Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-10-2017 01
- Ran by mrsha (18-10-2017 22:23:21)
- Running from C:\Users\mrsha\Desktop
- Windows 10 Pro Version 1703 15063.540 (X64) (2017-08-30 23:46:04)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-785674744-1277263253-3647830273-500 - Administrator - Disabled)
- DefaultAccount (S-1-5-21-785674744-1277263253-3647830273-503 - Limited - Disabled)
- Guest (S-1-5-21-785674744-1277263253-3647830273-501 - Limited - Disabled)
- Hien (S-1-5-21-785674744-1277263253-3647830273-1001 - Administrator - Enabled) => C:\Users\Hien
- mrsha (S-1-5-21-785674744-1277263253-3647830273-1003 - Administrator - Enabled) => C:\Users\mrsha
- thieu (S-1-5-21-785674744-1277263253-3647830273-1002 - Limited - Disabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
- AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- 4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.1.2070 - Open Media LLC)
- 4K Video Downloader 4.3 (HKLM-x32\...\{D0CA3944-0FD5-40FF-97A1-FEDFFB5EE31F}) (Version: 4.3.2.2215 - Open Media LLC)
- 7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
- Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
- Adobe Photoshop CS6 (HKLM-x32\...\Adobe Photoshop CS6) (Version: 13.0.0.0 - © The Computer Guy Tony)
- Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
- Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
- Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden
- Apowersoft Video Converter Studio V4.5.6 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.5.6 - APOWERSOFT LIMITED)
- Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
- Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
- Auto Mouse Mover 2.0 (HKLM-x32\...\{08FD4323-8909-4973-BD2E-7250D2D93D0C}_is1) (Version: 2.0 - MurGee.com)
- Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
- Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
- BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.46.1633 - BlueStack Systems, Inc.)
- Box Sync (HKLM-x32\...\{105b86f5-1c87-4b54-aa7d-326774504314}) (Version: 4.0.7702.0 - Box Inc.) Hidden
- Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
- Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{27C92618-52B0-4301-AD23-1060109C6170}) (Version: 3.1.10010 - Cisco Systems, Inc.)
- Cisco AnyConnect Network Access Manager (HKLM-x32\...\{BD39D88B-E610-4C71-A436-267D07689735}) (Version: 3.1.10010 - Cisco Systems, Inc.)
- Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.10010 - Cisco Systems, Inc.)
- Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{C37C8243-90EC-42A9-85C6-43105A32B926}) (Version: 3.1.10010 - Cisco Systems, Inc.) Hidden
- Cisco AnyConnect Start Before Login Module (HKLM-x32\...\{E0689186-C014-4025-A8BC-4C0F3C060B4D}) (Version: 3.1.10010 - Cisco Systems, Inc.)
- Dell EMC SolVe Desktop 3.1.0.0 (HKLM-x32\...\{C7509C48-63B0-43DE-8065-74F7AA77F132}_is1) (Version: 3.1.0.0 - Dell EMC Corporation)
- Discord (HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\Discord) (Version: 0.0.298 - Discord Inc.)
- EAS NA (VMware ThinApp) (HKLM-x32\...\{3C27CB35-A395-4DB1-918A-0A35A2AA6599}) (Version: 1.0.NA - EAS)
- Employee Availability System (HKLM-x32\...\Employee Availability System) (Version: 1.0.0.0 - )
- Employee Availability System (VMware ThinApp) (HKLM-x32\...\{35350809-DF89-452A-A8F1-BA7871D3AEA7}) (Version: 1.1 - EMC)
- Fraps (HKLM-x32\...\Fraps) (Version: - )
- Git version 2.14.2.2 (HKLM-x32\...\Git_is1) (Version: 2.14.2.2 - The Git Development Community)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
- Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
- Gyazo 3.3.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
- Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4351.1001 - Microsoft Corporation) Hidden
- Imminent Monitor (HKLM-x32\...\Imminent Monitor) (Version: 5.0 - Imminent Methods)
- Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
- Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
- Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
- Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
- Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
- KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.11.0.3 - QFX Software Corporation)
- KingRoot version 3.5.0.1157 (HKLM-x32\...\{FA3B7324-9EB4-4ADC-84D0-5461BE113832}_is1) (Version: 3.5.0.1157 - KingRoot)
- Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
- Malwarebytes Activation (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 3.1.2.1733 - Malwarebytes)
- Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
- Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
- Microsoft OneDrive (HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
- Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
- Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
- Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
- Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
- Mozilla Firefox 56.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 56.0.1 (x86 en-US)) (Version: 56.0.1 - Mozilla)
- Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla)
- NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.28.00 - NETGEAR Inc.)
- Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
- Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
- Node.js (HKLM\...\{2DDA9FD3-9D1E-47F4-A325-CB855A74C081}) (Version: 8.7.0 - Node.js Foundation)
- Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
- NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
- NVIDIA 3D Vision Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation)
- NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
- NVIDIA Graphics Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation)
- NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
- NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
- OpenOffice Writer Search In Multiple Files At Once Software (HKLM-x32\...\OpenOffice Writer Search In Multiple Files At On~77F715AB_is1) (Version: - Sobolsoft)
- OpenVPN 2.4.3-I602 (HKLM\...\OpenVPN) (Version: 2.4.3-I602 - OpenVPN Technologies, Inc.)
- Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
- Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4351.1001 - Microsoft Corporation) Hidden
- Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
- paint.net (HKLM\...\{02D89175-E08F-401B-BA30-8B7512B57724}) (Version: 4.0.17 - dotPDN LLC)
- PCPlayer (HKLM-x32\...\{B54CE443-35EF-4776-A0CD-6D961B983097}_is1) (Version: 3.18.11.0 - EZVIZ Inc.)
- Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
- Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.2 - Nikon)
- ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - Photodex Corporation)
- QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
- RAIDar 4.3.8 (HKLM-x32\...\1381-5408-0515-7060) (Version: 4.3.8 - Netgear Inc.)
- Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.7.2 - Razer Inc.)
- Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.3.20.524 - Razer Inc.)
- Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.)
- ReadySHARE Vault (HKLM-x32\...\ReadySHARE Vault) (Version: 3.0 - Genie9)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
- Roblox Player for mrsha (HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
- Roblox Studio for mrsha (HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation)
- Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games)
- Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
- Skype for Business Basic 2016 (HKLM-x32\...\Office16.LYNCENTRY) (Version: 16.0.4351.1001 - Microsoft Corporation)
- Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
- Spotify (HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\Spotify) (Version: 1.0.65.320.gac7a8e02 - Spotify AB)
- Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
- TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.82216 - TeamViewer)
- Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version: - Ubisoft)
- Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
- TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
- update_server (HKLM-x32\...\{1D08522D-308D-4615-AEA9-44021FD7445A}_is1) (Version: - )
- VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
- ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.3 - Nikon)
- VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
- VMware Workstation (HKLM\...\{878C6FAC-4FF1-4281-A05D-07CDA485C114}) (Version: 12.5.7 - VMware, Inc.)
- Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
- Warframe (HKLM-x32\...\{B65D06BC-E372-43EE-83BC-55A89A4D5643}) (Version: 1.0.0 - Digital Extremes)
- Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
- WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
- Wireshark 2.4.1 64-bit (HKLM-x32\...\Wireshark) (Version: 2.4.1 - The Wireshark developer community, hxxps://www.wireshark.org)
- Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
- YTD Video Downloader 5.8.7 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.8.7 - GreenTree Applications SRL) <==== ATTENTION
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
- ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
- ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
- ShellIconOverlayIdentifiers: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
- ShellIconOverlayIdentifiers: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
- ShellIconOverlayIdentifiers: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
- ShellIconOverlayIdentifiers: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
- ShellIconOverlayIdentifiers: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
- ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
- ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
- ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
- ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
- ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
- ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
- ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
- ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-28] ()
- ContextMenuHandlers1: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9)
- ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0 (1)\x64\ShellEx.dll [2017-10-18] (AO Kaspersky Lab)
- ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
- ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
- ContextMenuHandlers2: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9)
- ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0 (1)\x64\ShellEx.dll [2017-10-18] (AO Kaspersky Lab)
- ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2017-06-19] (VMware, Inc.)
- ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2017-06-19] (VMware, Inc.)
- ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
- ContextMenuHandlers4: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9)
- ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0 (1)\x64\ShellEx.dll [2017-10-18] (AO Kaspersky Lab)
- ContextMenuHandlers5: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9)
- ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-18] (NVIDIA Corporation)
- ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
- ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
- ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0 (1)\x64\ShellEx.dll [2017-10-18] (AO Kaspersky Lab)
- ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
- ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0DE709E0-912B-4F55-A141-12E656321879} - System32\Tasks\{FC241380-0DCF-4368-844B-7AEE5977C8F4} => "c:\windows\system32\launchwinapp.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.32.0.104&LastError=12057
- Task: {10457DF6-F1AB-49AE-833D-B88A13319F34} - System32\Tasks\{318E4950-7291-434F-81E1-6A47B4BCC1B8} => "c:\windows\system32\launchwinapp.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.32.0.104&LastError=12057
- Task: {2295E8E5-E430-4751-B98B-F77BDC14A92F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-17] (NVIDIA Corporation)
- Task: {265C66EB-F5DF-42C7-AE97-299037376591} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-17] (NVIDIA Corporation)
- Task: {3797686F-C851-4240-B829-55DB3678C5B3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
- Task: {3DFA7A88-C60E-442F-9E68-33E92C1E4D63} - System32\Tasks\update-S-1-5-21-785674744-1277263253-3647830273-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
- Task: {42FA497B-02B4-4129-91CF-811476F0059F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-17] (NVIDIA Corporation)
- Task: {4D466892-8AE8-45C3-BA47-639D82F62020} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-05-16] ()
- Task: {55610F7C-F44B-489E-8B84-701D9853344F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
- Task: {5BEECE01-14ED-4E1B-8191-1E089B527EFC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-17] (NVIDIA Corporation)
- Task: {619AA8E0-107D-4B6A-974B-606572FDEACF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-17] (NVIDIA Corporation)
- Task: {62BFEC47-4FCA-4E4B-87C6-8BD27EAFA540} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-11] (Google Inc.)
- Task: {630DF3EB-7037-48A8-B8CC-897F07590A83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-11] (Google Inc.)
- Task: {654D19AA-A4F9-4C16-8878-89CDCD1A941E} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
- Task: {66332321-004F-4ABE-867E-A0F0246312F0} - System32\Tasks\MurGeeAutoMouseMover => C:\Users\Hien\AppData\Roaming\Auto Mouse Mover\AutoMouseMover.exe [2015-03-22] (MurGee.com)
- Task: {7FA45CD1-0F03-4F6A-8C87-264BC66758E5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
- Task: {8067AC8B-3159-41AE-AB50-66027D7096F6} - System32\Tasks\{2D3169FA-8809-4827-BC22-53AF7F71E6CA} => "c:\windows\system32\launchwinapp.exe" hxxps://ui.skype.com/ui/0/7.35.0.103/en/abandoninstall?page=tsProgressBar
- Task: {9DC16B02-6584-458F-B5B3-A108B920A403} - System32\Tasks\{9908F67F-29F1-4B25-8148-784FE73F8A6A} => "c:\windows\system32\launchwinapp.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.32.0.104&LastError=12057
- Task: {C5C790A9-B8D2-4975-9B78-316481D69866} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
- Task: {C692CFF2-A5A8-4C26-96D4-4FA3769DB1F5} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-05-16] ()
- Task: {E2755C15-A3DA-4D63-B337-5F85F1F31303} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-17] (NVIDIA Corporation)
- Task: {EE72CB5A-1A23-479B-A85B-3E83E9FADCF7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-17] (NVIDIA Corporation)
- Task: {F2A0A765-4E56-4DCF-BCDB-E3D9CC457D85} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-17] (NVIDIA Corporation)
- Task: {F6B013D7-A7A9-4044-8075-9E85F3B9C661} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2017-10-18] (AO Kaspersky Lab)
- Task: {FB54E771-173D-48E4-9BB4-380A256E7F39} - System32\Tasks\{A558ABC3-E11E-40A4-86BC-A94AE761FD0F} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.26.80.101/en/go/help.faq.installer?LastError=1618
- Task: {FD7E04ED-7784-42A8-AA59-45F59E5858AA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => D:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
- Task: C:\WINDOWS\Tasks\update-S-1-5-21-785674744-1277263253-3647830273-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
- Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
- ==================== Shortcuts & WMI ========================
- (The entries could be listed to be restored or removed.)
- ShortcutWithArgument: C:\Users\mrsha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b8da4a38624bbb1e\Feedback.lnk -> D:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gfdkimpbcpahaombhbimeihdjnejgicl
- ShortcutWithArgument: C:\Users\mrsha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8324702790a2488\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default
- ==================== Loaded Modules (Whitelisted) ==============
- 2017-10-15 19:06 - 2017-10-18 19:39 - 002843648 _____ () C:\WINDOWS\SYSTEM32\MSMXTWDSVC.EXE
- 2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
- 2017-03-20 09:09 - 2017-02-08 11:58 - 000035328 _____ () D:\Program Files (x86)\Dell EMC SolVe Desktop\Automaton Service.exe
- 2017-07-19 15:09 - 2017-07-19 15:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
- 2016-08-11 12:50 - 2005-04-21 21:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
- 2017-07-04 15:41 - 2017-09-25 18:39 - 000345064 _____ () D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
- 2017-06-19 20:02 - 2017-06-19 20:02 - 012482024 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
- 2017-03-18 13:58 - 2017-03-18 13:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
- 2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
- 2017-02-22 23:49 - 2017-02-22 23:49 - 008911560 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll
- 2017-03-25 00:29 - 2013-08-29 00:08 - 000209920 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.gtl
- 2017-03-25 00:29 - 2013-08-01 02:36 - 000045568 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.gtl
- 2017-03-25 00:29 - 2013-08-29 00:08 - 000490496 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.gtl
- 2017-03-25 00:29 - 2013-08-01 02:36 - 000089600 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.gtl
- 2017-03-25 00:29 - 2013-02-03 04:40 - 000011264 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.gtl
- 2017-03-25 00:29 - 2012-02-02 02:16 - 000740864 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.gtl
- 2017-03-25 00:29 - 2013-08-29 00:08 - 000710144 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSBackupManager.gtl
- 2017-03-25 00:29 - 2013-08-29 00:08 - 000370688 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSWatcher4.gtl
- 2017-03-25 00:29 - 2013-08-29 00:08 - 000332800 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\OnlineHandler.gtl
- 2017-03-25 00:29 - 2013-08-29 00:08 - 000054784 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogManager.gtl
- 2017-03-25 00:29 - 2013-08-29 00:08 - 000087040 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\QueueManager.gtl
- 2017-03-25 00:29 - 2013-02-03 04:40 - 000010752 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\VSSEngine_Proxy.gtl
- 2017-03-25 00:29 - 2013-08-01 02:36 - 000058368 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLibrariesManager.gtl
- 2013-02-03 02:21 - 2013-02-03 02:21 - 000045056 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\pcre.dll
- 2013-02-03 02:21 - 2013-02-03 02:21 - 000097792 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\pcrebase.dll
- 2017-03-18 13:59 - 2017-03-18 19:30 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
- 2017-09-13 15:45 - 2017-09-13 15:45 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.30.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
- 2017-10-05 07:14 - 2017-10-05 07:15 - 010634752 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.30.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
- 2017-10-05 07:14 - 2017-10-05 07:15 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.30.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 000021504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
- 2017-10-04 07:50 - 2017-10-04 07:51 - 048839168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 000164352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 000352256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 002836480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 020559872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 002705408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\MediaEngine.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 003128320 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
- 2017-08-30 18:19 - 2017-08-30 18:19 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 000118784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\ExploreModel.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 001380864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
- 2017-10-04 07:50 - 2017-10-04 07:51 - 000367616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\AnimatedGIF.dll
- 2017-08-28 14:56 - 2017-08-23 01:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
- 2017-08-28 14:56 - 2017-08-23 01:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
- 2015-07-22 11:54 - 2015-07-22 11:54 - 000063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
- 2015-07-22 11:51 - 2015-07-22 11:51 - 000714128 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\libxml2.dll
- 2017-06-19 20:02 - 2017-06-19 20:02 - 000173032 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll
- 2017-06-19 20:02 - 2017-06-19 20:02 - 000396776 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
- 2017-06-19 20:02 - 2017-06-19 20:02 - 000126440 _____ () C:\Program Files (x86)\VMware\VMware Workstation\expat.dll
- 2017-10-03 18:08 - 2017-10-18 19:40 - 000619464 _____ () C:\Users\mrsha\AppData\Local\Temp\0Kraken0510DevProps.dll
- 2016-11-26 09:57 - 2017-10-11 18:22 - 068211824 _____ () C:\Users\mrsha\AppData\Roaming\Spotify\libcef.dll
- 2016-11-26 09:57 - 2017-10-11 18:22 - 003110512 _____ () C:\Users\mrsha\AppData\Roaming\Spotify\libglesv2.dll
- 2016-11-26 09:57 - 2017-10-11 18:22 - 000087152 _____ () C:\Users\mrsha\AppData\Roaming\Spotify\libegl.dll
- 2017-08-08 17:22 - 2017-08-08 15:13 - 001893880 _____ () C:\Users\mrsha\AppData\Local\Discord\app-0.0.298\ffmpeg.dll
- 2017-08-20 18:36 - 2017-08-20 18:36 - 001577976 _____ () \\?\C:\Users\mrsha\AppData\Roaming\discord\0.0.298\modules\discord_toaster\discord_toaster.node
- 2017-08-08 17:22 - 2017-08-08 15:13 - 001938424 _____ () C:\Users\mrsha\AppData\Local\Discord\app-0.0.298\libglesv2.dll
- 2017-08-08 17:22 - 2017-08-08 15:13 - 000095736 _____ () C:\Users\mrsha\AppData\Local\Discord\app-0.0.298\libegl.dll
- 2017-08-20 18:36 - 2017-10-06 16:05 - 009722360 _____ () \\?\C:\Users\mrsha\AppData\Roaming\discord\0.0.298\modules\discord_voice\discord_voice.node
- 2017-08-20 18:36 - 2017-08-20 18:36 - 001440248 _____ () \\?\C:\Users\mrsha\AppData\Roaming\discord\0.0.298\modules\discord_utils\discord_utils.node
- 2017-10-18 19:44 - 2017-10-18 19:44 - 000148992 _____ () \\?\C:\Users\mrsha\AppData\Local\Temp\8019.tmp.node
- 2017-08-20 18:36 - 2017-08-20 18:36 - 002658296 _____ () \\?\C:\Users\mrsha\AppData\Roaming\discord\0.0.298\modules\discord_rpc\discord_rpc.node
- 2017-08-20 18:37 - 2017-08-20 18:37 - 002673656 _____ () \\?\C:\Users\mrsha\AppData\Roaming\discord\0.0.298\modules\discord_contact_import\discord_contact_import.node
- 2017-10-18 19:12 - 2017-10-18 19:12 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0 (1)\kpcengine.2.3.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- ==================== Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Hosts content: ==========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2015-10-30 00:24 - 2017-10-18 21:41 - 000001104 _____ C:\WINDOWS\system32\Drivers\etc\hosts
- 74.86.5.247 apowersoft.com
- 127.0.0.1 74.86.5.247
- 0.0.0.0 serius.mwbsys.com
- 128.221.225.9 drm01-01i03-vn03.emc.com ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-785674744-1277263253-3647830273-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\mrsha\AppData\Local\Stardock\img0.jpg
- DNS Servers: 8.8.8.8 - 8.8.8.4
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
- Windows Firewall is disabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- MSCONFIG\Services: BEService => 3
- MSCONFIG\Services: BrYNSvc => 3
- MSCONFIG\Services: GenieTimelineService => 2
- MSCONFIG\Services: gupdate => 2
- MSCONFIG\Services: gupdatem => 3
- MSCONFIG\Services: IntuitUpdateServiceV4 => 2
- MSCONFIG\Services: MozillaMaintenance => 3
- MSCONFIG\Services: NETGEARGenieDaemon => 3
- MSCONFIG\Services: NvContainerLocalSystem => 2
- MSCONFIG\Services: NvContainerNetworkService => 3
- MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
- MSCONFIG\Services: NvTelemetryContainer => 2
- MSCONFIG\Services: OpenVPNService => 3
- MSCONFIG\Services: OpenVPNServiceInteractive => 2
- MSCONFIG\Services: OpenVPNServiceLegacy => 3
- MSCONFIG\Services: QFXUpdateService => 3
- MSCONFIG\Services: Razer Game Scanner Service => 2
- MSCONFIG\Services: RtkAudioService => 2
- MSCONFIG\Services: ScsiAccess => 2
- MSCONFIG\Services: SkypeUpdate => 2
- MSCONFIG\Services: Steam Client Service => 3
- MSCONFIG\Services: TeamViewer => 2
- MSCONFIG\Services: VMAuthdService => 2
- MSCONFIG\Services: VMnetDHCP => 2
- MSCONFIG\Services: VMUSBArbService => 2
- MSCONFIG\Services: VMware NAT Service => 2
- MSCONFIG\Services: VMwareHostd => 2
- MSCONFIG\Services: Wallpaper Engine Service => 2
- HKLM\...\StartupApproved\StartupFolder: => "Snagit 12.lnk"
- HKLM\...\StartupApproved\Run: => "SecurityHealth"
- HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
- HKLM\...\StartupApproved\Run: => "ShadowPlay"
- HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
- HKLM\...\StartupApproved\Run: => "Fences"
- HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
- HKLM\...\StartupApproved\Run32: => "ControlCenter4"
- HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
- HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
- HKLM\...\StartupApproved\Run32: => "BrStsMon00"
- HKLM\...\StartupApproved\Run32: => "SPUpDateServerrun"
- HKLM\...\StartupApproved\Run32: => "Razer Synapse"
- HKLM\...\StartupApproved\Run32: => "APSDaemon"
- HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
- HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
- HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
- HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\StartupApproved\Run: => "OneDrive"
- HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\StartupApproved\Run: => "Gyazo"
- HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\StartupApproved\Run: => "Spotify"
- HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\StartupApproved\Run: => "Spotify Web Helper"
- HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\StartupApproved\Run: => "Lync"
- HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\StartupApproved\Run: => "OpenVPN-GUI"
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{4F8AD915-C0A7-4A86-98F2-3C56CEB67702}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- FirewallRules: [{A1E831FD-18CB-4DB6-936B-BB3AAD4C0B21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{F1EBB6D4-D1AF-44B7-BC0E-5F727E0AAE56}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{D9AE6E4B-B280-4ED4-99C4-3888AEC44E85}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{F1272824-BB6E-4C41-B544-FF0CE051FB81}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{33FE2ADB-44F4-4E49-9D00-F637DB578F15}] => (Block) C:\program files (x86)\imminent methods\imminent monitor\imminent monitor.exe
- FirewallRules: [{CC68C8BB-5061-4D48-A802-E658347CFC59}] => (Block) C:\program files (x86)\imminent methods\imminent monitor\imminent monitor.exe
- FirewallRules: [UDP Query User{AE8824A8-101A-4869-81CC-DF2B94F9236D}C:\program files (x86)\imminent methods\imminent monitor\imminent monitor.exe] => (Allow) C:\program files (x86)\imminent methods\imminent monitor\imminent monitor.exe
- FirewallRules: [TCP Query User{F0B43E78-7FFE-48BF-8BAE-2787D111B3F0}C:\program files (x86)\imminent methods\imminent monitor\imminent monitor.exe] => (Allow) C:\program files (x86)\imminent methods\imminent monitor\imminent monitor.exe
- FirewallRules: [{F30FE58D-45E7-4B75-930B-24A523008F15}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
- FirewallRules: [{CC4113D2-4C68-4B32-AF6B-91FAB1DBD9E6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
- FirewallRules: [{0744EDE3-6C2E-4AD3-8CE8-B56D02CB773B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned_BE.exe
- FirewallRules: [{A6034189-5EFB-4C4D-A2AF-C193C7F1BA5F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned_BE.exe
- FirewallRules: [UDP Query User{6E93E377-8A11-414F-BA2F-A12F5F27BB02}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
- FirewallRules: [TCP Query User{D5C84251-65EC-4563-B623-A883B2D4027B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
- FirewallRules: [{7CFF536B-1514-4C2C-9360-926786A39158}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
- FirewallRules: [{D1EF43DC-AEB8-45A1-BA90-A5CE9990D42E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
- FirewallRules: [{228F3373-6984-4254-908F-7B462F9A2DFD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
- FirewallRules: [{FE430AB8-CB80-4002-BE2D-E124CAB2EBA4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
- FirewallRules: [{E70CA481-DE46-4E7A-A5C6-35474D2B4EE7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
- FirewallRules: [{276C729D-A3B1-49A1-BE29-3FFF0B2BCA00}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
- FirewallRules: [{33DA2A7E-94FB-42D4-BFBF-D00095E07938}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
- FirewallRules: [{DD3AEF37-E5AF-4317-B4B8-FA900D28267F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
- FirewallRules: [{5B31DC8A-1928-456A-8C48-8EB93C232912}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
- FirewallRules: [{7122B434-94E3-4228-AAF4-9C2B28114938}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
- FirewallRules: [{57B28AF9-DF34-415C-8CA1-32A8AE494129}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
- FirewallRules: [{24F1CCDE-16EF-4618-868B-DF0FE9923EED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
- FirewallRules: [UDP Query User{26844A8B-E183-4D79-B0C0-6F507FA9C951}C:\users\hien\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\hien\appdata\local\amazon music\amazon music helper.exe
- FirewallRules: [TCP Query User{9FCE0F65-B1D5-4FC5-A2BB-C8885E918FC4}C:\users\hien\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\hien\appdata\local\amazon music\amazon music helper.exe
- FirewallRules: [UDP Query User{FDD45B44-589E-4E08-B1A7-3DC40D9591E9}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.0.0_x86__4n2hpmxwrvr6p\kodi.exe
- FirewallRules: [TCP Query User{DBBE9076-1410-4183-817D-80AADD6D347E}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.0.0_x86__4n2hpmxwrvr6p\kodi.exe
- FirewallRules: [UDP Query User{34464603-BD29-4913-86F2-45CAA14D8BCC}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
- FirewallRules: [TCP Query User{B5C04BA2-FA01-456C-BA31-E52C8533FD99}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
- FirewallRules: [UDP Query User{05305581-FF17-40CF-B7D9-C669E07F78C2}D:\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) D:\tom clancy's rainbow six siege\rainbowsix.exe
- FirewallRules: [TCP Query User{582052E9-63AE-4FA1-B1F1-017BEC01ED55}D:\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) D:\tom clancy's rainbow six siege\rainbowsix.exe
- FirewallRules: [{6ED8929C-75AF-4FDF-9106-E7FC4250D12D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\launcher.exe
- FirewallRules: [{38C27361-7045-4CE2-8641-AA6EC10C2F57}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\launcher.exe
- FirewallRules: [UDP Query User{7D2B8E25-BCC0-4FAF-9AC5-9D539B04B179}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
- FirewallRules: [TCP Query User{096C81C2-FE2F-4C55-AC1A-E4A594B21E8F}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
- FirewallRules: [{689F32EB-6058-4046-BA99-8E0220B0C5AC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
- FirewallRules: [{63F5EEBD-05C7-4501-8F90-139B165D9B84}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
- FirewallRules: [{3EABA391-9460-41AD-A95E-D00BDC326DDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
- FirewallRules: [{EFD41840-2BA8-4B79-BF57-494A9F96A689}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
- FirewallRules: [{FD863E26-DFAF-4A10-B7E0-086740492BF3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
- FirewallRules: [{D5D81DFD-8F72-436C-B635-5DB131F8636A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
- FirewallRules: [{11A8995D-2943-4948-A9D4-089FA6AE8593}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
- FirewallRules: [{990D5DE0-E760-462D-8EB4-93D1DBDA92FB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
- FirewallRules: [UDP Query User{BA359570-D1CD-4A4C-A965-39C6EB621AE0}C:\program files\telestream\gameshow\gameshow.exe] => (Allow) C:\program files\telestream\gameshow\gameshow.exe
- FirewallRules: [TCP Query User{FED13CBE-12B9-4F1D-9E40-8B6B3DD858B5}C:\program files\telestream\gameshow\gameshow.exe] => (Allow) C:\program files\telestream\gameshow\gameshow.exe
- FirewallRules: [{6EA01631-89E5-476B-9C6F-7DD5F7400A3D}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Wildlands\GRW.exe
- FirewallRules: [UDP Query User{33E07161-FCA7-4D65-AE2A-3821775201FA}C:\users\mrsha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mrsha\appdata\roaming\spotify\spotify.exe
- FirewallRules: [TCP Query User{609301FF-5906-4C9A-A7D3-13F8FEC92CF3}C:\users\mrsha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mrsha\appdata\roaming\spotify\spotify.exe
- FirewallRules: [{EFB393C1-BA56-4DD4-9582-6992613BAD91}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
- FirewallRules: [{CF71EE9E-E4D1-4C3F-B79B-A79B510E3ED6}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
- FirewallRules: [{92CAD380-9166-437F-8C90-11F0ACE6BE88}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
- FirewallRules: [{C290A309-E408-487F-A136-C0D8F14E93CB}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
- FirewallRules: [{F21F2E2F-FBA0-409C-BCB8-F2228B389CE0}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
- FirewallRules: [{1ED26901-7E46-47D9-8CF5-F19E655A2CC9}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
- FirewallRules: [{AB0A12B9-A534-4BBB-A372-4A43FC70BD61}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
- FirewallRules: [{B3360B3C-10A0-4EC9-A3CB-92068A4BB97A}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
- FirewallRules: [{3290E0B4-81FD-437B-B661-ABADC500C732}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
- FirewallRules: [{61467F0F-5673-485A-BFE2-62F530FBAC54}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
- FirewallRules: [{CF79FE8D-2BA1-4C10-8E5B-D2CFAE1F30F8}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
- FirewallRules: [{181933B1-E2B5-42B5-B49A-A6507EFC3E4B}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
- FirewallRules: [{8B83D22F-811B-4674-951A-24E669FAE46A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
- FirewallRules: [{A3743082-BE38-48E2-9326-F7BB75E07CD4}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
- FirewallRules: [{BBDFA6FE-7A40-4014-9DB0-BD2D3C9959D6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
- FirewallRules: [{9ADFE692-8641-45A5-8F1C-D29E96E7F7E8}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
- FirewallRules: [{23E0E624-D673-4716-A634-1AA18C47C1D8}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
- FirewallRules: [{58877462-C3FE-400B-ABD6-E2B4AF7BA14F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
- FirewallRules: [{A5B60A11-F90B-4A46-B82F-911D7E356D20}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
- FirewallRules: [{1D2A212E-8903-469C-9940-723091220BEA}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
- FirewallRules: [{087D5FAB-9C64-47A8-96C3-41C8D05A31B5}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
- FirewallRules: [{C285A978-528A-4DCF-8CA7-EE735E9C5F34}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
- FirewallRules: [{4FAA9E7A-32A5-47A7-8264-085BF9FE3A4C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
- FirewallRules: [{2FD83101-94E6-439E-BFAE-C893EAB19117}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
- FirewallRules: [{CB7F5D7B-3965-44C4-989E-801837EEF849}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
- FirewallRules: [{3F0B67EB-9053-4115-90FB-FCB88A6798B7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
- FirewallRules: [{F6BD5B36-12F0-48DC-8CAD-9DBDBF2B5498}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
- FirewallRules: [{320ECE43-C8E6-4341-81BD-CA82E3C73E61}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
- FirewallRules: [UDP Query User{1469EF8A-61B8-4959-8FD5-E2D4D474136A}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe
- FirewallRules: [TCP Query User{1B18D2D8-6FD8-4630-9764-03DDAD367CFF}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe
- FirewallRules: [UDP Query User{88EC6BE0-D5AD-4A9F-92EC-26AFF2FAB83B}C:\users\hien\appdata\local\raidar\raidar.exe] => (Allow) C:\users\hien\appdata\local\raidar\raidar.exe
- FirewallRules: [TCP Query User{5B15D09F-91B2-44BC-9D60-A4C265EF5BA3}C:\users\hien\appdata\local\raidar\raidar.exe] => (Allow) C:\users\hien\appdata\local\raidar\raidar.exe
- FirewallRules: [UDP Query User{E70BB309-1F2E-4AAA-BE2D-BEF7E729A6D3}C:\program files (x86)\netgear readynas\raidar.exe] => (Allow) C:\program files (x86)\netgear readynas\raidar.exe
- FirewallRules: [TCP Query User{CBDC95A6-426B-4709-B74A-149B2B9E0AE3}C:\program files (x86)\netgear readynas\raidar.exe] => (Allow) C:\program files (x86)\netgear readynas\raidar.exe
- FirewallRules: [UDP Query User{8F4E3CB5-B59F-4A15-AE03-03A44BF935F1}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
- FirewallRules: [TCP Query User{00B68A45-69D0-4685-9053-6377A6FFD518}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
- FirewallRules: [{18353433-283E-4A25-BA90-C86C42DB7111}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [{F6C69B43-531C-41F7-BE17-AB1A05F41135}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [UDP Query User{CBDFA68A-0788-46F1-9951-DFAA7D8A7B7F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
- FirewallRules: [TCP Query User{BC35B75A-8B42-414B-87F3-DF22A48E30A9}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
- FirewallRules: [UDP Query User{66B2C9B8-79E3-4EED-8E21-0CE61352088E}C:\users\mrsha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mrsha\appdata\roaming\spotify\spotify.exe
- FirewallRules: [TCP Query User{82287B98-751A-4125-8464-D900B2DB00AC}C:\users\mrsha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mrsha\appdata\roaming\spotify\spotify.exe
- FirewallRules: [{EFF2732C-1D08-4FED-8525-D75AD66C719D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect Safe Mode.exe
- FirewallRules: [{071873D3-C54C-465C-8A36-C94C6DE4168D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect Safe Mode.exe
- FirewallRules: [{DC068528-9737-45B6-A421-E2824B143F20}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
- FirewallRules: [{7714E5E1-7A70-485A-9421-A5D9F19E331C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [UDP Query User{4A36195B-FB9A-472D-8029-7B543CFE03A0}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
- FirewallRules: [TCP Query User{AEB401A2-34A2-43F4-8942-B86930ED39EA}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
- FirewallRules: [{DE690EDA-BD1F-4065-9C91-B4879F57AA3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{7B59D48E-F05A-48CA-B337-2DEB7283C837}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{6CE81F45-3167-441E-878A-BA49A58CAE18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
- FirewallRules: [{DE6679EB-3832-4AD3-B6E4-A3299BEB10C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
- FirewallRules: [{4BFEF49A-FA11-4DBC-8AB9-F8F4E24BC6A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
- FirewallRules: [{33365640-7556-406A-9C56-78BF569B0263}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{A182139F-997A-43F5-AED9-1B6A115E7428}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{F8BBCB33-24D1-4EEF-951C-3B9F58D02519}] => (Allow) C:\Users\Hien\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{5986C93E-5C7D-4795-BCDB-453056A6DB20}] => (Allow) C:\Users\Hien\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{78603DA3-B695-4694-A660-B8869D6E15DF}] => (Allow) C:\Users\Hien\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{C82C4E72-4C30-4F63-9FE6-6B20CA94CF6B}] => (Allow) C:\Users\Hien\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{4AEFA8EF-5E23-4CAF-8F41-037F41BEF132}] => (Allow) C:\Users\Hien\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{31A9F503-8487-4884-A5D6-7A58086FE5BA}] => (Allow) C:\Users\Hien\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [UDP Query User{728F99A7-6D0B-4A60-9FCB-6AA8A31F19B7}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
- FirewallRules: [TCP Query User{98B8800F-4192-4F27-9699-2BC4F808D6ED}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
- FirewallRules: [{C79897A3-40C4-4D99-A3D8-F0FD22F3642E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
- FirewallRules: [{48AA967A-3337-4D6E-A435-8674E6ECB949}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
- FirewallRules: [{0AF97583-4958-45AF-B3E8-58B44E56D006}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
- FirewallRules: [{6F28EC43-F1CE-4BED-A7CA-6EAFECECC385}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
- FirewallRules: [{FEE3658E-2A77-41FF-B9E9-D2A52F3ABB47}] => (Allow) LPort=54925
- FirewallRules: [TCP Query User{FCF09468-8C33-423D-8ADB-02CB977FE160}C:\windows.old\users\hien\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\windows.old\users\hien\appdata\roaming\utorrent\utorrent.exe
- FirewallRules: [UDP Query User{9FAE0EF8-CF09-446B-9AD9-FAA467133D61}C:\windows.old\users\hien\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\windows.old\users\hien\appdata\roaming\utorrent\utorrent.exe
- FirewallRules: [{5A340419-36BB-44C1-9080-8FDAC9238AA2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{2A3A8DAA-AF49-495B-B8BE-14F2806A970E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{DCBB9884-09A7-4786-A753-6E5300BECFA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
- FirewallRules: [{3A668036-3563-4AEB-AD40-C1F62B9B72B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
- FirewallRules: [{EF6401FA-D2E5-401B-86E2-E1EE8BDF1A05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
- FirewallRules: [{93309145-5A73-4934-B841-F52083A7A646}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{A7785B8E-67C3-4F3D-B28F-4719EA9B5DF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{7E9C7A8C-EBBA-43E7-8966-792F402DEA5A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
- FirewallRules: [{0745FBCA-149E-42C3-9C9A-BA1D982507B5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
- FirewallRules: [{2039038E-AD39-4A00-924F-0484AB18DB06}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{A689342D-3E12-4A3F-A5D7-991182325F3C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{9CAE6D62-051A-47B1-8D1B-CAACF048AD65}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [{9F6D1B2F-1553-43AD-82FD-8BD6D6476512}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [TCP Query User{0C7D710A-1815-41B7-AC87-D59EC9655288}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe
- FirewallRules: [UDP Query User{6506D9A2-3414-4D4B-AD66-6D0179E970F2}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe
- FirewallRules: [{36E488B4-E671-4D7F-B0B7-163F1A057198}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{07890756-1C27-4B50-AA45-48A53F68D975}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{B46340A9-DE0A-414B-BD1A-DD2B6C5262BB}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
- FirewallRules: [{20E73C48-ABF7-42F9-B243-13ACE9E4DA32}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
- FirewallRules: [{D74B3322-0B92-4BF0-BECC-B2742E9C48C8}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
- FirewallRules: [{4249888B-CD16-4B6B-B6C4-9E1D0EB11782}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
- FirewallRules: [{8CD2E321-7F92-42D5-91E7-3911EB2E621E}] => (Allow) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- FirewallRules: [{88415DA8-C860-49EE-93F9-0A31473ED84B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
- FirewallRules: [{027185E9-D760-4B1C-ABB6-F8D68CE2823D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
- FirewallRules: [{F78C22B6-E7C4-437B-A128-C4E974AA43F8}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
- FirewallRules: [{C351DBAF-511C-4E0F-B310-99F4A8DCE3EA}] => (Allow) C:\WINDOWS\system32\rundll32.exe
- ==================== Restore Points =========================
- 16-10-2017 20:50:25 Scheduled Checkpoint
- ==================== Faulty Device Manager Devices =============
- Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
- Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: Cisco Systems
- Service: vpnva
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (10/18/2017 09:40:24 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
- Description: License Activation (slui.exe) failed with the following error code:
- hr=0x8007232B
- Command-line arguments:
- RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
- Error: (10/18/2017 09:39:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
- Description: License Activation (slui.exe) failed with the following error code:
- hr=0x8007232B
- Command-line arguments:
- RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
- Error: (10/18/2017 07:41:54 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: ksdeui.exe, version: 18.0.0.405, time stamp: 0x58876d8f
- Faulting module name: 0Kraken0510DevProps.dll, version: 0.0.0.0, time stamp: 0x57d0fdf1
- Exception code: 0xc0000005
- Fault offset: 0x000047e4
- Faulting process id: 0x3018
- Faulting application start time: 0x01d34883d26f3b0d
- Faulting application path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
- Faulting module path: C:\Users\mrsha\AppData\Local\Temp\0Kraken0510DevProps.dll
- Report Id: 31997091-b348-4f40-9cc4-c2637e3cd26b
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (10/18/2017 07:40:54 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
- Description: License Activation (slui.exe) failed with the following error code:
- hr=0x8007232B
- Command-line arguments:
- RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
- Error: (10/18/2017 07:40:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
- Description: License Activation (slui.exe) failed with the following error code:
- hr=0x8007232B
- Command-line arguments:
- RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
- Error: (10/18/2017 07:31:17 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: ksdeui.exe, version: 18.0.0.405, time stamp: 0x58876d8f
- Faulting module name: 0Kraken0510DevProps.dll, version: 0.0.0.0, time stamp: 0x57d0fdf1
- Exception code: 0xc0000005
- Fault offset: 0x000047e4
- Faulting process id: 0x2dd8
- Faulting application start time: 0x01d3488256b62c42
- Faulting application path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
- Faulting module path: C:\Users\mrsha\AppData\Local\Temp\0Kraken0510DevProps.dll
- Report Id: 1b389b9d-7646-4bcc-89d1-03e8216b304c
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (10/18/2017 07:12:35 PM) (Source: MsiInstaller) (EventID: 10005) (User: HIEN-PC)
- Description: Application: Kaspersky Total Security -- Error 29005. The selected folder or drive already contains files. The application cannot be installed to a folder that contains other data because this data can become unavailable after Self-Defense is enabled.<<29005>>InstallDir=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\<<31709>>
- Error: (10/18/2017 07:12:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
- Description: License Activation (slui.exe) failed with the following error code:
- hr=0x8007232B
- Command-line arguments:
- RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
- Error: (10/18/2017 07:12:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
- Description: License Activation (slui.exe) failed with the following error code:
- hr=0x8007232B
- Command-line arguments:
- RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
- Error: (10/18/2017 07:09:49 PM) (Source: SecurityCenter) (EventID: 16) (User: )
- Description: Error while updating status to SECURITY_PRODUCT_STATE_SNOOZED.
- System errors:
- =============
- Error: (10/18/2017 07:39:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
- and APPID
- {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
- to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (10/18/2017 07:39:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
- and APPID
- {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
- to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (10/18/2017 07:39:44 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
- Description: The Automaton service has reported an invalid current state 0.
- Error: (10/18/2017 07:39:44 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
- Description: The Automaton service has reported an invalid current state 0.
- Error: (10/18/2017 07:39:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The CldFlt service failed to start due to the following error:
- The request is not supported.
- Error: (10/18/2017 07:38:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
- Error: (10/18/2017 07:37:19 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
- Description: The ScRegSetValueExW call failed for Start with the following error:
- The maximum number of secrets that may be stored in a single system has been exceeded.
- Error: (10/18/2017 07:30:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
- Description: The Interactive Services Detection service terminated with the following error:
- Incorrect function.
- Error: (10/18/2017 07:30:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
- Description: The Interactive Services Detection service terminated with the following error:
- Incorrect function.
- Error: (10/18/2017 07:11:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
- and APPID
- {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
- to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- CodeIntegrity:
- ===================================
- Date: 2017-10-15 19:05:42.184
- Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Users\mrsha\AppData\Roaming\Microsoft\Protect\f5a4d396-2a3c-44a9-b77f-941d2f8775e7.rs that did not meet the Microsoft signing level requirements.
- Date: 2017-10-14 17:21:38.787
- Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2017-10-13 20:23:35.876
- Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2017-10-08 00:19:58.306
- Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2017-10-03 19:13:36.722
- Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2017-09-29 17:38:02.162
- Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2017-09-28 17:49:53.648
- Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2017-09-27 17:06:27.417
- Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2017-09-26 19:11:58.598
- Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2017-09-25 17:16:34.775
- Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
- Percentage of memory in use: 61%
- Total physical RAM: 8143.2 MB
- Available physical RAM: 3145.76 MB
- Total Virtual: 22351.2 MB
- Available Virtual: 14968.16 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:222.2 GB) (Free:37.38 GB) NTFS
- Drive d: (OS) (Fixed) (Total:922.31 GB) (Free:296.93 GB) NTFS
- Drive n: (USB DISK) (Removable) (Total:3.73 GB) (Free:2.6 GB) FAT32
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 00000000)
- Partition: GPT.
- ========================================================
- Disk: 1 (Size: 931.5 GB) (Disk ID: B7575307)
- Partition: GPT.
- ========================================================
- Disk: 10 (MBR Code: Windows 7 or 8) (Size: 3.7 GB) (Disk ID: 00081E8D)
- Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
- ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement