Rootkit suspected – Virus, Trojan, Spyware, and Malware Removal Help | #firefox | #chrome | #microsoftedge

 

Welcome.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to the disclaimer.
  • Press the Scan button.
  • It will produce logs called FRST.txt and Addition.txt in the same directory the tool is run from.
  • Please copy and paste the logs back here.

 

 

I did it after booting without internet, as I did for GMER.

The generated files were as follows:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021

Ran by VM (administrator) on DESKTOP-TDOEMH3 (LENOVO 81FV) (20-11-2021 00:18:49)

Running from D:Downloads

Loaded Profiles: VM & Administrator

Platform: Microsoft Windows 10 Education Version 20H2 19042.1348 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

() [File not signed] D:ProgramsMATLAB_R2021bbinwin64MATLABStartupAccelerator.exe

(Adobe Inc. -> Adobe Inc.) C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe

(Apple Inc. -> Apple Inc.) C:Program FilesBonjourmDNSResponder.exe

(Apple Inc.) C:Program FilesWindowsAppsAppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe

(Dolby Laboratories, Inc. -> ) C:WindowsSystem32dolbyaposvcDAX3API.exe <2>

(Dropbox, Inc -> Dropbox, Inc.) C:Program Files (x86)DropboxClientDropbox.exe <3>

(Dropbox, Inc -> Dropbox, Inc.) C:Program Files (x86)DropboxUpdateDropboxUpdate.exe

(Dropbox, Inc -> Dropbox, Inc.) C:WindowsSystem32DbxSvc.exe

(Dropbox, Inc -> The Qt Company Ltd.) C:Program Files (x86)DropboxClient135.4.4221QtWebEngineProcess.exe <2>

(EXPRSVPN LLC -> ExpressVPN) C:Program Files (x86)ExpressVPNbootstrapamd64nssm.exe

(EXPRSVPN LLC -> ExpressVPN) C:Program Files (x86)ExpressVPNexpressvpndexpressvpnd.exe

(EXPRSVPN LLC -> ExpressVPN) C:Program Files (x86)ExpressVPNexpressvpn-uiExpressVPNNotificationService.exe

(Intel Corporation -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydptf_cpu.inf_amd64_7ecc5be6ca7b3b0desif_uf.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_0b214be229a13e84jhi_service.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_0d8dab4470c5524bGfxDownloadWrapper.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_0d8dab4470c5524bigfxCUIService.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_0d8dab4470c5524bigfxEM.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigcc_dch.inf_amd64_a9a2dde7124f013fOneApp.IGCC.WinService.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryiigd_dch.inf_amd64_7d90afac159f566cIntelCpHDCPSvc.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryiigd_dch.inf_amd64_7d90afac159f566cIntelCpHeciSvc.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryiaahcic.inf_amd64_120314e52c04567cRstMwService.exe

(Kaspersky Lab JSC -> AO Kaspersky Lab) C:Program Files (x86)Kaspersky LabKaspersky Internet Security 21.3avp.exe

(Kaspersky Lab JSC -> AO Kaspersky Lab) C:Program Files (x86)Kaspersky LabKaspersky Internet Security 21.3avpui.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe

(Microsoft Corporation -> Microsoft Corporation) C:UsersVMAppDataLocalMicrosoftTeamscurrentTeams.exe <8>

(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32Taskmgr.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSysWOW64wbemWmiPrvSE.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsWinSxSamd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1310_none_7e15ec207c87d405TiWorker.exe

(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:WindowsSystem32FMService64.exe

(Nextcloud GmbH -> Nextcloud GmbH) C:Program Files (x86)Nextcloudnextcloud.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <2>

(Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvlti.inf_amd64_4831581a4e5dfca0Display.NvContainerNVDisplay.Container.exe <2>

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32RtkAudUService64.exe <2>

(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe

(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:Program Files (x86)Spybot – Search & Destroy 2SDTray.exe

(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe

(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RtkAudUService] => C:WINDOWSSystem32RtkAudUService64.exe [865568 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM-x32…Run: [Dropbox] => C:Program Files (x86)DropboxClientDropbox.exe [8807712 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)

HKLM-x32…Run: [APSDaemon] => C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)

HKLM-x32…Run: [SDTray] => C:Program Files (x86)Spybot – Search & Destroy 2SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

HKLM-x32…Run: [ExpressVPNNotificationService] => C:Program Files (x86)ExpressVPNexpressvpn-uiExpressVPNNotificationServiceStarter.exe [370088 2021-09-10] (EXPRSVPN LLC -> ExpressVPN)

HKUS-1-5-21-504185822-2683078815-436334261-1001…Run: [Nextcloud] => C:Program Files (x86)Nextcloudnextcloud.exe [2739008 2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)

HKUS-1-5-21-504185822-2683078815-436334261-1001…Run: [com.squirrel.Teams.Teams] => C:UsersVMAppDataLocalMicrosoftTeamsUpdate.exe [2459280 2021-11-04] (Microsoft 3rd Party Application Component -> Microsoft Corporation)

HKLM…Windows x64Print ProcessorsCanon MG2500 series Print Processor: C:WindowsSystem32spoolprtprocsx64CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM…Windows x64Print ProcessorsCanon MG4200 series Print Processor: C:WindowsSystem32spoolprtprocsx64CNMPDB9.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM…PrintMonitorsCanon BJ Language Monitor MG2500 series: C:Windowssystem32CNMLMBX.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM…PrintMonitorsCanon BJ Language Monitor MG2500 series XPS: C:Windowssystem32CNMXLMBX.DLL [393728 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM…PrintMonitorsCanon BJ Language Monitor MG4200 series: C:Windowssystem32CNMLMB9.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication96.0.4664.45Installerchrmstp.exe [2021-11-15] (Google LLC -> Google LLC)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:Program Files (x86)BraveSoftwareBrave-BrowserApplication96.1.32.106Installerchrmstp.exe [2021-11-16] (Brave Software, Inc. -> Brave Software, Inc.)

GroupPolicy: Restriction ? <==== ATTENTION

Policies: C:ProgramDataNTUSER.pol: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0430C2A2-53EA-4CA4-BE9F-DC5B80AEE11B} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {05EB0295-78BE-475D-B9E9-92AA9D719FB3} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)

Task: {110E2B96-7613-4BAC-A66C-FF042327CC3C} – System32TasksSafer-NetworkingSpybot – Search and DestroyRefresh immunization => C:Program Files (x86)Spybot – Search & Destroy 2SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

Task: {20F38EBC-9594-46D1-8728-199EBE8BD741} – System32TasksMicrosoftVisualStudioUpdatesUpdateConfiguration_S-1-5-21-504185822-2683078815-436334261-1001 => C:program files (x86)microsoft visual studioinstallerresourcesappServiceHubServicesMicrosoft.VisualStudio.Setup.ServiceVSIXConfigurationUpdater.exe [23456 2021-11-15] (Microsoft Corporation -> Microsoft)

Task: {240823ED-73D6-46B7-80C3-54C32ABA200E} – System32TasksBraveSoftwareUpdateTaskMachineUA => C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [159368 2019-07-27] (Brave Software, Inc. -> BraveSoftware Inc.)

Task: {24A1207A-33F5-4091-9738-527D11B217E9} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {26E3F5FD-DBC5-40F2-B282-BE081060039C} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156968 2018-12-25] (Google Inc -> Google Inc.)

Task: {399E513E-ECC5-4E9C-9044-2669055E7CBA} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {3B41E273-D885-4D69-AF65-5495F5AA21B6} – System32TasksMicrosoftOfficeOffice Serviceability Manager => C:Program FilesCommon FilesMicrosoft SharedClickToRunofficesvcmgr.exe [4190800 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)

Task: {43A00116-76C4-425D-9CCD-29C8102FB60E} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {47B612D1-896E-418A-BE22-2F3258EF6C26} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [108888 2021-11-15] (Microsoft Corporation -> Microsoft Corporation)

Task: {53F6D64A-1834-419B-9509-7965B4E38C32} – System32TasksAppleAppleSoftwareUpdate => C:Program Files (x86)Apple Software UpdateSoftwareUpdate.exe [563000 2015-08-27] (Apple Inc. -> Apple Inc.)

Task: {6FA10CE5-2DE1-44E8-B36C-79F703C5EE99} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {74B84CC3-4E57-430F-8C2C-5C2CAFFB5D72} – System32TasksBraveSoftwareUpdateTaskMachineCore => C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [159368 2019-07-27] (Brave Software, Inc. -> BraveSoftware Inc.)

Task: {841722F4-5F51-4D29-8E6F-8974C949E1AF} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156968 2018-12-25] (Google Inc -> Google Inc.)

Task: {89157F26-B26E-45EA-AC4A-9626167000A1} – System32TasksKaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:Program FilesCommon FilesAVKaspersky Labupgrade_launcher.exe [743488 2021-11-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)

Task: {8B27E296-D65C-4E52-B2BF-4FD0213F9FCF} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [108888 2021-11-15] (Microsoft Corporation -> Microsoft Corporation)

Task: {8D030FE8-D842-4460-BDA6-603E650F29A2} – System32TasksDropboxUpdateTaskMachineCore => C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

Task: {8E9BDA87-1FCA-430F-BE2F-5F57C2D4249F} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)

Task: {8F60E99F-C801-47A3-B113-8EFA2CA29E6E} – System32TasksDropboxUpdateTaskMachineUA => C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

Task: {8F787B00-E6AF-4B69-A763-1BA921606C7B} – System32TasksAdobe Acrobat Update Task => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)

Task: {96E3AF17-E1D6-4096-B98D-CE16749DE171} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: {98FBE27F-FD18-4308-A268-5DB83BBCC747} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {BA702209-EC3A-4F53-A32C-3186E3B5FECB} – System32TasksSafer-NetworkingSpybot – Search and DestroyScan the system => C:Program Files (x86)Spybot – Search & Destroy 2SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

Task: {BADF76F6-BD73-4665-B8CE-0DEA767C21AC} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

Task: {C152C891-3B31-4900-B1E9-A653AB179C11} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {C59C75D0-0FEB-41B7-AC4E-9B82C70753C9} – System32TasksMicrosoftVisualStudioUpdatesUpdateConfiguration_S-1-5-21-504185822-2683078815-436334261-500 => C:program files (x86)microsoft visual studioinstallerresourcesappServiceHubServicesMicrosoft.VisualStudio.Setup.ServiceVSIXConfigurationUpdater.exe [23456 2021-11-15] (Microsoft Corporation -> Microsoft)

Task: {D426D24C-84EC-44D3-A2EE-EAF08D067D49} – System32TasksSafer-NetworkingSpybot – Search and DestroyCheck for updates => C:Program Files (x86)Spybot – Search & Destroy 2SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

Task: {DA4E1EBD-B037-4562-894E-262BA0AD9120} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [680888 2021-10-17] (Mozilla Corporation -> Mozilla Foundation)

Task: {E041970C-F235-4090-9D7F-73CE796F2F6B} – System32TasksMicrosoftVisualStudioVSIX Auto Update => C:program files (x86)microsoft visual studioinstallerresourcesappServiceHubServicesMicrosoft.VisualStudio.Setup.ServiceVSIXAutoUpdate.exe [211328 2021-11-15] (Microsoft Corporation -> )

Task: {F123C796-8493-46F5-A406-1C17A3E69E41} – System32TasksMicrosoftOfficeOffice Subscription Maintenance => C:Program Files (x86)Microsoft OfficerootvfsProgramFilesCommonx86Microsoft SharedOffice16OLicenseHeartbeat.exe [1162160 2021-11-15] (Microsoft Corporation -> Microsoft Corporation)

Task: {F74E9DF0-DCCE-4516-B571-08E5B8F49CF9} – System32TasksLenovoLenovo Service BridgeS-1-5-21-504185822-2683078815-436334261-1001 => C:UsersVMAppDataLocalProgramsLenovoLenovo Service BridgeLSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited)

Task: {F78ED3E2-6BEC-48CE-867F-4CD3375555FC} – System32TasksMATLAB R2021b Startup Accelerator => D:ProgramsMATLAB_R2021bbinwin64MATLABStartupAccelerator.exe [50176 2021-05-15] () [File not signed]

Task: {FCB08D70-A2EF-4BBE-A196-9B6AF1EC499C} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:Windowsexplorer.exe

Task: C:WINDOWSTasksDropboxUpdateTaskMachineCore.job => C:Program Files (x86)DropboxUpdateDropboxUpdate.exe

Task: C:WINDOWSTasksDropboxUpdateTaskMachineUA.job => C:Program Files (x86)DropboxUpdateDropboxUpdate.exe

Task: C:WINDOWSTasksMATLAB R2021b Startup Accelerator.job => D:ProgramsMATLAB_R2021bbinwin64MATLABStartupAccelerator.exeD:ProgramsMATLAB_R2021bDESKTOP-TDOEMH3VM.Sta

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

TcpipParameters: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{775fb755-ddd3-4a89-8c5e-fe2038f98a2c}: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{991d6337-53a0-4474-9ad9-15319daca7dc}: [DhcpNameServer] 152.66.241.5 152.66.241.110

Tcpip..Interfaces{a0d8b990-13a9-4eaa-981d-019640954b67}: [DhcpNameServer] 10.126.0.1

Tcpip..Interfaces{fbab19d0-faf3-4a06-9b57-a535186467cb}: [DhcpNameServer] 192.168.1.1

 

Edge: 

=======

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]

Edge Profile: C:UsersVMAppDataLocalMicrosoftEdgeUser DataDefault [2021-11-19]

Edge HKUS-1-5-21-504185822-2683078815-436334261-1001SOFTWAREMicrosoftEdgeExtensions…EdgeExtension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

Edge HKUS-1-5-21-504185822-2683078815-436334261-500SOFTWAREMicrosoftEdgeExtensions…EdgeExtension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

 

FireFox:

========

FF DefaultProfile: qghgqr1n.default

FF ProfilePath: C:UsersVMAppDataRoamingMozillaFirefoxProfilesqghgqr1n.default [2021-10-17]

FF Extension: (Facebook Container) – C:UsersVMAppDataRoamingMozillaFirefoxProfilesqghgqr1n.defaultExtensions@contain-facebook.xpi [2021-08-03]

FF Extension: (English United States Dictionary) – C:UsersVMAppDataRoamingMozillaFirefoxProfilesqghgqr1n.defaultExtensions@unitedstatesenglishdictionary.xpi [2020-10-15]

FF Extension: (English (US) Language Pack) – C:UsersVMAppDataRoamingMozillaFirefoxProfilesqghgqr1n.defaultExtensionslangpack-en-US@firefox.mozilla.org.xpi [2021-10-17]

FF Extension: (uBlock Origin) – C:UsersVMAppDataRoamingMozillaFirefoxProfilesqghgqr1n.defaultExtensionsuBlock0@raymondhill.net.xpi [2021-08-03]

FF Extension: (Video DownloadHelper) – C:UsersVMAppDataRoamingMozillaFirefoxProfilesqghgqr1n.defaultExtensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01]

FF HKLM…FirefoxExtensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] – C:Program Files (x86)Kaspersky LabKaspersky Internet Security 21.3FFExtlight_plugin_firefoxaddon.xpi => not found

FF HKLM-x32…FirefoxExtensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] – C:Program Files (x86)Kaspersky LabKaspersky Internet Security 21.3FFExtlight_plugin_firefoxaddon.xpi => not found

FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program Files (x86)Microsoft OfficerootOffice16NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:Program Files (x86)BraveSoftwareUpdate1.3.99.0npBraveUpdate3.dll [2019-07-27] (Brave Software, Inc. -> BraveSoftware Inc.)

FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:Program Files (x86)BraveSoftwareUpdate1.3.99.0npBraveUpdate3.dll [2019-07-27] (Brave Software, Inc. -> BraveSoftware Inc.)

FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:UsersVMAppDataRoamingmozillapluginsnpatgpc.dll [2020-03-20]

 

Chrome: 

=======

CHR Profile: C:UsersVMAppDataLocalGoogleChromeUser DataDefault [2021-11-20]

CHR DownloadDir: D:Downloads

CHR Notifications: Default -> hxxps://colab.research.google.com; hxxps://drive.google.com; hxxps://meet.google.com; hxxps://teams.microsoft.com

CHR Session Restore: Default -> is enabled.

CHR Extension: (Slides) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2018-12-25]

CHR Extension: (Kaspersky Protection) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionsahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-11-18]

CHR Extension: (Docs) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2018-12-25]

CHR Extension: (Google Drive) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-25]

CHR Extension: (Quick Tab) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionsbdeifmcaonlafkglbdpbbhkeecjnkipo [2020-06-30]

CHR Extension: (YouTube) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-25]

CHR Extension: (uBlock Origin) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionscjpalhdlnbpafiamejdnhcphjbkeiagm [2021-10-17]

CHR Extension: (Dropbox for Gmail) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionsdpdmhfocilnekecfjgimjdeckachfbec [2021-08-31]

CHR Extension: (Sheets) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2018-12-25]

CHR Extension: (Google Docs Offline) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-15]

CHR Extension: (Google Scholar Button) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionsldipcbpaocekfooobnbcddclnhejkcpn [2020-10-08]

CHR Extension: (Video DownloadHelper) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionslmjnegcaeklhafolokijcfjliaokphfk [2021-07-02]

CHR Extension: (Chrome Web Store Payments) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (Gmail) – C:UsersVMAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]

CHR Profile: C:UsersVMAppDataLocalGoogleChromeUser DataSystem Profile [2021-02-18]

CHR HKLM…ChromeExtension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] – hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

CHR HKLM-x32…ChromeExtension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] – hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj]

 

Brave: 

=======

BRA DefaultProfile: Default

BRA Profile: C:UsersVMAppDataLocalBraveSoftwareBrave-BrowserUser DataDefault [2021-11-19]

BRA DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&t=brave

BRA DefaultSearchKeyword: Default -> :d

BRA DefaultSuggestURL: Default -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list

BRA Extension: (Kaspersky Protection) – C:UsersVMAppDataLocalBraveSoftwareBrave-BrowserUser DataDefaultExtensionsahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-11-18]

BRA Extension: (uBlock Origin) – C:UsersVMAppDataLocalBraveSoftwareBrave-BrowserUser DataDefaultExtensionscjpalhdlnbpafiamejdnhcphjbkeiagm [2021-10-17]

BRA Extension: (ExpressVPN: VPN proxy for a better internet) – C:UsersVMAppDataLocalBraveSoftwareBrave-BrowserUser DataDefaultExtensionsfgddmllnllkalaagkghckoinaemmogpe [2021-11-14]

BRA Extension: (Brave Local Data Files Updater) – C:UsersVMAppDataLocalBraveSoftwareBrave-BrowserUser Dataafalakplffnnnlkncjhbmahjfjhmlkal [2021-10-01]

BRA Extension: (Wallet Data Files Updater) – C:UsersVMAppDataLocalBraveSoftwareBrave-BrowserUser DataBraveWallet [2021-11-17]

BRA Extension: (Brave Ad Block Updater (Default)) – C:UsersVMAppDataLocalBraveSoftwareBrave-BrowserUser Datacffkpbalmllkdoenhmdmpbkajipdjfam [2021-11-18]

BRA Extension: (Brave Tor Client Updater (Windows)) – C:UsersVMAppDataLocalBraveSoftwareBrave-BrowserUser Datacpoalefficncklhjfpglfiplenlpccdb [2021-11-13]

BRA Extension: (Brave NTP sponsored images) – C:UsersVMAppDataLocalBraveSoftwareBrave-BrowserUser Datagccbbckogglekeggclmmekihdgdpdgoe [2021-11-18]

BRA Extension: (Brave SpeedReader Updater) – C:UsersVMAppDataLocalBraveSoftwareBrave-BrowserUser Datajicbkmdloagakknpihibphagfckhjdih [2021-09-14]

BRA Extension: (PDF Viewer) – C:UsersVMAppDataLocalBraveSoftwareBrave-BrowserUser Dataoemmndcbldboiebfnladdacbdfmadadm [2019-07-27]

BRA Extension: (Brave HTTPS Everywhere Updater) – C:UsersVMAppDataLocalBraveSoftwareBrave-BrowserUser Dataoofiananboodjbbmdelgdommihjbkfag [2021-11-18]

StartMenuInternet: Brave – C:Program Files (x86)BraveSoftwareBrave-BrowserApplicationbrave.exe

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdobeARMservice; C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)

R2 AVP21.3; C:Program Files (x86)Kaspersky LabKaspersky Internet Security 21.3avp.exe [184768 2021-11-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)

S2 brave; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [159368 2019-07-27] (Brave Software, Inc. -> BraveSoftware Inc.)

S3 bravem; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [159368 2019-07-27] (Brave Software, Inc. -> BraveSoftware Inc.)

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)

S2 dbupdate; C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

S3 dbupdatem; C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

R2 DbxSvc; C:WINDOWSsystem32DbxSvc.exe [44328 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)

R2 DolbyDAXAPI; C:WINDOWSsystem32dolbyaposvcDAX3API.exe [398352 2018-06-21] (Dolby Laboratories, Inc. -> )

R2 ExpressVPNService; C:Program Files (x86)ExpressVPNbootstrapamd64nssm.exe [437160 2021-09-10] (EXPRSVPN LLC -> ExpressVPN)

R2 FMAPOService; C:WINDOWSSystem32FMService64.exe [305520 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)

S3 klvssbridge64_21.3; C:Program Files (x86)Kaspersky LabKaspersky Internet Security 21.3x64vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

S3 KSDE5.3; C:Program Files (x86)Kaspersky LabKaspersky VPN 5.3ksde.exe [646520 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

S3 rkrtservice; C:Program FilesRogueKillerRogueKillerSvc.exe [14204760 2021-11-18] (ADLICE (ASCOET JULIEN) -> )

R2 SDScannerService; C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

R2 SDUpdateService; C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

R2 SDWSCService; C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [6103464 2021-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 VSStandardCollectorService150; C:Program Files (x86)Microsoft Visual StudioSharedCommonDiagnosticsHub.Collection.ServiceStandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)

S3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2110.6-0NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2110.6-0MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvlti.inf_amd64_4831581a4e5dfca0Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynvlti.inf_amd64_4831581a4e5dfca0Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 4765D14D; C:WINDOWSsystem32drivers4765D14D.sys [255928 2021-11-19] (Malwarebytes Corporation -> Malwarebytes)

R0 cm_km; C:WINDOWSSystem32DRIVERScm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

S3 expressvpnsplittunnel; C:Program Files (x86)ExpressVPNsplittunnelexpressvpnsplittunnel.sys [37024 2021-09-10] (ExprsVPN LLC -> ExpressVPN)

R3 expressvpnwintun; C:WINDOWSSystem32driversexpressvpn-wintun.sys [46824 2021-01-18] (Express VPN International Ltd. -> ExpressVPN)

R1 klbackupdisk; C:WINDOWSsystem32DRIVERSklbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

R1 klbackupflt; C:WINDOWSSystem32DRIVERSklbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

R1 kldisk; C:WINDOWSsystem32DRIVERSkldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

S0 klelam; C:WINDOWSSystem32DRIVERSklelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)

R1 klflt; C:WINDOWSsystem32DRIVERSklflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

R1 klgse; C:WINDOWSSystem32DRIVERSklgse.sys [674104 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 klhk; C:WINDOWSsystem32DRIVERSklhk.sys [1469240 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R3 klids; C:ProgramDataKaspersky LabAVP21.3Basesklids.sys [273176 2021-11-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 KLIF; C:WINDOWSSystem32DRIVERSklif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

R1 klim6; C:WINDOWSsystem32DRIVERSklim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

R3 klkbdflt; C:WINDOWSsystem32DRIVERSklkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

R3 klmouflt; C:WINDOWSsystem32DRIVERSklmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

R1 klpd; C:WINDOWSSystem32DRIVERSklpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

R1 klpnpflt; C:WINDOWSsystem32DRIVERSklpnpflt.sys [96008 2021-11-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)

R3 kltap; C:WINDOWSSystem32driverskltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)

R0 klupd_klif_arkmon; C:WINDOWSSystem32Driversklupd_klif_arkmon.sys [276064 2021-11-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R3 klupd_klif_klark; C:WINDOWSSystem32Driversklupd_klif_klark.sys [314040 2021-11-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R0 klupd_klif_klbg; C:WINDOWSSystem32Driversklupd_klif_klbg.sys [113976 2021-11-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R3 klupd_klif_mark; C:WINDOWSSystem32Driversklupd_klif_mark.sys [225648 2021-11-19] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 klwfp; C:WINDOWSsystem32DRIVERSklwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

R1 klwtp; C:WINDOWSsystem32DRIVERSklwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

R1 kneps; C:WINDOWSsystem32DRIVERSkneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

S3 mbamchameleon; C:WINDOWSsystem32driversmbamchameleon.sys [192952 2021-11-19] (Malwarebytes Corporation -> Malwarebytes)

R3 tapexpressvpn; C:WINDOWSSystem32driverstapexpressvpn.sys [52904 2021-01-18] (ExprsVPN LLC -> The OpenVPN Project)

S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)

U3 kwldifog; C:UsersVMAppDataLocalTempkwldifog.sys [56584 2021-11-19] (GMEREK Systemy Komputerowe Przemyslaw Gmerek -> GMER) [File not signed] <==== ATTENTION

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-11-20 05:52 – 2021-11-19 21:02 – 000000000 ____D C:Windows.old

2021-11-20 05:49 – 2021-11-20 05:53 – 000000000 ____D C:WINDOWSsystem32configbbimigrate

2021-11-20 05:48 – 2021-11-20 05:49 – 000000000 ____D C:WINDOWSServiceProfiles

2021-11-20 05:48 – 2021-11-20 05:48 – 000008192 _____ C:WINDOWSsystem32configuserdiff

2021-11-20 05:46 – 2021-11-20 05:46 – 000000000 ____D C:ProgramDatassh

2021-11-20 05:43 – 2021-11-20 05:43 – 003860832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtmpltfm.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 002371072 _____ C:WINDOWSsystem32rdpnano.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 001687040 _____ C:WINDOWSsystem32libcrypto.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000980320 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtmpal.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000915296 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtmcodecs.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000732000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ortcengine.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000672768 _____ C:WINDOWSsystem32FsNVSDeviceSource.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000581120 _____ (Microsoft Corporation) C:WINDOWSsystem32PhotoScreensaver.scr

2021-11-20 05:43 – 2021-11-20 05:43 – 000499200 _____ (Microsoft Corporation) C:WINDOWSSysWOW64PhotoScreensaver.scr

2021-11-20 05:43 – 2021-11-20 05:43 – 000480256 _____ C:WINDOWSsystem32AssignedAccessCsp.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000203264 _____ C:WINDOWSsystem32uwfcfgmgmt.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000170496 _____ C:WINDOWSsystem32DeviceUpdateCenterCsp.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000158208 _____ C:WINDOWSsystem32uwfcsp.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000138056 _____ C:WINDOWSsystem32HvsiManagementApi.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000101704 _____ C:WINDOWSSysWOW64HvsiManagementApi.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000095744 _____ C:WINDOWSsystem32VirtualMonitorManager.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000067072 _____ C:WINDOWSsystem32BWContextHandler.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000055376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtmmvrortc.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000053760 _____ C:WINDOWSSysWOW64BWContextHandler.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000045880 _____ C:WINDOWSsystem32HvSocket.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000040960 _____ C:WINDOWSsystem32uwfservicingapi.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000039936 _____ (Adobe Systems) C:WINDOWSSysWOW64atmlib.dll

2021-11-20 05:43 – 2021-11-20 05:43 – 000011363 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-11-20 05:42 – 2021-11-20 05:42 – 004898144 _____ (Microsoft Corporation) C:WINDOWSsystem32rtmpltfm.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 002295296 _____ (Digimarc) C:WINDOWSsystem32DMRCDecoder.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 002260992 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 002260480 _____ (The ICU Project) C:WINDOWSsystem32icu.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 002254336 _____ C:WINDOWSsystem32dwmscene.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 002111488 _____ (Digimarc) C:WINDOWSSysWOW64DMRCDecoder.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 001864192 _____ (The ICU Project) C:WINDOWSSysWOW64icu.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 001354080 _____ (Microsoft Corporation) C:WINDOWSsystem32rtmpal.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 001333760 _____ C:WINDOWSSysWOW64TextInputMethodFormatter.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 001164288 _____ C:WINDOWSsystem32MBR2GPT.EXE

2021-11-20 05:42 – 2021-11-20 05:42 – 001091936 _____ (Microsoft Corporation) C:WINDOWSsystem32rtmcodecs.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 001032544 _____ (Microsoft Corporation) C:WINDOWSsystem32ortcengine.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000706536 _____ C:WINDOWSsystem32TextShaping.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000657464 _____ C:WINDOWSsystem32WindowManagementAPI.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000611960 _____ C:WINDOWSSysWOW64TextShaping.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000468440 _____ C:WINDOWSSysWOW64WindowManagementAPI.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000363520 _____ C:WINDOWSsystem32Windows.Internal.UI.Shell.WindowTabManager.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000330752 _____ C:WINDOWSSysWOW64ssdm.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000306688 _____ C:WINDOWSsystem32HeatCore.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000266240 _____ C:WINDOWSSysWOW64Windows.Internal.UI.Shell.WindowTabManager.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000240640 _____ C:WINDOWSSysWOW64CoreMas.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000235520 _____ C:WINDOWSSysWOW64HeatCore.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000231248 _____ C:WINDOWSsystem32containerdevicemanagement.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000223744 _____ C:WINDOWSSysWOW64TpmTool.exe

2021-11-20 05:42 – 2021-11-20 05:42 – 000190976 _____ C:WINDOWSsystem32BthpanContextHandler.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000162816 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe

2021-11-20 05:42 – 2021-11-20 05:42 – 000152064 _____ C:WINDOWSsystem32EoAExperiences.exe

2021-11-20 05:42 – 2021-11-20 05:42 – 000098304 _____ C:WINDOWSsystem32Driverscimfs.sys

2021-11-20 05:42 – 2021-11-20 05:42 – 000060928 _____ C:WINDOWSsystem32runexehelper.exe

2021-11-20 05:42 – 2021-11-20 05:42 – 000056672 _____ (Microsoft Corporation) C:WINDOWSsystem32rtmmvrortc.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000048640 _____ (Adobe Systems) C:WINDOWSsystem32atmlib.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000047472 _____ C:WINDOWSSysWOW64umpdc.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000029696 _____ (The ICU Project) C:WINDOWSsystem32icuuc.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000025088 _____ (The ICU Project) C:WINDOWSsystem32icuin.dll

2021-11-20 05:42 – 2021-11-20 05:42 – 000010752 _____ C:WINDOWSSysWOW64agentactivationruntimestarter.exe

2021-11-20 05:42 – 2021-11-20 05:42 – 000001370 _____ C:WINDOWSsystem32ThirdPartyNoticesBySHS.txt

2021-11-20 05:41 – 2021-11-20 05:41 – 004227116 _____ C:WINDOWSsystem32DefaultHrtfs.bin

2021-11-20 05:41 – 2021-11-20 05:41 – 000455168 _____ C:WINDOWSsystem32ssdm.dll

2021-11-20 05:41 – 2021-11-20 05:41 – 000288768 _____ C:WINDOWSsystem32Windows.Management.InprocObjects.dll

2021-11-20 05:41 – 2021-11-20 05:41 – 000287232 _____ C:WINDOWSsystem32CoreMas.dll

2021-11-20 05:41 – 2021-11-20 05:41 – 000272384 _____ C:WINDOWSsystem32TpmTool.exe

2021-11-20 05:41 – 2021-11-20 05:41 – 000197632 _____ C:WINDOWSsystem32IHDS.dll

2021-11-20 05:41 – 2021-11-20 05:41 – 000089088 _____ C:WINDOWSsystem32windows.applicationmodel.conversationalagent.proxystub.dll

2021-11-20 05:41 – 2021-11-20 05:41 – 000074240 _____ C:WINDOWSsystem32rdsxvmaudio.dll

2021-11-20 05:41 – 2021-11-20 05:41 – 000073216 _____ C:WINDOWSsystem32windows.applicationmodel.conversationalagent.internal.proxystub.dll

2021-11-20 05:41 – 2021-11-20 05:41 – 000064552 _____ C:WINDOWSsystem32umpdc.dll

2021-11-20 05:41 – 2021-11-20 05:41 – 000013312 _____ C:WINDOWSsystem32agentactivationruntimestarter.exe

2021-11-20 05:35 – 2019-12-07 01:35 – 000374784 _____ (Windows ® Win 7 DDK provider) C:WINDOWSsystem32DXCpl.exe

2021-11-20 05:35 – 2019-12-07 01:34 – 000417792 _____ C:WINDOWSsystem32d3dconfig.exe

2021-11-20 05:35 – 2019-12-07 01:27 – 000347136 _____ (Windows ® Win 7 DDK provider) C:WINDOWSSysWOW64DXCpl.exe

2021-11-20 05:35 – 2019-12-07 01:26 – 000365056 _____ C:WINDOWSSysWOW64d3dconfig.exe

2021-11-20 05:31 – 2021-11-20 05:53 – 000000000 ____D C:Program Files (x86)MSBuild

2021-11-20 05:31 – 2021-11-20 05:31 – 000000000 ____D C:Program FilesReference Assemblies

2021-11-20 05:31 – 2021-11-20 05:31 – 000000000 ____D C:Program FilesMSBuild

2021-11-20 05:31 – 2021-11-20 05:31 – 000000000 ____D C:Program Files (x86)Reference Assemblies

2021-11-19 21:41 – 2021-11-19 21:42 – 000103488 _____ C:TDSSKiller.3.1.0.28_19.11.2021_21.41.43_log.txt

2021-11-19 21:35 – 2021-11-19 21:35 – 000003522 _____ C:UsersVMDocumentsRogueKiller_log_2111119_2.txt

2021-11-19 21:30 – 2021-11-19 21:30 – 000038032 _____ C:WINDOWSsystem32Driverstruesight.sys

2021-11-19 21:17 – 2021-11-19 21:17 – 000103076 _____ C:TDSSKiller.3.1.0.28_19.11.2021_21.17.03_log.txt

2021-11-19 21:14 – 2021-11-19 21:15 – 000103218 _____ C:TDSSKiller.3.1.0.28_19.11.2021_21.14.48_log.txt

2021-11-19 21:07 – 2021-01-25 10:06 – 000462640 _____ C:WINDOWSsystem32ze_loader.dll

2021-11-19 21:07 – 2021-01-25 10:06 – 000148808 _____ C:WINDOWSsystem32ze_validation_layer.dll

2021-11-19 21:07 – 2021-01-25 10:05 – 026677040 _____ (Intel Corporation) C:WINDOWSsystem32mfxplugin64_hw.dll

2021-11-19 21:07 – 2021-01-25 10:05 – 013520168 _____ (Intel Corporation) C:WINDOWSSysWOW64mfxplugin32_hw.dll

2021-11-19 21:07 – 2021-01-25 10:05 – 000306000 _____ C:WINDOWSsystem32libmfxhw64.dll

2021-11-19 21:07 – 2021-01-25 10:05 – 000254528 _____ C:WINDOWSSysWOW64libmfxhw32.dll

2021-11-19 21:07 – 2021-01-25 10:05 – 000171472 _____ (Intel Corporation) C:WINDOWSsystem32intel_gfx_api-x64.dll

2021-11-19 21:07 – 2021-01-25 10:05 – 000146760 _____ (Intel Corporation) C:WINDOWSSysWOW64intel_gfx_api-x86.dll

2021-11-19 21:04 – 2021-11-19 21:19 – 000840598 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-11-19 21:04 – 2021-11-19 21:04 – 000000000 ____D C:ProgramDataMicrosoft OneDrive

2021-11-19 21:03 – 2021-11-19 21:03 – 000000020 ___SH C:UsersVMntuser.ini

2021-11-19 21:02 – 2021-11-19 21:11 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-11-19 21:02 – 2021-11-19 21:02 – 000003564 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-11-19 21:02 – 2021-11-19 21:02 – 000003482 _____ C:WINDOWSsystem32TasksAdobe Acrobat Update Task

2021-11-19 21:02 – 2021-11-19 21:02 – 000003478 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA

2021-11-19 21:02 – 2021-11-19 21:02 – 000003398 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-11-19 21:02 – 2021-11-19 21:02 – 000003364 _____ C:WINDOWSsystem32TasksBraveSoftwareUpdateTaskMachineUA

2021-11-19 21:02 – 2021-11-19 21:02 – 000003344 _____ C:WINDOWSsystem32TasksDropboxUpdateTaskMachineUA

2021-11-19 21:02 – 2021-11-19 21:02 – 000003340 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-11-19 21:02 – 2021-11-19 21:02 – 000003254 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore

2021-11-19 21:02 – 2021-11-19 21:02 – 000003220 _____ C:WINDOWSsystem32TasksMATLAB R2021b Startup Accelerator

2021-11-19 21:02 – 2021-11-19 21:02 – 000003196 _____ C:WINDOWSsystem32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-11-19 21:02 – 2021-11-19 21:02 – 000003152 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-11-19 21:02 – 2021-11-19 21:02 – 000003140 _____ C:WINDOWSsystem32TasksBraveSoftwareUpdateTaskMachineCore

2021-11-19 21:02 – 2021-11-19 21:02 – 000003120 _____ C:WINDOWSsystem32TasksDropboxUpdateTaskMachineCore

2021-11-19 21:02 – 2021-11-19 21:02 – 000002984 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-11-19 21:02 – 2021-11-19 21:02 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-11-19 21:02 – 2021-11-19 21:02 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-11-19 21:02 – 2021-11-19 21:02 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-11-19 21:02 – 2021-11-19 21:02 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-11-19 21:02 – 2021-11-19 21:02 – 000002914 _____ C:WINDOWSsystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-11-19 21:02 – 2021-11-19 21:02 – 000002854 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-504185822-2683078815-436334261-1001

2021-11-19 21:02 – 2021-11-19 21:02 – 000002850 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-504185822-2683078815-436334261-500

2021-11-19 21:02 – 2021-11-19 21:02 – 000002744 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-11-19 21:02 – 2021-11-19 21:02 – 000002486 _____ C:WINDOWSsystem32TasksKaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}

2021-11-19 21:02 – 2021-11-19 21:02 – 000000000 ____D C:WINDOWSsystem32TasksSafer-Networking

2021-11-19 21:02 – 2021-11-19 21:02 – 000000000 ____D C:WINDOWSsystem32TasksMozilla

2021-11-19 21:02 – 2021-11-19 21:02 – 000000000 ____D C:WINDOWSsystem32TasksLenovo

2021-11-19 21:02 – 2021-11-19 21:02 – 000000000 ____D C:WINDOWSsystem32TasksApple

2021-11-19 21:01 – 2021-11-19 21:02 – 000011433 _____ C:WINDOWSdiagwrn.xml

2021-11-19 21:01 – 2021-11-19 21:02 – 000011433 _____ C:WINDOWSdiagerr.xml

2021-11-19 20:54 – 2021-11-19 21:03 – 000000000 ____D C:UsersVM

2021-11-19 20:54 – 2021-11-19 20:57 – 000000000 ____D C:UsersAdministrator

2021-11-19 20:54 – 2021-11-19 20:54 – 000000000 ____D C:WINDOWSsystem32lxss

2021-11-19 20:54 – 2019-12-07 10:10 – 000001105 _____ C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-11-19 20:54 – 2019-12-07 10:10 – 000001105 _____ C:UsersAdministratorAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-11-19 20:53 – 2021-11-19 23:34 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-11-19 20:53 – 2021-11-19 20:53 – 000450416 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-11-19 20:07 – 2021-11-19 21:03 – 000000000 ___DC C:WINDOWSPanther

2021-11-19 20:07 – 2021-11-19 20:07 – 000000000 ___HD C:$WinREAgent

2021-11-19 19:42 – 2021-11-19 19:52 – 000070502 _____ C:UsersVMDocumentsAddition.txt

2021-11-19 19:41 – 2021-11-20 00:19 – 000000000 ____D C:FRST

2021-11-19 19:41 – 2021-11-19 19:52 – 000057505 _____ C:UsersVMDocumentsFRST.txt

2021-11-19 19:34 – 2021-11-19 19:34 – 000005588 _____ C:UsersVMDocumentsRogueKiller_log_2111119.txt

2021-11-19 19:24 – 2021-11-19 19:24 – 000000899 _____ C:UsersPublicDesktopRogueKiller.lnk

2021-11-19 18:19 – 2021-11-19 18:19 – 000255928 _____ (Malwarebytes) C:WINDOWSsystem32Drivers4765D14D.sys

2021-11-19 18:18 – 2021-11-19 18:19 – 000000000 ____D C:ProgramDataMalwarebytes’ Anti-Malware (portable)

2021-11-19 18:18 – 2021-11-19 18:18 – 000192952 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamchameleon.sys

2021-11-18 14:34 – 2021-11-18 14:34 – 000001959 _____ C:UsersPublicDesktopIrfanView Thumbnails.lnk

2021-11-18 14:34 – 2021-11-18 14:34 – 000001067 _____ C:UsersPublicDesktopIrfanView.lnk

2021-11-18 13:59 – 2021-11-19 16:52 – 000225648 _____ (AO Kaspersky Lab) C:WINDOWSsystem32Driversklupd_klif_mark.sys

2021-11-18 13:59 – 2021-11-18 13:59 – 000314040 _____ (AO Kaspersky Lab) C:WINDOWSsystem32Driversklupd_klif_klark.sys

2021-11-18 13:59 – 2021-11-18 13:59 – 000276064 _____ (AO Kaspersky Lab) C:WINDOWSsystem32Driversklupd_klif_arkmon.sys

2021-11-18 13:59 – 2021-11-18 13:59 – 000113976 _____ (AO Kaspersky Lab) C:WINDOWSsystem32Driversklupd_klif_klbg.sys

2021-11-18 13:52 – 2021-11-20 05:53 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsKaspersky VPN

2021-11-18 13:52 – 2021-11-20 05:53 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsKaspersky Internet Security

2021-11-18 13:52 – 2021-11-18 13:52 – 000002201 _____ C:UsersPublicDesktopKaspersky Internet Security.lnk

2021-11-18 13:52 – 2021-11-18 13:52 – 000001173 _____ C:UsersPublicDesktopKaspersky VPN.lnk

2021-11-18 13:52 – 2021-11-18 13:52 – 000000000 ____D C:Program FilesCommon FilesAV

2021-11-18 13:52 – 2021-02-19 21:09 – 000110176 _____ (Kaspersky Lab ZAO) C:WINDOWSsystem32klfphc.dll

2021-11-18 13:51 – 2021-11-18 13:52 – 000000000 ____D C:ProgramDataKaspersky Lab

2021-11-18 13:51 – 2021-11-18 13:52 – 000000000 ____D C:Program Files (x86)Kaspersky Lab

2021-11-18 13:51 – 2021-02-19 21:08 – 001042712 _____ (AO Kaspersky Lab) C:WINDOWSsystem32Driversklif.sys

2021-11-18 13:51 – 2021-02-19 21:08 – 000514840 _____ (AO Kaspersky Lab) C:WINDOWSsystem32Driversklflt.sys

2021-11-17 14:15 – 2021-11-17 14:15 – 000000000 ____D C:UsersVMDocuments2021_Prog1

2021-11-16 18:00 – 2021-11-09 23:27 – 000067464 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvvhci.sys

2021-11-16 17:58 – 2021-11-11 03:36 – 001874664 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe

2021-11-16 17:58 – 2021-11-11 03:36 – 001874664 _____ C:WINDOWSsystem32vulkaninfo.exe

2021-11-16 17:58 – 2021-11-11 03:36 – 001464960 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll

2021-11-16 17:58 – 2021-11-11 03:36 – 001450216 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe

2021-11-16 17:58 – 2021-11-11 03:36 – 001450216 _____ C:WINDOWSSysWOW64vulkaninfo.exe

2021-11-16 17:58 – 2021-11-11 03:36 – 001208248 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll

2021-11-16 17:58 – 2021-11-11 03:36 – 001111272 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll

2021-11-16 17:58 – 2021-11-11 03:36 – 001111272 _____ C:WINDOWSsystem32vulkan-1.dll

2021-11-16 17:58 – 2021-11-11 03:36 – 000965352 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll

2021-11-16 17:58 – 2021-11-11 03:36 – 000965352 _____ C:WINDOWSSysWOW64vulkan-1.dll

2021-11-16 17:58 – 2021-11-11 03:33 – 002116536 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll

2021-11-16 17:58 – 2021-11-11 03:33 – 001597568 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll

2021-11-16 17:58 – 2021-11-11 03:33 – 001523328 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll

2021-11-16 17:58 – 2021-11-11 03:33 – 001174456 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll

2021-11-16 17:58 – 2021-11-11 03:33 – 000802232 _____ C:WINDOWSsystem32nvofapi64.dll

2021-11-16 17:58 – 2021-11-11 03:33 – 000709560 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvidia-smi.exe

2021-11-16 17:58 – 2021-11-11 03:33 – 000678328 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll

2021-11-16 17:58 – 2021-11-11 03:33 – 000656512 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvml.dll

2021-11-16 17:58 – 2021-11-11 03:33 – 000635008 _____ C:WINDOWSSysWOW64nvofapi.dll

2021-11-16 17:58 – 2021-11-11 03:33 – 000564352 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll

2021-11-16 17:58 – 2021-11-11 03:32 – 008725944 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll

2021-11-16 17:58 – 2021-11-11 03:32 – 007845816 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll

2021-11-16 17:58 – 2021-11-11 03:32 – 005730224 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll

2021-11-16 17:58 – 2021-11-11 03:32 – 004940728 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll

2021-11-16 17:58 – 2021-11-11 03:32 – 002850432 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll

2021-11-16 17:58 – 2021-11-11 03:32 – 000981120 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll

2021-11-16 17:58 – 2021-11-11 03:32 – 000792192 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll

2021-11-16 17:58 – 2021-11-11 03:32 – 000452224 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdebugdump.exe

2021-11-16 17:58 – 2021-11-11 03:31 – 000850872 _____ (NVIDIA Corporation) C:WINDOWSsystem32MCU.exe

2021-11-16 17:58 – 2021-11-11 03:30 – 007582144 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll

2021-11-16 17:58 – 2021-11-11 03:30 – 006432960 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll

2021-11-16 17:58 – 2021-11-09 23:27 – 000085718 _____ C:WINDOWSsystem32nvinfo.pb

2021-11-15 16:44 – 2021-11-19 20:56 – 000000000 ____D C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsZoom

2021-11-13 11:51 – 2021-11-13 11:51 – 000000000 ____D C:UsersVMAppDataRoamingjava

2021-11-13 11:50 – 2021-11-13 11:53 – 000000000 ____D C:UsersVMMPLABXProjects

2021-11-13 11:50 – 2021-11-13 11:50 – 000000000 ____D C:UsersVM.mplabcomm

2021-11-13 11:49 – 2021-11-13 11:50 – 000000000 ____D C:UsersVMAppDataRoamingmplab_ide

2021-11-13 11:49 – 2021-11-13 11:49 – 000000000 ____D C:UsersVMAppDataLocalmplab_ide

2021-11-13 11:48 – 2021-11-20 05:49 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrochip

2021-11-13 11:48 – 2021-11-13 11:48 – 000001397 _____ C:UsersPublicDesktopMPLAB driver switcher.lnk

2021-11-13 11:48 – 2021-11-13 11:48 – 000001366 _____ C:UsersPublicDesktopMPLAB X IPE v4.20.lnk

2021-11-13 11:48 – 2021-11-13 11:48 – 000001366 _____ C:UsersPublicDesktopMPLAB X IDE v4.20.lnk

2021-11-13 11:48 – 2021-11-13 11:48 – 000000000 ____D C:Program FilesDIFX

2021-11-13 11:48 – 2021-11-13 11:48 – 000000000 ____D C:Program Files (x86)Microchip

2021-11-13 11:48 – 2018-05-07 17:07 – 000231936 _____ (Microchip Technology, Inc.) C:WINDOWSsystem32USBAccessLink_3_32.dll

2021-11-13 11:48 – 2018-05-07 17:07 – 000185856 _____ (Microchip Technology, Inc.) C:WINDOWSSysWOW64USBAccessLink_3_32.dll

2021-11-13 11:48 – 2018-05-05 07:28 – 018139528 _____ (SEGGER Microcontroller GmbH) C:WINDOWSsystem32jlinkpic32.dll

2021-11-13 11:48 – 2018-05-05 07:27 – 017282440 _____ (SEGGER Microcontroller GmbH) C:WINDOWSSysWOW64jlinkpic32.dll

2021-11-13 11:48 – 2017-04-17 17:58 – 000118784 _____ (Microchip Technology, Inc.) C:WINDOWSsystem32SerialAccessLink_3_16.dll

2021-11-13 11:48 – 2017-04-17 17:58 – 000094720 _____ (Microchip Technology, Inc.) C:WINDOWSSysWOW64SerialAccessLink_3_16.dll

2021-11-13 11:48 – 2017-02-24 16:22 – 000173056 _____ (MIcrochip Technology, Inc.) C:WINDOWSsystem32SEGGERAccessLink.dll

2021-11-13 11:48 – 2017-02-24 16:22 – 000138752 _____ (Microchip Technology, Inc.) C:WINDOWSSysWOW64SEGGERAccessLink.dll

2021-11-13 11:48 – 2016-01-07 22:53 – 000260608 _____ C:WINDOWSsystem32mchpwinusbdevice64.exe

2021-11-13 11:48 – 2016-01-07 22:53 – 000225792 _____ C:WINDOWSSysWOW64mchpwinusbdevice.exe

2021-11-13 11:48 – 2014-01-16 18:07 – 000000040 _____ C:WINDOWSSysWOW64mchpdefport

2021-11-13 11:48 – 2014-01-16 18:07 – 000000040 _____ C:WINDOWSsystem32mchpdefport

2021-11-12 09:32 – 2021-11-20 05:53 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDropbox

2021-11-11 02:09 – 2021-11-11 02:09 – 000047600 _____ (Dropbox, Inc.) C:WINDOWSsystem32Driversdbx-stable.sys

2021-11-11 02:09 – 2021-11-11 02:09 – 000047600 _____ (Dropbox, Inc.) C:WINDOWSsystem32Driversdbx-dev.sys

2021-11-11 02:09 – 2021-11-11 02:09 – 000047600 _____ (Dropbox, Inc.) C:WINDOWSsystem32Driversdbx-canary.sys

2021-11-11 02:09 – 2021-11-11 02:09 – 000047600 _____ (Dropbox, Inc.) C:WINDOWSsystem32Driversdbx.sys

2021-11-09 17:07 – 2021-11-09 15:13 – 000304640 _____ C:WINDOWSsystem32gmp.dll

2021-11-09 14:58 – 2021-11-09 15:03 – 000000000 ____D C:UsersVMAppDataLocalvcpkg

2021-11-01 07:32 – 2021-11-01 07:32 – 000001966 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsNextcloud.lnk

2021-11-01 07:32 – 2021-11-01 07:32 – 000001954 _____ C:UsersPublicDesktopNextcloud.lnk

2021-11-01 07:32 – 2021-11-01 07:32 – 000000000 ____D C:Program Files (x86)Nextcloud

2021-10-23 19:59 – 2021-11-11 02:09 – 000044328 _____ (Dropbox, Inc.) C:WINDOWSsystem32DbxSvc.exe

2021-10-23 09:30 – 2021-10-23 19:19 – 000411390 _____ C:UsersVMDocumentsAutoDiff_AproD_3.pdf

2021-10-22 09:05 – 2021-04-08 18:16 – 000225280 _____ C:WINDOWSsystem32glfw3.dll

2021-10-22 09:05 – 2017-07-31 12:42 – 000422912 _____ () C:WINDOWSSysWOW64glew32.dll

2021-10-22 09:05 – 2017-07-31 12:42 – 000422912 _____ () C:WINDOWSsystem32glew32.dll

2021-10-22 09:04 – 2021-04-08 18:16 – 000225280 _____ C:WINDOWSSysWOW64glfw3.dll

2021-10-22 08:57 – 2016-06-14 14:08 – 015995904 _____ C:WINDOWSSysWOW64opengl32sw.dll

2021-10-22 08:57 – 2016-06-14 14:08 – 015995904 _____ C:WINDOWSsystem32opengl32sw.dll

2021-10-21 18:14 – 2021-10-23 19:22 – 000411390 _____ C:UsersVMDocumentsAutoDiff_AproD_2.pdf

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-11-20 05:53 – 2021-10-04 10:09 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMATLAB R2021b

2021-11-20 05:53 – 2021-10-04 08:52 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWolfram Mathematica 12.1

2021-11-20 05:53 – 2021-10-02 17:43 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramscalibre – E-book Management

2021-11-20 05:53 – 2021-09-24 19:30 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsqBittorrent

2021-11-20 05:53 – 2021-09-12 14:17 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRogueKiller

2021-11-20 05:53 – 2021-08-31 13:45 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCanon MG2500 series User Registration

2021-11-20 05:53 – 2021-08-31 13:45 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCanon MG2500 series Manual

2021-11-20 05:53 – 2021-05-22 10:48 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Office-eszközök

2021-11-20 05:53 – 2021-04-29 14:01 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsOpenMesh v8.1

2021-11-20 05:53 – 2021-04-27 10:08 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPandoc

2021-11-20 05:53 – 2021-04-27 09:51 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramslibMultiMarkdown 6.6.0

2021-11-20 05:53 – 2021-02-06 11:29 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsOpenFlipper v4.1

2021-11-20 05:53 – 2020-12-28 23:06 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsTotal Commander

2021-11-20 05:53 – 2020-07-04 11:07 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsLyX 2.3

2021-11-20 05:53 – 2020-04-17 16:16 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCMake

2021-11-20 05:53 – 2019-12-07 10:14 – 000028672 _____ C:WINDOWSsystem32configBCD-Template

2021-11-20 05:53 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32WinBioDatabase

2021-11-20 05:53 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32spool

2021-11-20 05:53 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32NDF

2021-11-20 05:53 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32DriversDriverData

2021-11-20 05:53 – 2019-12-07 10:14 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared

2021-11-20 05:53 – 2019-09-24 13:01 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGit

2021-11-20 05:53 – 2019-07-27 15:36 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsBleachBit

2021-11-20 05:53 – 2019-07-19 12:51 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSpybot – Search & Destroy 2

2021-11-20 05:53 – 2019-07-14 16:47 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCDisplayEx

2021-11-20 05:53 – 2019-06-19 04:26 – 000000000 ____D C:Program FilesUNP

2021-11-20 05:53 – 2019-06-10 21:03 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsScribus 1.4.8

2021-11-20 05:53 – 2019-03-28 23:24 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMosek Optimization Tools 8.1

2021-11-20 05:53 – 2019-03-19 05:52 – 000000000 ____D C:WINDOWSSysWOW64Macromed

2021-11-20 05:53 – 2019-03-19 05:52 – 000000000 ____D C:WINDOWSsystem32Tasks_Migrated

2021-11-20 05:53 – 2019-03-19 05:52 – 000000000 ____D C:WINDOWSsystem32Macromed

2021-11-20 05:53 – 2019-03-17 10:49 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsQuickTime

2021-11-20 05:53 – 2019-02-16 20:39 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN

2021-11-20 05:53 – 2019-02-14 15:31 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGhostscript

2021-11-20 05:53 – 2019-01-04 16:01 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSMPlayer

2021-11-20 05:53 – 2019-01-03 10:40 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsIrfanView

2021-11-20 05:53 – 2018-12-26 19:46 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMiKTeX 2.9

2021-11-20 05:53 – 2018-12-26 18:27 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinDjView

2021-11-20 05:53 – 2018-12-26 16:05 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation

2021-11-20 05:53 – 2018-12-25 18:10 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuPrograms7-Zip

2021-11-20 05:53 – 2018-12-25 02:22 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsIntel Parallel Studio XE 2019

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSSysWOW643082

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSSysWOW641055

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSSysWOW641049

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSSysWOW641046

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSSysWOW641045

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSSysWOW641040

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSSysWOW641036

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSSysWOW641033

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSSysWOW641029

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSsystem323082

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSsystem321055

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSsystem321049

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSsystem321046

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSsystem321045

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSsystem321040

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSsystem321036

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSsystem321033

2021-11-20 05:53 – 2018-12-25 01:26 – 000000000 ____D C:WINDOWSsystem321029

2021-11-20 05:53 – 2018-12-24 23:55 – 000000000 ____D C:WINDOWSsystem32Intel

2021-11-20 05:53 – 2018-09-15 08:33 – 000000000 ___HD C:WINDOWSsystem32GroupPolicy

2021-11-20 05:53 – 2018-09-15 08:33 – 000000000 ____D C:WINDOWSsystem32MsDtc

2021-11-20 05:52 – 2019-12-07 10:18 – 000000000 ____D C:WINDOWSSetup

2021-11-20 05:52 – 2019-12-07 10:14 – 000000000 __RHD C:UsersPublicLibraries

2021-11-20 05:49 – 2021-08-31 13:45 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCanon Utilities

2021-11-20 05:49 – 2020-09-24 10:52 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsApowersoft

2021-11-20 05:49 – 2019-01-31 16:51 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFormlabs

2021-11-20 05:49 – 2018-12-25 01:30 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWindows Kits

2021-11-20 05:49 – 2018-12-25 01:25 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVisual Studio 2017

2021-11-20 05:46 – 2019-12-07 10:54 – 000000000 ___SD C:WINDOWSsystem32AppV

2021-11-20 05:46 – 2019-12-07 10:54 – 000000000 ____D C:Program FilesWindows Photo Viewer

2021-11-20 05:46 – 2019-12-07 10:54 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection

2021-11-20 05:46 – 2019-12-07 10:54 – 000000000 ____D C:Program Files (x86)Windows Photo Viewer

2021-11-20 05:46 – 2019-12-07 10:51 – 000000000 ____D C:WINDOWSsystem32OpenSSH

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ___SD C:WINDOWSSysWOW64F12

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ___SD C:WINDOWSSysWOW64DiagSvcs

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ___SD C:WINDOWSsystem32UNP

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ___SD C:WINDOWSsystem32F12

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ___SD C:WINDOWSsystem32DiagSvcs

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64setup

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64PerceptionSimulation

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64oobe

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64migwiz

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64lv-LV

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64lt-LT

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64Keywords

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64et-EE

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64Dism

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64Com

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64AdvancedInstallers

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSystemResources

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32WinMetadata

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32Sysprep

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32ShellExperiences

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32setup

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32migwiz

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32lv-LV

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32lt-LT

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32Keywords

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32et-EE

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32es-MX

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32Dism

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32DDFs

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32Com

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32appraiser

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32AdvancedInstallers

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSShellExperiences

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSShellComponents

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSProvisioning

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSPolicyDefinitions

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSIME

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSDiagTrack

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSbcastdvr

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:Program FilesCommon FilesSystem

2021-11-20 05:46 – 2019-12-07 10:14 – 000000000 ____D C:Program Files (x86)Windows Defender

2021-11-20 05:46 – 2019-12-07 10:03 – 000000000 ____D C:WINDOWSservicing

2021-11-20 05:45 – 2019-12-07 10:54 – 000023552 _____ (Microsoft Corporation) C:WINDOWSsystem32OEMDefaultAssociations.dll

2021-11-20 05:45 – 2019-12-07 10:54 – 000020908 _____ C:WINDOWSsystem32OEMDefaultAssociations.xml

2021-11-20 05:35 – 2019-12-07 10:52 – 000000000 ____D C:WINDOWSOCR

2021-11-20 05:34 – 2019-12-07 10:50 – 000000000 ____D C:WINDOWSSysWOW64WCN

2021-11-20 05:34 – 2019-12-07 10:50 – 000000000 ____D C:WINDOWSsystem32WCN

2021-11-20 00:17 – 2018-12-25 12:15 – 000000000 ____D C:ProgramDataNVIDIA

2021-11-20 00:17 – 2018-12-25 00:13 – 000000000 ____D C:Program Files (x86)Google

2021-11-20 00:17 – 2018-12-25 00:08 – 000000000 __SHD C:UsersVMIntelGraphicsProfiles

2021-11-20 00:16 – 2019-12-07 10:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-11-20 00:16 – 2018-12-26 23:52 – 000000000 ____D C:UsersVMAppDataRoamingNextcloud

2021-11-20 00:06 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSAppReadiness

2021-11-19 22:42 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSRegistration

2021-11-19 22:40 – 2019-01-01 22:19 – 000000000 ____D C:UsersVMAppDataLocalDropbox

2021-11-19 21:30 – 2019-12-07 10:13 – 000000000 ____D C:WINDOWSINF

2021-11-19 21:12 – 2019-12-07 10:14 – 000000000 ___RD C:WINDOWSPrintDialog

2021-11-19 21:12 – 2018-12-25 00:08 – 000000000 ____D C:UsersVMAppDataLocalPackages

2021-11-19 21:11 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSServiceState

2021-11-19 21:11 – 2019-12-07 10:03 – 000524288 _____ C:WINDOWSsystem32configBBI

2021-11-19 21:11 – 2019-12-07 10:03 – 000032768 _____ C:WINDOWSsystem32configELAM

2021-11-19 21:11 – 2019-07-19 12:51 – 000000000 ____D C:Program Files (x86)Spybot – Search & Destroy 2

2021-11-19 21:11 – 2018-12-24 23:57 – 000000000 ____D C:Intel

2021-11-19 21:09 – 2019-12-07 10:14 – 000000000 ___HD C:Program FilesWindowsApps

2021-11-19 21:07 – 2020-09-30 22:36 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

2021-11-19 21:06 – 2019-12-07 10:03 – 000000000 ____D C:WINDOWSCbsTemp

2021-11-19 21:03 – 2019-12-07 10:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-11-19 21:03 – 2019-12-07 10:14 – 000000000 ____D C:ProgramDataUSOPrivate

2021-11-19 21:03 – 2019-01-31 16:50 – 000000398 __RSH C:ProgramDatantuser.pol

2021-11-19 21:03 – 2018-12-25 00:08 – 000000000 __RHD C:UsersPublicAccountPictures

2021-11-19 21:03 – 2018-12-25 00:07 – 000000000 ____D C:ProgramDataPackages

2021-11-19 21:02 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32oobe

2021-11-19 21:02 – 2019-12-07 10:14 – 000000000 ____D C:Program FilesWindows Defender

2021-11-19 20:58 – 2019-12-07 10:14 – 000000000 __RSD C:WINDOWSMedia

2021-11-19 20:58 – 2019-07-27 10:54 – 000002418 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsBrave.lnk

2021-11-19 20:58 – 2019-07-27 10:54 – 000002377 _____ C:UsersPublicDesktopBrave.lnk

2021-11-19 20:58 – 2018-12-25 00:13 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-11-19 20:58 – 2018-12-25 00:13 – 000002260 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2021-11-19 20:56 – 2021-06-09 11:41 – 000000000 ____D C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome Apps

2021-11-19 20:56 – 2020-01-23 20:51 – 000000000 ____D C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsAnaconda3 (64-bit)

2021-11-19 20:56 – 2018-12-26 19:36 – 000000000 ____D C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsTeXstudio

2021-11-19 20:56 – 2018-12-25 10:57 – 000000000 ____D C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsLenovo

2021-11-19 20:56 – 2018-12-25 02:04 – 000000000 ____D C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsQt

2021-11-19 20:55 – 2021-09-28 07:38 – 000000000 ____D C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsblender

2021-11-19 20:55 – 2021-03-26 17:16 – 000000000 ____D C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsDiscord Inc

2021-11-19 20:55 – 2021-01-24 14:49 – 000000000 ____D C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsAmazon

2021-11-19 20:54 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSappcompat

2021-11-19 20:54 – 2019-07-28 13:47 – 000000000 ____D C:UsersAdministratorAppDataLocalPackages

2021-11-19 20:54 – 2018-12-26 16:14 – 000000000 ____D C:WINDOWSsystem32DriversNVIDIA Corporation

2021-11-19 20:54 – 2018-12-24 23:54 – 000000000 ____D C:WINDOWSsystem32dolbyaposvc

2021-11-19 20:53 – 2021-04-15 05:03 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-11-19 20:53 – 2021-04-15 05:03 – 000002276 _____ C:UsersPublicDesktopMicrosoft Edge.lnk

2021-11-19 19:29 – 2019-07-27 18:36 – 000000000 ____D C:ProgramDataRogueKiller

2021-11-19 19:24 – 2021-09-12 14:17 – 000000000 ____D C:Program FilesRogueKiller

2021-11-19 18:53 – 2019-01-02 00:16 – 000000000 ____D C:UsersVMAppDataLocalCrashDumps

2021-11-19 18:50 – 2018-12-25 00:49 – 000000000 ____D C:UsersVMAppDataLocalD3DSCache

2021-11-19 18:49 – 2018-12-25 18:10 – 000000000 ____D C:Program Files7-Zip

2021-11-19 18:19 – 2019-07-27 10:51 – 000000000 ____D C:ProgramDataMalwarebytes

2021-11-19 17:07 – 2020-01-09 09:09 – 000000000 ____D C:UsersVMAppDataLocalQtMsBuild

2021-11-18 18:36 – 2019-01-04 16:01 – 000000000 ____D C:UsersVM.smplayer

2021-11-18 17:47 – 2019-01-07 17:02 – 000000000 ____D C:UsersVMAppDataRoamingShapex

2021-11-18 17:10 – 2019-07-29 11:56 – 000000000 ____D C:UsersVMAppDataLocalElevatedDiagnostics

2021-11-18 14:54 – 2018-12-25 14:23 – 000001100 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsNotepad++.lnk

2021-11-18 13:58 – 2021-02-19 21:09 – 000096008 _____ (AO Kaspersky Lab) C:WINDOWSsystem32Driversklpnpflt.sys

2021-11-18 13:57 – 2019-01-01 22:19 – 000000932 _____ C:WINDOWSTasksDropboxUpdateTaskMachineUA.job

2021-11-18 13:57 – 2019-01-01 22:19 – 000000928 _____ C:WINDOWSTasksDropboxUpdateTaskMachineCore.job

2021-11-18 13:29 – 2021-09-12 14:01 – 000001375 _____ C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsESET Online Scanner.lnk

2021-11-18 13:29 – 2021-09-12 14:01 – 000001269 _____ C:UsersVMDesktopESET Online Scanner.lnk

2021-11-16 18:07 – 2018-12-26 16:05 – 000000000 ____D C:UsersVMAppDataLocalNVIDIA

2021-11-16 18:00 – 2018-12-25 13:35 – 000000000 ____D C:UsersVMAppDataLocalNVIDIA Corporation

2021-11-15 16:44 – 2021-02-08 11:23 – 000001922 _____ C:UsersVMDesktopZoom.lnk

2021-11-15 16:44 – 2020-05-18 12:02 – 000000000 ____D C:UsersVMAppDataRoamingZoom

2021-11-15 14:00 – 2021-04-08 15:19 – 000000000 ____D C:KVRT2020_Data

2021-11-15 06:30 – 2019-01-02 07:37 – 000000000 ____D C:UsersVM.OpenFlipper

2021-11-15 04:41 – 2018-12-26 19:24 – 000000000 ____D C:Program Files (x86)Microsoft Office

2021-11-15 04:41 – 2018-12-25 01:19 – 000001429 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsVisual Studio Installer.lnk

2021-11-15 04:41 – 2018-12-25 01:19 – 000000000 ____D C:Program Files (x86)Microsoft Visual Studio

2021-11-12 09:32 – 2019-01-01 22:19 – 000000000 ____D C:Program Files (x86)Dropbox

2021-11-10 20:36 – 2021-10-17 15:37 – 000000000 ____D C:Program FilesMozilla Firefox

2021-11-10 20:36 – 2019-02-06 00:42 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service

2021-11-10 19:15 – 2018-12-25 00:24 – 000000000 ____D C:WINDOWSsystem32MRT

2021-11-10 19:12 – 2018-12-25 00:24 – 141529560 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-11-09 18:49 – 2019-01-23 21:30 – 000013414 _____ C:UsersVMDocumentsunnamed.autosave

2021-11-04 20:40 – 2020-04-01 10:51 – 000002349 _____ C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft Teams.lnk

2021-11-04 20:40 – 2020-04-01 10:51 – 000002341 _____ C:UsersVMDesktopMicrosoft Teams.lnk

2021-11-03 11:47 – 2018-12-25 23:42 – 000000000 ____D C:WINDOWSsystem32Driverswd

2021-10-29 21:55 – 2018-12-26 16:36 – 000000000 ____D C:UsersVMAppDataRoamingqBittorrent

2021-10-28 12:01 – 2019-01-23 21:20 – 000000000 ____D C:UsersVMAppDataLocalipe

2021-10-25 13:30 – 2018-12-25 10:51 – 000000000 ____D C:models

 

==================== Files in the root of some directories ========

 

2019-05-12 23:23 – 2019-05-12 23:23 – 000000775 _____ () C:UsersVMAppDataLocalrecently-used.xbel

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2021

Ran by VM (20-11-2021 00:21:59)

Running from D:Downloads

Microsoft Windows 10 Education Version 20H2 19042.1348 (X64) (2021-11-19 20:02:47)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-504185822-2683078815-436334261-500 – Administrator – Disabled) => C:UsersAdministrator

DefaultAccount (S-1-5-21-504185822-2683078815-436334261-503 – Limited – Disabled)

Guest (S-1-5-21-504185822-2683078815-436334261-501 – Limited – Disabled)

VM (S-1-5-21-504185822-2683078815-436334261-1001 – Administrator – Enabled) => C:UsersVM

WDAGUtilityAccount (S-1-5-21-504185822-2683078815-436334261-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Kaspersky Internet Security (Enabled – Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}

AS: Spybot – Search and Destroy (Enabled – Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}

AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)

Adobe Acrobat Reader DC – Hungarian (HKLM-x32…{AC76BA86-7AD7-1038-7B44-AC0F074E4100}) (Version: 21.007.20099 – Adobe Systems Incorporated)

Amazon Kindle (HKUS-1-5-21-504185822-2683078815-436334261-1001…Amazon Kindle) (Version: 1.30.0.59056 – Amazon)

Anaconda3 2019.10 (Python 3.7.4 64-bit) (HKUS-1-5-21-504185822-2683078815-436334261-1001…Anaconda3 2019.10 (Python 3.7.4 64-bit)) (Version: 2019.10 – Anaconda, Inc.)

ApowerMirror V1.5.1.8 (HKLM-x32…{a9482532-9c34-478c-80c3-85bdccbb981f}_is1) (Version: 1.5.1.8 – APOWERSOFT LIMITED)

Apple Application Support (HKLM-x32…{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 – Apple Inc.)

Apple Software Update (HKLM-x32…{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 – Apple Inc.)

Application Verifier x64 External Package (HKLM…{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 – Microsoft) Hidden

BleachBit 2.2 (HKLM-x32…BleachBit) (Version: 2.2 – BleachBit)

blender (HKLM…{F1B2A72E-AF12-4F88-9E67-971A0105CF52}) (Version: 2.93.4 – Blender Foundation)

Bonjour (HKLM…{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 – Apple Inc.)

Brave (HKLM-x32…BraveSoftware Brave-Browser) (Version: 96.1.32.106 – Brave Software Inc)

C++ Integration(s) in Microsoft Visual Studio* 2017 (HKLM-x32…{A116A1C8-0C8E-4C24-88F1-4D26E63B0ADB}) (Version: 19.0.1.144 – Intel Corporation) Hidden

C++ Integration(s) in Microsoft Visual Studio* 2017 (HKLM-x32…{A45CE029-0231-4644-BE42-6E6B472F4F1B}) (Version: 19.0.1.144 – Intel Corporation) Hidden

C++ Integration(s) in Microsoft Visual Studio* 2017 (HKLM-x32…{BC382AB6-6C82-4EA5-803E-A1BC08D9CADA}) (Version: 19.0.1.144 – Intel Corporation) Hidden

C++ Integration(s) in Microsoft Visual Studio* 2017 (HKLM-x32…{F98C0F35-FB18-4424-809E-7C3CA57A0502}) (Version: 19.0.1.144 – Intel Corporation) Hidden

calibre (HKLM-x32…{42C1E4AD-91A6-4508-9370-67ABE4DCD765}) (Version: 5.28.0 – Kovid Goyal)

Canon IJ Scan Utility (HKLM-x32…Canon_IJ_Scan_Utility) (Version:  – Canon Inc.)

Canon MG2500 series MP Drivers (HKLM…{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 – Canon Inc.)

Canon MG2500 series On-screen Manual (HKLM-x32…Canon MG2500 series On-screen Manual) (Version: 7.8.0 – Canon Inc.)

Canon MG2500 series User Registration (HKLM-x32…Canon MG2500 series User Registration) (Version:  – ‭Canon Inc.)

Canon My Printer (HKLM-x32…CanonMyPrinter) (Version: 3.3.0 – Canon Inc.)

CDisplayEx 1.10.33 (HKLM…CDisplayEx_is1) (Version:  – Progdigy Software S.A.R.L.)

CGAL-4.13 — Computational Geometry Algorithms Library, version 4.8 (HKLM-x32…CGAL-4.13) (Version:  – The CGAL Project and GeometryFactory)

CMake (HKLM…{01DD6233-02B6-45E2-8F9F-CA767CFEDA85}) (Version: 3.17.1 – Kitware)

Compiler and Libraries 2019 Common Files (HKLM-x32…{33EFD8D6-F85D-4DBC-998F-0119FE874879}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Compiler and Libraries 2019 Common Files (HKLM-x32…{7A6BC6ED-482B-4B47-9536-B1C0F158ED92}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Compiler and Libraries 2019 Symbolic Link (HKLM-x32…{6D1E4B15-57B5-4F3F-BBD4-CC3B6CF3B7DF}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Compiler and Libraries 2019 Symbolic Link (HKLM-x32…{C3AEEBCB-157B-4BBB-9AF7-81C8915E703B}) (Version: 19.0.1.144 – Intel Corporation) Hidden

DiagnosticsHub_CollectionService (HKLM…{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 – Microsoft Corporation) Hidden

Discord (HKUS-1-5-21-504185822-2683078815-436334261-1001…Discord) (Version: 0.0.310 – Discord Inc.)

Dropbox (HKLM-x32…Dropbox) (Version: 135.4.4221 – Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32…{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 – Dropbox, Inc.) Hidden

ExpressVPN (HKLM-x32…{65869a5c-fbab-41d6-8915-e8ed40cd7acf}) (Version: 10.7.0.71 – ExpressVPN)

ExpressVPN (HKLM-x32…{E5B9C3E5-889C-4F22-A959-F4B8763D7878}) (Version: 10.7.0.71 – ExpressVPN) Hidden

Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32…{AC76BA86-7AD7-2530-0000-AC13084E6700}) (Version: 19.008.20071 – Adobe Systems Incorporated)

Fortran 95 interfaces for BLAS and LAPACK for IA-32 (HKLM-x32…{301666BE-E024-4F71-AF1A-C3F09F655923}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Fortran 95 interfaces for BLAS and LAPACK for Intel® 64 (HKLM-x32…{6E56A747-90EA-4AD5-B4F8-23DE8359A612}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Git version 2.23.0.windows.1 (HKLM…Git_is1) (Version: 2.23.0.windows.1 – The Git Development Community)

Google Chrome (HKLM-x32…Google Chrome) (Version: 96.0.4664.45 – Google LLC)

Google Update Helper (HKLM-x32…{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 – Google Inc.) Hidden

GPL Ghostscript (HKLM…GPL Ghostscript 9.26) (Version: 9.26 – Artifex Software Inc.)

GPL Ghostscript (HKLM-x32…GPL Ghostscript 9.26) (Version: 9.26 – Artifex Software Inc.)

icecap_collection_neutral (HKLM-x32…{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 – Microsoft Corporation) Hidden

icecap_collection_x64 (HKLM…{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 – Microsoft Corporation) Hidden

icecap_collectionresources (HKLM-x32…{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 – Microsoft Corporation) Hidden

icecap_collectionresourcesx64 (HKLM-x32…{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 – Microsoft Corporation) Hidden

Integration(s) in Microsoft Visual Studio* 2017 (HKLM-x32…{347B253F-89D6-457F-96CB-81F246FE1F9B}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Integration(s) in Microsoft Visual Studio* 2017 (HKLM-x32…{A6146794-659A-4C95-849D-3A50D0DA7538}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel  Compiler 19.0 Shortcuts (HKLM-x32…{D27F4ABA-B0EB-4691-9B6B-CDA2CB117E0B}) (Version: 19.0.1.051 – Intel Corporation) Hidden

Intel  Compiler 19.0 Shortcuts (HKLM-x32…{D29575D9-5D42-4A72-B6F8-1EE790A99383}) (Version: 19.0.1.051 – Intel Corporation) Hidden

Intel C++ | Visual Fortran Compiler 19.0 common files (HKLM-x32…{43FF21C7-5035-46E4-92E8-0FD676FBD893}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel C++ | Visual Fortran Compiler 19.0 for IA-32 (HKLM-x32…{A7F3414E-2531-4330-89DB-228C204447ED}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel C++ | Visual Fortran Compiler 19.0 for Intel® 64 (HKLM-x32…{20FEA491-936E-4400-B4CC-631BA950EFBA}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel C++ Compiler common files (HKLM-x32…{7E8983D5-C1A3-419B-887B-FFF19C6F8FBA}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel Compiler 19.0 OpenMP for IA-32 (HKLM-x32…{13FFA932-F8ED-4E5B-976F-823708C26BB2}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel Compiler 19.0 OpenMP for Intel® 64 (HKLM-x32…{13DD1F8A-5836-451E-99C6-A14FD11B359E}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel Compiler 19.0 OpenMP for Intel® 64 (HKLM-x32…{573153F7-3FE8-4D0B-BFC5-BC337DBD664D}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel Fortran 95 interfaces for BLAS and LAPACK (HKLM-x32…{B4E0115F-84E4-438A-BBE7-D8655AA4CDB6}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries (HKLM-x32…{3EFB516A-AE21-4576-A968-56AA8288B603}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries (HKLM-x32…{62B2C13F-5E94-47EB-9B0B-38644F076A5B}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries (HKLM-x32…{72AD9344-7FC6-4BE3-8AC5-300AE6217C42}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries (HKLM-x32…{A12B7BBB-917B-4548-9858-54227D76D4B3}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries (HKLM-x32…{EB79510E-18DF-41CB-8999-4A00DA03873E}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries Documentation (HKLM-x32…{1E086968-C98B-4273-83AD-19AD94E8CAE9}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries Documentation (HKLM-x32…{B899B620-F263-4FFB-9B44-363FC781534F}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries for C/C++ for IA-32 (HKLM-x32…{FBDD6BB5-ACA9-4FCC-BEDA-5485A541AA14}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries for C/C++ for Intel® 64 (HKLM-x32…{065B2FB5-DF5D-47AF-81ED-DD71AD717C19}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries for Fortran for IA-32 (HKLM-x32…{1C952F92-FD26-454E-9275-80846562AA33}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries for Fortran for Intel® 64 (HKLM-x32…{1BD8F3F0-6F5A-48B5-838E-D9DB3341F37E}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries for IA-32 (HKLM-x32…{2900FC80-691A-49AE-8273-15F3C715D2F1}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries for IA-32 (HKLM-x32…{A722144C-85B2-421A-A8EE-868A1AD1B87B}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries for Intel® 64 (HKLM-x32…{3F371FA1-CB7E-4965-8F30-87FA5EA6AAFC}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL core libraries for Intel® 64 (HKLM-x32…{5C539BA2-5FAF-484E-8F31-1D419AAEE1EB}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL for C/C++ (HKLM-x32…{52E7376D-DDDB-4B4B-B97B-FD881F4717B2}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL for C/C++ (HKLM-x32…{5DDDABBD-18B5-4735-8422-B564EACE7ACE}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL for C/C++ (HKLM-x32…{A4D556C6-A771-4DFE-93D6-A7E104294F39}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL for C/C++ (HKLM-x32…{F3B6BEF1-FD1F-45E6-A869-43AA1AC09B45}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL for Fortran (HKLM-x32…{F226EA5F-E20B-4147-BA2F-05DA6632B12A}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel MKL Shortcuts (HKLM-x32…{A824CB6B-CF21-434C-8CD3-C8BC591A8929}) (Version: 19.0.1.051 – Intel Corporation) Hidden

Intel Parallel Studio XE 2019 Common Files (HKLM-x32…{4CF88EA2-C635-460F-94C8-4E4F0399EF13}) (Version: 19.0.1.051 – Intel Corporation) Hidden

Intel Parallel Studio XE 2019 Common Files (HKLM-x32…{B52346EB-054E-464A-94A0-10AA6F4CC250}) (Version: 19.0.1.051 – Intel Corporation) Hidden

Intel Parallel Studio XE 2019 Samples (HKLM-x32…{9E9E7E8B-B983-4EAC-81B1-7B072105EC09}) (Version: 19.0.1.051 – Intel Corporation) Hidden

Intel Parallel Studio XE 2019 Symbolic Link (HKLM-x32…{8258FF34-8CCB-4E06-B9AC-5332E8C403DC}) (Version: 19.0.1.051 – Intel Corporation) Hidden

Intel Parallel Studio XE 2019 Symbolic Link (HKLM-x32…{89794EA6-BCF6-47AD-969A-6B5C5B2E008F}) (Version: 19.0.1.051 – Intel Corporation) Hidden

Intel TBB (HKLM-x32…{0A2363A4-6EF5-4304-80B5-576CDEBAA768}) (Version: 19.0.2.144 – Intel Corporation) Hidden

Intel TBB (HKLM-x32…{527CF398-0D2D-4957-8851-ED00168D640B}) (Version: 19.0.2.144 – Intel Corporation) Hidden

Intel TBB libraries for IA-32 (HKLM-x32…{8313FABB-F408-4DE9-B7E9-AC4AE8A498BA}) (Version: 19.0.2.144 – Intel Corporation) Hidden

Intel TBB libraries for IA-32 (HKLM-x32…{86747CED-EF4B-4A76-B45F-0E5A82377007}) (Version: 19.0.2.144 – Intel Corporation) Hidden

Intel TBB libraries for Intel® 64 (HKLM-x32…{3249E8AC-D301-4FB8-9670-36E088A16C27}) (Version: 19.0.2.144 – Intel Corporation) Hidden

Intel TBB libraries for Intel® 64 (HKLM-x32…{FB0474FA-57CE-4222-BD71-D4BDFEAE022A}) (Version: 19.0.2.144 – Intel Corporation) Hidden

Intel TBB threading support for IA-32 (HKLM-x32…{F5D8FD6B-BF27-468C-86D0-DA224F16D890}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel TBB threading support for Intel® 64 (HKLM-x32…{ABE917A6-D39E-404A-A826-CC1B08B8AF6C}) (Version: 19.0.1.144 – Intel Corporation) Hidden

Intel Threading Building Blocks 2019 Update 2 for Linux* Target (HKLM-x32…{38387D81-CBC2-499C-9688-D0ECE903CD9C}) (Version: 19.0.2.144 – Intel Corporation) Hidden

Intel® Math Kernel Library 2019 Update 1 (HKLM-x32…ARP_for_prd_w_mkl_p_19_1_051) (Version: 2019.0.1.051 – Intel Corporation)

IntelliTraceProfilerProxy (HKLM-x32…{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 – Microsoft Corporation) Hidden

IrfanView 4.58 (32-bit) (HKLM-x32…IrfanView) (Version: 4.58 – Irfan Skiljan)

Julia 1.6.3 (HKUS-1-5-21-504185822-2683078815-436334261-1001…Julia-1.6.3_is1) (Version: 1.6.3 – Julia Language)

Kaspersky Internet Security (HKLM-x32…{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 – Kaspersky) Hidden

Kaspersky Internet Security (HKLM-x32…InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 – Kaspersky)

Kaspersky VPN (HKLM-x32…{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 – Kaspersky) Hidden

Kaspersky VPN (HKLM-x32…InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 – Kaspersky)

Kits Configuration Installer (HKLM-x32…{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 – Microsoft) Hidden

Lenovo Service Bridge (HKUS-1-5-21-504185822-2683078815-436334261-1001…{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 – Lenovo)

libMultiMarkdown 6.6.0 (HKLM-x32…libMultiMarkdown 6.6.0) (Version: 6.6.0 – Humanity)

LyX 2.3.2-2 (HKLM-x32…LyX232-2) (Version: 2.3.2-2 – LyX Team)

LyX 2.3.4.4 (HKLM-x32…LyX2344) (Version: 2.3.4.4 – LyX Team)

LyX 2.3.5.2 (HKLM-x32…LyX2352) (Version: 2.3.5.2 – LyX Team)

MATLAB R2021b (HKLM…Matlab R2021b) (Version: 9.11 – MathWorks)

Microsoft 365 – hu-hu (HKLM…O365HomePremRetail – hu-hu) (Version: 16.0.14527.20276 – Microsoft Corporation)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 95.0.1020.53 – Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 95.0.1020.53 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-504185822-2683078815-436334261-1001…OneDriveSetup.exe) (Version: 21.220.1024.0005 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-504185822-2683078815-436334261-500…OneDriveSetup.exe) (Version: 19.103.0527.0003 – Microsoft Corporation)

Microsoft SQL Server 2012 Native Client  (HKLM…{1385D3DB-8E80-427B-91D2-B7535862B8E4}) (Version: 11.3.6518.0 – Microsoft Corporation)

Microsoft SQL Server 2016 LocalDB  (HKLM…{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 – Microsoft Corporation)

Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM…{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 – Microsoft Corporation)

Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32…{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 – Microsoft Corporation)

Microsoft Teams (HKUS-1-5-21-504185822-2683078815-436334261-1001…Teams) (Version: 1.4.00.29469 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40664 (HKLM-x32…{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40664 (HKLM-x32…{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) – 14.16.27033 (HKLM-x32…{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) – 14.16.27033 (HKLM-x32…{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 – Microsoft Corporation)

Microsoft Visual Studio Installer (HKLM…{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.11.46.52233 – Microsoft Corporation)

MiKTeX (HKLM…MiKTeX) (Version: 20.11 – MiKTeX.org)

MiKTeX 2.9 (HKLM…MiKTeX 2.9) (Version: 2.9 – MiKTeX.org)

Miniconda3 4.8.2 (Python 3.7.6 64-bit) (HKUS-1-5-21-504185822-2683078815-436334261-1001…Miniconda3 4.8.2 (Python 3.7.6 64-bit)) (Version: 4.8.2 – Anaconda, Inc.)

Mosek Optimization Tools 8.1  (HKLM-x32…{23571274-83A4-42C5-9BE5-07BE4D2E8855}) (Version: 8.1 – Mosek APS)

Mozilla Firefox (x64 hu) (HKLM…Mozilla Firefox 93.0 (x64 hu)) (Version: 93.0 – Mozilla)

Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 65.0 – Mozilla)

MPLAB X IDE v4.20 (HKLM-x32…MPLAB X IDE v4.20 v4.20) (Version: v4.20 – Microchip)

MSI Development Tools (HKLM-x32…{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Nextcloud (HKLM…{3A99002F-BABA-4378-BB20-44C94A159696}) (Version: 3.3.6.20211028 – Nextcloud GmbH)

Notepad++ (32-bit x86) (HKLM-x32…Notepad++) (Version: 8.1.9.1 – Notepad++ Team)

NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.23.0.74 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 – NVIDIA Corporation)

NVIDIA Graphics Driver 496.76 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.76 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.21.0713 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 – NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM-x32…{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14527.20276 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 – Microsoft Corporation) Hidden

OpenFlipper v4.1 (HKLM-x32…OpenFlipper) (Version: 4.1 – ACG)

OpenMesh v8.1 (HKLM-x32…OpenMesh) (Version: 8.1 – ACG)

Pandoc 2.13 (HKLM…{FF11D48D-940E-4D3E-B674-1631E710306D}) (Version: 2.13 – John MacFarlane)

PreForm 3.0.3 (HKLM-x32…PreForm-3.0.3) (Version: 3.0.3 – Formlabs)

PreForm 3.12.2 (HKLM-x32…PreForm-3.12.2) (Version: 3.12.2 – Formlabs)

PreForm 3.3.3 (HKLM-x32…PreForm-3.3.3) (Version: 3.3.3 – Formlabs)

PreForm 3.4.4 (HKLM-x32…PreForm-3.4.4) (Version: 3.4.4 – Formlabs)

qBittorrent 4.3.8 (HKLM-x32…qBittorrent) (Version: 4.3.8 – The qBittorrent project)

Qt (HKUS-1-5-21-504185822-2683078815-436334261-1001…{c07721f8-9cd6-4055-8b66-a66617913b69}) (Version: %MAINTENANCE_TOOL_VERSION% – The Qt Company Ltd)

QuickTime 7 (HKLM-x32…{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 – Apple Inc.)

RogueKiller version 15.1.4.0 (HKLM…8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.1.4.0 – Adlice Software)

Scribus 1.4.8 (64bit) (HKLM…Scribus 1.4.8) (Version: 1.4.8 – The Scribus Team)

SDK ARM Additions (HKLM-x32…{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

SDK ARM Redistributables (HKLM-x32…{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Sketches (HKLM-x32…{05573A57-4031-49DD-80F2-5D399AD338AE}) (Version: 5.00 – ShapEx)

SMPlayer 18.10.0 (x64) (HKLM…SMPlayer) (Version: 18.10.0 – Ricardo Villalba)

Spybot – Search & Destroy (HKLM-x32…{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 – Safer-Networking Ltd.)

TeXstudio – TeXstudio is a fully featured LaTeX editor. (HKLM-x32…TeXstudio) (Version: 2.12.14 – Benito van der Zander)

Total Commander 64-bit (Remove or Repair) (HKLM…Totalcmd64) (Version: 9.51 – Ghisler Software GmbH)

Universal CRT Extension SDK (HKLM-x32…{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Universal CRT Headers Libraries and Sources (HKLM-x32…{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Universal CRT Redistributable (HKLM-x32…{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Universal CRT Tools x64 (HKLM…{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Universal CRT Tools x86 (HKLM-x32…{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Universal General MIDI DLS Extension SDK (HKLM-x32…{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Update for  (KB2504637) (HKLM-x32…{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 – Microsoft Corporation)

vcpp_crt.redist.clickonce (HKLM-x32…{253D6AD3-5786-4B3B-B4E1-E082482A1F26}) (Version: 14.16.27033 – Microsoft Corporation) Hidden

VdhCoApp 1.5.0 (HKLM…weh-iss-net.downloadhelper.coapp_is1) (Version:  – DownloadHelper)

Visual Studio Enterprise 2017 (HKLM-x32…3fe90ddc) (Version: 15.9.41 – Microsoft Corporation)

VLC media player (HKLM…VLC media player) (Version: 3.0.16 – VideoLAN)

VS Immersive Activate Helper (HKLM-x32…{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 – Microsoft Corporation) Hidden

VS JIT Debugger (HKLM…{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 – Microsoft Corporation) Hidden

VS Script Debugging Common (HKLM…{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 – Microsoft Corporation) Hidden

vs_codecoveragemsi (HKLM-x32…{B2DB38F7-4225-4EA6-A7B2-F9A0E089DD89}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

vs_communitymsi (HKLM-x32…{DF045B92-FE21-416E-85DC-46634A8E55B6}) (Version: 15.9.28307 – Microsoft Corporation) Hidden

vs_communitymsires (HKLM-x32…{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 – Microsoft Corporation) Hidden

vs_devenvmsi (HKLM-x32…{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 – Microsoft Corporation) Hidden

vs_enterprisemsi (HKLM-x32…{6E0FB913-0E76-44B5-B0D4-2B71A7984BD2}) (Version: 15.0.26621 – Microsoft Corporation) Hidden

vs_filehandler_amd64 (HKLM-x32…{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 – Microsoft Corporation) Hidden

vs_filehandler_x86 (HKLM-x32…{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 – Microsoft Corporation) Hidden

vs_FileTracker_Singleton (HKLM-x32…{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 – Microsoft Corporation) Hidden

vs_Graphics_Singletonx64 (HKLM…{B6BAC9A6-A70D-4E4D-B90A-7EE2B336E090}) (Version: 15.8.27729 – Microsoft Corporation) Hidden

vs_Graphics_Singletonx86 (HKLM-x32…{3161DA68-DD37-4798-82DB-B3A0BD6BA233}) (Version: 15.8.27729 – Microsoft Corporation) Hidden

vs_minshellinteropmsi (HKLM-x32…{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 – Microsoft Corporation) Hidden

vs_minshellmsi (HKLM-x32…{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 – Microsoft Corporation) Hidden

vs_minshellmsires (HKLM-x32…{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 – Microsoft Corporation) Hidden

vs_networkemulationmsi_x64 (HKLM-x32…{674BB892-7904-4B94-8077-9DA3D2CBFC70}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

vs_professionalmsi (HKLM-x32…{C135A30B-7258-4E11-8660-87C5642A4AAE}) (Version: 15.0.26621 – Microsoft Corporation) Hidden

vs_tipsmsi (HKLM-x32…{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

WinAppDeploy (HKLM-x32…{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinDjView 2.1 (HKLM…WinDjView) (Version: 2.1 – Andrew Zhezherun)

Windows Driver Package – Segger (jlink) USB  (01/26/2017 2.70.08.0) (HKLM…D12F44630DF6CA437A5B43B0F1A4C5A54E130B0D) (Version: 01/26/2017 2.70.08.0 – Segger)

Windows Driver Package – SEGGER (JLinkCDC_x64) Ports  (08/28/2014 6.0.2601.5) (HKLM…ED80E3D3A350D18BFD3D3D8DAED8E2B19105763A) (Version: 08/28/2014 6.0.2601.5 – SEGGER)

Windows SDK AddOn (HKLM-x32…{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 – Microsoft Corporation)

Windows Software Development Kit – Windows 10.0.17763.132 (HKLM-x32…{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 – Microsoft Corporation)

WinRT Intellisense Desktop – en-us (HKLM-x32…{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense Desktop – Other Languages (HKLM-x32…{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense IoT – en-us (HKLM-x32…{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense IoT – Other Languages (HKLM-x32…{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense Mobile – en-us (HKLM-x32…{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense PPI – en-us (HKLM-x32…{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense PPI – Other Languages (HKLM-x32…{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense UAP – en-us (HKLM-x32…{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense UAP – Other Languages (HKLM-x32…{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Wolfram Mathematica 12.1 (M-WIN-L 12.1.1 6938439) (HKLM…M-WIN-L 12.1.1 6938439_is1) (Version: 12.1.1 – Wolfram Research, Inc.)

WolframScript (A-WIN32-WolframScript 11.3.0 2018030401) (HKLM-x32…{F8D88AF3-43F1-4818-B6DB-0D38F8E42833}) (Version: 11.3.49 – Wolfram Research, Inc.)

WolframScript (A-WIN64-WolframScript 12.1.1 2020060801) (HKLM…{BFB75BB0-A964-11EA-A09C-005056A4BF25}) (Version: 12.1.68 – Wolfram Research, Inc.)

Zoom (HKUS-1-5-21-504185822-2683078815-436334261-1001…ZoomUMX) (Version: 5.8.4 (1736) – Zoom Video Communications, Inc.)

 

Packages:

=========

Canon Inkjet Print Utility -> C:Program FilesWindowsApps34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-04-23] (Canon Inc.)

Cortana -> C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-11-19] (Microsoft Corporation)

Dolby Audio -> C:Program FilesWindowsAppsDolbyLaboratories.DolbyAudio_2.1002.243.0_x64__rz1tebttyb220 [2020-04-01] (Dolby Laboratories)

Intel® Graphics Command Center -> C:Program FilesWindowsAppsAppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-11-19] (INTEL CORP) [Startup Task]

Intel® Graphics Control Panel -> C:Program FilesWindowsAppsAppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-04-01] (INTEL CORP)

iTunes -> C:Program FilesWindowsAppsAppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-10-29] (Apple Inc.) [Startup Task]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-11-19] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-19] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-19] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-19] (Microsoft Studios) [MS Ad]

NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-11-19] (NVIDIA Corp.)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-504185822-2683078815-436334261-1001_ClassesCLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive – Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}

CustomCLSID: HKUS-1-5-21-504185822-2683078815-436334261-1001_ClassesCLSID{163b9f20-bc14-489d-88b0-6d712c5fc070} -> [Nextcloud] => D:Nextcloud [2018-12-26 23:54]

CustomCLSID: HKUS-1-5-21-504185822-2683078815-436334261-1001_ClassesCLSID{19A6E644-14E6-4A60-B8D7-DD20610A871D}InprocServer32 -> C:UsersVMAppDataLocalMicrosoftTeamsMeetingAddin1.0.21209.2x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-504185822-2683078815-436334261-1001_ClassesCLSID{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}InprocServer32 -> C:UsersVMAppDataLocalMicrosoftTeamsMeetingAddin1.0.20244.4x64Microsoft.Teams.AddinLoader.dll => No File

CustomCLSID: HKUS-1-5-21-504185822-2683078815-436334261-1001_ClassesCLSID{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => D:Dropbox [2019-01-01 22:23]

ShellIconOverlayIdentifiers: [                NextcloudError] -> {E0342B74-7593-4C70-9D61-22F294AAFE05} => C:Program Files (x86)NextcloudshellextNCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)

ShellIconOverlayIdentifiers: [                NextcloudOK] -> {E1094E94-BE93-4EA2-9639-8475C68F3886} => C:Program Files (x86)NextcloudshellextNCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)

ShellIconOverlayIdentifiers: [                NextcloudOKShared] -> {E243AD85-F71B-496B-B17E-B8091CBE93D2} => C:Program Files (x86)NextcloudshellextNCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)

ShellIconOverlayIdentifiers: [                NextcloudSync] -> {E3D6DB20-1D83-4829-B5C9-941B31C0C35A} => C:Program Files (x86)NextcloudshellextNCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)

ShellIconOverlayIdentifiers: [                NextcloudWarning] -> {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483} => C:Program Files (x86)NextcloudshellextNCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:Program Files (x86)Notepad++NppShell_06.dll [2020-11-02] (Notepad++ -> )

ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:Program Files (x86)Kaspersky LabKaspersky Internet Security 21.3x64shellex.dll [2021-11-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)

ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:Program Files (x86)Spybot – Search & Destroy 2SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:Program Files (x86)Spybot – Search & Destroy 2SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:Program Files (x86)Kaspersky LabKaspersky Internet Security 21.3x64shellex.dll [2021-11-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)

ContextMenuHandlers3: [NextcloudContextMenuHandler] -> {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} => C:Program Files (x86)NextcloudshellextNCContextMenu.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:Program Files (x86)Kaspersky LabKaspersky Internet Security 21.3x64shellex.dll [2021-11-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)

ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:Program Files (x86)DropboxClientDropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynvlti.inf_amd64_4831581a4e5dfca0nvshext.dll [2021-11-11] (Nvidia Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:Program Files (x86)Kaspersky LabKaspersky Internet Security 21.3x64shellex.dll [2021-11-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)

ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:Program Files (x86)Spybot – Search & Destroy 2SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:Program Files (x86)Spybot – Search & Destroy 2SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

 

==================== Codecs (Whitelisted) ====================

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:UsersVMDesktopStackEdit.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=olheigmnhdlofgjiponfkcnofipcljko

ShortcutWithArgument: C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsQt5.12.0MSVC 2017 (64-bit)Qt 5.12.0 64-bit for Desktop (MSVC 2017).lnk -> C:WindowsSystem32cmd.exe (Microsoft Corporation) -> /A /Q /K C:Qt5.12.0msvc2017_64binqtenv2.bat

ShortcutWithArgument: C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsQt5.12.0MSVC 2017 (32-bit)Qt 5.12.0 32-bit for Desktop (MSVC 2017).lnk -> C:WindowsSystem32cmd.exe (Microsoft Corporation) -> /A /Q /K C:Qt5.12.0msvc2017binqtenv2.bat

ShortcutWithArgument: C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsQt5.12.0MinGW 7.3.0 (64-bit)Qt 5.12.0 for Desktop (MinGW 7.3.0 64-bit).lnk -> C:WindowsSystem32cmd.exe (Microsoft Corporation) -> /A /Q /K C:Qt5.12.0mingw73_64binqtenv2.bat

ShortcutWithArgument: C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsStackEdit.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=olheigmnhdlofgjiponfkcnofipcljko

ShortcutWithArgument: C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsAnaconda3 (64-bit)Anaconda Prompt (3).lnk -> C:WindowsSystem32cmd.exe (Microsoft Corporation) -> “/K” C:UsersVM.juliaconda3Scriptsactivate.bat C:UsersVM.juliaconda3

ShortcutWithArgument: C:UsersVMAppDataRoamingMicrosoftWindowsStart MenuProgramsAnaconda3 (64-bit)Anaconda Prompt (Anaconda3).lnk -> C:WindowsSystem32cmd.exe (Microsoft Corporation) -> “/K” D:Anaconda3Scriptsactivate.bat D:Anaconda3

 

==================== Loaded Modules (Whitelisted) =============

 

2021-10-28 13:29 – 2021-10-28 13:29 – 000099328 _____ () [File not signed] C:Program Files (x86)Nextcloudnextcloudsync_vfs_cfapi.dll

2021-10-28 13:30 – 2021-10-28 13:30 – 000030208 _____ () [File not signed] C:Program Files (x86)Nextcloudnextcloudsync_vfs_suffix.dll

2021-10-28 13:34 – 2021-10-28 13:34 – 005972464 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:Program Files (x86)NextcloudQt5Core.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:WINDOWSsystem32opengl32sw.dll:com.dropbox.attributes [168]

AlternateDataStreams: C:WINDOWSsystem32opengl32sw.dll:com.dropbox.attrs [54]

AlternateDataStreams: C:WINDOWSSysWOW64opengl32sw.dll:com.dropbox.attributes [168]

AlternateDataStreams: C:WINDOWSSysWOW64opengl32sw.dll:com.dropbox.attrs [54]

AlternateDataStreams: C:UsersVMDocumentsKonferenciak_2019.xls:com.dropbox.attributes [306]

AlternateDataStreams: C:UsersVMDocumentsKonferenciak_2019.xls:com.dropbox.attrs [58]

AlternateDataStreams: C:UsersVMDocumentsSzeminarium_Otletek.docx:com.dropbox.attrs [54]

AlternateDataStreams: C:UsersVMDocumentsTemalabor_VM.ppt:com.dropbox.attrs [54]

 

==================== Safe Mode (Whitelisted) ==================

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX64Microsoft OfficeOffice16OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKUS-1-5-21-504185822-2683078815-436334261-1001…sharepoint.com -> hxxps://bmeedu-files.sharepoint.com

IE restricted site: HKUS-1-5-21-504185822-2683078815-436334261-1001…