سلام به همه. من چند هفته عقب با PUP قراردادم. برای مشاهده اینکه چه کارهایی انجام دادم و اقداماتی که برای پاک کردن رایانه خود انجام دادم به پست reddit زیر (عفو زبان من) مراجعه کنید:
https://www.reddit.com/r/techsupport/comments/fva1gh/ look_for_information_on_aftereffects_of /
مدت کوتاهی پس از آن ، من رایانه شخصی خود را با "اسکنر آنلاین ESET" اسکن کردم (گوگل نتیجه نهایی آن را دارد ، در صورتی که با این کار خنک نباشید) به این لینک پیوستم ، و یک مورد دیگر پیدا کرد ، که آن را حذف کرد. اسکن های بعدی با هر دو Malwarebytes و اسکنر ESET چیز دیگری پیدا نکردند.
اما ، من کاملاً پارانوئید هستم. از آن زمان تا به حال برخی از رویدادها (احتمالاً) نامربوط را تجربه کرده ام که باعث می شود کاملاً 100٪ مطمئن باشم که کامپیوتر من پاک است. یکی از این رویدادها ورود به سیستم ناشناخته از جایی بود که 20 دقیقه از جایی که در آن زندگی می کنم. رمز عبور خود را تغییر دادم اما مربوط به آن است زیرا من از یک مدیر رمزعبور با 16 کلمه عبور تصادفی کاراکتر با کلمات عبور بالا ، پایین ، شماره و نماد استفاده می کنم. بنابراین نگران امنیت مدیر رمز عبور خودم یا شاید یک keylogger یا چیزی در حال خواندن کلیپ بورد خود هستم. بنابراین من به اینجا رسیدم به متخصصان.
ابزار FRST64 را اجرا کردم ، اما هنگام "اسکن چیزهای دیگر" یخ زد ، بنابراین گزارش های ارسال شده به همین شکل است. Dunno چرا یخ می زند ، من قطعاً یک دستگاه 64 بیتی دارم. شاید به این دلیل باشد که من هنگام اجرای برنامه WoW بازی می کردم؟ Idk.
نتیجه اسکن ابزار اسکن بازیابی Farbar (FRST) (x64) نسخه: 22-04-2020
Ran by Static Shock (مدیر) روی DESKTOP-5KVLA0L (شرکت بین المللی EVGA ، LTD پیش فرض رشته) (22- 04-2020 20:23:16)
در حال اجرا از C: کاربران شوک استاتیک دسکتاپ
پروفایل های بارگذاری شده: شوک استاتیک (پروفایل های موجود: استاتیک شوک و OVRLibraryService)
بستر های نرم افزاری: نسخه 1080 خانگی ویندوز 10 17763.1158 (X64) زبان: انگلیسی (ایالات متحده)
مرورگر پیش فرض: Chrome
حالت راه انداز: عادی
==================== = پردازش ها (لیست سفید) =================
(اگر یک ورودی در لیست فهرست گنجانده شده باشد ، روند بسته می شود. پرونده منتقل نمی شود. .)
() [File not signed] C: Files Program (x86) RocketDock RocketDock.exe
(Adobe Inc. -> Adobe Systems) C: Files Program (x86) Common Files Adobe ARM 1.0 armsvc.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C: Files Program (x86) Com mon Files Adobe OOBE PDApp UWA AAM به روزرسانی های Notifier.exe
(Apple Inc. -> Apple Inc.) C: File Files Bonjour mDNSResponder.exe
(Apple Inc. -> Apple شرکت) C: فایلهای برنامه فایلهای معمول اپل پشتیبانی دستگاه تلفن همراه AppleMobileDeviceService.exe
(Beepa Pty Ltd -> Beepa P / L) [File not signed] C: Fraps fraps.exe
( Beepa Pty Ltd -> Beepa P / L) [File not signed] C: Fraps fraps64.dat
(Blizzard Entertainment، Inc. -> Blizzard Entertainment) C: Files Program (x86) Blizzard App Battle.net .exe <4>
(Blizzard Entertainment، Inc. -> Blizzard Entertainment) C: Files Program (x86) World of Warcraft _retail_ Utils WowVoiceProxy.exe
(Blizzard Entertainment، Inc. -> Blizzard Entertainment) C: File Files (x86) World of Warcraft _retail_ Wow.exe
(Blizzard Entertainment، Inc. -> Blizzard Entertainment) C: ProgramData Battle.net Agent Agent.7022 Agent.exe
(Corsair Component، Inc. -> Corsair Component، Inc.) F: Corsair iCue Corsair CORSA IR iCUE Software Corsair.Service.DisplayAdapter.exe
(Corsair Component، Inc. -> Corsair Component، Inc.) F: Corsair iCue Corsair CORSAIR iCUE Software Corsair.Service.exe
(Corsair.Service.exe
) کامپوننت ها ، شرکت -> Corsair کامپوننت ها ، شرکت) F: CorsairLink4 CorsairLink4.exe
(Corsair Component، Inc. -> Corsair Component، Inc.) F: CorsairLink4 CorsairLink4.Service.exe
(Corsair Memory، Inc. -> Corsair Memory، Inc) C: File Files Elgato StreamDeck StreamDeck.exe
(Discord Inc. -> Discord Inc.) C: کاربران شوک استاتیک AppData محلی Discord app-0.0.306 Discord.exe <10>
(Dropbox، Inc -> Dropbox، Inc.) C: Files Programs (x86) Dropbox Update DropboxUpdate.exe
(Dropbox ، Inc -> Dropbox، Inc.) C: Windows System32 DbxSvc.exe
(F.lux Software LLC -> f.lux Software LLC) C: کاربران شوک استاتیک AppData محلی FluxSoftware Flux flux.exe
(GlassWire -> SecureMix LLC) C: File برنامه (x86) GlassWire GlassWire.exe
(GlassWire -> SecureMix LLC) C: File Files (x86) GlassWire GWCtlSrv.exe
(Google LLC -> Google LLC) C: Files Programs (x86) Google Chrome Application chrome.exe <23> [19659002] (گروه بستر های نرم افزاری شبکه Intel® -> شرکت Intel) C: Windows System32 IPROSetMonitor.exe
(فناوری ذخیره سازی سریع Intel -> شرکت Intel) F: Intel Rapid Storage IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) F: Intel Rapid Storage IAStorIcon.exe
(LastPass) C: File Files WindowsApps LastPass.LastPass_4.3.0.0_x64__qq0fmhteeht3j lpwinmetro.exe [19659LastPass)C:FileFilesWindowsAppsLastPassLastPass_4300_x64__qq0fmhteeht3jwin32BackgroundProcessexe
(Logitech Inc -> Logitech Inc.) C: File Files Software Logitech Gaming Applets LCDClock.exe
(Logitech Inc -> Logitech Inc.) C: File Files Software Logitech Gaming Applets LCDCountdown.exe
(Logitech Inc -> Logitech Inc.) C: File Files S oftware Applets LCDMedia.exe
(Logitech Inc -> Logitech Inc.) C: File Files Logitech Gaming Software Applets LCDPOP3.exe
(Logitech Inc -> Logitech Inc.) C: Program پرونده ها نرم افزار بازی Logitech اپلت ها LCDRSS.exe
(Logitech Inc -> Logitech Inc.) C: برنامه های فایلها نرم افزار بازی سازی Logitech درایورها APOService LogiRegistryService.exe
(Logitech Inc -> Logitech Inc .) C: برنامه های فایلها نرم افزار بازی سازی Logitech LCore.exe
(Malwarebytes Inc -> Malwarebytes) C: Files Programs Malwarebytes Anti-Malware MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C: Files Programs Malwarebytes Anti-Malware mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C: Files Programs (x86) Files مشترک microsoft shared ابزارهای تلفن CoreCon 11.0 bin IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C: Files Programs Files های مشترک microsoft shared ClickToun OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corpo جیره) C: File Files Microsoft SQL Server 90 Shared sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C: Windows SystemApps Microsoft.MicrosoftEdge_8wekyb3d8bbwe MicrosoftEdge.exe
(Microsoft Corporation) ) C: File Files WindowsApps Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe Calculator.exe
(Microsoft Corporation) C: Files Programs WindowsApps Microsoft.WindowsStore_12004.1001.1.0_x64__8xb2we ] (Microsoft Windows -> Microsoft Corporation) C: Windows System32 browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe <3>
(Microsoft Windows – > Microsoft Corporation) C: Windows System32 GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Cor زراعت) C: Windows System32 rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 wlanext.exe
(انتشار دهنده Microsoft Windows -> Microsoft Corporation) C: ProgramData Microsoft Windows Defender Platform 4.18.2003.8-0 MsMpEng.exe
(انتشار دهنده Microsoft Windows -> Microsoft Corporation) C : ProgramData Microsoft Windows Defender Platform 4.18.2003.8-0 NisSrv.exe
(NVIDIA Corporation -> Node.js) C: Files Program (x86) NVIDIA Corporation NvNode NVIDIA Web Helper. exe
(NVIDIA Corporation -> NVIDIA Corporation) C: Files Programs NVIDIA Corporation Display.NvContainer NVDisplay.Container.exe <2>
(شرکت انویدیا -> شرکت انویدیا) C: فایلهای برنامه NVIDIA Corporation NvContainer nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C: Files Programs NVIDIA Corporation NvTelemetry NvTelemetryContain er.exe
(Oculus VR، LLC -> Facebook Technologies، LLC) C: File Files Oculus پشتیبانی oculus-runtime OVRRedir.exe
(Oculus VR، LLC -> Facebook Technologies، LLC) C: File Files Oculus پشتیبانی oculus-runtime OVRServer_x64.exe
(Oculus VR، LLC -> Facebook Technologies، LLC) C: Files Programs Oculus پشتیبانی oculus-runtime OVRServiceLauncher.exe [19659002] (توسعه دهنده متن باز ، Birunthan Mohanathas -> Rainmeter) C: File Files Rainmeter Rainmeter.exe
(OpenVPN Technologies، Inc. -> پروژه OpenVPN) C: File Files OpenVPN bin openvpnserv .exe
(Realtek نیمه هادی Corp. -> Realtek نیمه هادی) C: برنامه های فایلها Realtek صوتی HDA RAVCpl64.exe
(Rivet Networks) [File not signed] C: File Files Networking Killer Network مدیر KillerService.exe
(شرکت الکترونیک سامسونگ ، LTD). -> DEVGURU Co.، LTD.) C: File Files Samsung Driving USB 27_ssconn conn ss_conn_service.exe
(Samsung Electronics Co. Ltd.، Ltd. -> DEVGURU Co.، LTD.) c: فایلهای برنامه درایورهای سامسونگ USB 28_ssconn2 conn ss_conn_service2.exe
(The Qt Company Oy -> The Qt Company Ltd.) C: Program Files Elgato StreamDeck QtWebEngineProcess.exe
(The Qt شرکت Oy -> The Qt Company Ltd.) C: File Files Elgato StreamDeck QtWebEngineProcess.exe
(Voicemod Sociedad Limitada ->) C: Users Shock Static AppData Roaming Elgato StreamDeck Plugins net.voicemod.windowsdesktop.sdPlugin voicemodplugin.exe
(شركت فناوری Wondershare ، با مسئولیت محدود -> Wondershare) C: Files Program (x86) Wondershare WAF 2.4.3.236 WsAppService.exe [19650019659002] ===================== رجیستری (لیست سفید) =====================
[19659002] (اگر یک ورودی در لیست ثابت موجود باشد ، آیتم رجیستری به طور پیش فرض بازیابی می شود یا حذف می شود. پرونده منتقل نمی شود.)
HKLM … R un: [AdobeAAMUpdater-1.0] => C: Files Programs (x86) Files مشترک Adobe OOBE PDApp UWA UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM .. . Run: [Launch LCore] => C: File Files Software Logitech Gaming LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM … Run: [Elgato Sound Capture] => C: File Files Elgato SoundCapture SoundCapture.exe [1234944 2018-01-18] () [File not signed]
HKLM … Run: [IAStorIcon] => F: Intel Rapid Storage IAStorIcon.exe [321096 2017-06-09] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM … Run: [RTHDVCPL] => C: Files Programs Realtek Audio HDA RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor Corp. -> نیمه هادی Realtek)
HKLM … Run: [LastApp] => F: LastPass lastapp_x64.exe [20295760 2016-06-23] (LastPass (Marvasol Inc) -> LastPass)
HKLM … Run: [Stream Deck] => C: File Files Elgato StreamDeck StreamDeck.exe [9754472 2019-11-18] (Corsair Memory، Inc. -> Corsair Memory، Inc)
HKLM … Run: [iTunesHelper] => F: iTunes iTunesHelper.exe [302904 2020-01-16] (Apple Inc. -> Apple Inc.)
HKLM-x32 … Run: [Dropbox] => C: Files Programs (x86 ) Dropbox Client Dropbox.exe [6287872 2020-04-14] (Dropbox، Inc -> Dropbox، Inc)
HKLM-x32 … Run: [SwitchBoard] => C: Files Program (x86) پرونده های رایج Adobe SwitchBoard SwitchBoard.exe [517096 2010-02-19] (گواهی امضای آزمون -> Adobe Systems Incorporated) [File not signed]
HKLM-x32 … Run: [AdobeCS5.5ServiceManager] => C: File پرونده ها ( x86) Common Files Adobe CS5.5ServiceManager CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32 … Run: [Adobe Acrobat Speed Launcher] => F: Adobe CS 5.5 Suite Design Acrobat 10.0 Acrobat Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems، Incorporated -> Adobe Systems Incorporated)
HKLM-x32 … Run: [Acrobat Assistant 8.0] => F: Adobe CS 5.5 Suite Design Acrobat 10.0 Acrobat Acrotray.exe [840592 2015-09-24] (Adobe Systems، Incorporated -> Adobe Systems Inc.)
HKLM-x32 … Run: [CORSAIR iCUE Software] => F: Corsair iCue Corsai r CORSAIR iCUE Software iCUE.exe [36289584 2018-10-04] (Corsair Component، Inc. -> Corsair Memory، Inc)
HKU S-1-5-21-2878526742-3543137075-4239602185-1001 … Run: [Steam] => C: File Files (x86) Steam steam.exe [3371296 2020-04-03] (Valve -> Valve Corporation)
HKU S-1-5-21-2878526742-3543137075-4239602185 -1001 … اجرای: [f.lux] => C: کاربران شوک استاتیک AppData محلی FluxSoftware Flux flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC)
HKU S-1-5-21-2878526742-3543137075-4239602185-1001 … Run: [GoogleDriveSync] => C: Files Programs (x86) Google Drive googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU S-1-5-21-2878526742-3543137075-4239602185-1001 … Run: [HP ENVY 4510 series (NET)] => C: Files Programs HP HP ENVY سری 4510 Bin ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett Packard -> شرکت توسعه Hewlett-Packard، LP)
HKU S-1-5-21-2878526742-3543137075-4239602185-1001 … Run : [Overwolf] => C: Files Program (x86) Overwolf OverwolfLauncher.exe [1749848 2020-03-14] (Overwolf Ltd -> Overwolf Ltd.)
HKU S-1-5-21-2878526742-3543137075-4239602185-1001 … Run: [Discord] => C: Users Shock Static AppData Local Discord app-0.0.306 Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU S-1-5-21-2878526742-3543137075-4239602185-1001 . .. Run: [RocketDock] => C: File Files (x86) RocketDock RocketDock.exe [495616 2007-09-02] () [File not signed]
HKU S-1-5-21-2878526742-3543137075-4239602185 -1001 … Run: [CCleaner Smart Cleaning] => C: File Files CCleaner CCleaner64.exe [24552064 2019-10-18] (Piriform Software Ltd -> Piriform Ltd)
HKU S-1-5-21- 2878526742-3543137075-4239602185-1001 … Run: [CorsairLink4] => F: CorsairLink4 CorsairLink4.exe [27146448 2018-03-30] (Corsair کامپوننت ها ، شرکت -> لوازم جانبی Corsair ، شرکت.)
HKU S -1-5-21-2878526742-3543137075-4239602185-1001 … Run: [Skype for Desktop] => C: Files Programs (x86) Microsoft Skype for Desktop Skype.exe [53646912 2019-06-20] (نرم افزار اسکایپ Sarl -> Skype Technologies SA)
HKU S-1-5-21-2878526742-3543137075-4239602185- 1001 … Run: [OPENVPN-GUI] => C: File Files OpenVPN bin openvpn-gui.exe [643200 2017-09-26] (OpenVPN Technologies، Inc. ->)
HKU S-1-5 -21-2878526742-3543137075-4239602185-1001 … Run: [GlassWire] => C: Files Program (x86) GlassWire glasswire.exe [7864296 2019-10-02] (GlassWire -> SecureMix LLC)
HKU S-1-5-21-2878526742-3543137075-4239602185-1001 … Run: [AdobeBridge] => [X]
HKU S-1-5-21-2878526742-3543137075-4239602185- 1001 … RunOnce: [Application Restart #0] => C: Files Program (x86) Google Chrome Application chrome.exe – flag-swets-start – flag-swets-end –enable-audio -service-sandbox –restore – آخرین جلسه – flag-swets-start – flag-swets-end – (ورودی داده دارای 102 کاراکتر دیگر است).
HKLM نرم افزار مایکروسافت راه اندازی فعال مؤلفه های نصب شده : [OpenVPN_UserSetup] -> reg اضافه کردن HKCU نرم افزار مایکروسافت Windows CurrentVersion Run / v OPENVPN-GUI / t REG_SZ / d "C: File Files OpenVPN bin openvpn-gui.exe" / f [19659002] HKLM نرم افزار مایکروسافت راه اندازی فعال اجزای نصب شده: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C: File Files (x86) Google Chrome Application 81.0.4044.113 Installer chrmstp.exe [2020-04-16] (Google LLC -> Google LLC)
راه اندازی: C: ProgramData Microsoft Windows منو Start Programs Startup Killer Network Manager.lnk [2017-07-01]
ShortcutTarget: Killer Network Manager.lnk -> C: Files Programs Killer Networking Manager Network NetworkManager.exe (Rivet Networks) [File not signed]
راه اندازی: C: کاربران شوک استاتیک AppData رومینگ مایکروسافت ویندوز منوی راه اندازی برنامه ها راه اندازی [email protected] [2020-03-26]
میانبر هدف: [email protected] -> F: Folding at Home FAHClient HideConsole.exe (پرونده وجود ندارد)
راه اندازی: C: کاربران شوک استاتیک AppData رومینگ مایکروسافت ویندوز منوی شروع برنامه ها راه اندازی Rainmeter.lnk [2017-12-05]
ShortcutTarget: Rainmeter.lnk -> C: File Files Rainmeter Rainmeter.exe (توسعه دهنده منبع باز ، Birunthan Mohanathas -> Rainmeter)
============ ========= وظایف برنامه ریزی شده (لیست سفید) =============
(اگر یک ورودی در fixlist گنجانده شده است، از آن خواهد شد از رجیستری حذف می شود. پرونده منتقل نمی شود مگر اینکه به طور جداگانه ذکر شده باشد.)
کار: {057A9DA7-1E91-46E9-B10C-28BDB41E52A9} – System32 Tasks NVIDIA GeForce Experience SelfUpdate_ {B2FE1952-01AAA46 => C: File Files NVIDIA Corporation NVIDIA GeForce Experience NVIDIA GeForce Experience.exe [3728752 2019-04-02] (شركت NVIDIA -> شركت NVIDIA)
وظیفه: {0D5F4AEA-D9F7-4E3E-B4DC-2DB4CC-2D4 وظایف Adobe Flash Player NPAPI Notifier => C: WINDOWS SysWOW64 Macromed Flash FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-31] (Adobe Inc. -> Adobe)
Task: A 15A80B05-9C555A55 – System32 Tasks NvProfileUpdaterD Daily_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C: File Files NVIDIA Corporation به روزرسانی هسته NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA) – [NVIDIA] D 175D08DE-EBEB-45E3-93D3-5673DAC184A1 – System32 Tasks Microsoft Office Maintenance Maintenance Office =>> C: Files Programs Microsoft Office root vfs Pr ogramFilesCommonx64 Microsoft Shared Office16 OLicenseHeartbeat.exe [2045312 2020-04-19] (شرکت مایکروسافت -> شرکت مایکروسافت)
کار: {1DE8E2B4-46A7-41E3-8BAA-23F0C5CABB3A} – System32 Tas Apple Task Apple پرونده های برنامه (x86) بروزرسانی نرم افزار اپل SoftwareUpdate.exe [616832 2019-09-04] (اپل شرکت -> اپل وارز)
کار: {1EDD5B2F-E6EB-4F6B-AF4A-CE21D8948B56} – System32 Tasks NvDriver2d -0186-46C3-BAEC-A80AA35AC5B8} => C: Files Programs NVIDIA Corporation NvContainer nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: F 1F0ECDF9-02-02 37AF29ED1A89} – System32 Tasks GoogleUpdateTaskMachineUA => C: File Files (x86) Google Update GoogleUpdate.exe [153168 2017-07-01] (Google Inc -> Google Inc.)
کار: 11 2411D4C0-4D6F-4F A640-EA6C2AB21AAC} – System32 وظایف Microsoft Office Office ClickToRun Service Monitor => C: برنامه های فایلها فایلهای رایج Microsoft Shared ClickToRun OfficeC2RClient.exe [24702832 2020-04-10] (میکروسافت oft Corporation -> Microsoft Corporation)
Task: {267D9A6A-8912-4E88-89C2-0BA0987E8D86} – System32 Tasks Overwolf Updater Task => C: File Files (x86) Overwolf OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD)
وظیفه: E 2E5492EB-F3C7-411B-ACEF-B60E70A47E89} – System32 Tasks Microsoft Windows Windows Defender Windows Defender Verified => C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun.exe [480272 2020-03-25] (انتشار دهنده مایکروسافت ویندوز -> شرکت مایکروسافت)
وظیفه: {4314BBC0-AC58-42ED-9F15-8FD7445FCFEE – System32 Taskks Microsoft Windows Windows Defender Windows Defender Cache Maintenance => C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun.exe [480272 2020-03-25] (انتشارات Microsoft Windows Publisher -> Microsoft Corporation)
کار: 466E45CB-749B -40BF-B69B-609FD482C5EE – System32 Tasks EGSD => C: File Files Elgato StreamDeck EGSD.bat [60 2020-01-18] () [File not signed] <==== ATTENTION
Task: {5B35F2 95EF-465 8-8E56-CE69ABB98CC4} – System32 Task FRAPS => C: Fraps fraps.exe [2836240 2015-09-05] (Beepa Pty Ltd -> Beepa P / L) [File not signed]
Task: C 5C6A7A81-839F-4491 -BCFD-43CC47CE859C} – System32 وظایف CCleanerUpdateTaskMachineUA => C: فایلهای برنامه (x86) مرورگر مرورگر CCleaner بروزرسانی CCleanerBrowserUpdate.exe
کار: 8 658DFEF2F2F2F2-820 DropboxUpdateTaskMachineUA => C: Files Program (x86) Dropbox بروزرسانی DropboxUpdate.exe [143144 2017-07-01] (Dropbox، Inc -> Dropbox، Inc)
کار: 689B80D2-A512-48CF-A627-1FC-A627-1 – System32 Tasks Microsoft Windows rempl shell => C: File Files rempl sedlauncher.exe
Task: {6C442F53-770A-4BD7-9D24-D065150EC028} – System32 Tasks NvNodeLauncher__1 0186-46C3-BAEC-A80AA35AC5B8} => C: فایلهای برنامه (x86) NVIDIA شرکت NvNode nvnodejslauncher.exe [648048 2019-04-02] (شرکت انویدیا -> شرکت انویدیا)
کار: {78EE5145-B 9AB1-B7FA7C2E6CEC – System32 وظایف Microsoft Office Office به روزرسانی های ویژه Lo gon => C: File Files Microsoft Office root Office16 sdxhelper.exe [158568 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
وظیفه: {821398A3-0127-4E4E-8436-44BFC9D65214 – System32 Tasks NvTmMon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C: پرونده های برنامه (x86) شرکت انویدیا بروزرسانی هسته NvTmMon.exe [590704 2019-04-02] (شرکت انویدیا -> NVIDIA2]] 1965 872750E9-9C92-4241-8F32-68BD31E2B783} – System32 Tasks NvBatteryBoostCheckOnLogon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C: Program NxNXX > NVIDIA Corporation)
وظیفه: {88C44B40-F462-425B-BFFB-7C80278CE833} – System32 Tasks NvTmRepCR2_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 86 برنامه (Corporation) AA = A880 = C8 = CPA = C86 = CPA ID نرم افزار Corporation برنامه های دیگر Update Core NvTmRep.exe [876912 2019-04-02] (شرکت NVIDIA -> شرکت NVIDIA)
کار: {8A5FC50A-AB18-42B7-BE23-FF4C0CD1AD83 – System32 Taskks Microsoft Office Office Updates Feature => Fil برنامه es Microsoft Office root Office16 sdxhelper.exe [158568 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
وظیفه: {8FE89991-1EF9-4286-8012-F269047BE5F5} – System32 Tasks CCleanerSkipUAC => C: پرونده های برنامه CCleaner CCleaner.exe [18458752 2019-10-18] (Piriform Software Ltd -> Piriform Ltd)
کار: {92E7FC93-1AEA-4DFF-8394-189B687E92E9} – System32 Tasks Adobe Acrobat Update Task => C: پرونده های برنامه (x86) فایلهای رایج Adobe ARM 1.0 AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
کار: {972B8E78-F58E-4263-B0B6-AC8B1C2AF7BE} – System32 Task NvTmRep_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C: پرونده های برنامه (x86) شرکت انویدیا به روز رسانی هسته NvTmRep.exe [876912 2019-04-02] (شرکت انویدیا -> NVIDIA2] ask 1965 9ADF0655-47BA-4196-B50D-75EE71741E74} – System32 Tasks CCleanerUpdateTaskMachineCore => C: Files Programs (x86) مرورگر CCleaner بروزرسانی CCleanerBrowserUpdate.exe [19659505AA4AA4504A4504AA4-System32TasksEGSDKill=>C:ProgramFilesElgatoStreamDeckEGSDKillbat[30 2020-01-18] () [File not signed]
Task: {A87D97D2-0BF6-412B-87BC-7B34DB6D261D} – System32 Taskks Microsoft Windows Windows Defender Windows Defender => C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun.exe [480272 2020-03-25] (انتشار دهنده Microsoft Windows -> Microsoft Corporation)
کار: {AB731B46-63A0-4A73-9F19-6E89B8527467 – System32 Tasks DropboxUpdateTaskMachineCore => C: Files Program (x86) Dropbox Update DropboxUpdate.exe [143144 2017-07-01] (Dropbox، Inc -> Dropbox، Inc)
کار: {ABFC7EA5-04 -B762-6A91DEEB731D – System32 وظایف NvTmRepCR1_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C: File Files (X86) NVIDIA Corporation Update Core NvTmR NVIDIA شرکت)
وظیفه: {B197F74F-E259-4365-B43B-BD411ED450FE} – آدرس system32 وظایف NvProfileUpdaterOnLogon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C: برنامه فایلها NVIDIA شرکت به روز رسانی هسته NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
وظیفه: {BBB7CADE-0AC1-499E-A8F8-53696F25E78C – System32 Tasks AdobeAAMUpdater-1.0-DESKTOP-5KVLA0L> Static x86) Common Files Adobe OOBE PDApp UWA UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
کار:) BCF98542-3C01-4FED-BC90-80EABA432215} NvTmRepCR3_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8> => C: File Files (x86) NVIDIA Corporation Update Core NvTmRep.exe [876912 2019-04-02] (NVIDIA {) – [NVID9{] C54741A0-45EC-4557-95D0-C9CFE9879CA7} – آدرس system32 وظایف ادوبی فلش پلیر PPAPI Notifier به => C: WINDOWS SysWOW64 Macromed فلش FlashUtil32_32_0_0_293_pepper.exe
وظیفه: {D2DD6437-597B-4891-9955- 0EEA7180421D – System32 Tasks Microsoft Windows Windows Defender Windows Defender Scheduled Scheduled => C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows ناشر -> Microsoft Corporation)
وظیفه: {D56AE093-3A9A-42A9-B87B-92DEB307A220} – System32 Tasks Microsoft Office Office Office Updates Automatic 2.0 => C: File Files Common Common Microsoft Shared ClickToRun OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
وظیفه: {D7AEA9D1-F759-4103-AB63-5695D4AFF292} – System32 Tasks LGS => C: Files Programs Logitech Gaming Software LGS .bat [73 2017-07-29] () [File not signed] <==== توجه
کار: {DB31E293-353D-431B-8133-CD30E0E1AC11} – System32 Tasks GoogleUpdateTaskMachineCore => C: Programs Google (86) بروزرسانی GoogleUpdate.exe [153168 2017-07-01] (Google Inc -> Google Inc.)
کار: {FE65ACF2-7241-4608-9DEB-4260D5A3C985} – System32 Tasks CCleaner Update => C: File Files CCleer CCUpdate.exe [608384 2019-10-18] (Piriform Software Ltd -> Piriform Software Ltd)
(اگر يك مدخل در فهرست اصلي گنجانده شده باشد ، پرونده تكليف (.job) جابجا مي شود. پرونده ای که توسط کار اجرا می شود منتقل نمی شود.)
کار: C: WINDOWS کارها CreatExplorerShellUnelevatedTask.job => C: WINDOWS explorer.exe
کار: C: WINDOWS Task DropboxUpdateTaskMachineCore.job => C: Files Program (x86) Dropbox بروزرسانی DropboxUpdate.exe
کار: C: WINDOWS Tasks DropboxUpdateTaskMachineUA. program =) Dropbox بروزرسانی DropboxUpdate.exe
===================== اینترنت (لیست سفید) ============ ======== [
(اگر یک مورد در لیست فیکس موجود باشد ، اگر یک مورد از رجیستری باشد ، حذف می شود یا به صورت پیش فرض بازیابی می شود.)
Tcpip Parameters: [DhcpNameServer] 192.168.1.1
Tcpip .. Interfaces {0018c6b7-3fd8-4ac0-ade5-da77bfd83aa3}: [DhcpNameServer] 192.168.1.1
Tcpip ../df55-4 -8673-473ea6df7483}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
===================
HKLM نرم افزار سیاست مایکروسافت اینترنت اکسپلورر er: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope -E1416B8B2E3A} URL =
SearchScopes: HKU S-1-5-21-2878526742-3543137075-4239602185-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-X32: Skype for Helper Browser Business -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C: File Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 OCHelper.dll [2020-01-12] (Microsoft Corporation – > Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Toolbar -> {AE7CD045-E861-484f-8273-0445EE161910} -> C: Files Programs (x86) Files Simple Adobe Acrobat ActiveX AcroIEFavClient .dll [2015-09-24] (Adobe Systems، Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> 49 F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C: Files Program (x86) مشترک پرونده ها Adobe Acrobat ActiveX Acr oIEFavClient.dll [2015-09-24] (Adobe Systems، Incorporated -> Adobe Systems Incorporated)
نوار ابزار: HKLM-x32 – Adobe PDF – 83 47833539-D0C5-4125-9FA8-0819E2EAAC93} – C: File پرونده (X) پرونده های معمول Adobe Acrobat ActiveX AcroIEFavClient.dll [2015-09-24] (Adobe Systems، Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-رومینگ.16 – {83C25742-A9F7-49FB-9138-4342C – C: File Files Microsoft Office root Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB- 9138-434302C88D07} – C: File Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 – 20 42089D2D-912D-4018-9087-2B87803E93FB – C: File Files Microsoft Office root Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Corporation Microsoft)
Handler-x32: mso-minsb. 16 – 42089D2D-9 12D-4018-9087-2B87803E93FB} – C: File Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf- رومینگ.16 – 20 42089D2D-912D-4018-9087-2B87803E93FB} – C: File Files Microsoft Office root Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB} – C: File Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft شرکت)
Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A – C: File Files Microsoft Office root Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A} – C: Program Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 MSOSB.DLL [2020-04-08] ( شرکت مایکروسافت -> شرکت مایکروسافت)
FireFox:
========
FF DefaultProfile: va3e9xb5.default
FF ProfilePath: C: کاربران شوک استاتیک AppData رومینگ موزیلا Firefox پروفایل های va3e9xb5.default [2020-04-18]
صفحه اصلی FF: موزیلا Firefox پروفایل ها va3e9xb5.default -> hxxps: //defaultsearch.co/homepage؟ hp = 1 & pId = BT171003 & iD 31 11: 56: 31 & bName = & bitmask = 0600
FF NewTab: Mozilla Firefox Profiles va3e9xb5.default -> hxxps: //defaultsearch.co/homepage؟ hp = 1 & pId = BT171003 & iDate = 2020-03-31 56: 31 & bName = & bitmask = 0600
FF HKLM-x32 … Firefox پسوندها: [[email protected]] – F: Adobe CS 5.5 Suite Design Acrobat 10.0 Acrobat Browser WCFirefoxExtn
FF Extension: (Adobe Acrobat – ایجاد PDF) – F: Adobe CS 5.5 Design Suite Acrobat 10.0 Acrobat Browser WCFirefoxExtn [2018-04-25] [Legacy] [not signed]
FF Plugin: @ adobe.com / FlashPlayer -> C: WINDOWS system32 Macromed Flash NPSWF64_32_0_0_344.dll [2020-03-31] (Adobe Inc. ->)
FF Plu gin: @ lastpass.com / NPLastPass -> C: Files Program (x86) LastPass nplastpass64.dll [2020-04-13] (LastPass (Marvasol Inc) -> LastPass)
FF Plugin: @ microsoft.com / SharePoint، version = 14.0 -> C: File Files Microsoft Office root Office16 NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ adobe.com / FlashPlayer -> C: WINDOWSSysWOW64MacromedFlashNPSWF32_32_0_0_344.dll [2020-03-31] (Adobe Inc. -> )
FF Plugin-x32: @lastpass.com/NPLastPass -> C:Program Files (x86)LastPassnplastpass64 .dll [2020-04-13] (LastPass (Marvasol Inc) -> LastPass)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86 Microsoft OfficeOffice16NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> F:Adobe CS 5.5 Design SuiteAcrobat 10.0AcrobatAirnppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)[19659002]FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKUS-1-5-21-2878526742-3543137075-4239602185-1001: @zoom.us/ZoomVideoPlugin -> C:UsersStatic ShockAppDataRoamingZoombinnpzoomplugin.dll [2020-03-28] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefault [2020-04-22]
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.google.com/","hxxp://www.thehubbellwire.com","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR Extension: (Slides) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CH R Extension: (Docs) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-01]
CHR Extension: (uBlock Origin) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionscjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-22]
CHR Extension: (Adobe Acrobat) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionsefaidnbmnnnibpcajpcglclefindmkaj [2020-03-08]
CHR Extension: (Sheets) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline ) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-20]
CHR Extension: (LastPass: Free Password Manager) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionshdokiejnpimakedhajhdlcegeplioahd [2020-04-20]
CHR Extension: (League of Legends) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionshkiaacahflelhpocgkiabldjfgpbeddb [2017-07-01]
CHR Extension: (Webcam Toy) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionslfbgimoladefibpklnfmkpknadbklade [2018-06-19]
CHR Extension: (Application Launcher for Drive (by Google)) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2017-06-30]
CHR Extension: (Chrome Web Store Payments) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Gmail) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-20]
CHR Profile: C:UsersStatic ShockAppDataLocalGoogleChromeUser DataProfile 1 [2020-04-13]
CHR Extension: (Slides) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataProfile 1Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2018-11-13]
CHR Extension: (Docs) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataProfile 1Extensionsaohghmighlieiainnegkcijnfilokake [2018-11-13]
CHR Extension: (Google Drive) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataProfile 1Extensionsapdfllckaahabafndbhieahigkjlhalf [2018-11-13]
CHR Extension: (YouTube) – C:UsersStatic ShockAppDataLocalG oogleChromeUser DataProfile 1Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-13]
CHR Extension: (Adobe Acrobat) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataProfile 1Extensionsefaidnbmnnnibpcajpcglclefindmkaj [2020-03-08]
CHR Extension: (Sheets) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataProfile 1Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2018-11-13]
CHR Extension: (Google Docs Offline) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataProfile 1Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-20]
CHR Extension: (Application Launcher for Drive (by Google)) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataProfile 1Extensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2018-11-13]
CHR Extension: (Chrome Web Store Payments) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataProfile 1Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) – C: UsersStatic ShockAppDataLocalGoogleChromeUser DataProfile 1Extensionspjkljhegncpnkpknbcohdijeoejaedia [2019-05-08]
CHR Extension: (Chrome Media Router) – C:UsersStatic ShockAppDataLocalGoogleChromeUser DataProfile 1Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-08]
CHR Profile: C:UsersStatic ShockAppDataLocalGoogleChromeUser DataSystem Profile [2020-04-06]
CHR HKUS-1-5-21-2878526742-3543137075-4239602185-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [96056 2020-01-10] (Apple Inc. -> Apple Inc.)
S3 c2wts; C:Program FilesWindows Identity Foundationv3.5c2wtshost.exe [5632 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [10626648 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
R3 CLink4Service; F:CorsairLink4CorsairLink4.Service.exe [34512 2018-03-30] (Corsair Components, Inc. -> Corsair Components, Inc.)
R2 CorsairService; F:Corsair iCueCorsairCORSAIR iCUE SoftwareCorsair.Service.exe [46640 2018-10-04] (Corsair Components, Inc. -> Corsair Components, Inc.)
S2 dbupdate; C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [143144 2017-07-01] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [143144 2017-07-01] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:WINDOWSsystem32DbxSvc.exe [44552 2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:WINDOWSSysWOW64EasyAntiCheat.exe [382504 2018-05-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 GlassWire; C:Program Files (x86)GlassWireGWCtlSrv.exe [5840360 2019-10-02] (GlassWire -> SecureMix LLC)
R2 IAStorDataMgrSvc; F:Intel Rapid StorageIAStorDataMgrSvc.exe [17992 2017-06-09] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 IpOverUsbSvc; C:Program Files (x86)Common FilesMicrosoft SharedPhone ToolsCoreCon11.0binIpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 Killer Service V2; C:Program FilesKiller NetworkingNetwork ManagerKillerService.exe [413696 2015-07-07] (Rivet Networks) [File not signed]
R2 LogiRegistryService; C:Program FilesLogitech Gaming SoftwareDriversAPOServiceLogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:Program FilesMalwarebytesAnti-Malwarembamservice.exe [6933272 2020-03-22] (Malwarebytes Inc -> Malwarebytes)
S3 MsMpiLaunchSvc; C:Program FilesMicrosoft MPIBinmsmpilaunchsvc.exe [27760 2016-06-13] (AzureEngBuildCodeSign -> ) [File not signed]
S3 npggsvc; C:WindowsSysWOW64GameMon.des [7962384 2017-04-09] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OpenVPNService; C:Program FilesOpenVPNbinopenvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:Program FilesOpenVPNbinopenvpnserv.exe [73856 2017-09-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:Program FilesOpenVPNbinopenvpnserv.exe [73856 2017-09-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OverwolfUpdater; C:Program Files (x86)OverwolfOverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD)
S3 OVRLibraryService; C:Program FilesOculusSupportoculus-librarianOVRLibraryService.exe [145336 2020-04-20] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 OVRService; C:Program FilesOculusSupportoculus-runtimeOVRServiceLauncher.exe [512440 2020-04-20] (Oculus VR, LLC -> Facebook Technologies, LLC)
S3 ss_conn_launcher_service; C:WINDOWSSystem32SamsungEasySetupss_conn_launcher.exe [182120 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:Program FilesSamsungUSB Drivers27_ssconnconnss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:Program FilesSamsungUSB Drivers28_ssconn2connss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:Program Files (x86)Windows Kits10TestingRuntimesTAEFWex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
S3 VSStandardCollectorService150; C:Program Files (x86)Microsoft Visual StudioSharedCommonDiagnosticsHub.Collection.ServiceStandardCollector.Service.exe [142432 2017-11-09] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2003.8-0NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2003.8-0MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:Program Files (x86)WondershareWAF2.4.3.236WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 ccleaner; "C:Program Files (x86)CCleaner BrowserUpdateCCleanerBrowserUpdate.exe" /svc [X]
S3 ccleanerm; "C:Program Files (x86)CCleaner BrowserUpdateCCleanerBrowserUpdate.exe" /medsvc [X]
R2 NVDisplay.ContainerLocalSystem; "C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:ProgramDataNVIDIANVDisplay.ContainerLocalSystem.log" -l 3 -d "C:Program FilesNVIDIA CorporationDisplay.NvContainerpluginsLocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:Program FilesNVIDIA CorporationNvTelemetryNvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:ProgramDataNVIDIANvTelemetryContainer.log" -l 3 -d "C:Program FilesNVIDIA CorporationNvTelemetryplugins" -r
S3 Origin Client Service; "C:Program Files (x86)OriginOriginClientService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BfLwf; C:WINDOWSsystem32DRIVERSbwcW10x64.sys [114736 2015-07-07] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 CorsairVBusDriver; C:WINDOWSSystem32driversCorsairVBusDriver.sys [46944 2018-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:WINDOWSSystem32driversCorsairVHidDriver.sys [23392 2018-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz146; C:WINDOWStempcpuz146cpuz146_x64.sys [52824 2020-04-21] (CPUID -> CPUID)
R3 cpuz147; C:WINDOWStempcpuz147cpuz147_x64.sys [53848 2020-04-20] (CPUID -> CPUID)
S3 dg_ssudbus; C:WINDOWSsystem32DRIVERSssudbus.sys [136040 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 e60MZ0380.X64; C:WINDOWSsystem32DRIVERSe60MZ0380.X64.SYS [3981608 2018-10-17] (Elgato Systems LLC -> )
S3 ElgatoGC658Y; C:WINDOWSSystem32DriversElgatoGC658.sys [52848 2016-08-03] (Elgato Systems LLC -> UB658)
R3 ElgatoVAD; C:WINDOWSsystem32DRIVERSElgatoVAD.sys [39208 2017-07-11] (Elgato Systems LLC -> Elgato Systems GmbH)
R1 gwdrv; C:WINDOWSsystem32DRIVERSgwdrv.sys [33152 2015-05-28] (GlassWire -> SecureMix LLC)
R3 KillerEth; C:WINDOWSSystem32driverse2xw10x64.sys [145920 2018-09-15] (Microsoft Windows -> Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:Program FilesLogitech Gaming SoftwareDriversLgCoreTemplgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:WINDOWSsystem32driversLGJoyXlCore.sys [67736 2017-07-10] (Logitech Inc -> Logitech Inc.)
R3 LGSHidFilt; C:WINDOWSsystem32DRIVERSLGSHidFilt.Sys [64280 2017-07-10] (Logitech -> Logitech Inc.)
R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [214496 2020-04-21] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [20936 2020-03-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248968 2020-04-21] (Malwarebytes Inc -> Malwarebytes)
S3 mt7612US; C:WINDOWSSystem32driversmt7612US.sys [377864 2015-12-09] (Windows Central Build Account – X -> MediaTek Inc.)
S3 MZ0380.X64; C:WINDOWSsystem32DRIVERSeMZ0380.X64.SYS [3834456 2018-01-08] (Elgato Systems LLC -> )
S3 NSTDUSB21; C:WINDOWSSystem32Driverscyusb.sys [47616 2011-10-18] (NON-STANDARD -> Cypress Semiconductor)
R3 nvlddmkm; C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_db678424d2641c3dnvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:WINDOWSsystem32driversnvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:WINDOWSSystem32driversnvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 oculusvad_oculusvad; C:WINDOWSsystem32DRIVERSoculusvad.sys [74248 2020-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S3 OCULUSVRHEADSET; C:WINDOWSsystem32DRIVERSOCULUS119B.sys [1887232 2017-04-07] (C-MEDIA ELECTRONICS INC. -> OCULUS)
R3 Oculus_ViGEmBus; C:WINDOWSSystem32driversOculus_ViGEmBus.sys [32856 2018-06-04] (Oculus VR, LLC -> Facebook Inc.)
S3 OCUSBVID; C:WINDOWSSystem32driversocusbvid111.sys [69176 2016-08-26] (Oculus VR, LLC -> Oculus VR, LLC)
S3 ssudmdm; C:WINDOWSsystem32DRIVERSssudmdm.sys [166760 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:WINDOWSSystem32Driversss_conn_usb_driver2.sys [43368 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:WINDOWSSystem32driverstap0901.sys [27136 2017-05-13] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:WINDOWSSystem32driverswdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-22 20:23 – 2020-04-22 20:23 – 000045537 _____ C:UsersStatic ShockDesktopFRST.txt
2020-04-22 19:41 – 2020-04-22 19:42 – 000047799 _____ C:UsersStatic ShockDownloadsAddition.txt
2020-04-22 19:40 – 2020-04-22 19:41 – 000088687 _____ C:UsersStatic ShockDownloadsFRST.txt
2020-04-22 16:39 – 2020-04-22 20:23 – 000000000 ____D C:FRST
2020-04-22 16:39 – 2020-04-22 16:39 – 002282496 _____ (Farbar) C:Us ersStatic ShockDesktopFRST64.exe
2020-04-21 02:32 – 2020-04-21 02:32 – 000006148 _____ C:UsersStatic ShockDownloadsDS_Store
2020-04-20 10:29 – 2020-04-20 10:29 – 000236191 _____ C:UsersStatic ShockDownloadsBudget 4-10-20 (1).xlsx
2020-04-20 00:08 – 2020-04-21 19:09 – 000248968 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys
2020-04-20 00:08 – 2020-04-21 19:09 – 000214496 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys
2020-04-20 00:06 – 2020-04-20 00:06 – 125871888 _____ (Logitech Inc.) C:UsersStatic ShockDownloadsLGS_9.02.65_x64_Logitech.exe
2020-04-20 00:04 – 2020-04-20 00:04 – 122315088 _____ (Logitech Inc.) C:UsersStatic ShockDownloadsLGS_8.82.151_x64_Logitech (1).exe
2020-04-19 23:57 – 2020-04-19 23:57 – 036421256 _____ (Logitech, Inc.) C:UsersStatic ShockDownloadslghub_installer.exe
2020-04-19 23:56 – 2020-04-19 23:56 – 122315088 _____ (Logitech Inc .) C:UsersStatic ShockDownloadsLGS_8.82.151_x64_Logitech.exe
2020-04-19 23:55 – 2020-04-19 23:55 – 112859648 _____ (Logitech Inc.) C:UsersStatic ShockDownloadsLGS_9.00.42_x86_Logitech.exe
2020-04-19 17:33 – 2020-04-19 17:33 – 004574920 _____ C:UsersStatic ShockDownloadsDetails-DetailsRetail.8.3.0.7282.140.zip
2020-04-19 17:26 – 2020-04-19 17:26 – 000174368 _____ C:UsersStatic ShockDownloadsBagnon-8.3.5-8.3.0.zip
2020-04-19 17:24 – 2020-04-19 17:25 – 003687112 _____ C:UsersStatic ShockDownloadsDBM-Core-8.3.20.zip
2020-04-19 15:41 – 2020-04-19 15:41 – 000317847 _____ C:UsersStatic ShockDownloadsBartender4-4.9.0.zip
2020-04-19 15:35 – 2020-04-19 15:35 – 000048350 _____ C:UsersStatic ShockDownloadsTinyTooltip.zip
2020-04-19 15:23 – 2020-04-19 15:23 – 002399276 _____ C:UsersStatic ShockDownloadsAuctioneer_8.3_Beta4.4.zip
2020-04-19 15:05 – 2020-04-19 15:05 – 003780749 _____ C:UsersStati c ShockDownloadsAuctioneerSuite-8.2.6512.zip
2020-04-19 14:59 – 2020-04-19 14:59 – 083732344 _____ (Twitch Interactive, Inc.) C:UsersStatic ShockDownloadsTwitchSetup.exe
2020-04-18 18:21 – 2020-04-18 18:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsStreamlabs
2020-04-18 18:20 – 2020-04-18 18:20 – 077803824 _____ (Streamlabs ) C:UsersStatic ShockDownloadsStreamlabs+Chatbot+Installer.exe
2020-04-17 20:51 – 2020-04-17 20:51 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDropbox
2020-04-15 19:12 – 2020-04-15 19:12 – 000236191 _____ C:UsersStatic ShockDownloadsBudget 4-10-20.xlsx
2020-04-15 19:10 – 2020-04-15 19:10 – 000657946 _____ C:UsersStatic ShockDownloads2019_TaxReturn (1).pdf
2020-04-15 13:39 – 2020-04-15 13:39 – 026806784 _____ (Microsoft Corporation) C:WINDOWSsystem32edgehtml.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 023463424 _____ (Micro soft Corporation) C:WINDOWSsystem32mshtml.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 022137632 _____ (Microsoft Corporation) C:WINDOWSsystem32shell32.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 020816384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64edgehtml.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 019020800 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 017487360 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 015222272 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.Xaml.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 009672208 _____ (Microsoft Corporation) C:WINDOWSsystem32ntoskrnl.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 008907264 _____ (Microsoft Corporation) C:WINDOWSsystem32mstscax.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 007923712 _____ (Microsoft Corporation) C:WINDOWSSys WOW64mstscax.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 007871488 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakra.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 007701208 _____ (Microsoft Corporation) C:WINDOWSsystem32windows.storage.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 007645392 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Protection.PlayReady.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 006543528 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Media.Protection.PlayReady.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 006318840 _____ (Microsoft Corporation) C:WINDOWSSysWOW64windows.storage.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 006060032 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakra.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 005608120 _____ (Microsoft Corporation) C:WINDOWSSysWOW64shell32.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 005436696 _____ (Microsoft Corpora tion) C:WINDOWSsystem32mfcore.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 005086208 _____ (Microsoft Corporation) C:WINDOWSsystem32wininet.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 004872704 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript9.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 004695552 _____ (Microsoft Corporation) C:WINDOWSsystem32msi.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 004628480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wininet.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 004589056 _____ (Microsoft Corporation) C:WINDOWSsystem32sppsvc.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 004442352 _____ (Microsoft Corporation) C:WINDOWSexplorer.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 004303872 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_nt.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 004050432 _____ (Microsoft Corporation) C:WINDOWSsystem32EdgeContent.dll[19659002]2020-04-15 13:39 – 2020-04-15 13:39 – 003933184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msi.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 003887640 _____ (Microsoft Corporation) C:WINDOWSSysWOW64explorer.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 003703808 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript9.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 003656704 _____ (Microsoft Corporation) C:WINDOWSsystem32mispace.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 003636224 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kfull.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 003582976 _____ (Microsoft Corporation) C:WINDOWSsystem32diagtrack.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 003550400 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfcore.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 003493376 _____ (Microsoft Corporation) C:WINDOWSsystem32dwmcore.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 003392 000 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentServer.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 003361080 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgkrnl.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 003334496 _____ (Microsoft Corporation) C:WINDOWSsystem32combase.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 003097600 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dwmcore.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 003005952 _____ (Microsoft Corporation) C:WINDOWSsystem32wuaueng.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 002942976 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mispace.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 002917688 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstcpip.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 002871608 _____ (Microsoft Corporation) C:WINDOWSsystem32aitstatic.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 002801664 _____ (Microsof t Corporation) C:WINDOWSsystem32WinSAT.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 002749800 _____ (Microsoft Corporation) C:WINDOWSsystem32mfmp4srcsnk.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 002706944 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32kfull.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 002706496 _____ (Microsoft Corporation) C:WINDOWSsystem32KernelBase.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 002590736 _____ (Microsoft Corporation) C:WINDOWSSysWOW64combase.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 002469440 _____ (Microsoft Corporation) C:WINDOWSsystem32msmpeg2vdec.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 002417664 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kbase.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 002323696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msmpeg2vdec.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 002200576 _____ (Microsoft Corporation) C:WINDOWSsy stem32AppXDeploymentExtensions.onecore.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 002182472 _____ (Microsoft Corporation) C:WINDOWSsystem32workfolderssvc.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 002078392 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KernelBase.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001994768 _____ (Microsoft Corporation) C:WINDOWSsystem32ntdll.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001962000 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrefs.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 001893376 _____ (Microsoft Corporation) C:WINDOWSsystem32wevtsvc.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001824768 _____ (Microsoft Corporation) C:WINDOWSsystem32aadtb.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001796408 _____ (Microsoft Corporation) C:WINDOWSsystem32WindowsCodecs.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001726264 _____ (Microsoft Corporation) C:WINDOWSsystem32 appraiser.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001709560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfmp4srcsnk.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001702608 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi
2020-04-15 13:39 – 2020-04-15 13:39 – 001702400 _____ (Microsoft Corporation) C:WINDOWSsystem32GdiPlus.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001675008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64user32.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001674480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ntdll.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001671680 _____ (Microsoft Corporation) C:WINDOWSsystem32InstallService.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001668968 _____ (Microsoft Corporation) C:WINDOWSsystem32gdi32full.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001664696 _____ (Microsoft Corporation) C:WINDOWSsystem32user32.dll
2020-04-15 13:3 9 – 2020-04-15 13:39 – 001647616 _____ (Microsoft Corporation) C:WINDOWSsystem32wpncore.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001608192 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentExtensions.desktop.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001568768 _____ (Microsoft Corporation) C:WINDOWSsystem32dosvc.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001519488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WindowsCodecs.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001485312 _____ (Microsoft Corporation) C:WINDOWSSysWOW64GdiPlus.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001476096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aadtb.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001473296 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 001467392 _____ (Microsoft Corporation) C:WINDOWSsystem32TokenBroker.dll
2020-04-15 13:39 – 2020-04-15 13 :39 – 001465344 _____ (Microsoft Corporation) C:WINDOWSsystem32wsecedit.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001465272 _____ (Microsoft Corporation) C:WINDOWSSysWOW64gdi32full.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001412096 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcDesktopMonSvc.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001388032 _____ (Microsoft Corporation) C:WINDOWSsystem32bcastdvruserservice.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001387304 _____ (Microsoft Corporation) C:WINDOWSsystem32WinTypes.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001383680 _____ (Microsoft Corporation) C:WINDOWSsystem32webservices.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001346192 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi
2020-04-15 13:39 – 2020-04-15 13:39 – 001333760 _____ (Microsoft Corporation) C:WINDOWSsystem32WindowManagement.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 00 1323008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wsecedit.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001320448 _____ (Microsoft Corporation) C:WINDOWSsystem32wpnapps.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001310720 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msjet40.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001309696 _____ (Microsoft Corporation) C:WINDOWSsystem32webplatstorageserver.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001309184 _____ (Microsoft Corporation) C:WINDOWSsystem32TaskFlowDataEngine.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001259832 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershttp.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 001258512 _____ (Microsoft Corporation) C:WINDOWSsystem32hvix64.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 001257984 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TokenBroker.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001257472 _____ ( Microsoft Corporation) C:WINDOWSsystem32mfmkvsrcsnk.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001249792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64InstallService.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001217024 _____ (Microsoft Corporation) C:WINDOWSsystem32TSWorkspace.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001205248 _____ (Microsoft Corporation) C:WINDOWSsystem32rpcss.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001200920 _____ (Microsoft Corporation) C:WINDOWSsystem32mfmpeg2srcsnk.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001183296 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 001171456 _____ (Microsoft Corporation) C:WINDOWSsystem32comdlg32.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001133056 _____ (Microsoft Corporation) C:WINDOWSsystem32windowsperformancerecordercontrol.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001054928 _____ ( Microsoft Corporation) C:WINDOWSsystem32ApplyTrustOffline.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 001050640 _____ (Microsoft Corporation) C:WINDOWSsystem32hvax64.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 001038848 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Security.Authentication.Web.Core.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001024920 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfmpeg2srcsnk.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001012224 _____ (Microsoft Corporation) C:WINDOWSsystem32refsutil.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 001006080 _____ (Microsoft Corporation) C:WINDOWSsystem32kerberos.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 001003008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wpnapps.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000993280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64comdlg32.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000988672 ____ _ (Microsoft Corporation) C:WINDOWSsystem32StorSvc.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000987520 _____ (Microsoft Corporation) C:WINDOWSsystem32winhttp.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000982016 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfmkvsrcsnk.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000976896 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TSWorkspace.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000948288 _____ (Microsoft Corporation) C:WINDOWSSysWOW64webservices.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000947200 _____ (Microsoft Corporation) C:WINDOWSsystem32uDWM.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000934400 _____ (Microsoft Corporation) C:WINDOWSsystem32samsrv.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000927232 _____ (Microsoft Corporation) C:WINDOWSsystem32rasmans.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000912384 _____ (Microsoft Corporation) C:WINDOWSsys tem32EdgeManager.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000902248 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WinTypes.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000902144 _____ (Microsoft Corporation) C:WINDOWSsystem32usocore.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000889344 _____ (Microsoft Corporation) C:WINDOWSsystem32FlightSettings.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000886272 _____ (Microsoft Corporation) C:WINDOWSSysWOW64windowsperformancerecordercontrol.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000871424 _____ (Microsoft Corporation) C:WINDOWSsystem32netlogon.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000861496 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms2.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 000856432 _____ (Microsoft Corporation) C:WINDOWSsystem32ci.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000837120 _____ (Microsoft Corporation) C:WINDOWSsystem32 jscript.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000833024 _____ (Microsoft Corporation) C:WINDOWSSysWOW64webplatstorageserver.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000811320 _____ (Microsoft Corporation) C:WINDOWSsystem32generaltel.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000808272 _____ (Microsoft Corporation) C:WINDOWSsystem32fontdrvhost.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000803400 _____ (Microsoft Corporation) C:WINDOWSsystem32dnsapi.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000801792 _____ (Microsoft Corporation) C:WINDOWSsystem32uReFS.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000791040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Security.Authentication.Web.Core.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000779264 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kerberos.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000777728 _____ (Microsoft Corporation) C:WINDOWSsystem 32ntshrui.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000773200 _____ (Microsoft Corporation) C:WINDOWSsystem32taskschd.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000770096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64winhttp.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000758688 _____ (Microsoft Corporation) C:WINDOWSsystem32tcblaunch.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000747320 _____ (Microsoft Corporation) C:WINDOWSsystem32aeinv.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000730112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64FlightSettings.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000725904 _____ (Microsoft Corporation) C:WINDOWSsystem32kernel32.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000721920 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_Language.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000703488 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript9diag.dll[1 9659002]2020-04-15 13:39 – 2020-04-15 13:39 – 000684032 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000681472 _____ (Microsoft Corporation) C:WINDOWSSysWOW64uReFS.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000672256 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ntshrui.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000666112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64netlogon.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000663040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64EdgeManager.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000661056 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fontdrvhost.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000659520 _____ (Microsoft Corporation) C:WINDOWSsystem32advapi32.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000652600 _____ (Microsoft Corporation) C:WINDOWSsystem32securekernel.exe
2020-04-15 13:39 – 2020-04- 15 13:39 – 000649272 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kernel32.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000638264 _____ (Microsoft Corporation) C:WINDOWSsystem32devinv.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000629760 _____ (Microsoft Corporation) C:WINDOWSsystem32ipnathlp.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000628736 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript9diag.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000596480 _____ (Microsoft Corporation) C:WINDOWSsystem32vbscript.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000591160 _____ (Microsoft Corporation) C:WINDOWSsystem32hal.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000583096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dnsapi.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000553784 _____ (Microsoft Corporation) C:WINDOWSsystem32pcasvc.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000536112 _____ (Microsoft Corporati on) C:WINDOWSSysWOW64taskschd.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000535056 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmrxsmb.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 000534016 _____ (Microsoft Corporation) C:WINDOWSSysWOW64vbscript.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000525824 _____ (Microsoft Corporation) C:WINDOWSsystem32nltest.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000519168 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcext.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000515384 _____ (Microsoft Corporation) C:WINDOWSsystem32dcntel.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000513336 _____ (Microsoft Corporation) C:WINDOWSsystem32aepic.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000507400 _____ (Microsoft Corporation) C:WINDOWSSysWOW64advapi32.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000505640 _____ (Microsoft Corporation) C:WINDOWSsystem32wow64win.dll[19659002]2020-04-15 13:39 – 2020-04-15 13:39 – 000492544 _____ (Microsoft Corporation) C:WINDOWSsystem32cloudAP.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000485376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sppcext.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000475136 _____ (Microsoft Corporation) C:WINDOWSsystem32wuuhext.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000465208 _____ (Microsoft Corporation) C:WINDOWSsystem32invagent.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000452920 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdbss.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 000439096 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms1.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 000431616 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpclip.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000427520 _____ (Microsoft Corporation) C:WINDOWSsystem32MSFlacDecoder.dll
2020-04-15 13:39 – 2020 -04-15 13:39 – 000415544 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aepic.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000392704 _____ (Microsoft Corporation) C:WINDOWSsystem32domgmt.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000375296 _____ (Microsoft Corporation) C:WINDOWSsystem32WinSATAPI.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000371712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MSFlacDecoder.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000357888 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicSvc.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000353792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msrd3x40.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000353280 _____ (Microsoft Corporation) C:WINDOWSsystem32dnsrslvr.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000351744 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Storage.ApplicationData.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000341504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msexcl40.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000324408 _____ (Microsoft Corporation) C:WINDOWSsystem32acmigration.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000323072 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcommdlg.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000321024 _____ (Microsoft Corporation) C:WINDOWSsystem32wbadmin.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000307712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WinSATAPI.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000298808 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssdbus.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 000294512 _____ (Microsoft Corporation) C:WINDOWSsystem32skci.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000280136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Storage.ApplicationData.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 00027841 6 _____ (Microsoft Corporation) C:WINDOWSsystem32LsaIso.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000261944 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmrxsmb20.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 000253048 _____ (Microsoft Corporation) C:WINDOWSsystem32logoncli.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000252728 _____ (Microsoft Corporation) C:WINDOWSsystem32offlinesam.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000248832 _____ (Microsoft Corporation) C:WINDOWSsystem32IndexedDbLegacy.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000241152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msltus40.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000241152 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswinnat.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 000229888 _____ (Microsoft Corporation) C:WINDOWSsystem32TabSvc.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000222008 _____ (Microsoft Co rporation) C:WINDOWSSysWOW64offlinesam.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000215552 _____ (Microsoft Corporation) C:WINDOWSsystem32InstallServiceTasks.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000214528 _____ (Microsoft Corporation) C:WINDOWSsystem32srumsvc.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000203064 _____ (Microsoft Corporation) C:WINDOWSsystem32tcbloader.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000198656 _____ (Microsoft Corporation) C:WINDOWSsystem32policymanagerprecheck.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000197632 _____ (Microsoft Corporation) C:WINDOWSsystem32updatepolicy.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000193336 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdumpsd.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 000193024 _____ (Microsoft Corporation) C:WINDOWSsystem32LanguageComponentsInstaller.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000192512 ____ _ (Microsoft Corporation) C:WINDOWSSysWOW64IndexedDbLegacy.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000189496 _____ (Microsoft Corporation) C:WINDOWSSysWOW64logoncli.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000180736 _____ (Microsoft Corporation) C:WINDOWSSysWOW64srumsvc.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000180224 _____ (Microsoft Corporation) C:WINDOWSsystem32t2embed.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000167424 _____ (Microsoft Corporation) C:WINDOWSSysWOW64InstallServiceTasks.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000164152 _____ (Microsoft Corporation) C:WINDOWSsystem32CompatTelRunner.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000162304 _____ (Microsoft Corporation) C:WINDOWSSysWOW64updatepolicy.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000160768 _____ (Microsoft Corporation) C:WINDOWSsystem32umpo.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000155136 _____ (Microsoft Corp oration) C:WINDOWSsystem32Chakradiag.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000152408 _____ (Microsoft Corporation) C:WINDOWSsystem32KerbClientShared.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000146888 _____ (Microsoft Corporation) C:WINDOWSsystem32smss.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000144384 _____ (Microsoft Corporation) C:WINDOWSsystem32slc.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000138752 _____ (Microsoft Corporation) C:WINDOWSSysWOW64t2embed.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000134968 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversscmbus.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 000133120 _____ (Microsoft Corporation) C:WINDOWSsystem32iscsiwmiv2.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000131112 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstornvme.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 000125440 _____ (Microsoft Corporation) C:WINDOWSsyst em32fontsub.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000124504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KerbClientShared.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000122368 _____ (Microsoft Corporation) C:WINDOWSSysWOW64slc.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000117248 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakradiag.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000115120 _____ (Microsoft Corporation) C:WINDOWSsystem32phoneactivate.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000103936 _____ (Microsoft Corporation) C:WINDOWSsystem32utcutil.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000098816 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fontsub.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000096768 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iscsiwmiv2.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000089928 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvolmgr.sys[19659002]2020-04-15 13:39 – 2020-04-15 13:39 – 000087552 _____ (Microsoft Corporation) C:WINDOWSsystem32iasacct.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000080896 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dtdump.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000071480 _____ (Microsoft Corporation) C:WINDOWSsystem32win32appinventorycsp.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000066048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iasacct.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000064000 _____ (Microsoft Corporation) C:WINDOWSsystem32tbauth.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000060928 _____ (Microsoft Corporation) C:WINDOWSsystem32mf3216.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000057856 _____ C:WINDOWSsystem32runexehelper.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000049152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tbauth.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000046080 _____ (M icrosoft Corporation) C:WINDOWSSysWOW64mf3216.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000036152 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceCensus.exe
2020-04-15 13:39 – 2020-04-15 13:39 – 000033792 _____ (Microsoft Corporation) C:WINDOWSsystem32sxssrv.dll
2020-04-15 13:39 – 2020-04-15 13:39 – 000033080 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershwpolicy.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 000018432 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssfloppy.sys
2020-04-15 13:39 – 2020-04-15 13:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth8.bin
2020-04-15 13:39 – 2020-04-15 13:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth7.bin
2020-04-15 13:39 – 2020-04-15 13:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth6.bin
2020-04-15 13:39 – 2020-04-15 13:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth5.bin
2020-04-15 13:39 – 2020-04-15 13:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth4.bin
2020-04-15 13:39 – 2020-04-15 13:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth3.bin
2020-04-15 13:39 – 2020-04-15 13:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth2.bin
2020-04-15 13:39 – 2020-04-15 13:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth1.bin
2020-04-14 20:58 – 2020-04-14 20:58 – 000135899 _____ C:UsersStatic ShockDownloadsMoveAnything+17.1.0.zip
2020-04-14 12:26 – 2020-04-14 12:26 – 000657946 _____ C:UsersStatic ShockDownloads2019_TaxReturn.pdf
2020-04-14 07:19 – 2020-04-14 07:19 – 000047600 _____ (Dropbox, Inc.) C:WINDOWSsystem32Driversdbx-stable.sys
2020-04-14 07:19 – 2020-04-14 07:19 – 000047600 _____ (Dropbox, Inc.) C:WINDOWSsystem32Driversdbx-dev.sys
2020-04-14 07:19 – 2020-04-14 07:19 – 000047600 _____ (Dropbox, Inc.) C:WINDOWSsystem32Driversdbx-canary.sys
2020-04-14 07:19 – 2020-04-14 07:19 – 000044552 _____ (Dropbox, Inc.) C:WINDOWSsystem32DbxSvc.exe
2020-04-13 13:54 – 2020-04-13 13:54 – 000000000 ____D C:UsersStatic ShockAppDataRoamingMicrosoftWindowsStart MenuProgramsLastPass
2020-04-13 13:54 – 2020-04-13 13:54 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsLastPass
2020-04-13 13:54 – 2020-04-13 13:54 – 000000000 ____D C:Program Files (x86)LastPass
2020-04-13 13:52 – 2020-04-13 13:52 – 034765184 _____ (LastPass) C:UsersStatic ShockDownloadslastpass_x64.exe
2020-04-13 09:04 – 2020-04-13 09:04 – 000054300 _____ C:UsersStatic ShockDownloads526313 (1).pdf
2020-04-10 16:36 – 2020-04-10 16:36 – 014566496 _____ (ESET spol. s r.o.) C:UsersStatic ShockDownloadsesetonlinescanner (1).exe
2020-04-10 16:36 – 2020-04-10 16:36 – 000236737 _____ C:UsersStatic ShockDownloadsBudget 4-1-20.xlsx
2020-04-10 02:36 – 2020-04-13 14:07 – 000000000 ____D C:UsersStatic ShockAppDataLocalESET
2020-04-10 02:36 – 2020-04-10 02:36 – 000000756 _____ C:UsersStatic ShockAppDataRoamingMicrosoftWindowsStart MenuProgramsESET Online Scanner.lnk
2020-04-10 02:35 – 2020-04-10 02:35 – 014566496 _____ (ESET spol. s r.o.) C:UsersStatic ShockDownloadsesetonlinescanner.exe
2020-04-05 01:51 – 2020-04-05 01:51 – 000000000 ____D C:ProgramDataMozilla
2020-04-04 19:11 – 2020-04-04 19:11 – 000011893 _____ C:UsersStatic ShockDesktophumble bundle.xlsx
2020-04-01 21:24 – 2020-04-01 21:27 – 2126042619 _____ C:UsersStatic ShockDownloads2018-20200402T022208Z-001.zip
2020-04-01 18:31 – 2020-04-01 18:31 – 000233978 _____ C:UsersStatic ShockDownloa dsBudget 3-30-20.xlsx
2020-04-01 11:20 – 2020-04-01 11:20 – 000000000 ____D C:UsersStatic ShockAppDataLocalLowBerserk Games
2020-04-01 11:14 – 2020-04-01 11:14 – 000068207 _____ C:UsersStatic ShockDownloadsMaster Spreadsheet.xlsx
2020-04-01 11:13 – 2020-04-01 11:13 – 000000222 _____ C:UsersStatic ShockDesktopTabletop Simulator.url
2020-04-01 11:08 – 2020-04-01 11:08 – 000054300 _____ C:UsersStatic ShockDownloads526313.pdf
2020-04-01 10:55 – 2020-04-01 10:55 – 000066140 _____ C:UsersStatic ShockDownloadsFollowUpLetter (1).pdf
2020-04-01 10:54 – 2020-04-01 10:54 – 000066140 _____ C:UsersStatic ShockDownloadsFollowUpLetter.pdf
2020-03-31 19:13 – 2020-03-31 21:24 – 000000000 ____D C:UsersStatic ShockAppDataLocalLowBitTorrent
2020-03-31 15:20 – 2020-04-07 18:28 – 000008995 _____ C:UsersStatic ShockDesktopWorkout Tracker.xlsx
2020-03-29 21:31 – 2020-03-29 21:31 – 000000000 ____ D C:UsersStatic ShockAppDataRoamingchc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2020-03-29 20:07 – 2020-03-29 20:14 – 000000000 ____D C:UsersStatic ShockDesktopNeed to get printed
2020-03-28 20:37 – 2020-03-28 20:37 – 000000000 ____D C:UsersStatic ShockDocumentsZoom
2020-03-28 20:28 – 2020-04-06 21:14 – 000000000 ____D C:UsersStatic ShockAppDataRoamingZoom
2020-03-28 20:28 – 2020-04-06 21:14 – 000000000 ____D C:UsersStatic ShockAppDataRoamingMicrosoftWindowsStart MenuProgramsZoom
2020-03-23 18:02 – 2020-03-23 18:02 – 000000933 _____ C:UsersStatic ShockDesktopClone Hero Songs.lnk
2020-03-23 12:04 – 2020-03-23 12:04 – 000001065 _____ C:UsersStatic ShockDesktopClone Hero.exe – Shortcut.lnk
2020-03-23 12:02 – 2020-03-23 12:02 – 000000000 ____D C:UsersStatic ShockAppDataLocalLowsrylain Inc_
==================== One month (modified) ==================
[19659002](If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-22 20:18 – 2018-09-15 02:33 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2020-04-22 20:18 – 2017-06-30 23:28 – 000000000 ____D C:UsersStatic ShockAppDataLocalBattle.net
2020-04-22 20:09 – 2018-03-25 14:07 – 000000000 ____D C:UsersStatic ShockAppDataRoamingdiscord
2020-04-22 20:05 – 2019-05-01 15:00 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2020-04-22 12:25 – 2017-07-01 04:29 – 000000000 ____D C:ProgramDataNVIDIA
2020-04-21 19:09 – 2019-07-30 18:21 – 000153312 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys
2020-04-21 14:11 – 2018-09-15 02:33 – 000000000 ___HD C:Program FilesWindowsApps
2020-04-21 14:11 – 2018-09-15 02:33 – 000000000 ____D C:WINDOWSAppReadiness
2020-04-21 02:31 – 2018-03-16 22:02 – 000000000 ____D C:UsersStatic ShockAppDataRoamingobs-studi o
2020-04-20 21:39 – 2017-06-30 23:29 – 000000000 ____D C:UsersStatic ShockAppDataLocalCrashDumps
2020-04-20 16:52 – 2017-07-01 22:54 – 000000000 ____D C:UsersStatic ShockAppDataLocalOculus
2020-04-20 16:49 – 2017-07-01 23:05 – 000000000 ____D C:Program FilesOculus
2020-04-20 10:29 – 2017-11-19 08:52 – 000000000 ____D C:UsersStatic ShockAppDataLocalPackages
2020-04-20 00:14 – 2019-05-01 15:08 – 000936760 _____ C:WINDOWSsystem32PerfStringBackup.INI
2020-04-20 00:14 – 2018-09-15 02:31 – 000000000 ____D C:WINDOWSINF
2020-04-20 00:09 – 2019-05-01 15:06 – 000003218 _____ C:WINDOWSsystem32TasksFRAPS
2020-04-20 00:09 – 2017-07-17 19:32 – 000000000 ____D C:Fraps
2020-04-20 00:08 – 2019-05-01 15:06 – 000000006 ____H C:WINDOWSTasksSA.DAT
2020-04-20 00:08 – 2018-09-15 01:09 – 000524288 _____ C:WINDOWSsystem32configBBI
2020-04-20 00:08 – 2018-04-19 22:10 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2020-04-20 00:08 – 2017-07-01 06:06 – 000000000 ____D C:Program Files (x86)Steam
2020-04-20 00:07 – 2017-07-28 17:56 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsLogitech
2020-04-20 00:07 – 2017-07-02 15:46 – 000018960 _____ (Logitech, Inc.) C:WINDOWSsystem32DriversLNonPnP.sys
2020-04-20 00:07 – 2017-07-02 15:45 – 000000000 ____D C:Program FilesLogitech Gaming Software
2020-04-19 05:32 – 2018-09-15 02:33 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared
2020-04-19 05:31 – 2017-07-26 18:29 – 000000000 ____D C:Program FilesMicrosoft Office
2020-04-18 19:20 – 2018-04-19 22:10 – 000000000 ____D C:UsersStatic ShockAppDataLocalLowMozilla
2020-04-18 19:19 – 2018-04-19 22:10 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2020-04-18 19:19 – 2018-04-19 22:10 – 000000000 ____D C:Program FilesMozilla Firefox
2020-04-17 20:51 – 2017-07-01 06:29 – 000000000 ____D C:Program Files (x86)Dropbox
2020-04-17 13:35 – 2018-10-17 19:19 – 000000000 ____D C:ProgramDataCLink4
2020-04-16 15:18 – 2017-07-01 05:38 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2020-04-16 04:34 – 2019-05-01 15:00 – 005059024 _____ C:WINDOWSsystem32FNTCACHE.DAT
2020-04-16 04:34 – 2017-11-19 09:05 – 000000000 ___RD C:UsersStatic Shock3D Objects
2020-04-16 04:34 – 2017-07-01 01:40 – 000000000 __RHD C:UsersPublicAccountPictures
2020-04-16 04:33 – 2018-09-15 02:33 – 000000000 ____D C:WINDOWSShellExperiences
2020-04-16 04:33 – 2018-09-15 02:33 – 000000000 ____D C:WINDOWSProvisioning
2020-04-16 04:33 – 2018-09-15 02:33 – 000000000 ____D C:WINDOWSbcastdvr
2020-04-15 13:40 – 2018-09-15 02:23 – 000000000 ____D C:WINDOWSCbsTemp
2020-04- 14 18:53 – 2019-05-01 15:06 – 000003394 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-2878526742-3543137075-4239602185-1001
2020-04-14 18:53 – 2019-05-01 15:02 – 000002388 _____ C:UsersStatic ShockAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2020-04-14 18:53 – 2017-07-01 01:41 – 000000000 ___RD C:UsersStatic ShockOneDrive
2020-04-13 14:47 – 2019-05-01 15:07 – 000000000 ____D C:UsersStatic ShockAppDataLocalPlaceholderTileLogoFolder
2020-04-13 14:14 – 2017-07-01 05:44 – 000000000 ____D C:UsersStatic ShockAppDataLocalLowLastPass
2020-04-13 13:24 – 2018-07-10 22:39 – 000000000 ____D C:ProgramDataPackages
2020-04-13 11:14 – 2018-06-04 18:52 – 000000000 ____D C:UsersStatic ShockAppDataLocalD3DSCache
2020-04-13 11:13 – 2017-06-30 23:32 – 000000000 ____D C:Program Files (x86)World of Warcraft
2020-04-13 10:13 – 2017-06-30 23:28 – 000000000 ____D C:P rogram Files (x86)Blizzard App
2020-04-13 10:12 – 2017-06-30 23:29 – 000000000 ____D C:UsersStatic ShockAppDataLocalBlizzard Entertainment
2020-04-10 09:38 – 2017-10-12 20:22 – 000000214 _____ C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job
2020-04-06 21:21 – 2018-10-17 17:12 – 000000000 ____D C:UsersStatic ShockDesktopComputer Health
2020-04-06 21:15 – 2020-03-17 20:22 – 000000000 ____D C:ProgramDataobs-studio-hook
2020-04-06 21:15 – 2019-05-01 15:02 – 000000000 ____D C:UsersStatic Shock
2020-04-06 21:14 – 2019-07-30 18:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes
2020-04-06 21:14 – 2019-05-01 15:02 – 000000000 ____D C:UsersOVRLibraryService
2020-04-06 21:14 – 2018-09-15 02:33 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns
2020-04-06 21:14 – 2018-06-04 08:26 – 000000000 ____D C:UsersStatic ShockAppDataLocalub65x
2020-04-06 21:14 – 2018-02-01 18:16 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRevo Uninstaller
2020-04-06 21:14 – 2017-12-05 18:15 – 000000000 ____D C:UsersStatic ShockAppDataRoamingRainmeter
2020-04-06 21:14 – 2017-07-02 15:46 – 000000000 ____D C:Program Files (x86)Overwolf
2020-04-06 21:13 – 2018-09-15 02:33 – 000000000 ____D C:WINDOWSSysWOW64Macromed
2020-04-06 21:13 – 2018-09-15 02:33 – 000000000 ____D C:WINDOWSsystem32Macromed
2020-04-06 21:13 – 2018-09-15 02:33 – 000000000 ____D C:WINDOWSregistration
2020-04-06 21:13 – 2017-07-01 23:07 – 000000000 ____D C:UsersStatic ShockAppDataRoamingOculusClient
2020-04-05 15:23 – 2018-09-15 02:33 – 000000000 ____D C:WINDOWSsystem32NDF
2020-04-02 15:32 – 2017-07-01 04:33 – 000744808 _____ (Microsoft Corporation) C:WINDOWSsystem32MpSigStub.exe
2020-04-01 11:20 – 2017-07-17 19:01 – 000000000 ____D C:UsersStatic ShockDo cumentsMy Games
2020-04-01 11:13 – 2018-03-22 21:14 – 000001117 _____ C:UsersStatic ShockDesktopTwitch Resources – Shortcut.lnk
2020-03-31 15:24 – 2019-05-01 15:06 – 000004602 _____ C:WINDOWSsystem32TasksAdobe Flash Player NPAPI Notifier
2020-03-31 15:24 – 2017-07-03 18:26 – 000000000 ____D C:UsersStatic ShockAppDataLocalAdobe
2020-03-29 21:55 – 2018-04-04 21:29 – 000000132 _____ C:UsersStatic ShockAppDataRoamingAdobe PNG Format CS5 Prefs
2020-03-29 21:31 – 2018-01-09 15:57 – 000000000 ____D C:UsersStatic ShockAppDataLocalLowAdobe
2020-03-25 01:58 – 2018-02-17 00:40 – 000000000 ____D C:WINDOWSsystem32Driverswd
==================== Files in the root of some directories ========
2018-04-04 21:29 – 2020-03-29 21:55 – 000000132 _____ () C:UsersStatic ShockAppDataRoamingAdobe PNG Format CS5 Prefs
2019-12-18 01:47 – 2019-12-18 01:49 – 000001456 _____ () C: UsersStatic ShockAppDataLocalAdobe Save for Web 12.0 Prefs
2017-07-01 03:13 – 2017-07-01 03:13 – 000000000 _____ () C:UsersStatic ShockAppDataLocalDriver_LOM_8171Present.flag
2019-09-26 21:05 – 2019-09-27 05:25 – 000000600 _____ () C:UsersStatic ShockAppDataLocalPUTTY.RND
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2020
Ran by Static Shock (22-04-2020 20:24:01)
Running from C:UsersStatic ShockDesktop
Windows 10 Home Version 1809 17763.1158 (X64) (2019-05-01 20:06:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2878526742- 3543137075-4239602185-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-2878526742-3543137075-4239602185-503 – Limited – Disabled)
Guest (S-1-5-21-2878526742-3543137075-4239602185-501 – Limited – Disabled)
Static Shock (S-1-5-21-2878526742-3543137075-4239602185-1001 – Administrator – Enabled) => C:UsersStatic Shock
WDAGUtilityAccount (S-1-5-21-2878526742-3543137075-4239602185-504 – Limited – Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhid e them. The adware programs should be uninstalled manually.)
Active Directory Authentication Library for SQL Server (HKLM…{52D1FCFD-1052-4D75-B3FB-9906901AFD98}) (Version: 13.1.4001.0 – Microsoft Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32…{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 – Adobe Systems Incorporated)
Adobe Acrobat X Pro – English, Français, Deutsch (HKLM-x32…{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 – Adobe Systems)
Adobe AIR (HKLM-x32…Adobe AIR) (Version: 2.5.1.17730 – Adobe Systems Inc.)
Adobe Community Help (HKLM-x32…chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 – Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32…com.adobe.dmp.contentviewer) (Version: 1.4.0 – Adobe Systems Incorporated)
Adobe Creative Suite 5.5 Design Premium (HKLM-x32…{60E59A6C-7399-495A-B85C-C829F4E59602}) (Version: 5.5 – Adobe System s Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32…Adobe Flash Player NPAPI) (Version: 32.0.0.344 – Adobe)
Adobe Widget Browser (HKLM-x32…com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 – Adobe Systems Incorporated.)
Apple Application Support (32-bit) (HKLM-x32…{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 – Apple Inc.)
Apple Application Support (64-bit) (HKLM…{DA78A9DC-3599-4D81-A960-B679687A6C14}) (Version: 8.3 – Apple Inc.)
Apple Mobile Device Support (HKLM…{7D606B87-0AEB-4C27-ABCE-1138EE09777B}) (Version: 13.0.0.41 – Apple Inc.)
Apple Software Update (HKLM-x32…{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 – Apple Inc.)
Application Verifier x64 External Package (HKLM…{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 – Microsoft) Hidden
Asmedia USB Host Controller Driver (HKLM-x32…{E4FB0B39-C991-4EE7-9 5DD-1A1A7857D33D}) (Version: 1.16.38.1 – Asmedia Technology)
Audacity 2.3.2 (HKLM-x32…Audacity_is1) (Version: 2.3.2 – Audacity Team)
Blender (HKLM…{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 – Blender Foundation)
Blizzard App (HKLM-x32…Battle.net) (Version: – Blizzard Entertainment)
Bonjour (HKLM…{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 – Apple Inc.)
CCleaner (HKLM…CCleaner) (Version: 5.59 – Piriform)
CCleaner Update Helper (HKLM-x32…{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.5.21.0 – Piriform Software) Hidden
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32…{D1844DC3-B378-47CC-AB40-7FC16C79A2CD}) (Version: 4.7.02558 – Microsoft Corporation) Hidden
CORSAIR iCUE Software (HKLM-x32…{7538A2A3-EC6A-4D19-8343-F02159266822}) (Version: 3.8.91 – Corsair)
Corsair LINK 4 (HKLM-x32…{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 – Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32…{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 – Corsair Components, Inc.) Hidden
CPUID HWMonitor 1.35 (HKLM…CPUID HWMonitor_is1) (Version: 1.35 – CPUID, Inc.)
Diablo III (HKLM-x32…Diablo III) (Version: – Blizzard Entertainment)
DiagnosticsHub_CollectionService (HKLM…{A5DD0731-C724-4037-B35B-B80782AACE00}) (Version: 15.0.27128 – Microsoft Corporation) Hidden
Discord (HKUS-1-5-21-2878526742-3543137075-4239602185-1001…Discord) (Version: 0.0.306 – Discord Inc.)
Dropbox (HKLM-x32…Dropbox) (Version: 95.4.441 – Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32…{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 – Dropbox, Inc.) Hidden
Elgato Game Capture HD (HKLM…{11D487D4-2E52-4AA9-8000-43CED1D7B088}) (Version: 3.70.8.3008 – Elgato Systems GmbH)
Elgato Stream Deck (HKLM…{36188C5A-7060 -4E34-92AC-F46254ED5CC3}) (Version: 4.4.1.12187 – Elgato Systems GmbH)
Entity Framework 6.1.3 Tools for Visual Studio 15 (HKLM-x32…{F8C0447E-D45C-4E52-94E8-C6340AAC9DB8}) (Version: 6.1.60104.0 – Microsoft Corporation) Hidden
EVGA E-LEET Tuning Utility X (HKLM-x32…{3403CE3B-89C5-4E3A-943A-A0578CE0D138}) (Version: 1.0.0 – EVGA Corporation)
EVGA OC Scanner X 3.6.1.2 (64-bit) (HKLM…{CC520CF6-B02E-49AA-8192-C1DDC159E0AA}}_is1) (Version: – EVGA)
EVGA Precision XOC (HKLM-x32…{A36700C1-7415-443A-BD03-FF6FACC5451A}) (Version: 6.1.8 – EVGA Corporation)
f.lux (HKUS-1-5-21-2878526742-3543137075-4239602185-1001…Flux) (Version: – f.lux Software LLC)
FINAL FANTASY XIV ONLINE (HKLM-x32…{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 – SQUARE ENIX CO., LTD.)
Fraps (remove only) (HKLM-x32…Fraps) (Version: – )
Game Capture HD v2.3.3.42 (HKLM-x32…Software_Elgato_Game Capture HD) (Ver sion: 2.3.3.42 – Elgato Systems)
Game Capture HD60 Pro v1.1.0.178 (HKLM-x32…Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.178 – Elgato Systems)
GlassWire 2.1 (remove only) (HKLM-x32…GlassWire 2.1) (Version: 2.1.167 – SecureMix LLC)
Google Chrome (HKLM-x32…Google Chrome) (Version: 81.0.4044.113 – Google LLC)
Google Drive (HKLM-x32…{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 – Google, Inc.)
Google Update Helper (HKLM-x32…{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 – Google LLC) Hidden
HP ENVY 4510 series Basic Device Software (HKLM…{E9FE2E2C-FF62-4C23-B816-62B6EEA1A772}) (Version: 36.0.72.54013 – Hewlett-Packard Co.)
icecap_collection_neutral (HKLM-x32…{9149432D-3BEE-4869-B6F5-7A5CF843A612}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM…{D0C9796E-CB35-4440-885D-9630A0153D1E}) (Version: 15.0.27005 – Micros oft Corporation) Hidden
icecap_collectionresources (HKLM-x32…{B96B62E4-2EE4-45EC-8082-246FFC1B12E3}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32…{262EE643-72FF-406D-9776-C6B65443DA5B}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM…{883ED9A8-3762-481E-A362-3A7BE5CBEB15}) (Version: 10.0.1740 – Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM…{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: – ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM…{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: – ) Hidden
Intel® Chipset Device Software (HKLM-x32…{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 – Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 – Intel Corporation)[19659002]Intel® Network Connections 21.2.45.0 (HKLM…PROSetDX) (Version: 21.2.45.0 – Intel)
Intel® Rapid Storage Technology (HKLM…{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 – Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM…{22676F90-06C7-4DC0-96C2-FAE79AB306F4}) (Version: 6.2.0 – Intel Corporation)
IntelliTraceProfilerProxy (HKLM-x32…{0A2EDF2C-9A71-43D7-964A-696BB7CEAC65}) (Version: 15.0.25.0 – Microsoft Corporation) Hidden
iTunes (HKLM…{49F48AA2-DEA7-453A-8735-9C862E7C8467}) (Version: 12.10.4.2 – Apple Inc.)
Java SE Development Kit 8 Update 161 (64-bit) (HKLM…{64A3A4F4-B792-11D6-A78A-00B0D0180161}) (Version: 8.0.1610.12 – Oracle Corporation)
Java SE Development Kit 8 Update 161 (HKLM-x32…{32A3A4F4-B792-11D6-A78A-00B0D0180161}) (Version: 8.0.1610.12 – Oracle Corporation)
Killer Bandwidth Control Filter Driver (HKLM…{17C67C84-E2A8-4443-993B-67C22EB9D 4F5}) (Version: 1.1.54.1506 – Rivet Networks) Hidden
Killer E240x Drivers (HKLM…{3AAE1523-FA87-456C-BD0E-165079DF5B8F}) (Version: 1.1.54.1506 – Rivet Networks) Hidden
Killer Network Manager (HKLM…{E7DD97D5-B360-485B-BE49-7BBBE6FC87E6}) (Version: 1.1.54.1506 – Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32…{8565EDAB-EAE0-40A7-8553-5BEB1AC2051D}) (Version: 1.1.54.1506 – Rivet Networks)
Kits Configuration Installer (HKLM-x32…{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 – Microsoft) Hidden
LastPass (uninstall only) (HKLM-x32…LastPass) (Version: – LastPass)
League of Legends (HKLM-x32…League of Legends 1.0) (Version: 1.0 – Riot Games, Inc)
Logitech Capture (HKLM…Capture) (Version: 1.10.110 – Logitech)
Logitech Gaming Software 9.02 (HKLM…Logitech Gaming Software) (Version: 9.02.65 – Logitech Inc.)
Malwarebytes version 4.1.0.56 (HKLM…{35065F43-4B B2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 – Malwarebytes)
Microsoft .NET Core SDK – 2.1.4 (x64) (HKLM-x32…{9e732e8f-9e57-467d-a425-6f2387bdabd0}) (Version: 2.1.4 – Microsoft Corporation)
Microsoft AS OLE DB Provider for SQL Server 2016 (HKLM…{875FD7AC-E11F-4F3D-BA4E-BCED5E4B78FF}) (Version: 13.0.1601.5 – Microsoft Corporation)
Microsoft Azure Authoring Tools – v2.9.5.3 (HKLM…{086C537B-DE1A-4A11-8441-6AAF076174B8}) (Version: 2.9.8699.20 – Microsoft Corporation)
Microsoft Azure Compute Emulator – v2.9.5.3 (HKLM…Microsoft Azure Compute Emulator – v2.9.5.3) (Version: 2.9.8699.20 – Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM…{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 – Microsoft Corporation)
Microsoft Azure Mobile App SDK V3.0 (HKLM-x32…{A1D5A2EC-1BB0-4ED6-97E6-F044400FAFFD}) (Version: 3.0.50407.0 – Microsoft Corporation)
Microsoft Azure PowerShell – November 2017 (HKLM-x32…{B4208837-8918-413C-B66D-1F5CA39A2591}) (Version: 5.0.0 – Microsoft Corporation)
Microsoft Azure Storage Emulator – v5.2 (HKLM-x32…Microsoft Azure Storage Emulator – v5.2) (Version: 5.2.17193.1427 – Microsoft Corporation)
Microsoft Identity Extensions (HKLM…{F99F24BF-0B90-463E-9658-3FD2EFC3C992}) (Version: 2.0.1459.0 – Microsoft Corporation)
Microsoft MPI (7.1.12437.25) (HKLM…{8499ACD3-C1E3-45AB-BF96-DA491727EBE1}) (Version: 7.1.12437.25 – Microsoft Corporation)
Microsoft Office 365 – en-us (HKLM…O365HomePremRetail – en-us) (Version: 16.0.12624.20466 – Microsoft Corporation)
Microsoft OneDrive (HKUS-1-5-21-2878526742-3543137075-4239602185-1001…OneDriveSetup.exe) (Version: 19.232.1124.0012 – Microsoft Corporation)
Microsoft R Client (HKLM…{02EFEF35-C9D6-465D-BB0E-EB48B549B3AB}) (Version: 3.3.2.1988 – Microsoft)
Microsoft SQL Server 2012 Native Client (HKLM…{1385D3 DB-8E80-427B-91D2-B7535862B8E4}) (Version: 11.3.6518.0 – Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM…{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 – Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 CTP2.1 (HKLM…{9BAD8F82-A221-42CE-AFF0-7CAB825790C9}) (Version: 14.0.600.250 – Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 CTP2.1 (HKLM-x32…{F0DD1AA8-44D7-4ACE-AF65-7378EA5D884C}) (Version: 14.0.600.250 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 – M icrosoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f} ) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) – 14.12.25810 (HKLM-x32…{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 – Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) – 14.12.25810 (HKLM-x32…{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 – Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM…Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 – Microsoft Corporation)
Microsoft Visual Studio Code (HKLM…{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.20.1 – Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM…{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.14.16 7.122 – Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM…{65C71B09-C33D-4F60-93EA-DF3AD1D40600}) (Version: 10.0.1981 – Microsoft Corporation)
mIRC (HKLM-x32…mIRC) (Version: 7.52 – mIRC Co. Ltd.)
Mozilla Firefox 75.0 (x64 en-US) (HKLM…Mozilla Firefox 75.0 (x64 en-US)) (Version: 75.0 – Mozilla)
Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 59.0.2 – Mozilla)
MP4Tools v3.6.1 (HKLM-x32…MP4Tools_is1) (Version: – Thüring IT-Consulting)
MSI Development Tools (HKLM-x32…{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
Mullvad (HKLM-x32…Product) (Version: – )
My Game Long Name (HKLM…UDK-004307e4-a6a5-4a05-8fcc-8169001e0e34) (Version: – Epic Games, Inc.)
NVAPI Monitor plugin for NvContainer (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 – NVIDIA Corporation) Hid den
NVIDIA 3D Vision Controller Driver 369.04 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 – NVIDIA Corporation)
NVIDIA GeForce Experience 3.18.0.102 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 – NVIDIA Corporation)
NVIDIA Graphics Driver 432.00 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 – NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.16 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 – NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32…{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 – NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 – NVIDIA Corporation)
OBS Studio (HKLM-x32…OBS Studio) (Version: 23.2.1 – OBS Project)
Oculus (HKLM…Oculus) (Ver sion: <3 – Oculus VR, LLC)
Oculus Rift DK2 Sensor Driver (HKLM…{F786EF4E-73FE-4700-AC19-FFC0B2298F20}) (Version: 1.0.0.0 – Oculus VR, LLC) Hidden
Oculus Rift Monitor Driver (HKLM…{E932D5B4-547A-4959-B642-3816836283E3}) (Version: 1.0.1.0 – Oculus VR, LLC) Hidden
Oculus Rift Sensor Driver (HKLM…{E724ED40-8962-4987-901D-57AC8C9E41CD}) (Version: 1.0.20.0 – Oculus VR, LLC) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM…{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20442 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM…{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20466 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM…{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12624.20442 – Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (HKLM-x32…{3EA16E23-14D2-466A-8268-D7CD40D C46B6}) (Version: 2.5.5631 – Microsoft Corporation) Hidden
OpenVPN 2.4.4-I601 (HKLM…OpenVPN) (Version: 2.4.4-I601 – OpenVPN Technologies, Inc.)
Origin (HKLM-x32…Origin) (Version: 10.5.60.37244 – Electronic Arts, Inc.)
Overwolf (HKLM-x32…Overwolf) (Version: 0.143.0.24 – Overwolf Ltd.)
PDF Settings CS5 (HKLM-x32…{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 – Adobe Systems Incorporated) Hidden
Pokémon Trading Card Game Online (HKLM-x32…{B5D84968-CCDB-4E54-A1EA-098A01099D06}) (Version: 2.45.0 – The Pokémon Company International)
Python 3.6.2 (Anaconda3 5.0.0 64-bit) (HKLM…Python 3.6.2 (Anaconda3 5.0.0 64-bit)) (Version: 5.0.0 – Anaconda, Inc.)
Python 3.6.3 (64-bit) (HKUS-1-5-21-2878526742-3543137075-4239602185-1001…{b3a11d5f-0d2d-4bc3-ad72-39f3fa14162c}) (Version: 3.6.3150.0 – Python Software Foundation)
Python 3.6.3 Core Interpreter (64-bit symbols) (HKLM…{4F41E9C9-3079-4 BB0-806E-EA74F6E218AC}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python 3.6.3 Core Interpreter (64-bit) (HKLM…{5CAB3F9C-AC0C-4796-984C-292FF82FB112}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python 3.6.3 Development Libraries (64-bit) (HKLM…{B6B221CE-20AA-46D6-8156-911613216968}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python 3.6.3 Documentation (64-bit) (HKLM…{404A8C42-6B82-4B32-AC7F-0583644A04F2}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python 3.6.3 Executables (64-bit symbols) (HKLM…{B6C96BF6-D381-4011-B65D-44FC4A7CFC9E}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python 3.6.3 Executables (64-bit) (HKLM…{D3ABC2C4-85AF-4AFD-94D4-F2B84F49BFEA}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python 3.6.3 pip Bootstrap (64-bit) (HKLM…{48EC8399-294B-40F5-8274-E2AFBF0CFCBE}) (Version: 3.6.3150.0 – Python Software Foun dation) Hidden
Python 3.6.3 Standard Library (64-bit symbols) (HKLM…{28FDA5E7-4FD1-4659-96D0-E6D2FD756DDD}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python 3.6.3 Standard Library (64-bit) (HKLM…{60B3332C-989F-4609-8D4F-7B1FD1DB0A5D}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python 3.6.3 Tcl/Tk Support (64-bit symbols) (HKLM…{50A4B450-4499-4AF7-8AC9-5125DA32153A}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python 3.6.3 Tcl/Tk Support (64-bit) (HKLM…{8FE3FFD1-2F7E-4EBB-A4B7-627E279DA70E}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python 3.6.3 Test Suite (64-bit symbols) (HKLM…{43BEECFA-E1E7-4124-B3EC-124B7D35C170}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python 3.6.3 Test Suite (64-bit) (HKLM…{2C6B5217-ACF4-4082-B19C-3463C9340E41}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python 3.6.3 Utility Scripts (64 -bit) (HKLM…{E3F016B8-A524-4F97-9095-944C31A971E0}) (Version: 3.6.3150.0 – Python Software Foundation) Hidden
Python Launcher (HKLM-x32…{C093353B-F9EE-4A06-923D-C1B340B82886}) (Version: 3.6.6119.0 – Python Software Foundation)
QuickTime 7 (HKLM-x32…{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 – Apple Inc.)
Rainmeter (HKLM-x32…Rainmeter) (Version: 4.1 r2989 – Rainmeter)
Rappelz_US (HKLM-x32…{FF64912C-DC87-4A55-86C2-9CB30CAD1611}_is1) (Version: Rappelz_US – Webzen)
Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 – Realtek Semiconductor Corp.)
ReaPlugs/x64 (HKLM…ReaPlugs) (Version: – )
Revo Uninstaller 2.1.1 (HKLM…{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 – VS Revo Group, Ltd.)
RocketDock 1.3.5 (HKLM-x32…RocketDock_is1) (Version: – Punk Software)
Samsung USB Driver for Mobile P hones (HKLM…{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 – Samsung Electronics Co., Ltd.)
SDK ARM Additions (HKLM-x32…{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32…{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
Skype version 8.48 (HKLM-x32…Skype_is1) (Version: 8.48 – Skype Technologies S.A.)
Spectralissime, The Spectrum Analyzer (HKLM-x32…VB:Spectralissime {3C77C191-1FE5-4e3c}) (Version: – VB-Audio Software)
sptools_Microsoft.VisualStudio.OfficeDeveloperTools.Msi (HKLM-x32…{72BA31CD-9667-422B-A8A4-65C248E06222}) (Version: 15.0.26501 – Microsoft Corporation) Hidden
sptools_Microsoft.VisualStudio.Vsto.Msi (HKLM-x32…{31CBBC25-FEF4-42CE-AF0D-2B781D77D79C}) (Version: 15.0.26831 – Microsoft Corporation) Hidden
sptools_Microsoft.VisualStudio.Vsto.Msi.Resou rces (HKLM-x32…{6F410B16-8B46-43AF-BC73-C43EE190BFA4}) (Version: 15.0.26417 – Microsoft Corporation) Hidden
sptools_Microsoft.VisualStudio.Vsto.Msi.x64 (HKLM-x32…{4FC5E53D-F951-4AAE-B436-76229998D1F4}) (Version: 15.0.26831 – Microsoft Corporation) Hidden
Statsbook Tool 2.2.0 (HKUS-1-5-21-2878526742-3543137075-4239602185-1001…21023521-892d-5f27-9de4-75c053466799) (Version: 2.2.0 – Adam Smasher)
Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)
StreamLabels 0.3.4 (only current user) (HKUS-1-5-21-2878526742-3543137075-4239602185-1001…8000d50a-fcb7-5b38-8a3b-a02a0ec79daa) (Version: 0.3.4 – Streamlabs)
StreamLabels 0.3.8 (HKUS-1-5-21-2878526742-3543137075-4239602185-1001…{8000d50a-fcb7-5b38-8a3b-a02a0ec79daa}) (Version: 0.3.8 – Streamlabs)
Streamlabs Chatbot version 1.0.2.61 (HKLM-x32…{08D3C5BB-C492-4916-B111-725081845380}_is1) (Version: 1.0.2.61 – Streamlabs)
TAP-Windows 9.21.2 (HKL M…TAP-Windows) (Version: 9.21.2 – )
TP-LINK Archer T9E Driver (HKLM-x32…{59516745-D476-49FD-B281-371844FA1C21}) (Version: 1.3.1 – TP-LINK)
TypeScript SDK (HKLM-x32…{B08D05BC-7897-4616-B34C-95B58D07650C}) (Version: 2.5.4.0 – Microsoft Corporation) Hidden
TypeScript SDK (HKLM-x32…{CFA1F87E-EF2B-4785-812C-4BEEA22CFD06}) (Version: 2.3.5.0 – Microsoft Corporation) Hidden
Unigine Valley Benchmark version 1.0 (HKLM-x32…Unigine Valley Benchmark_is1) (Version: 1.0 – Unigine Corp.)
Unity (HKLM-x32…Unity) (Version: 2017.2.0f3 – Unity Technologies ApS)
Universal Adb Driver (HKLM-x32…{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 – ClockworkMod)
Universal CRT Extension SDK (HKLM-x32…{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32…{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1 .16299.15 – Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32…{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM…{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32…{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32…{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32…{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 – Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32…{0074562E-F896-4994-9086-79F8BC8DE02C}) (Version: 14.12.25830 – Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM…14c0b9e2) (Version: 15.5.27130.2027 – Mic rosoft Corporation)
Vortex (HKLM…57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 0.17.11 – Black Tree Gaming Ltd.)
VS Immersive Activate Helper (HKLM-x32…{8A2BDA07-3417-46C1-9058-CB32BC63E30E}) (Version: 16.0.76.0 – Microsoft Corporation) Hidden
VS JIT Debugger (HKLM…{F8F52853-A1A7-42C7-A082-5A6D5853BB0B}) (Version: 16.0.76.0 – Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM…{0EE5749D-2DC0-460F-AB1C-06B3EDB42426}) (Version: 16.0.76.0 – Microsoft Corporation) Hidden
VS WCF Debugging (HKLM…{209A1A84-1A06-4954-9D73-7E654C5F8D7A}) (Version: 16.0.76.0 – Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32…{18640789-304F-40B5-884B-130B4A97D83B}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32…{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32…{91DDDFB5 -1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32…{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32…{595F5D63-8773-4182-A1E0-EC9ECF4B6EA4}) (Version: 15.0.27102 – Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32…{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 – Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32…{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 – Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32…{9414C260-D479-49EB-B0BF-01C1F5076EA0}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32…{A57BD1C0-42AD-42F8-AFEB-FAC7E6ABB005}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32…{70F69B4F-7950-4841-8139-5D0C7EDD2FE6}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM…{B11D79C6-332C-47B6-B58C-2F88A4911C7C}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32…{2497054A-0269-4F45-98AE-F469F89CC45F}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32…{231C8ADB-BF59-458E-A909-CFA825F46388}) (Version: 15.0.27102 – Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32…{9CDD69A2-765A-4970-AB6B-595A740C614F}) (Version: 15.0.27019 – Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32…{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 – Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32…{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32…{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 – Microsoft Corporation) Hidden
Vul kan Run Time Libraries 1.0.65.1 (HKLM…VulkanRT1.0.65.1) (Version: 1.0.65.1 – LunarG, Inc.) Hidden
Vysor (HKUS-1-5-21-2878526742-3543137075-4239602185-1001…Vysor) (Version: 2.1.2 – ClockworkMod)
WinAppDeploy (HKLM-x32…{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
WinDirStat 1.1.2 (HKUS-1-5-21-2878526742-3543137075-4239602185-1001…WinDirStat) (Version: – )
Windows Driver Package – Corsair Components, Inc. (SIUSBXP) USB (07/14/2017 3.3) (HKLM…A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 – Corsair Components, Inc.)
Windows Driver Package – non-standard.com(tsg-mfg) (NSTDUSB21) USB (04/18/2014 3.4.7.001) (HKLM…D30F47C7763C79A4C39D48CF73A8DD40F7D1044F) (Version: 04/18/2014 3.4.7.001 – non-standard.com(tsg-mfg))
Windows SDK AddOn (HKLM-x32…{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 – Microsoft Corporation)
Wi ndows Software Development Kit – Windows 10.0.16299.15 (HKLM-x32…{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 – Microsoft Corporation)
WinRAR 5.60 beta 1 (64-bit) (HKLM…WinRAR archiver) (Version: 5.60.1 – win.rar GmbH)
WinRT Intellisense Desktop – en-us (HKLM-x32…{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
WinRT Intellisense Desktop – Other Languages (HKLM-x32…{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
WinRT Intellisense IoT – en-us (HKLM-x32…{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
WinRT Intellisense IoT – Other Languages (HKLM-x32…{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
WinRT Intellisense Mobile – en-us (HKLM-x32…{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299 .15 – Microsoft Corporation) Hidden
WinRT Intellisense PPI – en-us (HKLM-x32…{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
WinRT Intellisense PPI – Other Languages (HKLM-x32…{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
WinRT Intellisense UAP – en-us (HKLM-x32…{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
WinRT Intellisense UAP – Other Languages (HKLM-x32…{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 – Microsoft Corporation) Hidden
Workflow Manager Client 1.0 (HKLM…{69CD1F2D-DF68-4E23-9108-1B70783F2855}) (Version: 2.1.10525.2 – Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (HKLM…{7E351EBA-A063-4DE6-9F95-094883AAF7DA}) (Version: 2.1.10713.0 – Microsoft Corporation) Hidden
World of Warcraft (HKLM-x32…Worl d of Warcraft) (Version: – Blizzard Entertainment)
Xamarin Android SDK Manager (HKLM-x32…{D1BEA9B3-76C6-4D62-83DD-75A8BD684154}) (Version: 0.1.107.0 – Xamarin) Hidden
Xamarin PCL Profiles v1.0.9 (HKLM-x32…{5E6844AB-A867-419C-A376-B12B574AA5F7}) (Version: 1.0.9.0 – Xamarin) Hidden
Xamarin Remoted iOS Simulator (HKLM-x32…{C45C18D5-49E9-463E-8A3B-207E1F3099C1}) (Version: 1.2.2.32 – Xamarin) Hidden
Xamarin Workbooks and Inspector (HKLM-x32…{4C9771FB-6EB6-4E89-A2BE-BDE8B61C1BEC}) (Version: 1.2.2.9000 – Xamarin) Hidden
Zoom (HKUS-1-5-21-2878526742-3543137075-4239602185-1001…ZoomUMX) (Version: 4.6 – Zoom Video Communications, Inc.)
Packages:
=========
Facebook -> C:Program FilesWindowsAppsFacebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2020-04-06] (Facebook Inc)
HP Smart -> C:Program FilesWindowsAppsAD2F1837.HPPrinterControl_110.1.728.0_x64__v10z8vjag6ke6 [2020-04-14] ( HP Inc.)
LastPass for Windows Desktop -> C:Program FilesWindowsAppsLastPass.LastPass_4.3.0.0_x64__qq0fmhteeht3j [2020-04-13] (LastPass)
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-14] (Microsoft Studios) [MS Ad]
MSN Weather -> C:Program FilesWindowsAppsMicrosoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-06] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:Program FilesWindowsAppsThumbmunkeysLtd.PhototasticCollage_3.9.1.0_x64__nfy108tqq3p12 [2020-04-18] (Thumbmunkeys Ltd) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKUS-1-5-21-2878526742-3543137075-4239602185-1001_ClassesCLSID{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:UsersStatic ShockDropbox [2017-07-01 06:30]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:Program Files (x86)GoogleDrivegoogledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:Program Files (x86)GoogleDrivegoogledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:Program Files (x86)GoogleDrivegoogledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOve rlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIc onOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => F:Adobe CS 5.5 Design Su iteAcrobat 10.0Acrobat ElementsContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program Files (x86)GoogleDrivecontextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2018-03-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2018-03-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:Program Files (x86)DropboxClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program Files (x86)GoogleDrivecontextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:Program Files (x86)Dropbo xClientDropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSsystem32nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => F:Adobe CS 5.5 Design SuiteAcrobat 10.0Acrobat ElementsContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2018-03-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2018-03-16] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM…Drivers32: [vidc.i420] => C:Windowssystem32lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM…Drivers32: [VIDC.FPS1] => C:Windowssystem32frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM…Drivers32: [vidc.i420] => C:WindowsSysWOW64lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM…Drivers32: [VIDC.FPS1] => C:WindowsSysWOW64frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:UsersStatic ShockDesktopMRDA (MRDA Stats) – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2020-04-13 10:12 – 2020-04-13 10:12 – 096130048 _____ () [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943libcef.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000117760 _____ () [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943libEGL.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 004342784 _____ () [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943libGLESv2.dll
2017-12-05 18:17 – 2007-09-02 13:57 – 000069632 _____ () [File not signed] C:Program Files (x86)RocketDockRocketDock.dll
2019-11-15 14:13 – 2019-11-15 14:13 – 000038400 _____ () [File not signed] C:Program FilesElgatoStreamDeckgiflib5.dll
2019-11-15 14:13 – 2019-11-15 14:13 – 000098816 _____ () [File not signed] C:Program FilesElgatoStreamDeckQtZeroConf.dll
2019-11-15 14:13 – 2019-11-15 14:13 – 000720384 _____ () [File not signed] C:Program FilesElgatoStreamDeckturbojpeg.dll
2015-09-05 03:05 – 2015-09-05 03:05 – 000255760 _____ (Beepa Pty Ltd -> Beepa P/L) [File not signed] C:FrapsFRAPS32.DLL
2015-09-05 03:05 – 2015-09-05 03:05 – 000102160 _____ (Beepa Pty Ltd -> Beepa P/L) [File not signed] C:Frapsfraps64.dat
2015-09-05 03:05 – 2015-09-05 03:05 – 000215824 _____ (Beepa Pty Ltd -> Beepa P/L) [File not signed] C:Frapsfraps64.dll
2018-09-12 10:08 – 2018-09-12 10:08 – 001415168 _____ (CPUID) [File not signed] F:Corsair iCueCorsairCORSAIR iCUE Softwarecpuidsdk.dll
2018-03-29 16:56 – 2018-03-29 16:56 – 001272832 _____ (CPUID) [File not signed] F:CorsairLink4cpuidsdk.dll
2018-01-18 09:56 – 2018-01-18 09:56 – 000189952 _____ (Elgato Systems GmbH) [File not signed] C:Program FilesElgatoGameCaptureEGCAPILite.dll
2018-02-02 19:14 – 2017-09-27 17:30 – 000489984 _____ (File is in use) [File not signed ?] C:Program Files (x86)WondershareWAF2.4.3.236Newtonsoft.Json.dll
2018-02-02 19:14 – 2018-01-26 17:08 – 000088064 _____ (File is in use) [File not signed ?] C:Program Files (x86)WondershareWAF2.4.3.236WsAppCollect.dll[19659002]2018-02-02 19:14 – 2018-01-26 17:08 – 000200192 _____ (File is in use) [File not signed ?] C:Program Files (x86)WondershareWAF2.4.3.236WsAppCommon.dll
2016-09-07 11:44 – 2016-09-07 11:44 – 000350208 _____ (Intel® Corporation) [File not signed] C:Windowssystem32NCS2Setp.dll
2020-04-13 14:47 – 2020-04-13 14:47 – 015898112 _____ (LastPass) [File not signed] C:Program FilesWindowsAppsLastPass.LastPass_4.3.0.0_x64__qq0fmhteeht3jlpwinmetro.dll
2017-09-28 18:41 – 2017-09-28 18:41 – 000266240 _____ (Microsoft Corporation) [File not signed] C:Program Files (x86)Common FilesMicrosoft SharedPhone ToolsCoreCon11.0binIpOverUsbPc.DLL
2018-08-27 13:19 – 2018-08-27 13:19 – 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] F:Corsair iCueCorsairCORSAIR iCUE SoftwareSiUSBXp.dll
2018-02-26 12:56 – 2018-02-26 12:56 – 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] F:CorsairLink4SiUSBXp.dll
2019-11-15 14:13 – 2019-11-15 14:13 – 00174284 8 _____ (SQLite Development Team) [File not signed] C:Program FilesElgatoStreamDecksqlite3.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000760832 _____ (The Chromium Authors) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943chrome_elf.dll
2018-04-06 13:29 – 2018-04-06 13:29 – 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program FilesLogitech Gaming SoftwareLIBEAY32.dll
2018-04-06 13:29 – 2018-04-06 13:29 – 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program FilesLogitech Gaming Softwaressleay32.dll
2019-11-15 14:13 – 2019-11-15 14:13 – 002687488 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:Program FilesElgatoStreamDecklibcrypto-1_1-x64.dll
2019-11-15 14:13 – 2019-11-15 14:13 – 000643072 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:Program FilesElgatoStreamDecklibssl-1_1-x64.dll
2020-04-13 10:12 – 2020-04- 13 10:12 – 000047104 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943audioqtaudio_windows.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000026112 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943imageformatsqgif.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000027136 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943imageformatsqico.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000243712 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943imageformatsqjpeg.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000223744 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943imageformatsqmng.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000020992 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943imageformatsqsvg.dll[19659002]2020-04-13 10:12 – 2020-04-13 10:12 – 000332288 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943imageformatsqtiff.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 001140224 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943platformsqwindows.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000041984 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943qmlQtGraphicalEffectsprivateqtgraphicaleffectsprivate.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000014848 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943qmlQtGraphicalEffectsqtgraphicaleffectsplugin.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000014848 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943qmlQtQmlModels.2modelsplugin.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000014848 _____ (T he Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943qmlQtQuick.2qtquick2plugin.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000084480 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943qmlQtQuickControls.2qtquickcontrols2plugin.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000267776 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943qmlQtQuickControlsqtquickcontrolsplugin.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000071680 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943qmlQtQuickLayoutsqquicklayoutsplugin.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000211456 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943qmlQtQuickTemplates.2qtquicktemplates2plugin.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000014848 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943qmlQtQuickWindow.2windowplugin.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 004943360 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943Qt5Core.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 005022208 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943Qt5Gui.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000626176 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943Qt5Multimedia.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000877056 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943Qt5Network.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 002908672 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943Qt5Qml.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 003078656 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943Qt5Quick.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000096256 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943Qt5QuickControls2.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000681472 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943Qt5QuickTemplates2.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000259072 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943Qt5Svg.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 004718080 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943Qt5Widgets.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000439296 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Blizzard AppBattle.net.11943Qt5WinExtras.dll
2020-04-13 10:12 – 2020-04-13 10:12 – 000159232 _____ (The Qt Company Ltd.) [File not signed] C:P rogram Files (x86)Blizzard AppBattle.net.11943Qt5Xml.dll
2019-11-18 12:38 – 2019-11-18 12:38 – 006021240 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:Program FilesElgatoStreamDeckQt5Core.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => ""="Service"
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKUS-1-5-21-2878526742-3543137075-4239602185-1001…localhost -> localhost
IE trusted site: HKUS-1-5-21-2878526742-3543137075-4239602185-1001…sharepoint.com -> hxxps://tigna-files.sharepoint.com
IE trusted site: HKUS-1-5-21-2878526742-3543137075-4239602185-1001…webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If need ed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 16:03 – 2017-03-18 16:01 – 000000824 _____ C:WINDOWSsystem32driversetchosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program FilesOculusSupportoculus-runtime;C:Program FilesMicrosoft MPIBin;C:Windowssystem32;C:Windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:WINDOWSSystem32WindowsPowerShellv1.0;C:Program Filesdotnet;C:Program FilesMicrosoft SQL Server130ToolsBinn;C:Program Files (x86)QuickTimeQTSystem;C:WINDOWSSystem32OpenSSH;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT %System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR
HKUS-1-5-21-2878526742-3543137075-4239602185-1001Control PanelDesktop\Wallpaper -> C:UsersStatic ShockAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper
DNS Servers: 192.168.1.1
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: Warn)
.
