Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
So every few minutes, a pop up appears on my desktop saying
"Windows cannot find C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\StartMenu\Programs\Startup\Microsoft Office OSM UX MUI (English) 2013.exe."
It pops up endlessly and it is very annoying. I tried removing using malwarebytes and adwcleaner and they did find viruses especially in the registry. But the problem still persists. I guess it has something to do with the windows registry? Hoping for some help. I also attached a screenshot of the problem.
Here is the log from FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2021
Ran by Charlie (administrator) on DESKTOP-U6LECO9 (BIOSTAR Group A320MH) (25-03-2021 15:39:27)
Running from C:\Users\Charlie\Desktop
Loaded Profiles: Charlie
Platform: Windows 10 Pro Version 20H2 19042.867 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD, Inc.) [File not signed] C:\Program Files (x86)\RAIDXpert2\rcpopup.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Charlie\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Charlie\AppData\Roaming\BitTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Charlie\AppData\Roaming\BitTorrent\updates\7.10.5_45967\bittorrentie.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(LLC Mail.Ru -> ) C:\Users\Charlie\AppData\Local\GameCenter\GameCenter.exe <4>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Charlie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <6>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18389448 2021-03-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [rcpopup] => C:\Program Files (x86)\RAIDXpert2\rcpopup.exe [5130752 2019-05-14] (AMD, Inc.) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\Run: [BitTorrent] => C:\Users\Charlie\AppData\Roaming\BitTorrent\BitTorrent.exe [2135080 2021-03-24] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\Run: [GameCenter] => C:\Users\Charlie\AppData\Local\GameCenter\GameCenter.exe [11011272 2021-03-20] (LLC Mail.Ru -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-17] (Google LLC -> Google LLC)
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0564E132-29D2-4F17-8389-88DF05A95989} - System32\Tasks\ikRBDsOoYuyjwwfgC2 => rundll32 "C:\Program Files (x86)\NzfiguIXKBcvLThdjER\SjMrPlt.dll",#1
Task: {18D3E45C-D589-43E4-946A-301CB5A2D662} - System32\Tasks\PYsVqxspwxwBOp => rundll32 "C:\Program Files (x86)\iwBJhGtjzrZU2\JNEBSsIRAcFUy.dll",#1
Task: {22F34A2D-703B-4FC0-95AC-BF1EB16DA002} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {265011E0-3CF1-4C64-9764-72FCB7D8C86F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-12] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {5A6F9B24-7A52-4FDA-865A-4C3B7064F33E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5EDC4C0B-CB67-4535-AE48-9F652C943019} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6B697EC5-F349-4514-98C4-0FDFE2371AF5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {7132004B-21BF-455E-87C9-0E5FFC82B2AC} - System32\Tasks\uKxrgSqgiFmHQYx2 => rundll32 "C:\Program Files (x86)\LoLAzmIuU\NBsRcU.dll",#1
Task: {7CDA8592-5578-4CCC-A38C-DB932D979ED1} - System32\Tasks\SafeZone scheduled Autoupdate 1615986071 => E:\SZBrowser\launcher.exe
Task: {7DB3FC1B-A24D-4CBC-B5BD-5FF5F29D8FC6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91BE98AA-7392-4941-95FA-A53596EBA5E6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-12] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {93ADDA7B-9903-4BAF-82A4-9C1A35D3C13E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {96A1DA0D-E827-4D6E-890B-AFA532E1B5C4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {A0E9B053-D649-499E-8D74-D23FD87F21E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\msoia.exe
Task: {A5415ABE-7736-4D31-9CB6-99B065126B45} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\msoia.exe
Task: {A846A258-49F4-467B-8A77-B86C6AD6C10C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-17] (Google LLC -> Google LLC)
Task: {AD6C63AA-2F0E-4EF6-89B0-0BEC2C1F0DA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-17] (Google LLC -> Google LLC)
Task: {B2B00CB8-8BD5-4A53-92AA-DFAA73A3E465} - System32\Tasks\gxx speed launcher => C:\Program Files (x86)\Garena\Garena\Garena.exe [457600 2019-09-26] (Garena Online Pte Ltd -> Garena Online)
Task: {BB9531F5-1C1C-420E-9F57-C238B4A164DC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD6E7F86-E58D-41F8-93DA-F8C9782604E5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8B3024E-34F9-408F-860F-E3121E75AA33} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1791712 2021-03-17] (Avast Software s.r.o. -> Avast Software)
Task: {F858FBBC-9300-46B5-80AB-7BED569C8FE3} - System32\Tasks\tVEiFoZJkyKQCDgGnBK2 => rundll32 "C:\Program Files (x86)\vLHOAkFsmDvKC\SqkuKEC.dll",#1
Task: {F9172039-EB84-4B1D-9F37-BC27A5D76581} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB163DDA-C23E-4EA5-85B3-93D2582081C5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC06C1A5-123C-48E7-8CCE-B6AEC607E677} - System32\Tasks\Maintenance => C:\Users\Charlie\AppData\Local\z_Charlie\Charlie.vbs [175 2021-03-17] () [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8dda46d2-d72c-4435-8950-07a857120fa8}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Charlie\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-25]
Edge Notifications: Default -> hxxps://news-central.org; hxxps://www.facebook.com
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Charlie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-03-16]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Charlie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-25]
Edge Extension: (AdBlock — best ad blocker) - C:\Users\Charlie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-03-19]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-08-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default [2021-03-22]
CHR Notifications: Default -> hxxps://mail-notification.info; hxxps://www.facebook.com
CHR DefaultSearchURL: Default -> hxxps://www.ctcodeinfo.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Custom
CHR Extension: (Slides) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-17]
CHR Extension: (Docs) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-17]
CHR Extension: (Google Drive) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-17]
CHR Extension: (YouTube) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-17]
CHR Extension: (Custom) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\colgdlijdieibnaccfdcdbpdffofkfeb [2021-03-17]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-03-19]
CHR Extension: (Sheets) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-17]
CHR Extension: (Adblocker for Youtube™) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbilhfoibpnndjdfmbfanapdpmebbnl [2021-03-17] [UpdateUrl:hxxps://clients93.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs Offline) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-17]
CHR Extension: (Avast Online Security) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-17]
CHR Extension: (Gmail) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-17]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 Apache2.4; C:\Program Files (x86)\RAIDXpert2\apache\bin\httpd.exe [23040 2017-12-05] (Apache Software Foundation) [File not signed]
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S2 GarenaPlatform; C:\Program Files (x86)\Garena\Garena\2.0.1909.2618\gxxsvc.exe [320512 2019-09-26] (Garena Online Pte Ltd -> Garena Online)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-25] (Malwarebytes Inc -> Malwarebytes)
S2 rc_cgi; C:\Program Files (x86)\RAIDXpert2\rc_cgi.exe [669696 2019-05-14] (AMD, Inc.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-03-25] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-03-25] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-03-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-03-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [155360 2021-03-25] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420072 2021-03-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-17] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-25 18:04 - 2021-03-25 12:40 - 096993280 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-03-25 18:03 - 2021-03-25 18:04 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-03-25 15:39 - 2021-03-25 15:39 - 000017749 _____ C:\Users\Charlie\Desktop\FRST.txt
2021-03-25 15:38 - 2021-03-25 15:39 - 000000000 ____D C:\FRST
2021-03-25 15:38 - 2021-03-25 15:37 - 002300928 _____ (Farbar) C:\Users\Charlie\Desktop\FRST64.exe
2021-03-25 15:37 - 2021-03-25 15:37 - 002300928 _____ (Farbar) C:\Users\Charlie\Downloads\FRST64.exe
2021-03-25 15:07 - 2021-03-25 15:07 - 000000000 ___DC C:\Users\Charlie\AppData\LocalLow\BitTorrent
2021-03-25 12:40 - 2021-03-25 12:40 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-03-25 12:40 - 2021-03-25 12:40 - 000155360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-03-25 12:40 - 2021-03-25 12:40 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-03-25 12:39 - 2021-03-25 12:39 - 000000000 ____D C:\AdwCleaner
2021-03-25 12:38 - 2021-03-25 12:38 - 018854176 _____ C:\Users\Charlie\Downloads\2K21-詹姆斯·哈登v1_By阿伟.rar
2021-03-25 12:37 - 2021-03-25 12:38 - 008534696 _____ (Malwarebytes) C:\Users\Charlie\Downloads\adwcleaner_8.2.exe
2021-03-25 12:34 - 2021-03-25 12:34 - 000003272 _____ C:\Users\Charlie\Desktop\g.txt
2021-03-25 12:32 - 2021-03-25 12:32 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-25 12:32 - 2021-03-25 12:32 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-03-25 12:32 - 2021-03-25 12:32 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-25 12:32 - 2021-03-25 12:32 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-03-25 12:32 - 2021-03-25 12:32 - 000000000 ____D C:\Users\Charlie\AppData\Local\mbam
2021-03-25 12:31 - 2021-03-25 12:31 - 002084016 _____ (Malwarebytes) C:\Users\Charlie\Downloads\MBSetup (1).exe
2021-03-25 12:31 - 2021-03-25 12:31 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-03-25 12:31 - 2021-03-25 12:31 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-03-25 12:31 - 2021-03-25 12:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-25 12:30 - 2021-03-25 12:30 - 002084016 _____ (Malwarebytes) C:\Users\Charlie\Downloads\MBSetup.exe
2021-03-25 12:27 - 2021-03-25 12:27 - 013044601 _____ C:\Users\Charlie\Downloads\Zach Lavine.rar
2021-03-25 12:24 - 2021-03-25 12:24 - 020872600 _____ C:\Users\Charlie\Downloads\【伊戈INGE】格里芬BlakeGriffin.rar
2021-03-25 12:22 - 2021-03-25 12:22 - 008128148 _____ C:\Users\Charlie\Downloads\utf-8' 'Derrick rose(ByLeBron&三串烤腰子) V1.1.zip
2021-03-25 12:20 - 2021-03-25 12:20 - 003328039 _____ C:\Users\Charlie\Downloads\face1357.iff
2021-03-25 12:19 - 2021-03-25 12:19 - 013229359 _____ C:\Users\Charlie\Downloads\三球By3101493023.zip
2021-03-25 12:13 - 2021-03-25 12:13 - 001193184 _____ (BlueStack Systems Inc.) C:\Users\Charlie\Downloads\BlueStacks_App_Player_v4.240.20.1016.exe
2021-03-25 12:04 - 2021-03-25 12:04 - 004544821 ____N C:\Users\Charlie\Downloads\HyperShield_v2.2.2.0.MULTI.apk
2021-03-25 12:02 - 2021-03-25 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2021-03-25 12:02 - 2021-03-25 12:17 - 000000000 ____D C:\Program Files\txgameassistant
2021-03-25 12:01 - 2021-03-25 12:01 - 009566056 _____ (Tencent) C:\Users\Charlie\Downloads\com.activision.callofduty.shooter_900205109_NormalPackage_2384.exe
2021-03-25 12:01 - 2021-03-25 12:01 - 000000000 ____D C:\Temp
2021-03-25 11:28 - 2021-03-25 11:28 - 000487322 _____ C:\WINDOWS\gethelp_audiotroubleshooter_latestpackage.zip
2021-03-25 11:28 - 2021-03-25 11:28 - 000000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2021-03-25 11:18 - 2021-03-25 11:19 - 008538328 _____ C:\Users\Charlie\Downloads\LaMarcus Aldrige by NMC.rar
2021-03-25 11:18 - 2021-03-25 11:18 - 016755066 _____ C:\Users\Charlie\Downloads\卡佩拉(Clint Capela).DP.zip
2021-03-25 11:17 - 2021-03-25 11:18 - 058975579 _____ C:\Users\Charlie\Downloads\Coaches Pack #1.rar
2021-03-25 11:17 - 2021-03-25 11:17 - 076677962 _____ C:\Users\Charlie\Downloads\Curry4V.rar
2021-03-25 11:17 - 2021-03-25 11:17 - 031435576 _____ C:\Users\Charlie\Downloads\Giannis Antetokounmpo 2k21 Free by Emnashow.rar
2021-03-25 11:16 - 2021-03-25 11:16 - 014116373 _____ C:\Users\Charlie\Downloads\【LeBron徐】卢卡东契奇Luka Dončić.rar
2021-03-25 11:14 - 2021-03-25 11:15 - 640787483 _____ C:\Users\Charlie\Downloads\NBA 2K21 +50 CFs MegaPack from Official Patches 1.06-1.07-1.08 AIO.rar
2021-03-25 11:12 - 2021-03-25 11:12 - 005110580 _____ C:\Users\Charlie\Downloads\Unconfirmed 593654.crdownload
2021-03-25 11:11 - 2021-03-25 11:11 - 070401970 _____ C:\Users\Charlie\Downloads\【LeBron徐】现役30支球队封面.zip
2021-03-25 11:05 - 2021-03-25 12:30 - 000000000 ____D C:\Users\Charlie\AppData\Local\Bluestacks
2021-03-25 11:04 - 2021-03-25 11:04 - 001236448 _____ (BlueStack Systems Inc.) C:\Users\Charlie\Downloads\BlueStacksInstaller_4.280.0.1022_native_97251b5a92bc4516f99f27bedadf6d03.exe
2021-03-25 02:30 - 2021-03-25 02:30 - 000000866 ____C C:\Users\Charlie\Documents\Copy of Cyberface Mixer Recipe Template - Recipes (1).csv
2021-03-25 02:13 - 2021-03-25 02:13 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\EYEUC
2021-03-25 02:06 - 2021-03-25 02:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-03-25 02:06 - 2021-03-25 02:06 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-25 02:06 - 2021-03-25 02:06 - 000000000 ____D C:\Program Files\7-Zip
2021-03-25 01:47 - 2021-03-25 01:47 - 000000000 ___DC C:\Users\Charlie\Documents\My Cheat Tables
2021-03-25 01:19 - 2021-03-25 01:19 - 000000926 _____ C:\Users\Charlie\Desktop\NBA2K21 Tools.lnk
2021-03-25 01:19 - 2021-03-25 01:19 - 000000000 ____D C:\Program Files\EYEUC
2021-03-25 01:10 - 2021-03-25 02:30 - 000000000 ____D C:\Mods
2021-03-25 01:04 - 2021-03-25 01:04 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\2K Sports
2021-03-25 01:04 - 2021-03-25 01:04 - 000000000 ____D C:\ProgramData\Documents\Steam
2021-03-24 18:10 - 2021-03-24 18:10 - 000001359 _____ C:\ProgramData\Desktop\NBA 2K21.lnk
2021-03-24 18:10 - 2021-03-24 18:10 - 000000000 ____D C:\Games
2021-03-24 16:30 - 2021-03-24 16:40 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
2021-03-24 16:29 - 2021-03-24 16:55 - 000000000 ____D C:\Program Files\ESET
2021-03-24 16:28 - 2021-03-24 16:28 - 000016120 _____ C:\Users\Charlie\Downloads\ESET NOD32 Antivirus Internet Security Internet Security (Для всех устройств) 14.0.22.0 RePack by KpoJIuK [2021,Multi Ru] [rutracker-6007850].torrent
2021-03-23 23:45 - 2021-03-23 23:45 - 000016374 _____ C:\Users\Charlie\Downloads\the_bold_font.zip
2021-03-23 23:45 - 2015-06-06 15:11 - 000042968 _____ C:\Users\Charlie\Downloads\theboldfont.ttf
2021-03-23 21:48 - 2021-03-23 21:48 - 000000000 ___DC C:\Users\Charlie\AppData\LocalLow\Adobe
2021-03-23 21:47 - 2021-03-23 21:47 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk
2021-03-23 21:47 - 2021-03-23 21:47 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-03-23 21:47 - 2021-03-23 21:47 - 000000000 ____D C:\Program Files\Adobe
2021-03-23 21:47 - 2021-03-23 21:47 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-03-23 21:46 - 2021-03-23 21:48 - 000000000 ____D C:\Users\Charlie\AppData\Local\Adobe
2021-03-23 21:46 - 2021-03-23 21:47 - 000000000 ____D C:\ProgramData\Adobe
2021-03-23 18:23 - 2021-03-23 18:23 - 000026875 _____ C:\Users\Charlie\Downloads\The.Hobbit.The.Battle.of.the.Five.Armies.2014.EXTENDED.1080p.BluRay.x265-RARBG-[rarbg.to].torrent
2021-03-23 08:57 - 2021-03-23 08:57 - 004925239 _____ C:\Users\Charlie\Downloads\GUIMARAS FOR EMAIL.zip
2021-03-22 18:02 - 2021-03-22 18:19 - 2778508086 _____ C:\Users\Charlie\Downloads\GROUND_BRANCH.7z
2021-03-22 13:56 - 2021-03-22 13:56 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2021-03-22 13:56 - 2021-03-22 13:56 - 000002241 _____ C:\ProgramData\Desktop\Google Earth Pro.lnk
2021-03-22 13:56 - 2021-03-22 13:56 - 000000000 ___DC C:\Users\Charlie\AppData\LocalLow\Google
2021-03-22 13:55 - 2021-03-22 13:55 - 001304160 _____ (Google LLC) C:\Users\Charlie\Downloads\GoogleEarthProSetup.exe
2021-03-22 11:23 - 2021-03-22 11:23 - 012740588 _____ C:\Users\Charlie\Desktop\interor teresa.dae
2021-03-22 11:02 - 2021-03-22 11:02 - 134225182 _____ C:\Users\Charlie\Desktop\ter.ls10
2021-03-22 10:58 - 2021-03-25 03:32 - 000000000 ____D C:\Users\Charlie\Desktop\Teresa Madrano
2021-03-22 09:34 - 2021-03-22 09:34 - 265597892 _____ C:\Users\Charlie\Desktop\GING PERS.ls10
2021-03-21 23:43 - 2021-03-21 23:43 - 000045271 _____ C:\Users\Charlie\Downloads\Enola.Holmes.2020.1080p.NF.WEBRip.x265.10bit.HDR.DDP5.1.Atmos-NTG-[rarbg.to].torrent
2021-03-21 23:43 - 2021-03-21 23:43 - 000021850 _____ C:\Users\Charlie\Downloads\Enola.Holmes.2020.1080p.WEBRip.x265-RARBG-[rarbg.to].torrent
2021-03-21 23:40 - 2021-03-21 23:40 - 000020254 _____ C:\Users\Charlie\Downloads\Soul.2020.1080p.BluRay.H264.AAC-RARBG-[rarbg.to].torrent
2021-03-21 23:39 - 2021-03-21 23:39 - 000069820 _____ C:\Users\Charlie\Downloads\Soul.2020.1080p.BluRay.REMUX.AVC.DTS-HD.MA.TrueHD.7.1.Atmos-FGT-[rarbg.to].torrent
2021-03-21 22:18 - 2021-03-21 22:18 - 131511310 _____ C:\Users\Charlie\Desktop\luion teresa.ls10
2021-03-21 19:18 - 2021-03-21 19:18 - 000023732 _____ C:\Users\Charlie\Downloads\Zack Snyder's Justice League (2021) [1080p] [WEBRip].torrent
2021-03-21 19:07 - 2021-03-21 19:07 - 000064913 _____ C:\Users\Charlie\Downloads\Raya.and.the.Last.Dragon.2021.2160p.DSNP.WEB-DL.x265.10bit.HDR.DDP5.1-NOGRP-[rarbg.to].torrent
2021-03-21 19:05 - 2021-03-21 19:05 - 000023935 _____ C:\Users\Charlie\Downloads\D61ABDBD6A17D5FA2F116078A2FA20F02B07AF8F.torrent
2021-03-21 18:33 - 2021-03-21 18:33 - 000283695 _____ C:\Users\Charlie\Downloads\SherwinWilliams (1).calibz
2021-03-21 18:19 - 2021-03-21 18:19 - 012826024 _____ C:\Users\Charlie\Downloads\BonusGroupedDiningRooms.calibz
2021-03-21 18:19 - 2021-03-21 18:19 - 012826024 _____ C:\Users\Charlie\Downloads\BonusGroupedDiningRooms (1).calibz
2021-03-20 21:40 - 2021-03-20 21:40 - 000236105 _____ C:\Users\Charlie\Downloads\FOUNDATION-PLAN-TATING.pdf
2021-03-20 21:40 - 2021-03-20 21:40 - 000236105 _____ C:\Users\Charlie\Downloads\FOUNDATION-PLAN-TATING (2).pdf
2021-03-20 21:40 - 2021-03-20 21:40 - 000236105 _____ C:\Users\Charlie\Downloads\FOUNDATION-PLAN-TATING (1).pdf
2021-03-20 21:31 - 2021-03-20 21:27 - 000236105 ____T C:\Users\Charlie\Desktop\FOUNDATION PLAN TATING.pdf
2021-03-20 21:30 - 2021-03-20 21:30 - 000026240 _____ C:\Users\Charlie\Downloads\The.Falcon.and.The.Winter.Soldier.S01E01.New.World.Order.REPACK.1080p.DSNP.WEBRip.DDP5.1.x264-TOMMY[rartv]-[rarbg.to].torrent
2021-03-20 19:50 - 2021-03-20 19:56 - 002440841 _____ C:\Users\Charlie\Desktop\house plan reverse.plan
2021-03-20 17:03 - 2021-03-20 17:03 - 002437781 _____ C:\Users\Charlie\Desktop\Untitled 1.plan
2021-03-20 15:05 - 2021-03-20 15:05 - 000001103 _____ C:\Users\Charlie\Desktop\Lumion 10 (2).lnk
2021-03-20 14:59 - 2021-03-20 14:59 - 000000387 _____ C:\Users\Charlie\Desktop\Lumion 10.5.1.lnk
2021-03-20 14:42 - 2021-03-20 14:42 - 000047528 _____ C:\Users\Charlie\Downloads\Lumion Pro 10.5.1 [BCG team] Portable x64 [2020, ENG + RUS] [rutracker-5969697] (2).torrent
2021-03-20 14:34 - 2021-03-20 14:34 - 127850673 _____ C:\Users\Charlie\Desktop\Ging Apartment.dae
2021-03-19 13:56 - 2021-03-19 18:43 - 003026934 _____ C:\Users\Charlie\Desktop\rOOF dECK.plan
2021-03-18 22:56 - 2021-03-24 01:40 - 000000000 ____D C:\ProgramData\Riot Games
2021-03-18 22:56 - 2021-03-18 22:56 - 000000000 ___DC C:\Users\Charlie\Documents\League of Legends
2021-03-18 22:56 - 2021-03-18 22:56 - 000000000 ____D C:\Users\Charlie\AppData\Local\Riot Games
2021-03-18 22:36 - 2021-03-25 12:45 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-03-18 22:36 - 2021-03-18 22:36 - 073106216 _____ (Garena) C:\Users\Charlie\Downloads\Garena-v2.0.exe
2021-03-18 22:36 - 2021-03-18 22:36 - 000003484 _____ C:\WINDOWS\system32\Tasks\gxx speed launcher
2021-03-18 22:36 - 2021-03-18 22:36 - 000001167 _____ C:\ProgramData\Desktop\Garena.lnk
2021-03-18 22:36 - 2021-03-18 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
2021-03-18 22:36 - 2021-03-18 22:36 - 000000000 ____D C:\ProgramData\Garena
2021-03-18 22:36 - 2021-03-18 22:36 - 000000000 ____D C:\Program Files (x86)\Garena
2021-03-18 18:30 - 2021-03-18 18:57 - 002967316 _____ C:\Users\Charlie\Desktop\Caffee shop.plan
2021-03-18 15:50 - 2021-03-18 15:50 - 010616767 _____ C:\Users\Charlie\Desktop\New House plan.plan
2021-03-17 22:59 - 2021-03-17 22:59 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-03-17 22:59 - 2021-03-17 22:59 - 000000000 ____D C:\Program Files\MSBuild
2021-03-17 22:59 - 2021-03-17 22:59 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-03-17 22:59 - 2021-03-17 22:59 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-03-17 22:58 - 2021-03-17 22:58 - 000000000 ____D C:\Users\Charlie\AppData\Local\CrashRpt
2021-03-17 22:56 - 2021-03-17 22:56 - 000002097 _____ C:\Users\Charlie\Desktop\MY.GAMES GameCenter.lnk
2021-03-17 22:56 - 2021-03-17 22:56 - 000000286 _____ C:\Users\Charlie\Desktop\Armored Warfare.url
2021-03-17 22:56 - 2021-03-17 22:56 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2021-03-17 22:55 - 2021-03-25 15:32 - 000000000 ____D C:\Users\Charlie\AppData\Local\GameCenter
2021-03-17 22:54 - 2021-03-17 22:55 - 012637384 _____ C:\Users\Charlie\Downloads\ArmoredWarfareMycomLoader_811d255e05304e9ec1582e54aa984e55_A_en.exe
2021-03-17 21:04 - 2021-03-17 21:04 - 000000000 ____D C:\ProgramData\SWCUTemp
2021-03-17 21:01 - 2021-03-17 21:01 - 000003958 _____ C:\WINDOWS\system32\Tasks\SafeZone scheduled Autoupdate 1615986071
2021-03-17 21:01 - 2021-03-17 21:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-03-17 21:01 - 2021-03-17 21:01 - 000000000 ____D C:\Program Files\Common Files\avast software
2021-03-17 21:00 - 2021-03-17 21:00 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-03-17 20:58 - 2021-03-24 16:32 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-17 20:15 - 2021-03-17 20:41 - 288123542 _____ C:\Users\Charlie\Downloads\Avast! Pro Antivirus 17.2.3419.0 [CrackingPatching.com].zip
2021-03-17 20:04 - 2021-03-17 20:06 - 000150043 ____C C:\Users\Charlie\Documents\class sched.pdf
2021-03-17 20:03 - 2021-03-17 20:06 - 000015318 _____ C:\Users\Charlie\Documents\class sched.xlsx
2021-03-17 19:27 - 2021-03-17 19:57 - 000014911 _____ C:\Users\Charlie\Downloads\tf00000002.xlsx
2021-03-17 19:13 - 2021-03-17 20:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-03-17 19:13 - 2021-03-17 19:13 - 000000000 ____D C:\Program Files\Common Files\AV
2021-03-17 18:43 - 2021-03-24 16:32 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2021-03-17 18:43 - 2021-03-17 21:03 - 000000000 ____D C:\ProgramData\Norton
2021-03-17 18:43 - 2021-03-17 20:11 - 000000000 ____D C:\ProgramData\NortonInstaller
2021-03-17 18:42 - 2021-03-17 18:42 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\Trimble Connect for SketchUp
2021-03-17 18:40 - 2021-03-17 18:40 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\SketchUp
2021-03-17 18:40 - 2021-03-17 18:40 - 000000000 ____D C:\Users\Charlie\AppData\Local\SketchUp
2021-03-17 18:40 - 2021-03-17 18:40 - 000000000 ____D C:\ProgramData\Reprise
2021-03-17 18:39 - 2021-03-17 18:39 - 000001219 _____ C:\ProgramData\Desktop\Style Builder 2021.lnk
2021-03-17 18:39 - 2021-03-17 18:39 - 000001145 _____ C:\ProgramData\Desktop\LayOut 2021.lnk
2021-03-17 18:39 - 2021-03-17 18:39 - 000001052 _____ C:\ProgramData\Desktop\SketchUp Pro 2021.lnk
2021-03-17 18:39 - 2021-03-17 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2021
2021-03-17 18:38 - 2021-03-17 18:38 - 000000000 ____D C:\ProgramData\SketchUp
2021-03-17 18:38 - 2021-03-17 18:38 - 000000000 ____D C:\Program Files\SketchUp
2021-03-17 18:33 - 2021-03-17 18:33 - 000020472 _____ C:\Users\Charlie\Downloads\Norton Security v22.17.1.50 Final [2019, Ml Rus] [rutracker-5434498].torrent
2021-03-17 18:29 - 2021-03-17 18:29 - 000011418 _____ C:\Users\Charlie\Downloads\SketchUp Pro 2021 21.0.339 RePack by KpoJIuK [2020, Ru En] [rutracker-5971777].torrent
2021-03-17 15:32 - 2021-03-16 23:39 - 000000000 ____D C:\Windows.old
2021-03-17 15:30 - 2021-03-17 15:32 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-03-17 15:29 - 2021-03-17 15:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-03-17 13:52 - 2021-03-17 13:52 - 000050546 ____C C:\Users\Charlie\AppData\LocalLow\sqlite3.dll
2021-03-17 13:49 - 2021-03-17 20:11 - 000003616 _____ C:\WINDOWS\system32\Tasks\Maintenance
2021-03-17 13:47 - 2021-03-17 13:47 - 000000000 ___HD C:\Users\Charlie\AppData\Local\z_Charlie
2021-03-17 13:34 - 2021-03-17 13:45 - 000003356 _____ C:\WINDOWS\system32\Tasks\PYsVqxspwxwBOp
2021-03-17 13:34 - 2021-03-17 13:45 - 000003034 _____ C:\WINDOWS\system32\Tasks\ikRBDsOoYuyjwwfgC2
2021-03-17 13:34 - 2021-03-17 13:45 - 000003026 _____ C:\WINDOWS\system32\Tasks\tVEiFoZJkyKQCDgGnBK2
2021-03-17 13:34 - 2021-03-17 13:45 - 000003008 _____ C:\WINDOWS\system32\Tasks\uKxrgSqgiFmHQYx2
2021-03-17 13:33 - 2021-03-17 13:43 - 000005384 __RSH C:\ProgramData\ntuser.pol
2021-03-17 13:30 - 2021-03-25 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-03-17 13:29 - 2021-03-25 12:39 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\Lavasoft
2021-03-17 13:29 - 2021-03-25 12:39 - 000000000 ____D C:\Users\Charlie\AppData\Local\Lavasoft
2021-03-17 13:29 - 2021-03-25 12:39 - 000000000 ____D C:\ProgramData\Lavasoft
2021-03-17 13:29 - 2021-03-25 12:39 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-03-17 12:18 - 2021-03-17 12:18 - 085765330 _____ C:\Users\Charlie\Downloads\10000000_204999424706977_6402975588912706586_n.mp4
2021-03-17 11:13 - 2021-03-25 12:35 - 000000000 ___DC C:\Users\Charlie\AppData\Local\CrashDumps
2021-03-17 11:12 - 2021-03-17 11:12 - 127203936 _____ (NVIDIA Corporation New) C:\Users\Charlie\Downloads\GeForce_Experience_v3.21.0.36 (1).exe
2021-03-17 09:39 - 2021-03-17 12:00 - 000000000 ____D C:\Program Files\rempl
2021-03-17 09:39 - 2021-03-16 19:33 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2021-03-17 09:39 - 2021-03-16 19:17 - 000000000 ____D C:\Program Files\CUAssistant
2021-03-17 09:39 - 2021-03-16 18:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-17 09:38 - 2021-03-17 09:38 - 001997752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438813.dll
2021-03-17 09:38 - 2021-03-17 09:38 - 001682544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438813.dll
2021-03-17 09:23 - 2021-03-17 09:23 - 001545207 _____ C:\Users\Charlie\Downloads\DDUv120-Guru3D.com].exe
2021-03-17 09:23 - 2014-02-05 02:30 - 003087360 _____ C:\Users\Charlie\Downloads\Display Driver Uninstaller.exe
2021-03-17 09:23 - 2014-02-05 02:30 - 000165376 _____ C:\Users\Charlie\Downloads\Display Driver Uninstaller.pdb
2021-03-17 09:23 - 2014-02-05 02:30 - 000001071 _____ C:\Users\Charlie\Downloads\Display Driver Uninstaller.exe.config
2021-03-17 09:23 - 2014-01-22 04:27 - 000000000 ____D C:\Users\Charlie\Downloads\settings
2021-03-17 08:26 - 2021-03-17 08:36 - 633521152 _____ (NVIDIA Corporation) C:\Users\Charlie\Downloads\461.09-desktop-win10-64bit-international-whql.exe
2021-03-17 08:25 - 2021-03-17 08:39 - 661510840 _____ (NVIDIA Corporation) C:\Users\Charlie\Downloads\461.09-desktop-win10-64bit-international-dch-whql.exe
2021-03-17 08:18 - 2021-03-17 08:20 - 659692872 _____ (NVIDIA Corporation) C:\Users\Charlie\Downloads\461.72-desktop-win10-64bit-international-nsd-dch-whql (1).exe
2021-03-17 08:18 - 2021-03-17 08:18 - 010616830 _____ (NVIDIA Corporation) C:\Users\Charlie\Downloads\461.72-desktop-win10-64bit-international-dch-whql (1).exe.8qv5ld8 (1).partial
2021-03-17 08:16 - 2021-03-17 08:17 - 659692872 _____ (NVIDIA Corporation) C:\Users\Charlie\Downloads\461.72-desktop-win10-64bit-international-nsd-dch-whql.exe
2021-03-17 08:10 - 2021-03-17 08:10 - 000002606 _____ C:\Users\Charlie\Desktop\Publisher 2013.lnk
2021-03-17 08:10 - 2010-12-06 10:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2021-03-17 08:09 - 2021-03-17 08:09 - 000002660 _____ C:\Users\Charlie\Desktop\Word 2013.lnk
2021-03-17 08:09 - 2021-03-17 08:09 - 000002638 _____ C:\Users\Charlie\Desktop\PowerPoint 2013.lnk
2021-03-17 08:09 - 2021-03-17 08:09 - 000002632 _____ C:\Users\Charlie\Desktop\Excel 2013.lnk
2021-03-17 08:09 - 2021-03-16 23:04 - 000002535 _____ C:\Users\Charlie\Desktop\Outlook 2013.lnk
2021-03-17 08:08 - 2021-03-17 02:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-03-17 08:07 - 2021-03-17 08:07 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-03-17 07:51 - 2021-03-17 07:51 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\WinRAR
2021-03-17 07:48 - 2021-03-17 07:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-17 07:46 - 2021-03-17 15:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2021-03-17 07:46 - 2021-03-17 07:46 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2021-03-17 07:46 - 2021-03-17 07:46 - 000002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2021-03-17 07:46 - 2021-03-17 07:46 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2021-03-17 07:46 - 2021-03-17 07:46 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2021-03-17 07:46 - 2021-03-17 07:46 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2021-03-17 07:46 - 2021-03-17 07:46 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2021-03-17 07:46 - 2021-03-17 07:46 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2021-03-17 07:46 - 2021-03-17 07:46 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2021-03-17 07:46 - 2021-03-17 07:46 - 000002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2021-03-17 07:46 - 2021-03-17 07:46 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-03-17 07:45 - 2021-03-17 07:45 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2021-03-17 07:45 - 2021-03-17 07:45 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-03-17 07:44 - 2021-03-17 08:06 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-17 07:44 - 2021-03-17 07:44 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2021-03-17 07:44 - 2021-03-17 07:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2021-03-17 07:43 - 2021-03-17 07:43 - 000000000 __RHD C:\MSOCache
2021-03-17 07:43 - 2021-03-17 07:43 - 000000000 ___DC C:\Users\Charlie\AppData\Local\Microsoft Help
2021-03-17 07:41 - 2021-03-17 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-17 07:41 - 2021-03-17 07:41 - 000000000 ____D C:\Program Files\WinRAR
2021-03-17 07:41 - 2021-03-16 23:37 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-17 07:40 - 2021-03-17 07:40 - 438566912 _____ (NVIDIA Corporation) C:\Users\Charlie\Downloads\Unconfirmed 585389.crdownload
2021-03-17 07:38 - 2018-06-22 19:19 - 000018016 _____ (BIOSTAR Group) C:\WINDOWS\system32\Drivers\BSMEM64_W10.sys
2021-03-17 07:38 - 2018-06-22 19:19 - 000017504 _____ (BIOSTAR Group) C:\WINDOWS\system32\Drivers\SMIBIOS64_W10.sys
2021-03-17 07:31 - 2021-03-17 07:34 - 631936536 _____ (NVIDIA Corporation) C:\Users\Charlie\Downloads\461.72-desktop-win10-64bit-international-whql.exe
2021-03-17 07:29 - 2021-03-17 07:29 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\Macromedia
2021-03-17 07:29 - 2021-03-17 07:29 - 000000000 ____D C:\NVIDIA
2021-03-17 07:27 - 2021-03-17 07:27 - 440467456 _____ (NVIDIA Corporation) C:\Users\Charlie\Downloads\Unconfirmed 121872.crdownload
2021-03-17 07:11 - 2021-03-17 07:11 - 000001635 _____ C:\Users\Charlie\Desktop\RAIDXpert2 Help.lnk
2021-03-17 07:11 - 2021-03-17 07:11 - 000000151 _____ C:\Users\Charlie\Desktop\RAIDXpert2.url
2021-03-17 07:11 - 2021-03-17 07:11 - 000000000 ___HD C:\Users\Charlie\InstallAnywhere
2021-03-17 07:11 - 2021-03-17 07:11 - 000000000 ___HD C:\Program Files (x86)\Zero G Registry
2021-03-17 07:11 - 2021-03-17 07:11 - 000000000 ____D C:\Program Files (x86)\RAIDXpert2
2021-03-17 07:11 - 2021-03-16 23:37 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD-RAID
2021-03-17 07:10 - 2021-03-23 21:47 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-17 07:10 - 2021-03-17 07:10 - 000000000 ___DC C:\Users\Charlie\AppData\Local\RadeonInstaller
2021-03-17 07:10 - 2021-03-17 07:10 - 000000000 ____D C:\Program Files\AMD
2021-03-17 07:10 - 2021-03-17 07:10 - 000000000 ____D C:\Program Files (x86)\AMD
2021-03-17 07:10 - 2019-10-01 08:34 - 000045832 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio2.sys
2021-03-17 07:10 - 2019-05-30 18:45 - 000032760 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AMDPCIDev.sys
2021-03-17 07:10 - 2019-04-19 06:14 - 000024528 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio3.sys
2021-03-17 07:09 - 2021-03-17 07:27 - 659528888 _____ (NVIDIA Corporation) C:\Users\Charlie\Downloads\461.72-desktop-win10-64bit-international-dch-whql.exe
2021-03-17 07:05 - 2021-03-17 07:08 - 534456638 _____ C:\Users\Charlie\Downloads\vga_install_RV.zip
2021-03-17 07:05 - 2021-03-17 07:07 - 273620992 _____ C:\Users\Charlie\Downloads\HD8255.exe
2021-03-17 07:05 - 2021-03-17 07:06 - 183952295 _____ C:\Users\Charlie\Downloads\Chipset_RV.zip
2021-03-17 07:05 - 2021-03-17 07:06 - 098246251 _____ C:\Users\Charlie\Downloads\RAIDXpert2_BR_WIN10.zip
2021-03-17 07:05 - 2021-03-17 07:05 - 000378053 _____ C:\Users\Charlie\Downloads\WIN10x64_F6.zip
2021-03-17 07:04 - 2021-03-17 07:04 - 016777216 _____ C:\Users\Charlie\Downloads\A32ESB05 (1).BSS
2021-03-17 07:04 - 2021-03-17 07:04 - 000001862 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BIOS Update.lnk
2021-03-17 07:04 - 2021-03-17 07:04 - 000001850 _____ C:\ProgramData\Desktop\BIOS Update.lnk
2021-03-17 07:04 - 2021-03-17 07:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-03-17 07:04 - 2021-03-17 07:04 - 000000000 ____D C:\Program Files (x86)\BIOS Update
2021-03-17 07:03 - 2021-03-17 07:04 - 009699348 _____ C:\Users\Charlie\Downloads\biosupdate.zip
2021-03-17 06:57 - 2021-03-22 13:55 - 000000000 ____D C:\Program Files\Google
2021-03-17 06:57 - 2021-03-16 23:39 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-17 06:57 - 2021-03-16 23:39 - 000002206 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-17 06:56 - 2021-03-17 07:08 - 000000000 ___DC C:\Users\Charlie\AppData\Local\Google
2021-03-17 06:56 - 2021-03-17 06:56 - 001304160 _____ (Google LLC) C:\Users\Charlie\Downloads\ChromeSetup.exe
2021-03-17 06:56 - 2021-03-17 06:56 - 000000000 ____D C:\Program Files (x86)\Google
2021-03-17 06:55 - 2021-03-17 06:56 - 016777216 _____ C:\Users\Charlie\Downloads\A32ESB05.BSS
2021-03-17 06:54 - 2021-03-17 06:54 - 014177119 _____ C:\Users\Charlie\Downloads\AA32E-M4S.zip
2021-03-17 06:48 - 2021-03-17 06:48 - 000043400 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\SET3EC3.tmp
2021-03-17 06:47 - 2021-03-17 08:18 - 010616830 _____ (NVIDIA Corporation) C:\Users\Charlie\Downloads\461.72-desktop-win10-64bit-international-dch-whql (1).exe.8qv5ld8.partial
2021-03-17 06:46 - 2021-03-17 15:30 - 000000000 ____D C:\Program Files\Realtek
2021-03-17 06:46 - 2021-03-17 06:46 - 072520680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2021-03-17 06:46 - 2021-03-17 06:46 - 016370072 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-03-17 06:46 - 2021-03-17 06:46 - 007178432 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 006114248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-03-17 06:46 - 2021-03-17 06:46 - 005804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2021-03-17 06:46 - 2021-03-17 06:46 - 003691368 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 003677120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2021-03-17 06:46 - 2021-03-17 06:46 - 003452120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 003417976 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 003306784 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 003223832 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 003214672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 003128768 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 002930632 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 002197944 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001787920 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001598360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001516224 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001435104 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001382200 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001353288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001340352 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001337600 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001268984 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001204344 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001133552 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001037040 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 001000624 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000994640 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000964992 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000873424 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000852104 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000751264 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000734736 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000715616 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000714424 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000692128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000604760 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000541080 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000511608 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000483808 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundService64.exe
2021-03-17 06:46 - 2021-03-17 06:46 - 000467120 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000453240 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000452704 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000448568 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000447144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000416472 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000406416 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000392840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000381376 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000378352 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000366080 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000360304 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000343672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000341112 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000341112 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000327240 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000327232 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000266512 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000261200 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000261168 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000260176 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000231880 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000230672 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000220352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000218240 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000203808 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000192944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000190896 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000190888 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000179560 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000174904 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000169481 _____ C:\WINDOWS\system32\ICEsoundService.bin
2021-03-17 06:46 - 2021-03-17 06:46 - 000158664 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000157312 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000154328 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000139720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000116504 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000093872 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000090880 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000090136 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000088288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000083592 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000075504 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2021-03-17 06:46 - 2021-03-17 06:46 - 000023656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2021-03-17 06:46 - 2021-03-16 23:35 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-03-17 06:46 - 2021-03-16 23:35 - 000000000 ____D C:\WINDOWS\system32\DAX3
2021-03-17 06:46 - 2021-03-16 23:35 - 000000000 ____D C:\WINDOWS\system32\DAX2
2021-03-17 06:45 - 2021-03-17 06:45 - 007101704 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 006270152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 005346952 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 002444648 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 001971336 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 001965120 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 001544216 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 001448744 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOv251gm.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 001372352 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 001259696 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 001164584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOvlldpgm.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 001159152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 000367576 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 000332976 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 000315944 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 000278232 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 000122280 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 000118560 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2021-03-17 06:45 - 2021-03-17 06:45 - 000105272 _____ C:\WINDOWS\system32\audioLibVc.dll
2021-03-17 06:39 - 2021-03-17 06:39 - 027394045 _____ (NVIDIA Corporation) C:\Users\Charlie\Downloads\461.72-desktop-win10-64bit-international-dch-whql.exe.udec1dm.partial
2021-03-17 06:37 - 2021-03-17 06:56 - 000000000 ___DC C:\Users\Charlie\AppData\Local\MicrosoftEdge
2021-03-17 06:35 - 2021-03-17 06:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-03-17 06:35 - 2021-03-16 23:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-03-17 06:35 - 2021-03-16 23:44 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-03-17 06:34 - 2021-03-17 06:34 - 001985112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439135.dll
2021-03-17 06:34 - 2021-03-17 06:34 - 001683712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439135.dll
2021-03-17 06:34 - 2021-03-11 13:13 - 000061257 _____ C:\WINDOWS\system32\nvinfo.pb
2021-03-17 06:10 - 2021-03-17 09:26 - 518265076 _____ C:\WINDOWS\MEMORY.DMP
2021-03-17 06:08 - 2021-03-17 06:08 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-03-17 02:48 - 2021-03-20 21:51 - 000000000 ____D C:\Users\Charlie\AppData\Local\PlaceholderTileLogoFolder
2021-03-17 02:42 - 2021-03-17 02:42 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-17 02:42 - 2021-03-17 02:42 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-03-17 02:42 - 2021-03-17 02:42 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-03-17 02:42 - 2021-03-17 02:42 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-03-17 02:42 - 2021-03-17 02:42 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-17 02:42 - 2021-03-17 02:42 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-03-17 02:42 - 2021-03-17 02:42 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-03-17 02:42 - 2021-03-17 02:42 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-03-17 02:42 - 2021-03-17 02:42 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-03-17 02:42 - 2021-03-17 02:42 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-03-17 02:42 - 2021-03-17 02:42 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-03-17 02:42 - 2021-03-17 02:42 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-03-17 02:42 - 2021-03-17 02:42 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-03-17 02:42 - 2021-03-17 02:42 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-03-17 02:42 - 2021-03-17 02:42 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-03-17 02:42 - 2021-03-17 02:42 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-03-17 02:42 - 2021-03-17 02:42 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-03-17 02:42 - 2021-03-17 02:42 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-17 02:41 - 2021-03-17 02:41 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-17 02:41 - 2021-03-17 02:41 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-17 02:41 - 2021-03-17 02:41 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-17 02:41 - 2021-03-17 02:41 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-17 02:41 - 2021-03-17 02:41 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-03-17 02:41 - 2021-03-17 02:41 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-03-17 02:41 - 2021-03-17 02:41 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-03-17 02:41 - 2021-03-17 02:41 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-03-17 02:41 - 2021-03-17 02:41 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-03-17 02:41 - 2021-03-17 02:41 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-03-17 02:41 - 2021-03-17 02:41 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-03-17 02:41 - 2021-03-17 02:41 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-03-17 02:41 - 2021-03-17 02:41 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-03-17 02:41 - 2021-03-17 02:41 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-03-17 02:41 - 2021-03-17 02:41 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-03-17 02:41 - 2021-03-17 02:41 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-17 02:41 - 2021-03-17 02:41 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-03-17 02:41 - 2021-03-17 02:41 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-03-17 02:41 - 2021-03-17 02:41 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-03-17 02:41 - 2021-03-17 02:41 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-17 02:41 - 2021-03-17 02:41 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-03-17 02:41 - 2021-03-17 02:41 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-03-17 02:40 - 2021-03-17 02:40 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-17 02:40 - 2021-03-17 02:40 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-03-17 02:40 - 2021-03-17 02:40 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-03-17 02:40 - 2021-03-17 02:40 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-17 02:40 - 2021-03-17 02:40 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-03-17 02:40 - 2021-03-17 02:40 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-03-17 02:40 - 2021-03-17 02:40 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-03-17 02:40 - 2021-03-17 02:40 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-03-17 02:40 - 2021-03-17 02:40 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-03-17 02:40 - 2021-03-17 02:40 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-03-17 02:40 - 2021-03-17 02:40 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-03-17 02:33 - 2021-03-17 02:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-17 02:15 - 2021-03-17 02:15 - 000000000 ___DC C:\Users\Charlie\Documents\Custom Office Templates
2021-03-17 02:05 - 2021-03-17 02:05 - 000000000 ____D C:\WINDOWS\PCHEALTH
2021-03-17 01:56 - 2021-03-17 01:56 - 000000000 ___HD C:\$WinREAgent
2021-03-17 01:35 - 2021-03-17 01:35 - 000000000 ____D C:\Users\Charlie\AppData\Local\PeerDistRepub
2021-03-17 01:19 - 2021-03-17 22:02 - 007948112 _____ C:\Users\Charlie\Desktop\jean b 8.plan
2021-03-17 00:25 - 2021-03-17 00:26 - 196844814 _____ C:\Users\Charlie\Downloads\Mohawk.calibz
2021-03-17 00:25 - 2021-03-17 00:25 - 053976610 _____ C:\Users\Charlie\Downloads\StrataStones.calibz
2021-03-17 00:25 - 2021-03-17 00:25 - 033139960 _____ C:\Users\Charlie\Downloads\BonusHomeFitness.calibz
2021-03-17 00:25 - 2021-03-17 00:25 - 002604348 _____ C:\Users\Charlie\Downloads\Trex.calibz
2021-03-17 00:24 - 2021-03-17 00:25 - 297101300 _____ C:\Users\Charlie\Downloads\Warner.calibz
2021-03-17 00:24 - 2021-03-17 00:25 - 061432308 _____ C:\Users\Charlie\Downloads\Wilsonart.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 244914310 _____ C:\Users\Charlie\Downloads\MutualMaterials.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 035494854 _____ C:\Users\Charlie\Downloads\MercuryMosaics.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 032651700 _____ C:\Users\Charlie\Downloads\Vadara.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 018591457 _____ C:\Users\Charlie\Downloads\OwensCorning.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 018126385 _____ C:\Users\Charlie\Downloads\PentalQuartz.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 015262511 _____ C:\Users\Charlie\Downloads\MetroQuartz.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 012226660 _____ C:\Users\Charlie\Downloads\LandmarkMetalcoat.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 010874323 _____ C:\Users\Charlie\Downloads\Sensa.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 006677552 _____ C:\Users\Charlie\Downloads\Vetrazzo.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 001857753 _____ C:\Users\Charlie\Downloads\Zodiaq.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 001028093 _____ C:\Users\Charlie\Downloads\Resene.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 000283695 _____ C:\Users\Charlie\Downloads\SherwinWilliams.calibz
2021-03-17 00:24 - 2021-03-17 00:24 - 000014080 _____ C:\Users\Charlie\Downloads\Minwax.calibz
2021-03-17 00:23 - 2021-03-17 00:23 - 050857345 _____ C:\Users\Charlie\Downloads\BonusGrassMats.calibz
2021-03-17 00:23 - 2021-03-17 00:23 - 026334257 _____ C:\Users\Charlie\Downloads\BonusMetalMaterials.calibz
2021-03-17 00:23 - 2021-03-17 00:23 - 008975035 _____ C:\Users\Charlie\Downloads\BonusCrushedGlass.calibz
2021-03-17 00:23 - 2021-03-17 00:23 - 008659774 _____ C:\Users\Charlie\Downloads\BonusTile.calibz
2021-03-17 00:23 - 2021-03-17 00:23 - 003877233 _____ C:\Users\Charlie\Downloads\BonusWireLattice.calibz
2021-03-17 00:23 - 2021-03-17 00:23 - 003236196 _____ C:\Users\Charlie\Downloads\M-Rock.calibz
2021-03-17 00:23 - 2021-03-17 00:23 - 000091661 _____ C:\Users\Charlie\Downloads\BonusLacquerFinish.calibz
2021-03-17 00:22 - 2021-03-17 00:23 - 129508269 _____ C:\Users\Charlie\Downloads\CactusStone.calibz
2021-03-17 00:22 - 2021-03-17 00:23 - 093449526 _____ C:\Users\Charlie\Downloads\Cambria.calibz
2021-03-17 00:22 - 2021-03-17 00:23 - 063375547 _____ C:\Users\Charlie\Downloads\EmserTile.calibz
2021-03-17 00:22 - 2021-03-17 00:23 - 053966949 _____ C:\Users\Charlie\Downloads\DiamondKote.calibz
2021-03-17 00:22 - 2021-03-17 00:23 - 047953854 _____ C:\Users\Charlie\Downloads\EldoradoStone.calibz
2021-03-17 00:22 - 2021-03-17 00:23 - 043449148 _____ C:\Users\Charlie\Downloads\Formica.calibz
2021-03-17 00:22 - 2021-03-17 00:23 - 007856086 _____ C:\Users\Charlie\Downloads\IceStone.calibz
2021-03-17 00:22 - 2021-03-17 00:22 - 026668966 _____ C:\Users\Charlie\Downloads\Dekton.calibz
2021-03-17 00:22 - 2021-03-17 00:22 - 023912899 _____ C:\Users\Charlie\Downloads\Bradbury.calibz
2021-03-17 00:22 - 2021-03-17 00:22 - 019012145 _____ C:\Users\Charlie\Downloads\CulturedStone.calibz
2021-03-17 00:22 - 2021-03-17 00:22 - 017599677 _____ C:\Users\Charlie\Downloads\CaesarStone.calibz
2021-03-17 00:22 - 2021-03-17 00:22 - 015559048 _____ C:\Users\Charlie\Downloads\DalTile.calibz
2021-03-17 00:21 - 2021-03-17 00:23 - 297645145 _____ C:\Users\Charlie\Downloads\BuechelStone.calibz
2021-03-17 00:21 - 2021-03-17 00:21 - 091557312 _____ C:\Users\Charlie\Downloads\ArmstrongFlooring.calibz
2021-03-17 00:21 - 2021-03-17 00:21 - 001212053 _____ C:\Users\Charlie\Downloads\BenjaminMoore.calibz
2021-03-17 00:21 - 2021-03-17 00:21 - 000273039 _____ C:\Users\Charlie\Downloads\Behr.calibz
2021-03-17 00:20 - 2021-03-17 00:21 - 200796663 _____ C:\Users\Charlie\Downloads\Viking.calibz
2021-03-17 00:20 - 2021-03-17 00:21 - 086697211 _____ C:\Users\Charlie\Downloads\Wolf.calibz
2021-03-17 00:20 - 2021-03-17 00:20 - 061147476 _____ C:\Users\Charlie\Downloads\SubZero.calibz
2021-03-17 00:20 - 2021-03-17 00:20 - 029706369 _____ C:\Users\Charlie\Downloads\TheGalley.calibz
2021-03-17 00:20 - 2021-03-17 00:20 - 026286728 _____ C:\Users\Charlie\Downloads\Thermador.calibz
2021-03-17 00:19 - 2021-03-17 00:24 - 1682276241 _____ C:\Users\Charlie\Downloads\Kohler.calibz
2021-03-17 00:19 - 2021-03-17 00:19 - 121235655 _____ C:\Users\Charlie\Downloads\GE.calibz
2021-03-17 00:19 - 2021-03-17 00:19 - 070688784 _____ C:\Users\Charlie\Downloads\Brizo.calibz
2021-03-17 00:19 - 2021-03-17 00:19 - 035455450 _____ C:\Users\Charlie\Downloads\JennAir.calibz
2021-03-17 00:19 - 2021-03-17 00:19 - 028031255 _____ C:\Users\Charlie\Downloads\Gaggenau.calibz
2021-03-17 00:19 - 2021-03-17 00:19 - 025793309 _____ C:\Users\Charlie\Downloads\Miele.calibz
2021-03-17 00:19 - 2021-03-17 00:19 - 002094467 _____ C:\Users\Charlie\Downloads\InvisiaCollection.calibz
2021-03-17 00:19 - 2021-03-17 00:19 - 001090215 _____ C:\Users\Charlie\Downloads\Elkay.calibz
2021-03-17 00:18 - 2021-03-17 00:18 - 004220342 _____ C:\Users\Charlie\Downloads\BonusSeating.calibz
2021-03-17 00:17 - 2021-03-17 00:17 - 004976028 _____ C:\Users\Charlie\Downloads\BonusGroupedBathrooms.calibz
2021-03-17 00:17 - 2021-03-17 00:17 - 001343870 _____ C:\Users\Charlie\Downloads\BonusEnergySources.calibz
2021-03-17 00:16 - 2021-03-17 00:16 - 009743773 _____ C:\Users\Charlie\Downloads\Azek_Building_Products.calibz
2021-03-17 00:16 - 2021-03-17 00:16 - 000751937 _____ C:\Users\Charlie\Downloads\ArcwaysBalusters.calibz
2021-03-17 00:16 - 2021-03-17 00:16 - 000145146 _____ C:\Users\Charlie\Downloads\NewEnglandClassic.calibz
2021-03-17 00:16 - 2021-03-17 00:16 - 000043430 _____ C:\Users\Charlie\Downloads\WindsorONE.calibz
2021-03-17 00:15 - 2021-03-17 00:18 - 2059558574 _____ C:\Users\Charlie\Downloads\Wayfair.calibz
2021-03-17 00:15 - 2021-03-17 00:15 - 004590592 _____ C:\Users\Charlie\Downloads\BonusTables.calibz
2021-03-17 00:14 - 2021-03-17 00:14 - 054005020 _____ C:\Users\Charlie\Downloads\BonusGroupedLivingRooms.calibz
2021-03-17 00:14 - 2021-03-17 00:14 - 042003324 _____ C:\Users\Charlie\Downloads\BonusGroupedFurniture.calibz
2021-03-17 00:14 - 2021-03-17 00:14 - 034084184 _____ C:\Users\Charlie\Downloads\BonusGroupedBedrooms.calibz
2021-03-17 00:14 - 2021-03-17 00:14 - 023143353 _____ C:\Users\Charlie\Downloads\BonusGroupedKidsRooms.calibz
2021-03-17 00:14 - 2021-03-17 00:14 - 020253851 _____ C:\Users\Charlie\Downloads\BonusGroupedOffices.calibz
2021-03-17 00:14 - 2021-03-17 00:14 - 015668186 _____ C:\Users\Charlie\Downloads\BonusGroupedIslands.calibz
2021-03-17 00:14 - 2021-03-17 00:14 - 005750431 _____ C:\Users\Charlie\Downloads\BonusGroupedUtilityRooms.calibz
2021-03-17 00:14 - 2021-03-17 00:14 - 004036665 _____ C:\Users\Charlie\Downloads\BonusBeds.calibz
2021-03-17 00:13 - 2021-03-17 00:13 - 025868434 _____ C:\Users\Charlie\Downloads\BonusGroupedKitchens.calibz
2021-03-17 00:12 - 2021-03-17 00:12 - 050383996 _____ C:\Users\Charlie\Downloads\BonusOutdoorRooms.calibz
2021-03-17 00:12 - 2021-03-17 00:12 - 015733233 _____ C:\Users\Charlie\Downloads\WayneDalton.calibz
2021-03-17 00:12 - 2021-03-17 00:12 - 005782712 _____ C:\Users\Charlie\Downloads\TruStileDoors.calibz
2021-03-17 00:11 - 2021-03-17 00:11 - 005401733 _____ C:\Users\Charlie\Downloads\ThermaTru.calibz
2021-03-17 00:11 - 2021-03-17 00:11 - 000216318 _____ C:\Users\Charlie\Downloads\NanaWall.calibz
2021-03-17 00:10 - 2021-03-17 00:10 - 577870986 _____ C:\Users\Charlie\Downloads\WineRacksAmerica.calibz
2021-03-16 23:55 - 2021-03-17 10:05 - 000000000 ____D C:\Users\Charlie\AppData\Local\Comms
2021-03-16 23:50 - 2021-03-25 09:27 - 000000000 __RDC C:\Users\Charlie\Documents\Chief Architect Premier X12 Data
2021-03-16 23:50 - 2021-03-16 23:50 - 000000000 ____D C:\Users\Charlie\AppData\Local\cache
2021-03-16 23:47 - 2021-03-25 09:27 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\Chief Architect Inc
2021-03-16 23:47 - 2021-03-25 09:08 - 000000000 ____D C:\ProgramData\Chief Architect Premier X12
2021-03-16 23:46 - 2021-03-22 11:33 - 000000000 ___DC C:\Users\Charlie\Documents\Lumion 10.5
2021-03-16 23:46 - 2021-03-22 11:33 - 000000000 ____D C:\Users\Charlie\AppData\Local\Lumion 10.5
2021-03-16 23:45 - 2021-03-24 16:38 - 000000000 ____D C:\Users\Charlie\AppData\Local\D3DSCache
2021-03-16 23:45 - 2021-03-22 11:53 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\Quest3D
2021-03-16 23:45 - 2021-03-17 00:45 - 000000000 ____D C:\Users\Charlie\AppData\Local\Chief Architect Premier X12
2021-03-16 23:45 - 2021-03-16 23:45 - 000001439 _____ C:\ProgramData\Desktop\Chief Architect Premier X12 (64 bit).lnk
2021-03-16 23:45 - 2021-03-16 23:45 - 000000016 _____ C:\ProgramData\mntemp
2021-03-16 23:45 - 2021-03-16 23:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chief Architect
2021-03-16 23:45 - 2021-03-16 23:45 - 000000000 ____D C:\ProgramData\lumion_crashpad
2021-03-16 23:45 - 2021-03-16 23:45 - 000000000 ____D C:\ProgramData\Chief Architect Inc
2021-03-16 23:45 - 2021-03-16 23:45 - 000000000 ____D C:\Program Files\Chief Architect
2021-03-16 23:44 - 2021-03-16 23:44 - 000000000 ____D C:\Users\Charlie\ansel
2021-03-16 23:43 - 2021-03-13 14:25 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-16 23:43 - 2021-03-13 14:25 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-16 23:43 - 2021-03-13 14:25 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-16 23:43 - 2021-03-13 14:25 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-16 23:43 - 2021-03-13 14:24 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-16 23:43 - 2021-03-13 14:24 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-03-16 23:43 - 2021-03-13 14:24 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-03-16 23:43 - 2021-03-13 14:24 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-16 23:43 - 2021-03-13 14:24 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-16 23:43 - 2021-03-13 14:24 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-16 23:43 - 2021-03-13 14:22 - 000678688 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-03-16 23:43 - 2021-03-13 14:22 - 000671536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-03-16 23:43 - 2021-03-13 14:22 - 000546064 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-03-16 23:43 - 2021-03-13 14:21 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-03-16 23:43 - 2021-03-13 14:21 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-03-16 23:43 - 2021-03-13 14:21 - 001511216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-03-16 23:43 - 2021-03-13 14:21 - 001163536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-03-16 23:43 - 2021-03-13 14:21 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-03-16 23:43 - 2021-03-13 14:21 - 000655664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-03-16 23:43 - 2021-03-13 14:21 - 000556824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-03-16 23:43 - 2021-03-13 14:20 - 008306448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-03-16 23:43 - 2021-03-13 14:20 - 007429936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-03-16 23:43 - 2021-03-13 14:20 - 004610352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-03-16 23:43 - 2021-03-13 14:20 - 002729776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-03-16 23:43 - 2021-03-13 14:20 - 001730832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446192.dll
2021-03-16 23:43 - 2021-03-13 14:20 - 001490224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446192.dll
2021-03-16 23:43 - 2021-03-13 14:17 - 006075480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-03-16 23:43 - 2021-03-11 13:13 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-03-16 23:39 - 2021-03-25 11:10 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{66E1A40A-9C86-4402-AE1B-6715C6960723}
2021-03-16 23:39 - 2021-03-16 23:39 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-16 23:39 - 2021-03-16 23:39 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-16 23:39 - 2021-03-16 23:39 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-16 23:39 - 2021-03-16 23:39 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-16 23:39 - 2021-03-16 23:39 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-16 23:39 - 2021-03-16 23:39 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-16 23:39 - 2021-03-16 23:39 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-16 23:39 - 2021-03-16 23:39 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-16 23:39 - 2021-03-16 23:39 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-16 23:39 - 2021-03-16 23:39 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-16 23:39 - 2021-03-16 23:39 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-16 23:39 - 2021-03-16 23:39 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-152249054-1485168156-3805921223-1001
2021-03-16 23:39 - 2021-03-16 23:39 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-152249054-1485168156-3805921223-500
2021-03-16 23:39 - 2021-03-16 23:39 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-16 23:39 - 2021-03-16 23:39 - 000000020 ___SH C:\Users\Charlie\ntuser.ini
2021-03-16 23:39 - 2021-03-16 23:39 - 000000000 ___RD C:\Users\Charlie\3D Objects
2021-03-16 23:39 - 2021-03-16 23:39 - 000000000 ____D C:\Users\Charlie\AppData\Local\ConnectedDevicesPlatform
2021-03-16 23:38 - 2021-03-16 23:39 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-03-16 23:38 - 2021-03-16 23:39 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-03-16 23:37 - 2021-03-24 15:43 - 000000000 ____D C:\Users\Charlie
2021-03-16 23:37 - 2019-12-07 17:10 - 000001105 _____ C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-16 23:34 - 2021-03-11 09:17 - 005627760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-03-16 23:34 - 2021-03-11 09:17 - 002635632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-03-16 23:34 - 2021-03-11 09:16 - 009524317 _____ C:\WINDOWS\system32\nvcoproc.bin
2021-03-16 23:34 - 2021-03-11 09:16 - 001758064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-03-16 23:34 - 2021-03-11 09:16 - 000990064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-03-16 23:34 - 2021-03-11 09:16 - 000120176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-03-16 23:34 - 2021-03-11 09:16 - 000082288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-03-16 23:34 - 2019-10-03 06:17 - 000451056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2021-03-16 23:32 - 2021-03-25 12:40 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-16 23:25 - 2021-03-16 23:25 - 000016148 _____ C:\WINDOWS\system32\DESKTOP-U6LECO9_Charlie_HistoryPrediction.bin
2021-03-16 23:17 - 2021-03-16 23:17 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2021-03-16 23:14 - 2021-03-13 14:17 - 007119832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-03-16 23:14 - 2021-03-11 13:13 - 001682376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2021-03-16 23:14 - 2021-03-11 13:13 - 000135592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-03-16 23:09 - 2021-03-17 02:48 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-16 23:03 - 2021-03-16 23:03 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2021-03-16 23:02 - 2021-03-16 23:02 - 000001103 _____ C:\Users\Charlie\Desktop\Lumion 10.lnk
2021-03-16 22:54 - 2021-03-16 23:10 - 000000000 ____D C:\DF_Files
2021-03-16 22:52 - 2021-03-16 22:52 - 000665160 _____ (DriverFix) C:\Users\Charlie\Downloads\driverfixwebdl-8258298761.exe
2021-03-16 22:50 - 2021-03-16 22:50 - 000665160 _____ (DriverFix) C:\Users\Charlie\Downloads\driverfixwebdl-8258294593.exe
2021-03-16 22:44 - 2021-03-16 22:44 - 000000000 ____D C:\Users\Charlie\`
2021-03-16 21:20 - 2021-03-25 15:07 - 000000000 ___DC C:\Users\Charlie\AppData\Local\BitTorrentHelper
2021-03-16 21:15 - 2021-03-16 21:15 - 000047528 _____ C:\Users\Charlie\Downloads\Lumion Pro 10.5.1 [BCG team] Portable x64 [2020, ENG + RUS] [rutracker-5969697] (1).torrent
2021-03-16 21:14 - 2021-03-25 15:39 - 000000000 ___DC C:\Users\Charlie\AppData\Roaming\BitTorrent
2021-03-16 21:14 - 2021-03-16 21:14 - 000047528 _____ C:\Users\Charlie\Downloads\Lumion Pro 10.5.1 [BCG team] Portable x64 [2020, ENG + RUS] [rutracker-5969697].torrent
2021-03-16 21:14 - 2021-03-16 21:14 - 000000918 _____ C:\Users\Charlie\Desktop\BitTorrent.lnk
2021-03-16 21:14 - 2021-03-16 21:14 - 000000898 _____ C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2021-03-16 21:14 - 2021-03-16 21:14 - 000000000 ___DC C:\Users\Charlie\AppData\Local\Adaware
2021-03-16 20:47 - 2021-03-16 20:47 - 000000000 ___DC C:\Users\Charlie\AppData\Local\OneDrive
2021-03-16 19:38 - 2021-03-25 15:08 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-16 19:38 - 2021-03-17 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-03-16 19:38 - 2021-03-17 01:44 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-03-16 19:38 - 2021-03-16 23:45 - 000000000 ___DC C:\Users\Charlie\AppData\Local\NVIDIA
2021-03-16 19:38 - 2021-03-16 23:40 - 000000000 ___DC C:\Users\Charlie\AppData\Local\NVIDIA Corporation
2021-03-16 19:38 - 2021-03-16 19:38 - 000001443 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-03-16 19:38 - 2021-03-16 19:38 - 000000000 ___DC C:\Users\Charlie\AppData\Local\CEF
2021-03-16 19:38 - 2021-01-27 19:17 - 002797808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-03-16 19:38 - 2021-01-27 19:17 - 002154224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-03-16 19:38 - 2021-01-27 19:17 - 001295088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-03-16 19:38 - 2021-01-25 11:38 - 000070896 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-03-16 19:38 - 2021-01-25 11:38 - 000059632 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-03-16 19:38 - 2020-12-02 14:48 - 000169272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2021-03-16 19:38 - 2020-12-02 14:48 - 000145208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2021-03-16 19:38 - 2020-06-11 12:59 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-03-16 19:38 - 2020-03-12 03:26 - 000067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-03-16 19:38 - 2020-03-06 18:03 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2021-03-16 19:38 - 2020-03-04 20:54 - 000050592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-03-16 19:37 - 2021-03-16 19:37 - 127203936 _____ (NVIDIA Corporation New) C:\Users\Charlie\Downloads\GeForce_Experience_v3.21.0.36.exe
2021-03-16 18:13 - 2021-03-16 18:14 - 659528888 _____ (NVIDIA Corporation) C:\Users\Charlie\Downloads\461.72-desktop-win10-64bit-international-dch-whql (1).exe
2021-03-16 14:59 - 2021-03-16 14:59 - 000000000 ___DC C:\Users\Charlie\AppData\Local\ElevatedDiagnostics
2021-03-16 14:57 - 2021-03-16 14:58 - 000000000 ___RD C:\Users\Charlie\OneDrive
2021-03-16 14:56 - 2021-03-23 21:48 - 000000000 ____D C:\Users\Charlie\AppData\Roaming\Adobe
2021-03-16 14:56 - 2021-03-20 21:51 - 000000000 ___DC C:\Users\Charlie\AppData\Local\Packages
2021-03-16 14:56 - 2021-03-16 14:56 - 000016148 _____ C:\WINDOWS\system32\DESKTOP-U6LECO9_defaultuser0_HistoryPrediction.bin
2021-03-16 14:56 - 2021-03-16 14:56 - 000000000 ___DC C:\Users\Charlie\AppData\Local\VirtualStore
2021-03-16 14:56 - 2021-03-16 14:56 - 000000000 ___DC C:\Users\Charlie\AppData\Local\TileDataLayer
2021-03-16 14:56 - 2021-03-16 14:56 - 000000000 ___DC C:\Users\Charlie\AppData\Local\Publishers
2021-03-16 14:52 - 2021-03-16 14:52 - 000000000 ____D C:\WINDOWS\CSC
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-25 14:54 - 2020-11-19 15:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-25 12:40 - 2020-11-19 15:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-25 12:40 - 2019-12-07 17:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-25 12:31 - 2019-12-07 17:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-25 09:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-03-25 03:36 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-24 16:55 - 2019-12-07 17:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-24 16:28 - 2019-12-07 17:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-23 17:34 - 2019-12-07 17:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-21 13:37 - 2019-12-07 17:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-20 21:27 - 2020-11-19 15:46 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-20 21:27 - 2020-11-19 15:46 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-18 17:13 - 2020-11-19 15:48 - 000000000 ____D C:\ProgramData\Packages
2021-03-17 23:00 - 2019-12-07 17:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-17 21:20 - 2020-11-19 15:54 - 000795742 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-17 15:32 - 2019-12-07 17:18 - 000000000 ____D C:\WINDOWS\Setup
2021-03-17 15:32 - 2019-12-07 17:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-03-17 15:32 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-17 15:32 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-17 15:32 - 2015-07-10 21:14 - 000000000 ____D C:\WINDOWS\ShellNew
2021-03-17 15:32 - 2015-07-10 19:04 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-17 15:32 - 2015-07-10 19:04 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-03-17 15:32 - 2015-07-10 19:04 - 000000000 ____D C:\WINDOWS\InfusedApps
2021-03-17 15:30 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\Resources
2021-03-17 15:27 - 2020-11-19 10:50 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2021-03-17 15:27 - 2020-11-19 10:50 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2021-03-17 15:27 - 2019-12-07 17:10 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2021-03-17 13:34 - 2015-07-10 19:04 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-03-17 04:36 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-03-17 02:47 - 2020-11-19 15:43 - 000441392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-17 02:46 - 2019-12-07 17:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-17 02:46 - 2019-12-07 17:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-17 02:46 - 2019-12-07 17:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-17 02:46 - 2019-12-07 17:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\IME
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-17 02:46 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-03-17 02:46 - 2019-12-07 17:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-17 02:40 - 2020-11-19 15:45 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-03-17 02:30 - 2015-07-10 19:04 - 000000167 _____ C:\WINDOWS\win.ini
2021-03-17 01:41 - 2020-11-19 15:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-16 23:44 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\Help
2021-03-16 23:41 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-03-16 23:39 - 2020-11-19 15:46 - 000003406 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-16 23:39 - 2020-11-19 15:46 - 000003182 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-16 23:39 - 2019-12-07 17:14 - 000000000 ____D C:\ProgramData\USOPrivate
==================== Files in the root of some directories ========
2020-11-19 10:48 - 2020-11-19 10:48 - 000320202 ___SH () C:\Users\Charlie\AppData\Roaming\jiidicf
2021-03-24 16:30 - 2021-03-25 11:04 - 000028994 _____ () C:\Users\Charlie\AppData\Local\Temptnodlogo.png
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by Charlie (25-03-2021 15:41:09)
Running from C:\Users\Charlie\Desktop
Windows 10 Pro Version 20H2 19042.867 (X64) (2021-03-16 15:39:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-152249054-1485168156-3805921223-500 - Administrator - Disabled)
Charlie (S-1-5-21-152249054-1485168156-3805921223-1001 - Administrator - Enabled) => C:\Users\Charlie
DefaultAccount (S-1-5-21-152249054-1485168156-3805921223-503 - Limited - Disabled)
Guest (S-1-5-21-152249054-1485168156-3805921223-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-152249054-1485168156-3805921223-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.01 alpha (x64) (HKLM\...\7-Zip) (Version: 21.01 alpha - Igor Pavlov)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_2) (Version: 25.2 - Adobe Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
BIOS Update (HKLM-x32\...\{28FFFE19-141E-47CF-8E9B-DD75B43C4B06}) (Version: - )
BitTorrent (HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\BitTorrent) (Version: 7.10.5.45967 - BitTorrent Inc.)
Chief Architect Premier X12 (64 bit) (HKLM\...\{7014D5A9-3CE8-4F35-97D6-BED094B1CF6C}) (Version: 22.1.0.0 - Chief Architect)
Garena (remove only) (HKLM-x32\...\gxx) (Version: 2.0.1909.2618 - Garena)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.57 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MY.GAMES GameCenter (HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\GameCenter) (Version: 4.1618 - MY.COM B.V.)
NBA 2K21 (HKLM-x32\...\NBA 2K21_is1) (Version: - )
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Graphics Driver 461.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.92 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RAIDXpert2 Management Suite (HKLM-x32\...\RAIDXpert2 Management Suite) (Version: 9.2.0.120 - Advanced Micro Devices, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8397 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.561 (HKLM-x32\...\SafeZone 3.55.2393.561) (Version: 3.55.2393.561 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SketchUpPro (HKLM\...\{db5288e9-89f4-722c-9939-39e899d2e519}) (Version: 21.0.339.121 - SketchUp)
TNod User & Password Finder (HKLM\...\TNod) (Version: 1.8.0.0 - Tukero[X]Team)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{6753CC12-A884-47B2-9270-F5CD31B6F256}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
YoutubeAdBlock (HKLM-x32\...\88AB4B18-0F72-44DF-9B1F-54FF52B11BB3) (Version: 2.0.0.1335 - )
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-18] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.40.4772.0_x64__8wekyb3d8bbwe [2021-03-20] (Microsoft Corporation) [Startup Task]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2021-03-17] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-03-09] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-05-03] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-05-03] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-03-09] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-05-03] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-05-03] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-03-09] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-05-03] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-05-03] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Charlie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2021-03-17 07:41 - 2009-05-03 08:59 - 000165376 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2020-03-07 22:27 - 2020-03-07 22:27 - 101687296 _____ () [File not signed] C:\Users\Charlie\AppData\Local\GameCenter\Chrome\80.3987.2146\libcef.dll
2020-03-07 09:44 - 2020-03-07 09:44 - 000333824 _____ () [File not signed] C:\Users\Charlie\AppData\Local\GameCenter\Chrome\80.3987.2146\swiftshader\libegl.dll
2020-03-07 09:44 - 2020-03-07 09:44 - 003011584 _____ () [File not signed] C:\Users\Charlie\AppData\Local\GameCenter\Chrome\80.3987.2146\swiftshader\libglesv2.dll
2021-03-17 22:55 - 2021-03-17 22:55 - 000144896 _____ () [File not signed] C:\Users\Charlie\AppData\Local\GameCenter\zlib1.dll
2021-03-25 02:06 - 2021-03-09 20:00 - 000077312 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-03-17 22:55 - 2021-03-17 22:55 - 000158720 _____ (Igor Pavlov) [File not signed] C:\Users\Charlie\AppData\Local\GameCenter\7zxa.dll
2020-03-07 15:03 - 2020-03-07 15:03 - 000822784 _____ (The Chromium Authors) [File not signed] C:\Users\Charlie\AppData\Local\GameCenter\Chrome\80.3987.2146\chrome_elf.dll
2021-03-17 22:55 - 2021-03-17 22:55 - 000694272 _____ (The curl library, hxxps://curl.se/) [File not signed] C:\Users\Charlie\AppData\Local\GameCenter\libcurl.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-152249054-1485168156-3805921223-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=AE190201&iDate=2021-03-17 05:30:02&iid=73f180d8-606e-403a-b0da-25cf06a9f29e&bName=
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: YoutubeAdBlock -> {B7993E1A-469D-4CED-8208-B2E0791F4668} -> C:\Program Files (x86)\vswiYPsuPIE\tk1KS9bO.dll => No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: YoutubeAdBlock -> {B7993E1A-469D-4CED-8208-B2E0791F4668} -> C:\Program Files (x86)\vswiYPsuPIE\kYz4IEtF.dll => No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-06-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-06-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 19:04 - 2015-07-10 19:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-152249054-1485168156-3805921223-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Charlie\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\G Apartment.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\StartupApproved\Run: => "0ozqYnQ1r6FxV2Sc7v1WauVjhCOs0jsf"
HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\StartupApproved\Run: => "VgZt6ANrjs6NokKlKSiEJ9zIIQPuL1Tu"
HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\StartupApproved\Run: => "05vurOH0BDcUJvFAZdwhC7CcurnOdvbD"
HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\StartupApproved\Run: => "RbNuBEgMCab3QklhDQ3qgXDzPuDxU7q3"
HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\StartupApproved\Run: => "ZWNVgsOkaT8MdBkX1tZzh0yKHy1p241a"
HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\StartupApproved\Run: => "cdPApUnJAxE9ZawZr69bIi9jykhwC3zp"
HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\StartupApproved\Run: => "mywYtYWbbl2oKw3DsAAaz01ls3h63xQn"
HKU\S-1-5-21-152249054-1485168156-3805921223-1001\...\StartupApproved\Run: => "NjVxfdRDwn31mtygN9Ma1kc7iQe4vny5"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{57A0B040-C136-4085-9DBF-B5F84F121E43}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{92027B1C-90FE-4409-AEB6-673105AB06C2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{36E51705-530A-47E7-A374-1CDABF821593}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30EE4C66-2FEA-4E65-80BF-051651B897D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EFD39174-D086-4690-951A-A54CC20DC874}] => (Allow) C:\Users\Charlie\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DE362C3B-2A19-43A8-9980-3937B9C4BF2F}] => (Allow) C:\Users\Charlie\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B09FF94F-90F0-4995-8C71-013BF2F1F2DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C15C96B6-4F50-4052-8A26-940F9E0EF8DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{125E6F6A-5889-4CE2-8EB1-E2809BD54DDE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D1607938-4929-43DB-9540-31227C1AF2D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ACF0DAAB-14F8-46C5-BF2F-A65E02F08970}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{14C6B5CA-151A-4701-9760-69D987208F79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{548163B9-CF2D-468B-9153-9E36A71CBC71}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => No File
FirewallRules: [{BFCA0BBC-4A13-4741-A7BE-1B554D0A0F8F}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => No File
FirewallRules: [{1FDB12FA-DD18-4996-BDE6-738E75F64EFB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FD584BDE-8540-44FC-AC9A-848723DDE9A5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34425758-7C72-4211-B083-4777375DDCBA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7B11C19-0CC5-454F-A3CF-DC568080AEE6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FFDECF04-1924-4981-8915-F81DFBC6E0FC}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEF0DD4E-FC6C-47F4-89A2-E325356CF675}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4B76F2B-5D24-467F-AAB3-98C8B9933718}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BDAB811F-6466-4720-9B32-9F7D68A59799}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{501DC429-24D9-404F-982F-0190201F5F79}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0D119AF9-BCBF-4C9E-81FC-56DE123794DB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{27F6FAED-307B-499A-9E2D-2E8676AEE33F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9511DAB8-E3BA-4AF8-A7C8-963637E2B6CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B6951525-795E-452C-A7F6-9B3C6FD69CB4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2BAF0679-867C-4766-83AD-6A3391035BD5}] => (Allow) E:\SZBrowser\3.55.2393.561\SZBrowser.exe => No File
FirewallRules: [TCP Query User{38A85691-1115-4A7D-BCD4-581EB8590930}C:\users\charlie\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\charlie\appdata\local\gamecenter\gamecenter.exe (LLC Mail.Ru -> )
FirewallRules: [UDP Query User{7F32C9C8-BB4E-4A44-9882-F3FB02697641}C:\users\charlie\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\charlie\appdata\local\gamecenter\gamecenter.exe (LLC Mail.Ru -> )
FirewallRules: [{BFD02577-D199-4165-AECC-9A233DA5F38C}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1909.2618\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online)
FirewallRules: [TCP Query User{501356AE-4CAF-4F1B-AC5A-BA464E84A60A}C:\users\charlie\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\charlie\appdata\local\gamecenter\gamecenter.exe (LLC Mail.Ru -> )
FirewallRules: [UDP Query User{00CCCA75-86A5-491E-88AA-4DE4B6795B6F}C:\users\charlie\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\charlie\appdata\local\gamecenter\gamecenter.exe (LLC Mail.Ru -> )
FirewallRules: [{381A15E4-F14A-4E09-89ED-7947195DE563}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{7512B02A-90FC-41FA-BFBF-E11AB90E98C6}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{53B23E6C-5339-470F-ABE1-6BBCF565C030}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{4539DE63-DFDC-443D-A4E1-31611E1ABF05}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{935EA705-0257-400A-B72E-43DF6E9ECF60}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
==================== Restore Points =========================
16-03-2021 23:42:37 Installed Chief Architect Premier X12 (64 bit)
23-03-2021 21:46:27 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
==================== Faulty Device Manager Devices ============
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/25/2021 12:40:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (03/25/2021 12:40:05 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (03/25/2021 12:35:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.918, time stamp: 0x60418179
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x603971ce
Exception code: 0xc0000005
Fault offset: 0x0000000000219dc5
Faulting process id: 0x2e80
Faulting application start time: 0x01d7212fce980407
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: 78700d81-3e5e-486d-b098-ce7c635f9631
Faulting package full name:
Faulting package-relative application ID:
Error: (03/25/2021 01:42:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CheatEngine72.tmp, version: 51.1052.0.0, time stamp: 0x5fb0f970
Faulting module name: ntdll.dll, version: 10.0.19041.844, time stamp: 0xa9ac4e88
Exception code: 0xc0000374
Fault offset: 0x000e6a73
Faulting process id: 0x2808
Faulting application start time: 0x01d720d5049443eb
Faulting application path: C:\Users\Charlie\AppData\Local\Temp\is-CFT50.tmp\CheatEngine72.tmp
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: bd071cff-e9c3-475d-95cc-fc28b5223a14
Faulting package full name:
Faulting package-relative application ID:
Error: (03/25/2021 01:16:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CheatEngine72.tmp, version: 51.1052.0.0, time stamp: 0x5fb0f970
Faulting module name: ntdll.dll, version: 10.0.19041.844, time stamp: 0xa9ac4e88
Exception code: 0xc0000374
Fault offset: 0x000e6a73
Faulting process id: 0x2e60
Faulting application start time: 0x01d720d1654a55f6
Faulting application path: C:\Users\Charlie\AppData\Local\Temp\is-ESI39.tmp\CheatEngine72.tmp
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 2d8f25ba-83a6-4223-9eaf-c1fab7917560
Faulting package full name:
Faulting package-relative application ID:
Error: (03/24/2021 04:28:31 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/24/2021 03:28:29 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/24/2021 01:32:08 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
System errors:
=============
Error: (03/25/2021 03:06:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U6LECO9)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (03/25/2021 03:06:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U6LECO9)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (03/25/2021 03:06:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U6LECO9)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (03/25/2021 03:06:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U6LECO9)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (03/25/2021 03:06:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U6LECO9)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (03/25/2021 03:06:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U6LECO9)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (03/25/2021 03:06:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U6LECO9)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (03/25/2021 03:06:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U6LECO9)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2021-03-25 02:02:38
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-03-24 16:38:33
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Skeeyah.B!rfn
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files\ESET\TNOD\TNODUP.exe; process:_pid:5452,ProcessStart:132610486835087602
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.333.1150.0, AS: 1.333.1150.0, NIS: 1.333.1150.0
Engine Version: AM: 1.1.17900.7, NIS: 1.1.17900.7
Date: 2021-03-24 16:38:32
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Skeeyah.B!rfn
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files\ESET\TNOD\TNODUP.exe; file:_C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Download Licenses.lnk; file:_C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Generate and insert a TRIAL license.lnk; file:_C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Insert license with the maximum expiration date.lnk; file:_C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Open Settings.lnk; file:_C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Recover current license.lnk; file:_C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Run hidden.lnk; file:_C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\TNod.lnk; file:_C:\Users\Charlie\AppData\Roaming\Microsoft\Win
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: C:\Program Files\ESET\TNOD\TNODUP.exe
Security intelligence Version: AV: 1.333.1150.0, AS: 1.333.1150.0, NIS: 1.333.1150.0
Engine Version: AM: 1.1.17900.7, NIS: 1.1.17900.7
Date: 2021-03-24 16:38:22
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Skeeyah.B!rfn
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files\ESET\TNOD\TNODUP.exe; process:_pid:5452,ProcessStart:132610486835087602
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\ESET\TNOD\TNODUP.exe
Security intelligence Version: AV: 1.333.1150.0, AS: 1.333.1150.0, NIS: 1.333.1150.0
Engine Version: AM: 1.1.17900.7, NIS: 1.1.17900.7
Date: 2021-03-24 16:38:16
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Skeeyah.B!rfn
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files\ESET\TNOD\TNODUP.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.333.1150.0, AS: 1.333.1150.0, NIS: 1.333.1150.0
Engine Version: AM: 1.1.17900.7, NIS: 1.1.17900.7
Date: 2021-03-20 22:10:31
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.333.799.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17900.7
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===============
Date: 2021-03-24 16:44:50
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-03-24 15:29:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume6\Avast\x64\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 5.14 07/15/2020
Motherboard: BIOSTAR Group A320MH
Processor: AMD Ryzen 5 3400G with Radeon Vega Graphics
Percentage of memory in use: 34%
Total physical RAM: 16332.71 MB
Available physical RAM: 10701.04 MB
Total Virtual: 18764.71 MB
Available Virtual: 11088.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:446.07 GB) (Free:210.31 GB) NTFS
Drive d: (Seagate) (Fixed) (Total:931.48 GB) (Free:614.99 GB) exFAT
Drive e: (Hard Drive) (Fixed) (Total:931.51 GB) (Free:291.8 GB) NTFS
\\?\Volume{95f9750b-b96d-4d3d-b9ed-cea14b625a04}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.14 GB) NTFS
\\?\Volume{451ed983-335f-411b-8398-26ae5eb436ea}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{090c11f7-a806-43a6-8535-54d9ab39812b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 23C6BB97)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9DA30D7B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 29041958)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
