_plugin.dll [2020-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2020-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1884588917-2122681954-3986232087-1003 -> No Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} -  No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-09] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Edge Profile: C:\Users\Richard\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-14]
Edge StartupUrls: Default -> "hxxps://digitalstorm.com/"
Edge HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [elhpdacimkjpccooodognopfhbdgnpbk]
FF DefaultProfile: zpjl7h9l.default
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\zpjl7h9l.default [2020-06-14]
FF user.js: detected! => C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\zpjl7h9l.default\user.js [2020-06-14]
FF Extension: (LastPass: Free Password Manager) - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\zpjl7h9l.default\Extensions\support@lastpass.com.xpi [2020-05-08]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> D:\Programs\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> D:\Programs\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> D:\Programs\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> D:\Programs\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> D:\Programs\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> D:\Programs\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> D:\Programs\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Programs\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-1884588917-2122681954-3986232087-1003: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2020-05-01] (TD Ameritrade -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-1884588917-2122681954-3986232087-1003: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2020-05-01] (TD Ameritrade -> TD Ameritrade)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-02-15] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-02-15] <==== ATTENTION
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2020-06-14]
CHR DownloadDir: D:\Rich\Downloads
CHR StartupUrls: Default -> "hxxp://foxnews.com/"
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-08]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-08]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-08]
CHR Extension: (uBlock Origin) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-05-31]
CHR Extension: (Disable HTML5 Autoplay) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\efdhoaajjjgckpbkoglidkeendpkolai [2018-05-23]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-08]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-18]
CHR Extension: (Youtube Playback Speed Control) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdannnflhlmdablckfkjpleikpphncik [2020-01-31]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-06-04]
CHR Extension: (Pocket) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2018-02-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-22]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10637168 2020-05-29] (Microsoft Corporation -> Microsoft Corporation)
R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [448432 2019-09-04] (VMware, Inc. -> VMware, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\Corsair Utility Engine\CueLLAccessService.exe [403496 2020-04-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\Corsair Utility Engine\Corsair.Service.exe [55848 2020-04-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2020-03-15] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2020-03-15] (Microsoft Corporation -> Microsoft Corporation)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [299632 2019-07-09] (FabulaTech, LLP -> )
R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [4359280 2019-08-19] (FabulaTech, LLP -> )
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\elevation_service.exe [1507208 2020-06-04] (Microsoft Corporation -> Microsoft Corporation)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [222240 2020-02-11] (TEFINCOM S.A. -> )
R2 PlantronicsUpdateService; C:\Program Files (x86)\Plantronics\Spokes3G\SpokesUpdateService.exe [1949800 2020-05-21] (Plantronics Inc -> Plantronics, Inc.)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2139120 2019-11-11] (Plex, Inc. -> Plex, Inc.)
S3 Rockstar Service; D:\Programs\Launcher\RockstarService.exe [474256 2019-12-05] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [450672 2019-07-26] (FabulaTech, LLP -> VMware)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
S2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_2eaf9d620160f138\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_2eaf9d620160f138\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [File not signed]
S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-24] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R2 CorsairLLAccessF9B33FDECAB91BCD0D885157CAB8BFCEB9928A58; C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairLLAccess64.sys [21752 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45968 2019-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21904 2019-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2020-06-14] (CPUID S.A.R.L.U. -> CPUID)
S3 CSRBC; C:\WINDOWS\System32\Drivers\csrbcx64.sys [38400 2020-03-06] (Microsoft Windows Hardware Compatibility Publisher -> CSR plc.)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [79768 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [145504 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [93312 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [251800 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [633600 2020-04-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1217792 2020-04-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys [215104 2020-05-26] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [998296 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [79760 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [256752 2020-04-07] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-04-04] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [309968 2020-04-06] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [117496 2020-04-06] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [206880 2020-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [211048 2019-12-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [232344 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_2eaf9d620160f138\nvlddmkm.sys [23454440 2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-14 01:54 - 2020-06-14 01:55 - 000000000 ____D C:\FRST
2020-06-14 01:51 - 2020-06-14 01:55 - 000000000 ____D C:\Users\Richard\Desktop\malware
2020-06-14 01:38 - 2020-06-14 01:38 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-14 01:38 - 2020-06-14 01:38 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-14 01:38 - 2020-06-14 01:38 - 000002336 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-13 17:18 - 2020-06-13 17:18 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-06-12 23:35 - 2020-06-12 23:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-06-11 03:54 - 2020-06-11 03:54 - 000009714 _____ C:\Users\Richard\Desktop\banking current.xlsx
2020-06-11 00:13 - 2020-06-11 00:13 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-11 00:13 - 2020-06-11 00:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-11 00:13 - 2020-06-11 00:13 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 002190648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 001497400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-11 00:13 - 2020-06-11 00:13 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-11 00:13 - 2020-06-11 00:13 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-11 00:13 - 2020-06-11 00:13 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-11 00:13 - 2020-06-11 00:13 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-11 00:13 - 2020-06-11 00:13 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-11 00:13 - 2020-06-11 00:13 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-11 00:13 - 2020-06-11 00:13 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-11 00:13 - 2020-06-11 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-11 00:13 - 2020-06-11 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-11 00:13 - 2020-06-11 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-11 00:13 - 2020-06-11 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-11 00:13 - 2020-06-11 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-11 00:13 - 2020-06-11 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-11 00:13 - 2020-06-11 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-11 00:13 - 2020-06-11 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-11 00:13 - 2020-06-11 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-11 00:13 - 2020-06-11 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-11 00:13 - 2020-06-11 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-11 00:13 - 2020-06-11 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-11 00:12 - 2020-06-11 00:12 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-11 00:12 - 2020-06-11 00:12 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-11 00:12 - 2020-06-11 00:12 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-11 00:12 - 2020-06-11 00:12 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-11 00:12 - 2020-06-11 00:12 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-11 00:12 - 2020-06-11 00:12 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-11 00:12 - 2020-06-11 00:12 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-11 00:12 - 2020-06-11 00:12 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-11 00:12 - 2020-06-11 00:12 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-11 00:12 - 2020-06-11 00:12 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-11 00:12 - 2020-06-11 00:12 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-11 00:12 - 2020-06-11 00:12 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-11 00:12 - 2020-06-11 00:12 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-11 00:12 - 2020-06-11 00:12 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-11 00:12 - 2020-06-11 00:12 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-11 00:08 - 2020-05-14 22:29 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-11 00:08 - 2020-05-14 22:10 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-08 11:38 - 2020-06-14 01:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-06 00:34 - 2020-05-16 01:07 - 000039824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-06-06 00:33 - 2020-05-18 14:44 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-06-06 00:33 - 2020-05-18 14:44 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-06-06 00:33 - 2020-05-18 14:44 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-06-06 00:33 - 2020-05-18 14:44 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-06-06 00:33 - 2020-05-18 14:44 - 001079000 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-06-06 00:33 - 2020-05-18 14:44 - 001079000 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-06-06 00:33 - 2020-05-18 14:44 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-06-06 00:33 - 2020-05-18 14:44 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-06-06 00:33 - 2020-05-18 14:44 - 000451480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-06-06 00:33 - 2020-05-18 14:44 - 000348048 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-06-06 00:33 - 2020-05-18 14:41 - 011944864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-06-06 00:33 - 2020-05-18 14:41 - 010286480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-06-06 00:33 - 2020-05-18 14:40 - 001005968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-06-06 00:33 - 2020-05-18 14:40 - 000816872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-06-06 00:33 - 2020-05-18 14:40 - 000676240 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-06-06 00:33 - 2020-05-18 14:40 - 000543136 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-06-06 00:33 - 2020-05-18 14:39 - 002073008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-06-06 00:33 - 2020-05-18 14:39 - 001566104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-06-06 00:33 - 2020-05-18 14:39 - 001482144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-06-06 00:33 - 2020-05-18 14:39 - 001350576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-06-06 00:33 - 2020-05-18 14:39 - 001142008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-06-06 00:33 - 2020-05-18 14:39 - 001048488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-06-06 00:33 - 2020-05-18 14:39 - 000680864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-06-06 00:33 - 2020-05-18 14:39 - 000561400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-06-06 00:33 - 2020-05-18 14:39 - 000546728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-06-06 00:33 - 2020-05-18 14:38 - 005856664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-06-06 00:33 - 2020-05-18 14:38 - 000811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-06-06 00:33 - 2020-05-18 14:38 - 000655080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-06-06 00:33 - 2020-05-18 14:38 - 000444816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-06-06 00:33 - 2020-05-18 14:37 - 017600240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-06-06 00:33 - 2020-05-18 14:37 - 015157992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-06-06 00:33 - 2020-05-18 14:37 - 005159312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-06-06 00:33 - 2020-05-18 14:37 - 000849824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-06-06 00:33 - 2020-05-18 14:36 - 004195672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-06-06 00:33 - 2020-05-16 01:07 - 000106838 _____ C:\WINDOWS\system32\nvidia-smi.1.pdf
2020-06-06 00:33 - 2020-05-16 01:07 - 000077294 _____ C:\WINDOWS\system32\nvinfo.pb
2020-06-02 00:57 - 2019-05-16 04:26 - 030714007 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-06-02 00:57 - 2019-05-16 04:26 - 006848600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2020-06-02 00:57 - 2019-05-16 04:26 - 005623472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPOU64.dll
2020-06-02 00:57 - 2019-05-16 04:26 - 002856624 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2020-06-02 00:57 - 2019-05-16 04:26 - 001126552 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCOM64.dll
2020-06-02 00:57 - 2019-05-16 04:26 - 000876536 _____ (Realtek Semiconductor) C:\WINDOWS\system32\RtkAudUService64.exe
2020-06-02 00:57 - 2019-05-16 04:26 - 000821544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64U.dll
2020-06-02 00:57 - 2019-05-16 04:26 - 000482104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2020-06-02 00:57 - 2019-05-16 04:26 - 000271168 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2020-06-02 00:57 - 2019-05-16 04:26 - 000227648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2020-06-02 00:57 - 2019-05-16 04:26 - 000215272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2020-06-02 00:55 - 2020-06-02 00:57 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-06-02 00:55 - 2020-06-02 00:55 - 000000000 ____D C:\Program Files (x86)\Realtek
2020-05-30 19:28 - 2020-05-30 19:28 - 000000000 ____D C:\Program Files\Plantronics
2020-05-29 20:02 - 2020-05-29 20:02 - 000001892 _____ C:\Users\Richard\Desktop\Game Center.lnk
2020-05-29 20:02 - 2020-05-29 20:02 - 000000816 _____ C:\Users\Richard\Desktop\World_of_Warships_NA.lnk
2020-05-29 20:02 - 2020-05-29 20:02 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Wargaming.net
2020-05-29 20:02 - 2020-05-29 20:02 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2020-05-29 20:02 - 2020-05-29 20:02 - 000000000 ____D C:\ProgramData\Wargaming.net
2020-05-20 12:02 - 2020-05-20 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-05-20 12:01 - 2020-05-20 12:01 - 000000000 ____D C:\Program Files\Logitech
2020-05-20 01:47 - 2020-05-20 01:47 - 000000218 _____ C:\Users\Richard\AppData\Local\recently-used.xbel
2020-05-15 23:51 - 2020-06-04 03:12 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-05-15 23:51 - 2020-05-18 11:34 - 000000000 ____D C:\Users\Richard\AppData\Roaming\TeamViewer
2020-05-15 23:51 - 2020-05-15 23:51 - 000000000 ____D C:\Users\Richard\AppData\Local\TeamViewer
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-14 01:55 - 2020-04-27 23:34 - 000000000 ___HD C:\Users\Richard\Desktop\.tmp.drivedownload
2020-06-14 01:55 - 2018-02-08 23:15 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-06-14 01:50 - 2019-10-01 12:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-14 01:50 - 2019-10-01 12:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-14 01:50 - 2018-03-15 17:53 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Mozilla
2020-06-14 01:43 - 2019-07-31 20:11 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-14 01:43 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-14 01:38 - 2020-01-26 20:56 - 000000000 ___RD C:\Users\Richard\Google Drive
2020-06-14 01:38 - 2018-02-08 23:22 - 000000000 ____D C:\Program Files (x86)\Google
2020-06-14 01:37 - 2020-02-01 01:33 - 000018840 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-06-14 01:37 - 2020-02-01 01:33 - 000017429 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-06-14 01:37 - 2020-02-01 01:33 - 000011743 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-06-14 01:37 - 2019-07-31 20:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-14 01:37 - 2019-07-31 20:01 - 000472112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-14 01:37 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-14 01:37 - 2019-03-18 22:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-06-14 01:37 - 2018-03-15 17:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-14 01:35 - 2020-03-18 22:57 - 000000000 ____D C:\Cakewalk Content
2020-06-14 01:34 - 2020-03-18 22:58 - 000000000 ____D C:\Program Files\Common Files\VST3
2020-06-14 01:34 - 2020-03-18 22:58 - 000000000 ____D C:\Cakewalk Projects
2020-06-14 01:34 - 2020-03-18 22:57 - 000000000 ____D C:\ProgramData\Cakewalk
2020-06-14 01:34 - 2020-03-18 22:57 - 000000000 ____D C:\Program Files\Cakewalk
2020-06-14 01:34 - 2020-03-18 18:40 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2020-06-14 00:31 - 2019-07-31 20:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-14 00:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-13 23:19 - 2019-02-12 22:39 - 001212973 _____ C:\Users\Richard\Desktop\work.xlsx
2020-06-13 23:18 - 2019-07-31 20:08 - 000004172 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0A49BB9E-CA53-4DC3-A304-C6E2AAAD5F96}
2020-06-13 22:45 - 2019-07-31 21:39 - 000000000 ____D C:\Users\Richard\AppData\Local\Deployment
2020-06-13 22:43 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-06-13 22:42 - 2018-02-14 21:21 - 000000000 ____D C:\Users\Richard\AppData\Roaming\VMware
2020-06-13 17:20 - 2019-05-28 00:38 - 000000000 ____D C:\Users\Richard\AppData\Local\CrashDumps
2020-06-12 23:35 - 2018-03-15 17:53 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-06-12 22:28 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-12 14:47 - 2018-02-05 14:00 - 000000000 ____D C:\Users\Richard\AppData\Local\Packages
2020-06-12 12:04 - 2020-03-18 18:58 - 000000000 ____D C:\ProgramData\PACE
2020-06-12 12:04 - 2020-02-01 01:33 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-06-12 06:17 - 2019-02-13 03:27 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2020-06-11 01:58 - 2018-02-05 14:00 - 000000000 ___RD C:\Users\Richard\3D Objects
2020-06-11 01:58 - 2017-11-27 18:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-11 01:53 - 2019-03-19 00:23 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-11 01:53 - 2019-03-19 00:23 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-11 01:53 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-11 01:11 - 2020-04-16 17:12 - 000004552 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-06-11 01:11 - 2020-04-16 17:12 - 000004370 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-06-11 01:11 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-06-11 01:11 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-06-11 00:14 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-11 00:12 - 2019-07-31 20:02 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-10 01:02 - 2020-02-20 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2020-06-09 04:09 - 2018-04-05 01:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-06-09 04:05 - 2019-10-01 12:55 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-06-08 05:02 - 2019-03-18 22:37 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2020-06-07 18:55 - 2018-05-12 23:28 - 000000000 ____D C:\Users\Richard\AppData\Local\D3DSCache
2020-06-06 03:30 - 2020-03-15 03:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-06 03:30 - 2020-03-15 03:53 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-06 03:30 - 2020-03-15 03:53 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-06-06 00:35 - 2018-02-11 17:54 - 000000000 ____D C:\Users\Richard\AppData\Local\NVIDIA
2020-06-06 00:34 - 2018-02-05 13:22 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-06-06 00:34 - 2017-11-28 16:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-06-05 15:03 - 2019-03-18 22:56 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 15:03 - 2019-03-18 22:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-04 03:05 - 2019-07-31 20:08 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1884588917-2122681954-3986232087-1003
2020-06-04 03:05 - 2019-07-31 20:04 - 000002418 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-04 03:05 - 2018-02-05 14:02 - 000000000 ___RD C:\Users\Richard\OneDrive
2020-06-03 19:29 - 2020-04-05 22:17 - 000000000 ____D C:\Users\Richard\AppData\Local\Plantronics
2020-06-02 23:43 - 2020-02-01 17:30 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\WebEx
2020-06-02 23:35 - 2018-02-11 17:44 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-06-02 11:36 - 2020-02-01 17:30 - 000000000 ____D C:\Users\Richard\AppData\Roaming\webex
2020-06-02 00:57 - 2020-03-18 18:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-06-02 00:55 - 2018-02-05 13:21 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-06-02 00:55 - 2018-02-05 13:21 - 000000000 ____D C:\WINDOWS\system32\DAX2
2020-05-30 19:29 - 2017-11-28 16:18 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-30 19:28 - 2020-04-05 22:16 - 000001200 _____ C:\Users\Public\Desktop\Plantronics Hub.lnk
2020-05-30 19:28 - 2020-04-05 22:16 - 000001200 _____ C:\ProgramData\Desktop\Plantronics Hub.lnk
2020-05-30 19:28 - 2020-04-05 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plantronics
2020-05-30 19:28 - 2020-04-05 22:16 - 000000000 ____D C:\Program Files (x86)\Plantronics
2020-05-30 19:28 - 2020-04-05 22:16 - 000000000 ____D C:\Program Files (x86)\BroadSoft
2020-05-30 19:28 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\Registration
2020-05-30 03:17 - 2019-06-18 11:09 - 000000000 ____D C:\Program Files\UNP
2020-05-29 16:11 - 2020-02-01 17:30 - 000000000 ____D C:\Users\Richard\AppData\Local\WebEx
2020-05-26 03:24 - 2020-03-15 03:53 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-05-26 03:24 - 2020-03-15 03:53 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-05-24 05:39 - 2018-02-15 21:40 - 000000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2020-05-18 14:36 - 2017-11-09 06:25 - 004928256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-05-16 01:07 - 2017-11-09 06:38 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
==================== Files in the root of some directories ========
2018-09-27 20:29 - 2018-09-27 20:29 - 000000000 _____ () C:\Users\Richard\AppData\Local\oobelibMkey.log
2020-05-20 01:47 - 2020-05-20 01:47 - 000000218 _____ () C:\Users\Richard\AppData\Local\recently-used.xbel
2018-11-27 23:44 - 2018-11-27 23:44 - 000000056 _____ () C:\Users\Richard\AppData\Local\X-Plane 11 Preferences.prf
2018-11-27 23:45 - 2018-11-27 23:45 - 000000015 _____ () C:\Users\Richard\AppData\Local\X-Plane_drm_11.prf
2018-11-27 23:44 - 2018-11-27 23:44 - 000000042 _____ () C:\Users\Richard\AppData\Local\x-plane_install_11.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Richard (14-06-2020 01:56:27)
Running from C:\Users\Richard\Desktop\malware
Windows 10 Pro Version 1903 18362.900 (X64) (2019-08-01 02:08:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1884588917-2122681954-3986232087-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1884588917-2122681954-3986232087-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1884588917-2122681954-3986232087-1002 - Limited - Disabled)
Guest (S-1-5-21-1884588917-2122681954-3986232087-501 - Limited - Disabled)
rbi (S-1-5-21-1884588917-2122681954-3986232087-1004 - Limited - Disabled)
rbrbi (S-1-5-21-1884588917-2122681954-3986232087-1005 - Limited - Enabled) => C:\Users\rbrbi
Richard (S-1-5-21-1884588917-2122681954-3986232087-1003 - Administrator - Enabled) => C:\Users\Richard
WDAGUtilityAccount (S-1-5-21-1884588917-2122681954-3986232087-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Audition 2019 (HKLM-x32\...\AUDT_12_1_3) (Version: 12.1.3 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Illustrator 2019 (HKLM-x32\...\ILST_23_0_6) (Version: 23.0.6 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\LRCC_2_4) (Version: 2.4 - Adobe Systems Incorporated)
Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1_3) (Version: 13.1.3 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_9) (Version: 19.1.9 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_6) (Version: 20.0.6 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_4) (Version: 13.1.4 - Adobe Systems Incorporated)
Akai Elements of Dystopia (HKLM-x32\...\Akai Dystopia_is1) (Version:  - )
Akai Elements of House (HKLM-x32\...\Akai House_is1) (Version:  - )
Akai Elements of UK Dance (HKLM-x32\...\Akai UK Dance_is1) (Version:  - )
Akai Professional MPK Mini MkII Editor (HKLM-x32\...\MPKminiMkIIEditor) (Version:  - )
Amazon Kindle (HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Amazon Kindle) (Version: 1.27.0.56109 - Amazon)
AmericasCardroom version 1.17.45 (HKLM-x32\...\{1B17EB4E-3E9C-4611-B8B5-31C0A00A1F68}_is1) (Version: 1.17.45 - Winning Poker Network, Inc.)
Anki (HKLM-x32\...\Anki) (Version: 2.1.15 - )
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Backup and Sync from Google (HKLM\...\{FE296942-D2D3-4149-8895-60655FE4CFDE}) (Version: 3.49.9800.0000 - Google, Inc.)
BandLab Assistant 5.1.2 (HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\{9b08bea4-021c-5f9d-a74e-ac0ceb51fb28}) (Version: 5.1.2 - BandLab)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco Webex Meetings (HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\ActiveTouchMeetingClient) (Version: 40.4.7 - Cisco Webex LLC)
Citrix Receiver 4.6 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.6.0.12010 - Citrix Systems, Inc.)
CORSAIR iCUE Software (HKLM-x32\...\{24A86878-1C2B-462D-81A3-C7AFA66F0254}) (Version: 3.28.70 - Corsair)
Dashlane (HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Dashlane) (Version: 6.2007.0.32704 - Dashlane, Inc.)
Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version:  - )
Fidelity Active Trader Pro® (HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\a36ba76f6187edff) (Version: 10.7.123.0 - Fidelity Investments)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
HP Dropbox Plugin (HKLM-x32\...\{EF65265C-816D-4992-A8CC-C91CDEC9ED33}) (Version: 36.0.102.68541 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{858E7C53-B406-4798-B4CA-761420FF2B5F}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{07DA4F28-63FA-43F7-A554-B159E9A7E649}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{CF634681-E024-430C-AFF2-B9EE43A7E452}) (Version: 36.0.102.68541 - HP)
HP LaserJet MFP M227-M231 Basic Device Software (HKLM\...\{498AE737-B0BB-4BEB-ACBB-1791667AACCA}) (Version: 44.3.2667.18234 - HP Inc.)
HP OneDrive Plugin (HKLM-x32\...\{1E191DFB-7B91-4B11-AB95-884D59ECE599}) (Version: 36.0.0.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{1ED7BE66-39E7-4A65-8EEF-68CE80F3416C}) (Version: 43.0.0.0 - HP)
Hybrid (HKLM-x32\...\{a131ab43-5f9e-4241-87bf-e705d4045ac7}) (Version: 3.0.7.19000 - AIR Music Tech GmbH)
Hybrid AAX32 (HKLM-x32\...\{63FA7BA2-C720-4506-9379-43BFA5BC3A98}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Hybrid AAX64 (HKLM\...\{C2CB3E60-B541-418D-A535-D3D73A644EC5}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Hybrid Content (HKLM-x32\...\{77129154-5C4A-45D0-AFEF-5D9C2D307246}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Hybrid VST32 (HKLM-x32\...\{592BA348-DA75-42DE-91C1-54FD5D62ABE8}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Hybrid VST64 (HKLM\...\{EB4543A3-A9D8-4354-94BE-22400A619F7A}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Kaspersky Total Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
LM227 (HKLM-x32\...\{BF1B4A36-C6B2-4C62-9CF3-9A1DCC158DA7}) (Version: 0.00.0005 - HP)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.20.329 - Logitech)
Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.01.0111 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12827.20268 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1031 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
MPC Essentials 1.8.2 (HKLM\...\com.akaipro.mpc.essentials_is1) (Version: 1.8.2 - Akai Professional)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NordVPN (HKLM-x32\...\{63044774-A4AC-4419-AFD7-54C1802B5ACF}) (Version: 6.26.17 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.26.17) (Version: 6.26.17 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NVIDIA Graphics Driver 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 446.14 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20268 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
OldMHUUninstaller (HKLM-x32\...\{42604342-6c74-41a0-8317-86f37df00c15}) (Version: 3.2.0.0 - Plantronics, Inc.) Hidden
OldMHUUninstaller (HKLM-x32\...\{b9cd90fb-ada6-4812-ae4f-84e5625c316c}) (Version: 3.2.0.0 - Plantronics, Inc.) Hidden
OldMHUUninstallerMSI (HKLM-x32\...\{48740949-195F-4644-A13D-6E6EA06C05B2}) (Version: 3.2.0.0 - Plantronics, Inc.) Hidden
OldMHUUninstallerMSI (HKLM-x32\...\{6E5FCA91-1D89-4366-9D63-73F3DC50758A}) (Version: 3.2.0.0 - Plantronics, Inc.) Hidden
Online Plug-in (HKLM-x32\...\{9E362141-4BE9-47C3-BD36-638B77AC87AA}) (Version: 14.6.0.12010 - Citrix Systems, Inc.) Hidden
OSCAR (HKLM\...\{FC6F08E6-69BF-4469-ADE3-78199288D305}_is1) (Version: 1.0.1-r1-Win64-a102a85d - The OSCAR Team)
PACE License Support Win64 (HKLM\...\{034EBDB8-02DA-4ce3-A4BF-3833BD932C7C}) (Version: 5.2.0.3015 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{034EBDB8-02DA-4ce3-A4BF-3833BD932C7C}) (Version: 5.2.0.3015 - PACE Anti-Piracy, Inc.)
PDF Annotator 7.1.0.719 (HKLM-x32\...\PDFAnnotator_is1) (Version: 7.1.0.719 - GRAHL software design)
Plantronics Hub Software (HKLM\...\{549568AD-756E-46E5-AC6F-90781599A520}) (Version: 3.17.52869.13817 - Plantronics, Inc.) Hidden
Plantronics Hub Software (HKLM-x32\...\{87f9516d-2067-4adf-8ecd-ef13a6e23b64}) (Version: 3.17.52869.13817 - Plantronics, Inc.)
Plex Media Server (HKLM-x32\...\{a11bb550-f79f-4579-8fb3-7f75ac1cab91}) (Version: 1.18.1.2019 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{D9B7A651-7BF3-4611-863E-A0FD33F7A32E}) (Version: 1.18.2019 - Plex, Inc.) Hidden
Print to PDF Annotator (novaPDF OEM 7.7 printer) (HKLM\...\Print to PDF Annotator_is1) (Version: 7.7.400 - Softland)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8702.1 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.17.199 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.3 - Rockstar Games)
Self-service Plug-in (HKLM-x32\...\{27B93352-3746-4329-9D16-CE20A1E400C5}) (Version: 4.6.0.14932 - Citrix Systems, Inc.) Hidden
SONiVOX Wobble 2 (HKLM-x32\...\SONiVOX Wobble 2_is1) (Version:  - )
SpiderOakONE x64 (HKLM\...\{587C2C80-B3DE-477C-B214-3D7E6BC6E1B1}) (Version: 7.0.1.10195 - SpiderOak)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{526CB9FE-3192-446F-A403-7B1ED6BBF602}) (Version: 1.18.2019 - Plex, Inc.) Hidden
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Telegram Desktop version 2.1.10 (HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.1.10 - Telegram FZ-LLC)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Trader Workstation (HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\5889-6375-8446-2021) (Version: latest (976.2f) 20190515 12:12:14 - Interactive Brokers LLC)
TurboTax 2018 (HKLM-x32\...\TurboTax 2018) (Version: 2018.0 - Intuit, Inc)
TurboTax 2019 (HKLM-x32\...\TurboTax 2019) (Version: 2019.0 - Intuit, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
VMware Horizon Client (HKLM\...\{E6D407E4-66C9-4D6A-89DD-9A53FCF57BC7}) (Version: 5.2.0.7817 - VMware, Inc.) Hidden
VMware Horizon Client (HKLM-x32\...\{1f396f63-5049-48d6-804f-85d733a67875}) (Version: 5.2.0.7817 - VMware, Inc.)
VMware Horizon HTML5 Multimedia Redirection Client (HKLM\...\{8F183FEA-082F-4718-A196-301359752CAD}) (Version: 7.10.0 - VMware, Inc.) Hidden
VMware Horizon Media Engine 10.0.0.599 (64-bit) (HKLM\...\{A68CBEF3-FADD-425C-8901-A26CFB4938AD}) (Version: 10.0.0.599 - VMware, Inc.) Hidden
VPNetwork LLC - TorGuard - Online Privacy Protection Services (HKLM-x32\...\VPNetwork LLC TorGuard) (Version: "3.84.1" - "VPNetwork LLC")
Wargaming.net Game Center (HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\Wargaming.net Game Center) (Version: 20.2.1.112 - Wargaming.net)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9980 - Broadcom Corporation)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
Windows Driver Package - Cambridge Silicon Radio (CSRBC) USB  (10/26/2012 2.4.0.0) (HKLM\...\20C7EDA3129B3FF8F72F9BF59252B718B554FBDC) (Version: 10/26/2012 2.4.0.0 - Cambridge Silicon Radio)
Windows Driver Package - Plantronics, Inc. (usbser.ntamd64) Ports  (04/21/2009 5.1) (HKLM\...\07AFE62D73C8799E9E5689F86FB9F48389717BA3) (Version: 04/21/2009 5.1 - Plantronics, Inc.)
World_of_Warships_NA (HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\WOWS.NA.PRODUCTION) (Version:  - Wargaming.net)
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-15] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-30] (Adobe Systems Incorporated)
Beauty of Britain 2 by Sean Byrne -> C:\Program Files\WindowsApps\Microsoft.BeautyofBritain2bySeanByrne_1.0.0.0_neutral__8wekyb3d8bbwe [2019-04-26] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-17] (Dolby Laboratories)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2020-02-01] (NVIDIA Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1884588917-2122681954-3986232087-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A548EF5CC59A} -> [Creative Cloud Files] => C:\Users\Richard\Creative Cloud Files [2018-02-11 17:55]
CustomCLSID: HKU\S-1-5-21-1884588917-2122681954-3986232087-1003_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Richard\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-1884588917-2122681954-3986232087-1003_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {A6381AA9-C661-4D16-B0A0-3F6A1E967021} => C:\Program Files (x86)\Egnyte Connect\CBFS7\WOW64\cbfsconnectMntNtf2017.dll
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [SpiderOakONEOverlay] -> {6E1010DC-3571-45DE-9CA2-C5890119BBBE} => C:\Program Files\SpiderOakONE\shell_extension.dll [2018-01-31] (SpiderOakONE) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2020-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [SpiderOakONE] -> {6E1010DC-3571-45DE-9CA2-C5890119BBBF} => C:\Program Files\SpiderOakONE\shell_extension.dll [2018-01-31] (SpiderOakONE) [File not signed]
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2020-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2020-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [SpiderOakONE] -> {6E1010DC-3571-45DE-9CA2-C5890119BBBF} => C:\Program Files\SpiderOakONE\shell_extension.dll [2018-01-31] (SpiderOakONE) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_2eaf9d620160f138\nvshext.dll [2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SpiderOakONE] -> {6E1010DC-3571-45DE-9CA2-C5890119BBBF} => C:\Program Files\SpiderOakONE\shell_extension.dll [2018-01-31] (SpiderOakONE) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2020-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [SpiderOakONE] -> {6E1010DC-3571-45DE-9CA2-C5890119BBBF} => C:\Program Files\SpiderOakONE\shell_extension.dll [2018-01-31] (SpiderOakONE) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Richard\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2020-04-17 17:50 - 2020-04-17 17:50 - 000209408 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2020-04-17 17:50 - 2020-04-17 17:50 - 000101376 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
2019-10-15 22:32 - 2019-10-15 22:32 - 000262656 _____ () [File not signed] C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll
2015-12-05 20:41 - 2015-12-05 20:41 - 000121856 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\_ctypes.pyd
2015-12-05 20:43 - 2015-12-05 20:43 - 001436672 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\_hashlib.pyd
2015-12-05 20:42 - 2015-12-05 20:42 - 000051712 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\_socket.pyd
2015-12-05 20:42 - 2015-12-05 20:42 - 000065024 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\_sqlite3.pyd
2016-06-15 07:50 - 2016-06-15 07:50 - 000024064 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\bcrypt._bcrypt.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000072704 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\BTrees._fsBTree.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000075264 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\BTrees._IFBTree.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000074752 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\BTrees._IIBTree.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000072192 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\BTrees._IOBTree.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000075776 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\BTrees._LFBTree.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000075776 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\BTrees._LLBTree.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000073216 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\BTrees._LOBTree.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000071680 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\BTrees._OIBTree.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000073216 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\BTrees._OLBTree.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000067072 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\BTrees._OOBTree.pyd
2016-06-15 06:59 - 2016-06-15 06:59 - 000033280 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\Crypto.Cipher.AES.pyd
2016-06-15 06:59 - 2016-06-15 06:59 - 000059392 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\Crypto.Cipher.DES3.pyd
2016-06-15 06:59 - 2016-06-15 06:59 - 000009728 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\Crypto.Cipher.XOR.pyd
2016-06-15 06:59 - 2016-06-15 06:59 - 000011264 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\Crypto.Hash.SHA256.pyd
2016-06-15 06:59 - 2016-06-15 06:59 - 000010752 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\Crypto.Random.OSRNG.winrandom.pyd
2016-06-15 06:59 - 2016-06-15 06:59 - 000010752 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\Crypto.Util._counter.pyd
2016-06-15 06:59 - 2016-06-15 06:59 - 000008192 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\Crypto.Util.strxor.pyd
2016-06-10 12:17 - 2016-06-10 12:17 - 000073216 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\OpenSSL.crypto.pyd
2016-06-10 12:17 - 2016-06-10 12:17 - 000010752 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\OpenSSL.rand.pyd
2016-06-10 12:17 - 2016-06-10 12:17 - 000056320 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\OpenSSL.SSL.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000022016 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\persistent.cPersistence.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000018432 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\persistent.cPickleCache.pyd
2016-06-15 07:18 - 2016-06-15 07:18 - 000012288 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\persistent.TimeStamp.pyd
2016-06-15 06:49 - 2016-06-15 06:49 - 000551424 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\pycurl.pyd
2014-11-09 13:20 - 2014-11-09 13:20 - 002184704 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\PyQt4.QtCore.pyd
2014-11-09 13:26 - 2014-11-09 13:26 - 000262656 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\PyQt4.QtDeclarative.pyd
2014-11-09 13:25 - 2014-11-09 13:25 - 007851008 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\PyQt4.QtGui.pyd
2014-11-09 13:26 - 2014-11-09 13:26 - 000653824 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\PyQt4.QtNetwork.pyd
2014-03-11 07:55 - 2014-03-11 07:55 - 000548864 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\pythoncom27.dll
2014-03-11 07:48 - 2014-03-11 07:48 - 000138240 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\pywintypes27.dll
2015-12-05 20:41 - 2015-12-05 20:41 - 000012800 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\select.pyd
2016-06-15 06:59 - 2016-06-15 06:59 - 000040960 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\simplejson._speedups.pyd
2014-11-09 13:13 - 2014-11-09 13:13 - 000100352 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\sip.pyd
2015-12-05 20:42 - 2015-12-05 20:42 - 000612864 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\sqlite3.dll
2016-06-15 07:00 - 2016-06-15 07:00 - 000007680 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\twisted.protocols._c_urlarg.pyd
2016-06-15 07:00 - 2016-06-15 07:00 - 000006656 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\twisted.python._initgroups.pyd
2015-12-05 20:42 - 2015-12-05 20:42 - 000693248 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\unicodedata.pyd
2014-03-11 07:51 - 2014-03-11 07:51 - 000130048 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\win32api.pyd
2014-03-11 08:01 - 2014-03-11 08:01 - 000522752 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\win32com.shell.shell.pyd
2014-03-11 07:50 - 2014-03-11 07:50 - 000055296 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\win32console.pyd
2014-03-11 07:49 - 2014-03-11 07:49 - 000023040 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\win32event.pyd
2014-03-11 07:51 - 2014-03-11 07:51 - 000064000 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\win32evtlog.pyd
2014-03-11 07:49 - 2014-03-11 07:49 - 000149504 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\win32file.pyd
2014-03-11 07:51 - 2014-03-11 07:51 - 000223744 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\win32gui.pyd
2014-03-11 07:50 - 2014-03-11 07:50 - 000048128 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\win32inet.pyd
2014-03-11 07:50 - 2014-03-11 07:50 - 000027648 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\win32pipe.pyd
2014-03-11 07:50 - 2014-03-11 07:50 - 000045056 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\win32process.pyd
2014-03-11 07:50 - 2014-03-11 07:50 - 000136192 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\win32security.pyd
2016-06-15 07:00 - 2016-06-15 07:00 - 000024576 _____ () [File not signed] C:\Program Files\SpiderOakONE\lib\zope.interface._zope_interface_coptimizations.pyd
2014-03-11 07:55 - 2014-03-11 07:55 - 000548864 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\pythoncom27.dll
2014-03-11 07:48 - 2014-03-11 07:48 - 000138240 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\pywintypes27.dll
2014-03-11 07:51 - 2014-03-11 07:51 - 000130048 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\win32api.pyd
2014-03-11 08:02 - 2014-03-11 08:02 - 000125952 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\win32com.propsys.propsys.pyd
2014-03-11 08:01 - 2014-03-11 08:01 - 000522752 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\win32com.shell.shell.pyd
2014-03-11 07:49 - 2014-03-11 07:49 - 000023040 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\win32event.pyd
2014-03-11 07:51 - 2014-03-11 07:51 - 000064000 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\win32evtlog.pyd
2014-03-11 07:49 - 2014-03-11 07:49 - 000149504 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\win32file.pyd
2014-03-11 07:51 - 2014-03-11 07:51 - 000223744 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\win32gui.pyd
2014-03-11 07:50 - 2014-03-11 07:50 - 000027648 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\win32pipe.pyd
2014-03-11 07:50 - 2014-03-11 07:50 - 000045056 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\win32process.pyd
2014-03-11 07:50 - 2014-03-11 07:50 - 000136192 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\win32security.pyd
2014-03-11 07:50 - 2014-03-11 07:50 - 000017920 _____ () [File not signed] C:\Program Files\SpiderOakONE\shell_extension_lib\win32trace.pyd
2016-06-09 18:33 - 2016-06-09 18:33 - 000174080 _____ () [File not signed] C:\Program Files\SpiderOakONE\styles\fusion.dll
2020-06-14 01:38 - 2020-06-14 01:38 - 000114176 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\_ctypes.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000173056 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\_elementtree.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 002133504 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\_hashlib.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000032256 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\_multiprocessing.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000046080 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\_psutil_windows.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000047616 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\_socket.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 002701824 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\_ssl.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000026112 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\_yappi.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000080896 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\bz2.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000016384 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\common.time34.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000007680 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\hashobjs_ext.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000301568 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\PIL._imaging.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000169472 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\pyexpat.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 001084416 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\pysqlite2._sqlite.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000548864 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\pythoncom27.dll
2020-06-14 01:38 - 2020-06-14 01:38 - 000137728 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\pywintypes27.dll
2020-06-14 01:38 - 2020-06-14 01:38 - 000010752 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\select.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000020992 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\thumbnails_ext.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000689664 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\unicodedata.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000119808 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\usb_ext.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000128512 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32api.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000438784 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32com.shell.shell.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000011776 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32crypt.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000023040 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32event.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000149504 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32file.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000223232 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32gui.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000048128 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32inet.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000029696 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32pdh.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000027648 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32pipe.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000044032 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32process.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000020480 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32profile.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000136192 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32security.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000026624 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\win32ts.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000034816 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\windows.conditional.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000038400 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\windows.connectivity.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000071680 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\windows.device_monitor.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000109056 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\windows.volumes.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000020480 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\windows.winwrap.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 001325056 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\wx._controls_.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 001489408 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\wx._core_.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 001007104 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\wx._gdi_.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000103424 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\wx._html2.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 000916992 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\wx._misc_.pyd
2020-06-14 01:38 - 2020-06-14 01:38 - 001039872 _____ () [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\wx._windows_.pyd
2014-06-27 08:09 - 2014-06-27 08:09 - 000032768 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\imageformats\qgif4.dll
2014-06-27 08:10 - 2014-06-27 08:10 - 000034304 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\imageformats\qico4.dll
2014-06-27 08:09 - 2014-06-27 08:09 - 000239104 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\imageformats\qjpeg4.dll
2014-06-27 08:09 - 2014-06-27 08:09 - 000278528 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\imageformats\qmng4.dll
2014-06-27 08:09 - 2014-06-27 08:09 - 000025600 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\imageformats\qsvg4.dll
2014-06-27 08:10 - 2014-06-27 08:10 - 000024576 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\imageformats\qtga4.dll
2014-06-27 08:09 - 2014-06-27 08:09 - 000314368 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\imageformats\qtiff4.dll
2014-06-27 04:40 - 2014-06-27 04:40 - 003194880 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\lib\QtCore4.dll
2014-06-27 05:28 - 2014-06-27 05:28 - 003321856 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\lib\QtDeclarative4.dll
2014-06-27 04:56 - 2014-06-27 04:56 - 010674688 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\lib\QtGui4.dll
2014-06-27 04:42 - 2014-06-27 04:42 - 001334784 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\lib\QtNetwork4.dll
2014-06-27 05:18 - 2014-06-27 05:18 - 001528832 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\lib\QtScript4.dll
2014-06-27 04:42 - 2014-06-27 04:42 - 000250368 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\lib\QtSql4.dll
2014-06-27 05:03 - 2014-06-27 05:03 - 003722752 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\lib\QtXmlPatterns4.dll
2014-06-27 05:06 - 2014-06-27 05:06 - 000352768 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\QtSvg4.dll
2014-06-27 04:40 - 2014-06-27 04:40 - 000468480 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files\SpiderOakONE\QtXml4.dll
2016-06-15 08:07 - 2016-06-15 08:07 - 000475136 _____ (libsodium contributors) [File not signed] C:\Program Files\SpiderOakONE\libsodium.DLL
2018-01-31 10:41 - 2018-01-31 10:41 - 003392512 _____ (Python Software Foundation) [File not signed] C:\Program Files\SpiderOakONE\PYTHON27.DLL
2020-06-14 01:38 - 2020-06-14 01:38 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\python27.dll
2020-03-06 12:49 - 2020-03-06 12:49 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\SiUSBXp.dll
2018-01-31 10:41 - 2018-01-31 10:41 - 000030720 _____ (SpiderOakONE) [File not signed] C:\Program Files\SpiderOakONE\shell_extension.dll
2016-06-20 09:22 - 2016-06-20 09:22 - 001660928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\SpiderOakONE\lib\LIBEAY32.dll
2016-06-20 09:23 - 2016-06-20 09:23 - 000332288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\SpiderOakONE\lib\SSLEAY32.dll
2020-04-06 15:43 - 2020-04-06 15:43 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\libcrypto-1_1.dll
2020-04-06 15:43 - 2020-04-06 15:43 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\libssl-1_1.dll
2020-04-17 18:36 - 2020-04-17 18:36 - 005139576 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Core.dll
2020-06-14 01:38 - 2020-06-14 01:38 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\wxbase30u_net_vc90_x64.dll
2020-06-14 01:38 - 2020-06-14 01:38 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\wxbase30u_vc90_x64.dll
2020-06-14 01:38 - 2020-06-14 01:38 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\wxmsw30u_adv_vc90_x64.dll
2020-06-14 01:38 - 2020-06-14 01:38 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\wxmsw30u_core_vc90_x64.dll
2020-06-14 01:38 - 2020-06-14 01:38 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\wxmsw30u_html_vc90_x64.dll
2020-06-14 01:38 - 2020-06-14 01:38 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Richard\AppData\Local\Temp\_MEI48122\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:9A3E20C5E0F6A723 [217]
AlternateDataStreams: C:\Users\All Users:9A3E20C5E0F6A723 [217]
AlternateDataStreams: C:\ProgramData\Application Data:9A3E20C5E0F6A723 [217]
AlternateDataStreams: C:\ProgramData\PACE:8B981C1BB708777B [217]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 07:46 - 2018-02-14 21:21 - 000000876 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 view-localhost # view localhost server
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Plantronics\Spokes3G\
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: WSearch => 2
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Amazon Print Connect"
HKLM\...\StartupApproved\Run: => "LogiOptions"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "DLSWebSvc"
HKLM\...\StartupApproved\Run32: => "PLTHub.exe"
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\StartupApproved\Run: => "PTOneClick"
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\StartupApproved\Run: => "DashlanePlugin"
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-1884588917-2122681954-3986232087-1003\...\StartupApproved\Run: => "Wargaming.net Game Center"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{E8D75020-5FAD-4971-825E-CDDDB55E4087}C:\program files\spideroakone\spideroakone.exe] => (Block) C:\program files\spideroakone\spideroakone.exe (SpiderOak) [File not signed]
FirewallRules: [TCP Query User{5457CEA8-6558-418A-8145-6BA210D5FC5C}C:\program files\spideroakone\spideroakone.exe] => (Block) C:\program files\spideroakone\spideroakone.exe (SpiderOak) [File not signed]
FirewallRules: [UDP Query User{0847831D-FAB1-4A06-9617-CC5C32FA3524}C:\program files (x86)\egnyte connect\egnytedrive.exe] => (Block) C:\program files (x86)\egnyte connect\egnytedrive.exe => No File
FirewallRules: [TCP Query User{AE49132C-9FE2-4FBC-870B-A7098A4213AE}C:\program files (x86)\egnyte connect\egnytedrive.exe] => (Block) C:\program files (x86)\egnyte connect\egnytedrive.exe => No File
FirewallRules: [{97941255-AFA0-4E4D-86A9-18E1F195EDE3}] => (Allow) D:\Programs\steamapps\common\X-Plane 11\Airfoil Maker.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [{8CE0D4A2-6958-45B9-89BA-C910DAA7DBEB}] => (Allow) D:\Programs\steamapps\common\X-Plane 11\Airfoil Maker.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [{9CAE28AB-3280-4F32-BE8E-907CE6029B71}] => (Allow) D:\Programs\steamapps\common\X-Plane 11\Plane Maker.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [{6610B705-929D-4960-952D-615DF4E5E330}] => (Allow) D:\Programs\steamapps\common\X-Plane 11\Plane Maker.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [{80F28BB3-2460-45B8-B930-316F7B941879}] => (Allow) D:\Programs\steamapps\common\X-Plane 11\X-Plane.exe (Laminar Research) [File not signed]
FirewallRules: [{2B3B5B09-F86D-49F3-9AFD-70E7FBF34945}] => (Allow) D:\Programs\steamapps\common\X-Plane 11\X-Plane.exe (Laminar Research) [File not signed]
FirewallRules: [{4DBDF96D-5649-4B42-97FA-3D4899426594}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M227-M231\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{8AE1AF7F-C356-44AF-98D7-A5D9472CD6A6}] => (Allow) LPort=5357
FirewallRules: [{FD9064DD-5483-4524-AF78-D50B266E1280}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M227-M231\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{70B867F6-A3F5-48A3-8D32-4DFA1D8B5D02}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M227-M231\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{C0AD38DF-C77C-4D12-8BD0-0DECE9DC4FDF}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M227-M231\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{38D749F9-1051-431D-8775-D40F25BC647B}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M227-M231\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{109A5AC0-1014-434E-9158-68A9F6FBF8E0}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M227-M231\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{A650B896-7367-4FDB-957D-D2EB6A90BED1}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M227-M231\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{BAA066A2-A085-48A7-97E4-3E3EC6DC8417}] => (Allow) D:\Programs\steamapps\common\RailWorks\RailWorks64.exe () [File not signed]
FirewallRules: [{3DB388AF-F679-4ADF-9322-E55D64563185}] => (Allow) D:\Programs\steamapps\common\RailWorks\RailWorks64.exe () [File not signed]
FirewallRules: [{0D19AF19-9F28-4869-9617-E145934B3A8E}] => (Allow) D:\Programs\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F41EA1C2-D1CF-4ED3-AE85-613B83EA5BED}] => (Allow) D:\Programs\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5E82E8CD-A1DB-4134-B4E6-7DF879F4F940}] => (Allow) D:\Programs\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{B15F2157-1FE7-4E5A-90D7-5525DD1D2D0E}] => (Allow) D:\Programs\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{AA292258-BBE0-4565-B932-0AF2BE3531BF}] => (Allow) D:\Programs\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F8251B5A-A997-407A-872D-44F87FF796EE}] => (Allow) D:\Programs\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{84C9C662-B212-4EEC-BA14-B6E4EDFE9DE8}] => (Allow) D:\Programs\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{4A7B7701-3AF0-4C3E-AC17-4421D152B57F}] => (Allow) D:\Programs\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{265AA769-3B0E-459C-A048-B4365F2185F1}] => (Allow) D:\Programs\steamapps\common\RailWorks\RailWorks.exe () [File not signed]
FirewallRules: [{98EE7F21-C80B-4BB6-9D39-60A321F29083}] => (Allow) D:\Programs\steamapps\common\RailWorks\RailWorks.exe () [File not signed]
FirewallRules: [{0CFC228A-02D3-498D-AD0C-6B2B17D7D34E}] => (Allow) D:\Programs\steamapps\common\FSX\fsx.exe (RailSimulator T/A Dovetail -> Microsoft Corp.)
FirewallRules: [{32A64A03-07FC-4FFE-AC4A-519279FA4BB2}] => (Allow) D:\Programs\steamapps\common\FSX\fsx.exe (RailSimulator T/A Dovetail -> Microsoft Corp.)
FirewallRules: [{59F084B4-7C53-44CA-BBA5-FD47C3EE8907}] => (Allow) D:\Programs\steamapps\common\Football Manager 2014\fm.exe (Valve Corp. -> Sports Interactive) [File not signed]
FirewallRules: [{7652C051-C626-42A2-B0E5-12D05C4A8C8A}] => (Allow) D:\Programs\steamapps\common\Football Manager 2014\fm.exe (Valve Corp. -> Sports Interactive) [File not signed]
FirewallRules: [{8215C85E-46ED-49BA-AAE9-856A0D3B821F}] => (Allow) D:\Programs\steamapps\common\Train Sim World\WindowsNoEditor\TS2Prototype.exe () [File not signed]
FirewallRules: [{DE79B029-15E7-4A83-8DDC-F537F90ADCB8}] => (Allow) D:\Programs\steamapps\common\Train Sim World\WindowsNoEditor\TS2Prototype.exe () [File not signed]
FirewallRules: [{EF850103-18FF-42B3-AF1C-B1B050B5FBF8}] => (Allow) D:\Programs\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{22A51FC5-2B59-4969-877F-CB69B5C3DA51}] => (Allow) D:\Programs\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{F863F5B6-939C-40EF-9025-F91F4C17A775}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{73892B79-5181-4E97-B361-70A3AFDEAE8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{46777F3F-473A-4BAD-BC4B-8DB7FB642685}] => (Allow) D:\Programs\steamapps\common\DCSWorld\Run.exe (Eagle Dynamics) [File not signed]
FirewallRules: [{352EF808-A487-4D4E-82BB-A185A1620165}] => (Allow) D:\Programs\steamapps\common\DCSWorld\Run.exe (Eagle Dynamics) [File not signed]
FirewallRules: [{0ECC7A1D-5368-41C6-983C-2AF92B3A0C6A}] => (Allow) D:\Programs\steamapps\common\DCSWorld\bin\DCS.exe (The Fighter Collection -> Eagle Dynamics)
FirewallRules: [{72BADABF-E5DB-485F-8CAB-27FE0E090470}] => (Allow) D:\Programs\steamapps\common\DCSWorld\bin\DCS.exe (The Fighter Collection -> Eagle Dynamics)
FirewallRules: [{99F4BB0C-663C-4CED-9865-1B7EB0FBC9F5}] => (Allow) D:\Programs\World_of_Warships\WoWSLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{DE3D16C1-A683-42B4-A566-F2BAFDB729CF}] => (Allow) D:\Programs\World_of_Warships\WoWSLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{B8DE48D0-834F-42BF-AD00-9EDD6306B6CF}] => (Allow) D:\Programs\World_of_Warships\worldofwarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{6EAF097E-5ECC-4565-B747-EE18A41F9FEF}] => (Allow) D:\Programs\World_of_Warships\worldofwarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{C0659F8D-EC4A-4432-B678-8E1365FEFCA2}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{711C5A1B-5450-473B-B312-E1B76AB48A41}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{1CD22A09-384F-4545-9675-90A71E5C50C2}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{889EB723-0D27-4CF0-BC23-652C76DC7FA5}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{1B6649D3-2C76-4474-BB9A-DD08286D7082}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{84E5AA70-8464-4368-A108-D4053811BFC7}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{82F029CA-DD7E-4EB7-B825-931BD8CA2AFE}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{FB0FB66A-6016-4387-A48B-F14B923D5901}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{F986207E-FE00-4910-96F0-E89BF93C3839}] => (Allow) D:\Programs\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{309251CF-E76E-474B-86F8-2A209473F9B3}] => (Allow) D:\Programs\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{FAF17474-45D2-4E0C-907A-B1C463A13BC8}] => (Allow) D:\Programs\steamapps\common\Tower 3D Pro\tower3d.exe () [File not signed]
FirewallRules: [{6D2EBBA7-A169-4F6A-8283-A7F6C622EB05}] => (Allow) D:\Programs\steamapps\common\Tower 3D Pro\tower3d.exe () [File not signed]
FirewallRules: [{A697541D-EE08-4E3B-BAB1-BC6E6D396D38}] => (Allow) D:\Programs\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{2DB083D2-D1AB-40F3-B520-854012B1149F}] => (Allow) D:\Programs\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{613CE2D2-42FE-42EA-B88B-44DDC4DC401A}] => (Allow) D:\Programs\steamapps\common\ACE COMBAT 7\Ace7Game.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{5747EC1D-2AA7-4606-A03D-D6DFDFC88CE8}] => (Allow) D:\Programs\steamapps\common\ACE COMBAT 7\Ace7Game.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{FC0AB2B6-E8A8-4DBF-A59C-0A28CD69D6D2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{06973FEF-B7BE-4EBB-8187-3A65D5BA186F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E4A79BF-740D-4063-AA2B-0EAE81B6EDCF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0F1D08E1-45A2-4584-9D89-59444EABF84D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0880304F-B144-46BC-A33C-EFCE9C8D6EA2}] => (Allow) C:\Program Files\Cakewalk\Shared Utilities\StartPage\CakewalkStartScreen.exe => No File
FirewallRules: [{DAEAC0FF-A16D-4A83-B93D-1FE31E8BA761}] => (Allow) C:\Program Files\Cakewalk\Shared Utilities\StartPage\CakewalkStartScreen.exe => No File
FirewallRules: [{1B9AA942-0354-4AE3-BA30-7DC1D6ED065D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C5A2994-9397-413F-86CE-D48C0B9F1FFB}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{40B4D21B-8E53-429E-B35B-3BD7929E817B}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{5F8BBDE8-D89B-4B63-84D3-C23697A6C89F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{0A3BEBDA-D81B-425C-A137-24633FD11C06}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{0E426B37-A21D-4A09-81DE-0A0D9156D126}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{9839032A-0456-48AF-8A29-17BD2789504B}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{58E1798D-1C49-4D82-BAC4-C603B2669692}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{E17C8FDF-5294-4885-B7B5-0AAF7B483F77}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3D5C30B8-E57F-4724-949D-3BA9B59CD630}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
07-06-2020 06:27:03 Scheduled Checkpoint
11-06-2020 00:08:47 Windows Update
14-06-2020 01:33:04 Removed 4K Video Downloader 4.4
==================== Faulty Device Manager Devices ============
Name: Kaspersky Security Data Escort Adapter #2
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/14/2020 01:55:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17796,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (06/14/2020 01:45:54 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3508,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (06/14/2020 01:07:40 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12880,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (06/14/2020 12:47:21 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12620,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (06/14/2020 12:06:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3780,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (06/13/2020 11:56:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16484,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (06/13/2020 11:49:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4176,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (06/13/2020 11:39:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5288,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (06/14/2020 01:37:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CorsairGamingAudioConfig service failed to start due to the following error: 
The system cannot find the file specified.
Error: (06/12/2020 12:04:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CorsairGamingAudioConfig service failed to start due to the following error: 
The system cannot find the file specified.
Error: (06/12/2020 06:18:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CorsairGamingAudioConfig service failed to start due to the following error: 
The system cannot find the file specified.
Error: (06/12/2020 06:12:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CorsairGamingAudioConfig service failed to start due to the following error: 
The system cannot find the file specified.
Error: (06/12/2020 06:09:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CorsairGamingAudioConfig service failed to start due to the following error: 
The system cannot find the file specified.
Error: (06/12/2020 05:37:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CorsairGamingAudioConfig service failed to start due to the following error: 
The system cannot find the file specified.
Error: (06/11/2020 02:00:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CorsairGamingAudioConfig service failed to start due to the following error: 
The system cannot find the file specified.
Error: (06/11/2020 01:54:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CorsairGamingAudioConfig service failed to start due to the following error: 
The system cannot find the file specified.
CodeIntegrity:
===================================
Date: 2020-06-14 01:52:57.508
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-06-14 01:52:57.507
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-06-14 01:52:54.877
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-14 01:52:54.876
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-14 01:50:08.111
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-06-14 01:50:08.110
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-06-14 01:49:53.047
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-06-14 01:49:53.046
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info =========================== 
BIOS: American Megatrends Inc. 0610 01/11/2018
Motherboard: ASUSTeK COMPUTER INC. PRIME Z370-P
Processor: Intel® Core™ i7-8700 CPU @ 3.20GHz
Percentage of memory in use: 36%
Total physical RAM: 16325.04 MB
Available physical RAM: 10340.29 MB
Total Virtual: 21445.04 MB
Available Virtual: 13385.48 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.83 GB) (Free:102.55 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:1863.02 GB) (Free:1244.82 GB) NTFS
\\?\Volume{058f918c-580c-4367-831d-0725e2e2204a}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{6b3c424b-8c02-41a3-9ea5-80edabb2b35b}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{4f8ba890-21c5-4390-a4a4-76d37a0924b6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================



https://ift.tt/2ACjqHs

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US