API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 19th, 2017
4,865
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 77.36 KB | None | 0 0
raw download clone embed print report
  1. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-10-2017 01
  2. Ran by mrsha (18-10-2017 22:23:21)
  3. Running from C:\Users\mrsha\Desktop
  4. Windows 10 Pro Version 1703 15063.540 (X64) (2017-08-30 23:46:04)
  5. Boot Mode: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Accounts: =============================
  10.  
  11. Administrator (S-1-5-21-785674744-1277263253-3647830273-500 - Administrator - Disabled)
  12. DefaultAccount (S-1-5-21-785674744-1277263253-3647830273-503 - Limited - Disabled)
  13. Guest (S-1-5-21-785674744-1277263253-3647830273-501 - Limited - Disabled)
  14. Hien (S-1-5-21-785674744-1277263253-3647830273-1001 - Administrator - Enabled) => C:\Users\Hien
  15. mrsha (S-1-5-21-785674744-1277263253-3647830273-1003 - Administrator - Enabled) => C:\Users\mrsha
  16. thieu (S-1-5-21-785674744-1277263253-3647830273-1002 - Limited - Disabled)
  17.  
  18. ==================== Security Center ========================
  19.  
  20. (If an entry is included in the fixlist, it will be removed.)
  21.  
  22. AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
  23. AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  24. AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
  25. AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  26. FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
  27.  
  28. ==================== Installed Programs ======================
  29.  
  30. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  31.  
  32. 4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.1.2070 - Open Media LLC)
  33. 4K Video Downloader 4.3 (HKLM-x32\...\{D0CA3944-0FD5-40FF-97A1-FEDFFB5EE31F}) (Version: 4.3.2.2215 - Open Media LLC)
  34. 7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
  35. Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
  36. Adobe Photoshop CS6 (HKLM-x32\...\Adobe Photoshop CS6) (Version: 13.0.0.0 - © The Computer Guy Tony)
  37. Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
  38. Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
  39. Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden
  40. Apowersoft Video Converter Studio V4.5.6 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.5.6 - APOWERSOFT LIMITED)
  41. Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
  42. Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
  43. Auto Mouse Mover 2.0 (HKLM-x32\...\{08FD4323-8909-4973-BD2E-7250D2D93D0C}_is1) (Version: 2.0 - MurGee.com)
  44. Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
  45. Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
  46. BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.46.1633 - BlueStack Systems, Inc.)
  47. Box Sync (HKLM-x32\...\{105b86f5-1c87-4b54-aa7d-326774504314}) (Version: 4.0.7702.0 - Box Inc.) Hidden
  48. Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
  49. Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{27C92618-52B0-4301-AD23-1060109C6170}) (Version: 3.1.10010 - Cisco Systems, Inc.)
  50. Cisco AnyConnect Network Access Manager (HKLM-x32\...\{BD39D88B-E610-4C71-A436-267D07689735}) (Version: 3.1.10010 - Cisco Systems, Inc.)
  51. Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.10010 - Cisco Systems, Inc.)
  52. Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{C37C8243-90EC-42A9-85C6-43105A32B926}) (Version: 3.1.10010 - Cisco Systems, Inc.) Hidden
  53. Cisco AnyConnect Start Before Login Module (HKLM-x32\...\{E0689186-C014-4025-A8BC-4C0F3C060B4D}) (Version: 3.1.10010 - Cisco Systems, Inc.)
  54. Dell EMC SolVe Desktop 3.1.0.0 (HKLM-x32\...\{C7509C48-63B0-43DE-8065-74F7AA77F132}_is1) (Version: 3.1.0.0 - Dell EMC Corporation)
  55. Discord (HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\Discord) (Version: 0.0.298 - Discord Inc.)
  56. EAS NA (VMware ThinApp) (HKLM-x32\...\{3C27CB35-A395-4DB1-918A-0A35A2AA6599}) (Version: 1.0.NA - EAS)
  57. Employee Availability System (HKLM-x32\...\Employee Availability System) (Version: 1.0.0.0 - )
  58. Employee Availability System (VMware ThinApp) (HKLM-x32\...\{35350809-DF89-452A-A8F1-BA7871D3AEA7}) (Version: 1.1 - EMC)
  59. Fraps (HKLM-x32\...\Fraps) (Version: - )
  60. Git version 2.14.2.2 (HKLM-x32\...\Git_is1) (Version: 2.14.2.2 - The Git Development Community)
  61. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
  62. Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
  63. Gyazo 3.3.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
  64. Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4351.1001 - Microsoft Corporation) Hidden
  65. Imminent Monitor (HKLM-x32\...\Imminent Monitor) (Version: 5.0 - Imminent Methods)
  66. Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
  67. Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
  68. Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
  69. Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
  70. Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
  71. KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.11.0.3 - QFX Software Corporation)
  72. KingRoot version 3.5.0.1157 (HKLM-x32\...\{FA3B7324-9EB4-4ADC-84D0-5461BE113832}_is1) (Version: 3.5.0.1157 - KingRoot)
  73. Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
  74. Malwarebytes Activation (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 3.1.2.1733 - Malwarebytes)
  75. Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
  76. Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
  77. Microsoft OneDrive (HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
  78. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
  79. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
  80. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
  81. Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
  82. Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
  83. Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
  84. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
  85. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  86. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
  87. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
  88. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  89. Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
  90. Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
  91. Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
  92. Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
  93. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
  94. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
  95. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
  96. Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
  97. Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
  98. Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
  99. Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
  100. Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
  101. Mozilla Firefox 56.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 56.0.1 (x86 en-US)) (Version: 56.0.1 - Mozilla)
  102. Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla)
  103. NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.28.00 - NETGEAR Inc.)
  104. Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
  105. Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
  106. Node.js (HKLM\...\{2DDA9FD3-9D1E-47F4-A325-CB855A74C081}) (Version: 8.7.0 - Node.js Foundation)
  107. Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
  108. NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
  109. NVIDIA 3D Vision Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation)
  110. NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
  111. NVIDIA Graphics Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation)
  112. NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
  113. NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
  114. OpenOffice Writer Search In Multiple Files At Once Software (HKLM-x32\...\OpenOffice Writer Search In Multiple Files At On~77F715AB_is1) (Version: - Sobolsoft)
  115. OpenVPN 2.4.3-I602 (HKLM\...\OpenVPN) (Version: 2.4.3-I602 - OpenVPN Technologies, Inc.)
  116. Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
  117. Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4351.1001 - Microsoft Corporation) Hidden
  118. Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
  119. paint.net (HKLM\...\{02D89175-E08F-401B-BA30-8B7512B57724}) (Version: 4.0.17 - dotPDN LLC)
  120. PCPlayer (HKLM-x32\...\{B54CE443-35EF-4776-A0CD-6D961B983097}_is1) (Version: 3.18.11.0 - EZVIZ Inc.)
  121. Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
  122. Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.2 - Nikon)
  123. ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - Photodex Corporation)
  124. QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
  125. RAIDar 4.3.8 (HKLM-x32\...\1381-5408-0515-7060) (Version: 4.3.8 - Netgear Inc.)
  126. Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.7.2 - Razer Inc.)
  127. Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.3.20.524 - Razer Inc.)
  128. Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.)
  129. ReadySHARE Vault (HKLM-x32\...\ReadySHARE Vault) (Version: 3.0 - Genie9)
  130. Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
  131. Roblox Player for mrsha (HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
  132. Roblox Studio for mrsha (HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation)
  133. Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games)
  134. Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
  135. Skype for Business Basic 2016 (HKLM-x32\...\Office16.LYNCENTRY) (Version: 16.0.4351.1001 - Microsoft Corporation)
  136. Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
  137. Spotify (HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\Spotify) (Version: 1.0.65.320.gac7a8e02 - Spotify AB)
  138. Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
  139. TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
  140. TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.82216 - TeamViewer)
  141. Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version: - Ubisoft)
  142. Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
  143. TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
  144. update_server (HKLM-x32\...\{1D08522D-308D-4615-AEA9-44021FD7445A}_is1) (Version: - )
  145. VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
  146. ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.3 - Nikon)
  147. VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
  148. VMware Workstation (HKLM\...\{878C6FAC-4FF1-4281-A05D-07CDA485C114}) (Version: 12.5.7 - VMware, Inc.)
  149. Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
  150. Warframe (HKLM-x32\...\{B65D06BC-E372-43EE-83BC-55A89A4D5643}) (Version: 1.0.0 - Digital Extremes)
  151. Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
  152. WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
  153. Wireshark 2.4.1 64-bit (HKLM-x32\...\Wireshark) (Version: 2.4.1 - The Wireshark developer community, hxxps://www.wireshark.org)
  154. Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
  155. YTD Video Downloader 5.8.7 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.8.7 - GreenTree Applications SRL) <==== ATTENTION
  156.  
  157. ==================== Custom CLSID (Whitelisted): ==========================
  158.  
  159. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  160.  
  161. ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
  162. ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
  163. ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
  164. ShellIconOverlayIdentifiers: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
  165. ShellIconOverlayIdentifiers: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
  166. ShellIconOverlayIdentifiers: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
  167. ShellIconOverlayIdentifiers: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
  168. ShellIconOverlayIdentifiers: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
  169. ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
  170. ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
  171. ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
  172. ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
  173. ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
  174. ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
  175. ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
  176. ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-28] ()
  177. ContextMenuHandlers1: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9)
  178. ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0 (1)\x64\ShellEx.dll [2017-10-18] (AO Kaspersky Lab)
  179. ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
  180. ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
  181. ContextMenuHandlers2: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9)
  182. ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0 (1)\x64\ShellEx.dll [2017-10-18] (AO Kaspersky Lab)
  183. ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2017-06-19] (VMware, Inc.)
  184. ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2017-06-19] (VMware, Inc.)
  185. ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
  186. ContextMenuHandlers4: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9)
  187. ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0 (1)\x64\ShellEx.dll [2017-10-18] (AO Kaspersky Lab)
  188. ContextMenuHandlers5: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9)
  189. ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-18] (NVIDIA Corporation)
  190. ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
  191. ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
  192. ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0 (1)\x64\ShellEx.dll [2017-10-18] (AO Kaspersky Lab)
  193. ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
  194. ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
  195.  
  196. ==================== Scheduled Tasks (Whitelisted) =============
  197.  
  198. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  199.  
  200. Task: {0DE709E0-912B-4F55-A141-12E656321879} - System32\Tasks\{FC241380-0DCF-4368-844B-7AEE5977C8F4} => "c:\windows\system32\launchwinapp.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.32.0.104&LastError=12057
  201. Task: {10457DF6-F1AB-49AE-833D-B88A13319F34} - System32\Tasks\{318E4950-7291-434F-81E1-6A47B4BCC1B8} => "c:\windows\system32\launchwinapp.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.32.0.104&LastError=12057
  202. Task: {2295E8E5-E430-4751-B98B-F77BDC14A92F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-17] (NVIDIA Corporation)
  203. Task: {265C66EB-F5DF-42C7-AE97-299037376591} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-17] (NVIDIA Corporation)
  204. Task: {3797686F-C851-4240-B829-55DB3678C5B3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
  205. Task: {3DFA7A88-C60E-442F-9E68-33E92C1E4D63} - System32\Tasks\update-S-1-5-21-785674744-1277263253-3647830273-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
  206. Task: {42FA497B-02B4-4129-91CF-811476F0059F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-17] (NVIDIA Corporation)
  207. Task: {4D466892-8AE8-45C3-BA47-639D82F62020} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-05-16] ()
  208. Task: {55610F7C-F44B-489E-8B84-701D9853344F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
  209. Task: {5BEECE01-14ED-4E1B-8191-1E089B527EFC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-17] (NVIDIA Corporation)
  210. Task: {619AA8E0-107D-4B6A-974B-606572FDEACF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-17] (NVIDIA Corporation)
  211. Task: {62BFEC47-4FCA-4E4B-87C6-8BD27EAFA540} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-11] (Google Inc.)
  212. Task: {630DF3EB-7037-48A8-B8CC-897F07590A83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-11] (Google Inc.)
  213. Task: {654D19AA-A4F9-4C16-8878-89CDCD1A941E} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
  214. Task: {66332321-004F-4ABE-867E-A0F0246312F0} - System32\Tasks\MurGeeAutoMouseMover => C:\Users\Hien\AppData\Roaming\Auto Mouse Mover\AutoMouseMover.exe [2015-03-22] (MurGee.com)
  215. Task: {7FA45CD1-0F03-4F6A-8C87-264BC66758E5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
  216. Task: {8067AC8B-3159-41AE-AB50-66027D7096F6} - System32\Tasks\{2D3169FA-8809-4827-BC22-53AF7F71E6CA} => "c:\windows\system32\launchwinapp.exe" hxxps://ui.skype.com/ui/0/7.35.0.103/en/abandoninstall?page=tsProgressBar
  217. Task: {9DC16B02-6584-458F-B5B3-A108B920A403} - System32\Tasks\{9908F67F-29F1-4B25-8148-784FE73F8A6A} => "c:\windows\system32\launchwinapp.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.32.0.104&LastError=12057
  218. Task: {C5C790A9-B8D2-4975-9B78-316481D69866} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
  219. Task: {C692CFF2-A5A8-4C26-96D4-4FA3769DB1F5} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-05-16] ()
  220. Task: {E2755C15-A3DA-4D63-B337-5F85F1F31303} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-17] (NVIDIA Corporation)
  221. Task: {EE72CB5A-1A23-479B-A85B-3E83E9FADCF7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-17] (NVIDIA Corporation)
  222. Task: {F2A0A765-4E56-4DCF-BCDB-E3D9CC457D85} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-17] (NVIDIA Corporation)
  223. Task: {F6B013D7-A7A9-4044-8075-9E85F3B9C661} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2017-10-18] (AO Kaspersky Lab)
  224. Task: {FB54E771-173D-48E4-9BB4-380A256E7F39} - System32\Tasks\{A558ABC3-E11E-40A4-86BC-A94AE761FD0F} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.26.80.101/en/go/help.faq.installer?LastError=1618
  225. Task: {FD7E04ED-7784-42A8-AA59-45F59E5858AA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => D:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
  226.  
  227. (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
  228.  
  229. Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
  230. Task: C:\WINDOWS\Tasks\update-S-1-5-21-785674744-1277263253-3647830273-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
  231. Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
  232.  
  233. ==================== Shortcuts & WMI ========================
  234.  
  235. (The entries could be listed to be restored or removed.)
  236.  
  237.  
  238. ShortcutWithArgument: C:\Users\mrsha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b8da4a38624bbb1e\Feedback.lnk -> D:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gfdkimpbcpahaombhbimeihdjnejgicl
  239. ShortcutWithArgument: C:\Users\mrsha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8324702790a2488\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default
  240.  
  241. ==================== Loaded Modules (Whitelisted) ==============
  242.  
  243. 2017-10-15 19:06 - 2017-10-18 19:39 - 002843648 _____ () C:\WINDOWS\SYSTEM32\MSMXTWDSVC.EXE
  244. 2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
  245. 2017-03-20 09:09 - 2017-02-08 11:58 - 000035328 _____ () D:\Program Files (x86)\Dell EMC SolVe Desktop\Automaton Service.exe
  246. 2017-07-19 15:09 - 2017-07-19 15:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
  247. 2016-08-11 12:50 - 2005-04-21 21:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
  248. 2017-07-04 15:41 - 2017-09-25 18:39 - 000345064 _____ () D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
  249. 2017-06-19 20:02 - 2017-06-19 20:02 - 012482024 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
  250. 2017-03-18 13:58 - 2017-03-18 13:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
  251. 2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
  252. 2017-02-22 23:49 - 2017-02-22 23:49 - 008911560 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll
  253. 2017-03-25 00:29 - 2013-08-29 00:08 - 000209920 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.gtl
  254. 2017-03-25 00:29 - 2013-08-01 02:36 - 000045568 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.gtl
  255. 2017-03-25 00:29 - 2013-08-29 00:08 - 000490496 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.gtl
  256. 2017-03-25 00:29 - 2013-08-01 02:36 - 000089600 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.gtl
  257. 2017-03-25 00:29 - 2013-02-03 04:40 - 000011264 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.gtl
  258. 2017-03-25 00:29 - 2012-02-02 02:16 - 000740864 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.gtl
  259. 2017-03-25 00:29 - 2013-08-29 00:08 - 000710144 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSBackupManager.gtl
  260. 2017-03-25 00:29 - 2013-08-29 00:08 - 000370688 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSWatcher4.gtl
  261. 2017-03-25 00:29 - 2013-08-29 00:08 - 000332800 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\OnlineHandler.gtl
  262. 2017-03-25 00:29 - 2013-08-29 00:08 - 000054784 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogManager.gtl
  263. 2017-03-25 00:29 - 2013-08-29 00:08 - 000087040 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\QueueManager.gtl
  264. 2017-03-25 00:29 - 2013-02-03 04:40 - 000010752 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\VSSEngine_Proxy.gtl
  265. 2017-03-25 00:29 - 2013-08-01 02:36 - 000058368 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLibrariesManager.gtl
  266. 2013-02-03 02:21 - 2013-02-03 02:21 - 000045056 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\pcre.dll
  267. 2013-02-03 02:21 - 2013-02-03 02:21 - 000097792 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\pcrebase.dll
  268. 2017-03-18 13:59 - 2017-03-18 19:30 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
  269. 2017-09-13 15:45 - 2017-09-13 15:45 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.30.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
  270. 2017-10-05 07:14 - 2017-10-05 07:15 - 010634752 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.30.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
  271. 2017-10-05 07:14 - 2017-10-05 07:15 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.30.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
  272. 2017-10-04 07:50 - 2017-10-04 07:51 - 000021504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
  273. 2017-10-04 07:50 - 2017-10-04 07:51 - 048839168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
  274. 2017-10-04 07:50 - 2017-10-04 07:51 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
  275. 2017-10-04 07:50 - 2017-10-04 07:51 - 000164352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
  276. 2017-10-04 07:50 - 2017-10-04 07:51 - 000352256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
  277. 2017-10-04 07:50 - 2017-10-04 07:51 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
  278. 2017-10-04 07:50 - 2017-10-04 07:51 - 002836480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
  279. 2017-10-04 07:50 - 2017-10-04 07:51 - 020559872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
  280. 2017-10-04 07:50 - 2017-10-04 07:51 - 002705408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\MediaEngine.dll
  281. 2017-10-04 07:50 - 2017-10-04 07:51 - 003128320 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
  282. 2017-08-30 18:19 - 2017-08-30 18:19 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
  283. 2017-10-04 07:50 - 2017-10-04 07:51 - 000118784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\ExploreModel.dll
  284. 2017-10-04 07:50 - 2017-10-04 07:51 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
  285. 2017-10-04 07:50 - 2017-10-04 07:51 - 001380864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
  286. 2017-10-04 07:50 - 2017-10-04 07:51 - 000367616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\AnimatedGIF.dll
  287. 2017-08-28 14:56 - 2017-08-23 01:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
  288. 2017-08-28 14:56 - 2017-08-23 01:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
  289. 2015-07-22 11:54 - 2015-07-22 11:54 - 000063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
  290. 2015-07-22 11:51 - 2015-07-22 11:51 - 000714128 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\libxml2.dll
  291. 2017-06-19 20:02 - 2017-06-19 20:02 - 000173032 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll
  292. 2017-06-19 20:02 - 2017-06-19 20:02 - 000396776 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
  293. 2017-06-19 20:02 - 2017-06-19 20:02 - 000126440 _____ () C:\Program Files (x86)\VMware\VMware Workstation\expat.dll
  294. 2017-10-03 18:08 - 2017-10-18 19:40 - 000619464 _____ () C:\Users\mrsha\AppData\Local\Temp\0Kraken0510DevProps.dll
  295. 2016-11-26 09:57 - 2017-10-11 18:22 - 068211824 _____ () C:\Users\mrsha\AppData\Roaming\Spotify\libcef.dll
  296. 2016-11-26 09:57 - 2017-10-11 18:22 - 003110512 _____ () C:\Users\mrsha\AppData\Roaming\Spotify\libglesv2.dll
  297. 2016-11-26 09:57 - 2017-10-11 18:22 - 000087152 _____ () C:\Users\mrsha\AppData\Roaming\Spotify\libegl.dll
  298. 2017-08-08 17:22 - 2017-08-08 15:13 - 001893880 _____ () C:\Users\mrsha\AppData\Local\Discord\app-0.0.298\ffmpeg.dll
  299. 2017-08-20 18:36 - 2017-08-20 18:36 - 001577976 _____ () \\?\C:\Users\mrsha\AppData\Roaming\discord\0.0.298\modules\discord_toaster\discord_toaster.node
  300. 2017-08-08 17:22 - 2017-08-08 15:13 - 001938424 _____ () C:\Users\mrsha\AppData\Local\Discord\app-0.0.298\libglesv2.dll
  301. 2017-08-08 17:22 - 2017-08-08 15:13 - 000095736 _____ () C:\Users\mrsha\AppData\Local\Discord\app-0.0.298\libegl.dll
  302. 2017-08-20 18:36 - 2017-10-06 16:05 - 009722360 _____ () \\?\C:\Users\mrsha\AppData\Roaming\discord\0.0.298\modules\discord_voice\discord_voice.node
  303. 2017-08-20 18:36 - 2017-08-20 18:36 - 001440248 _____ () \\?\C:\Users\mrsha\AppData\Roaming\discord\0.0.298\modules\discord_utils\discord_utils.node
  304. 2017-10-18 19:44 - 2017-10-18 19:44 - 000148992 _____ () \\?\C:\Users\mrsha\AppData\Local\Temp\8019.tmp.node
  305. 2017-08-20 18:36 - 2017-08-20 18:36 - 002658296 _____ () \\?\C:\Users\mrsha\AppData\Roaming\discord\0.0.298\modules\discord_rpc\discord_rpc.node
  306. 2017-08-20 18:37 - 2017-08-20 18:37 - 002673656 _____ () \\?\C:\Users\mrsha\AppData\Roaming\discord\0.0.298\modules\discord_contact_import\discord_contact_import.node
  307. 2017-10-18 19:12 - 2017-10-18 19:12 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0 (1)\kpcengine.2.3.dll
  308.  
  309. ==================== Alternate Data Streams (Whitelisted) =========
  310.  
  311. (If an entry is included in the fixlist, only the ADS will be removed.)
  312.  
  313.  
  314. ==================== Safe Mode (Whitelisted) ===================
  315.  
  316. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
  317.  
  318.  
  319. ==================== Association (Whitelisted) ===============
  320.  
  321. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  322.  
  323.  
  324. ==================== Internet Explorer trusted/restricted ===============
  325.  
  326. (If an entry is included in the fixlist, it will be removed from the registry.)
  327.  
  328.  
  329. ==================== Hosts content: ==========================
  330.  
  331. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  332.  
  333. 2015-10-30 00:24 - 2017-10-18 21:41 - 000001104 _____ C:\WINDOWS\system32\Drivers\etc\hosts
  334.  
  335. 74.86.5.247 apowersoft.com
  336. 127.0.0.1 74.86.5.247
  337. 0.0.0.0 serius.mwbsys.com
  338. 128.221.225.9 drm01-01i03-vn03.emc.com ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
  339.  
  340. ==================== Other Areas ============================
  341.  
  342. (Currently there is no automatic fix for this section.)
  343.  
  344. HKU\S-1-5-21-785674744-1277263253-3647830273-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\mrsha\AppData\Local\Stardock\img0.jpg
  345. DNS Servers: 8.8.8.8 - 8.8.8.4
  346. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  347. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
  348. Windows Firewall is disabled.
  349.  
  350. ==================== MSCONFIG/TASK MANAGER disabled items ==
  351.  
  352. MSCONFIG\Services: BEService => 3
  353. MSCONFIG\Services: BrYNSvc => 3
  354. MSCONFIG\Services: GenieTimelineService => 2
  355. MSCONFIG\Services: gupdate => 2
  356. MSCONFIG\Services: gupdatem => 3
  357. MSCONFIG\Services: IntuitUpdateServiceV4 => 2
  358. MSCONFIG\Services: MozillaMaintenance => 3
  359. MSCONFIG\Services: NETGEARGenieDaemon => 3
  360. MSCONFIG\Services: NvContainerLocalSystem => 2
  361. MSCONFIG\Services: NvContainerNetworkService => 3
  362. MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
  363. MSCONFIG\Services: NvTelemetryContainer => 2
  364. MSCONFIG\Services: OpenVPNService => 3
  365. MSCONFIG\Services: OpenVPNServiceInteractive => 2
  366. MSCONFIG\Services: OpenVPNServiceLegacy => 3
  367. MSCONFIG\Services: QFXUpdateService => 3
  368. MSCONFIG\Services: Razer Game Scanner Service => 2
  369. MSCONFIG\Services: RtkAudioService => 2
  370. MSCONFIG\Services: ScsiAccess => 2
  371. MSCONFIG\Services: SkypeUpdate => 2
  372. MSCONFIG\Services: Steam Client Service => 3
  373. MSCONFIG\Services: TeamViewer => 2
  374. MSCONFIG\Services: VMAuthdService => 2
  375. MSCONFIG\Services: VMnetDHCP => 2
  376. MSCONFIG\Services: VMUSBArbService => 2
  377. MSCONFIG\Services: VMware NAT Service => 2
  378. MSCONFIG\Services: VMwareHostd => 2
  379. MSCONFIG\Services: Wallpaper Engine Service => 2
  380. HKLM\...\StartupApproved\StartupFolder: => "Snagit 12.lnk"
  381. HKLM\...\StartupApproved\Run: => "SecurityHealth"
  382. HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
  383. HKLM\...\StartupApproved\Run: => "ShadowPlay"
  384. HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
  385. HKLM\...\StartupApproved\Run: => "Fences"
  386. HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
  387. HKLM\...\StartupApproved\Run32: => "ControlCenter4"
  388. HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
  389. HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
  390. HKLM\...\StartupApproved\Run32: => "BrStsMon00"
  391. HKLM\...\StartupApproved\Run32: => "SPUpDateServerrun"
  392. HKLM\...\StartupApproved\Run32: => "Razer Synapse"
  393. HKLM\...\StartupApproved\Run32: => "APSDaemon"
  394. HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
  395. HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
  396. HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
  397. HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\StartupApproved\Run: => "OneDrive"
  398. HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\StartupApproved\Run: => "Gyazo"
  399. HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\StartupApproved\Run: => "Spotify"
  400. HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\StartupApproved\Run: => "Spotify Web Helper"
  401. HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\StartupApproved\Run: => "Lync"
  402. HKU\S-1-5-21-785674744-1277263253-3647830273-1003\...\StartupApproved\Run: => "OpenVPN-GUI"
  403.  
  404. ==================== FirewallRules (Whitelisted) ===============
  405.  
  406. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  407.  
  408. FirewallRules: [{4F8AD915-C0A7-4A86-98F2-3C56CEB67702}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  409. FirewallRules: [{A1E831FD-18CB-4DB6-936B-BB3AAD4C0B21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  410. FirewallRules: [{F1EBB6D4-D1AF-44B7-BC0E-5F727E0AAE56}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  411. FirewallRules: [{D9AE6E4B-B280-4ED4-99C4-3888AEC44E85}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  412. FirewallRules: [{F1272824-BB6E-4C41-B544-FF0CE051FB81}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  413. FirewallRules: [{33FE2ADB-44F4-4E49-9D00-F637DB578F15}] => (Block) C:\program files (x86)\imminent methods\imminent monitor\imminent monitor.exe
  414. FirewallRules: [{CC68C8BB-5061-4D48-A802-E658347CFC59}] => (Block) C:\program files (x86)\imminent methods\imminent monitor\imminent monitor.exe
  415. FirewallRules: [UDP Query User{AE8824A8-101A-4869-81CC-DF2B94F9236D}C:\program files (x86)\imminent methods\imminent monitor\imminent monitor.exe] => (Allow) C:\program files (x86)\imminent methods\imminent monitor\imminent monitor.exe
  416. FirewallRules: [TCP Query User{F0B43E78-7FFE-48BF-8BAE-2787D111B3F0}C:\program files (x86)\imminent methods\imminent monitor\imminent monitor.exe] => (Allow) C:\program files (x86)\imminent methods\imminent monitor\imminent monitor.exe
  417. FirewallRules: [{F30FE58D-45E7-4B75-930B-24A523008F15}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
  418. FirewallRules: [{CC4113D2-4C68-4B32-AF6B-91FAB1DBD9E6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
  419. FirewallRules: [{0744EDE3-6C2E-4AD3-8CE8-B56D02CB773B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned_BE.exe
  420. FirewallRules: [{A6034189-5EFB-4C4D-A2AF-C193C7F1BA5F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned_BE.exe
  421. FirewallRules: [UDP Query User{6E93E377-8A11-414F-BA2F-A12F5F27BB02}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
  422. FirewallRules: [TCP Query User{D5C84251-65EC-4563-B623-A883B2D4027B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
  423. FirewallRules: [{7CFF536B-1514-4C2C-9360-926786A39158}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
  424. FirewallRules: [{D1EF43DC-AEB8-45A1-BA90-A5CE9990D42E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
  425. FirewallRules: [{228F3373-6984-4254-908F-7B462F9A2DFD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
  426. FirewallRules: [{FE430AB8-CB80-4002-BE2D-E124CAB2EBA4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
  427. FirewallRules: [{E70CA481-DE46-4E7A-A5C6-35474D2B4EE7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
  428. FirewallRules: [{276C729D-A3B1-49A1-BE29-3FFF0B2BCA00}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
  429. FirewallRules: [{33DA2A7E-94FB-42D4-BFBF-D00095E07938}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
  430. FirewallRules: [{DD3AEF37-E5AF-4317-B4B8-FA900D28267F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
  431. FirewallRules: [{5B31DC8A-1928-456A-8C48-8EB93C232912}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
  432. FirewallRules: [{7122B434-94E3-4228-AAF4-9C2B28114938}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
  433. FirewallRules: [{57B28AF9-DF34-415C-8CA1-32A8AE494129}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
  434. FirewallRules: [{24F1CCDE-16EF-4618-868B-DF0FE9923EED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
  435. FirewallRules: [UDP Query User{26844A8B-E183-4D79-B0C0-6F507FA9C951}C:\users\hien\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\hien\appdata\local\amazon music\amazon music helper.exe
  436. FirewallRules: [TCP Query User{9FCE0F65-B1D5-4FC5-A2BB-C8885E918FC4}C:\users\hien\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\hien\appdata\local\amazon music\amazon music helper.exe
  437. FirewallRules: [UDP Query User{FDD45B44-589E-4E08-B1A7-3DC40D9591E9}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.0.0_x86__4n2hpmxwrvr6p\kodi.exe
  438. FirewallRules: [TCP Query User{DBBE9076-1410-4183-817D-80AADD6D347E}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.0.0_x86__4n2hpmxwrvr6p\kodi.exe
  439. FirewallRules: [UDP Query User{34464603-BD29-4913-86F2-45CAA14D8BCC}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
  440. FirewallRules: [TCP Query User{B5C04BA2-FA01-456C-BA31-E52C8533FD99}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
  441. FirewallRules: [UDP Query User{05305581-FF17-40CF-B7D9-C669E07F78C2}D:\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) D:\tom clancy's rainbow six siege\rainbowsix.exe
  442. FirewallRules: [TCP Query User{582052E9-63AE-4FA1-B1F1-017BEC01ED55}D:\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) D:\tom clancy's rainbow six siege\rainbowsix.exe
  443. FirewallRules: [{6ED8929C-75AF-4FDF-9106-E7FC4250D12D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\launcher.exe
  444. FirewallRules: [{38C27361-7045-4CE2-8641-AA6EC10C2F57}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\launcher.exe
  445. FirewallRules: [UDP Query User{7D2B8E25-BCC0-4FAF-9AC5-9D539B04B179}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
  446. FirewallRules: [TCP Query User{096C81C2-FE2F-4C55-AC1A-E4A594B21E8F}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
  447. FirewallRules: [{689F32EB-6058-4046-BA99-8E0220B0C5AC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
  448. FirewallRules: [{63F5EEBD-05C7-4501-8F90-139B165D9B84}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
  449. FirewallRules: [{3EABA391-9460-41AD-A95E-D00BDC326DDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
  450. FirewallRules: [{EFD41840-2BA8-4B79-BF57-494A9F96A689}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
  451. FirewallRules: [{FD863E26-DFAF-4A10-B7E0-086740492BF3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
  452. FirewallRules: [{D5D81DFD-8F72-436C-B635-5DB131F8636A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
  453. FirewallRules: [{11A8995D-2943-4948-A9D4-089FA6AE8593}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
  454. FirewallRules: [{990D5DE0-E760-462D-8EB4-93D1DBDA92FB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
  455. FirewallRules: [UDP Query User{BA359570-D1CD-4A4C-A965-39C6EB621AE0}C:\program files\telestream\gameshow\gameshow.exe] => (Allow) C:\program files\telestream\gameshow\gameshow.exe
  456. FirewallRules: [TCP Query User{FED13CBE-12B9-4F1D-9E40-8B6B3DD858B5}C:\program files\telestream\gameshow\gameshow.exe] => (Allow) C:\program files\telestream\gameshow\gameshow.exe
  457. FirewallRules: [{6EA01631-89E5-476B-9C6F-7DD5F7400A3D}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Wildlands\GRW.exe
  458. FirewallRules: [UDP Query User{33E07161-FCA7-4D65-AE2A-3821775201FA}C:\users\mrsha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mrsha\appdata\roaming\spotify\spotify.exe
  459. FirewallRules: [TCP Query User{609301FF-5906-4C9A-A7D3-13F8FEC92CF3}C:\users\mrsha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mrsha\appdata\roaming\spotify\spotify.exe
  460. FirewallRules: [{EFB393C1-BA56-4DD4-9582-6992613BAD91}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
  461. FirewallRules: [{CF71EE9E-E4D1-4C3F-B79B-A79B510E3ED6}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
  462. FirewallRules: [{92CAD380-9166-437F-8C90-11F0ACE6BE88}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
  463. FirewallRules: [{C290A309-E408-487F-A136-C0D8F14E93CB}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
  464. FirewallRules: [{F21F2E2F-FBA0-409C-BCB8-F2228B389CE0}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
  465. FirewallRules: [{1ED26901-7E46-47D9-8CF5-F19E655A2CC9}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
  466. FirewallRules: [{AB0A12B9-A534-4BBB-A372-4A43FC70BD61}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
  467. FirewallRules: [{B3360B3C-10A0-4EC9-A3CB-92068A4BB97A}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
  468. FirewallRules: [{3290E0B4-81FD-437B-B661-ABADC500C732}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
  469. FirewallRules: [{61467F0F-5673-485A-BFE2-62F530FBAC54}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
  470. FirewallRules: [{CF79FE8D-2BA1-4C10-8E5B-D2CFAE1F30F8}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
  471. FirewallRules: [{181933B1-E2B5-42B5-B49A-A6507EFC3E4B}] => (Allow) C:\Users\Hien\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
  472. FirewallRules: [{8B83D22F-811B-4674-951A-24E669FAE46A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
  473. FirewallRules: [{A3743082-BE38-48E2-9326-F7BB75E07CD4}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
  474. FirewallRules: [{BBDFA6FE-7A40-4014-9DB0-BD2D3C9959D6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
  475. FirewallRules: [{9ADFE692-8641-45A5-8F1C-D29E96E7F7E8}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
  476. FirewallRules: [{23E0E624-D673-4716-A634-1AA18C47C1D8}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
  477. FirewallRules: [{58877462-C3FE-400B-ABD6-E2B4AF7BA14F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
  478. FirewallRules: [{A5B60A11-F90B-4A46-B82F-911D7E356D20}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
  479. FirewallRules: [{1D2A212E-8903-469C-9940-723091220BEA}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
  480. FirewallRules: [{087D5FAB-9C64-47A8-96C3-41C8D05A31B5}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
  481. FirewallRules: [{C285A978-528A-4DCF-8CA7-EE735E9C5F34}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
  482. FirewallRules: [{4FAA9E7A-32A5-47A7-8264-085BF9FE3A4C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
  483. FirewallRules: [{2FD83101-94E6-439E-BFAE-C893EAB19117}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
  484. FirewallRules: [{CB7F5D7B-3965-44C4-989E-801837EEF849}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
  485. FirewallRules: [{3F0B67EB-9053-4115-90FB-FCB88A6798B7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
  486. FirewallRules: [{F6BD5B36-12F0-48DC-8CAD-9DBDBF2B5498}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
  487. FirewallRules: [{320ECE43-C8E6-4341-81BD-CA82E3C73E61}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
  488. FirewallRules: [UDP Query User{1469EF8A-61B8-4959-8FD5-E2D4D474136A}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe
  489. FirewallRules: [TCP Query User{1B18D2D8-6FD8-4630-9764-03DDAD367CFF}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe
  490. FirewallRules: [UDP Query User{88EC6BE0-D5AD-4A9F-92EC-26AFF2FAB83B}C:\users\hien\appdata\local\raidar\raidar.exe] => (Allow) C:\users\hien\appdata\local\raidar\raidar.exe
  491. FirewallRules: [TCP Query User{5B15D09F-91B2-44BC-9D60-A4C265EF5BA3}C:\users\hien\appdata\local\raidar\raidar.exe] => (Allow) C:\users\hien\appdata\local\raidar\raidar.exe
  492. FirewallRules: [UDP Query User{E70BB309-1F2E-4AAA-BE2D-BEF7E729A6D3}C:\program files (x86)\netgear readynas\raidar.exe] => (Allow) C:\program files (x86)\netgear readynas\raidar.exe
  493. FirewallRules: [TCP Query User{CBDC95A6-426B-4709-B74A-149B2B9E0AE3}C:\program files (x86)\netgear readynas\raidar.exe] => (Allow) C:\program files (x86)\netgear readynas\raidar.exe
  494. FirewallRules: [UDP Query User{8F4E3CB5-B59F-4A15-AE03-03A44BF935F1}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
  495. FirewallRules: [TCP Query User{00B68A45-69D0-4685-9053-6377A6FFD518}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
  496. FirewallRules: [{18353433-283E-4A25-BA90-C86C42DB7111}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
  497. FirewallRules: [{F6C69B43-531C-41F7-BE17-AB1A05F41135}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
  498. FirewallRules: [UDP Query User{CBDFA68A-0788-46F1-9951-DFAA7D8A7B7F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
  499. FirewallRules: [TCP Query User{BC35B75A-8B42-414B-87F3-DF22A48E30A9}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
  500. FirewallRules: [UDP Query User{66B2C9B8-79E3-4EED-8E21-0CE61352088E}C:\users\mrsha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mrsha\appdata\roaming\spotify\spotify.exe
  501. FirewallRules: [TCP Query User{82287B98-751A-4125-8464-D900B2DB00AC}C:\users\mrsha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mrsha\appdata\roaming\spotify\spotify.exe
  502. FirewallRules: [{EFF2732C-1D08-4FED-8525-D75AD66C719D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect Safe Mode.exe
  503. FirewallRules: [{071873D3-C54C-465C-8A36-C94C6DE4168D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect Safe Mode.exe
  504. FirewallRules: [{DC068528-9737-45B6-A421-E2824B143F20}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
  505. FirewallRules: [{7714E5E1-7A70-485A-9421-A5D9F19E331C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
  506. FirewallRules: [UDP Query User{4A36195B-FB9A-472D-8029-7B543CFE03A0}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
  507. FirewallRules: [TCP Query User{AEB401A2-34A2-43F4-8942-B86930ED39EA}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
  508. FirewallRules: [{DE690EDA-BD1F-4065-9C91-B4879F57AA3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
  509. FirewallRules: [{7B59D48E-F05A-48CA-B337-2DEB7283C837}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
  510. FirewallRules: [{6CE81F45-3167-441E-878A-BA49A58CAE18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
  511. FirewallRules: [{DE6679EB-3832-4AD3-B6E4-A3299BEB10C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
  512. FirewallRules: [{4BFEF49A-FA11-4DBC-8AB9-F8F4E24BC6A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
  513. FirewallRules: [{33365640-7556-406A-9C56-78BF569B0263}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  514. FirewallRules: [{A182139F-997A-43F5-AED9-1B6A115E7428}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  515. FirewallRules: [{F8BBCB33-24D1-4EEF-951C-3B9F58D02519}] => (Allow) C:\Users\Hien\AppData\Roaming\uTorrent\uTorrent.exe
  516. FirewallRules: [{5986C93E-5C7D-4795-BCDB-453056A6DB20}] => (Allow) C:\Users\Hien\AppData\Roaming\uTorrent\uTorrent.exe
  517. FirewallRules: [{78603DA3-B695-4694-A660-B8869D6E15DF}] => (Allow) C:\Users\Hien\AppData\Roaming\uTorrent\uTorrent.exe
  518. FirewallRules: [{C82C4E72-4C30-4F63-9FE6-6B20CA94CF6B}] => (Allow) C:\Users\Hien\AppData\Roaming\uTorrent\uTorrent.exe
  519. FirewallRules: [{4AEFA8EF-5E23-4CAF-8F41-037F41BEF132}] => (Allow) C:\Users\Hien\AppData\Roaming\uTorrent\uTorrent.exe
  520. FirewallRules: [{31A9F503-8487-4884-A5D6-7A58086FE5BA}] => (Allow) C:\Users\Hien\AppData\Roaming\uTorrent\uTorrent.exe
  521. FirewallRules: [UDP Query User{728F99A7-6D0B-4A60-9FCB-6AA8A31F19B7}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
  522. FirewallRules: [TCP Query User{98B8800F-4192-4F27-9699-2BC4F808D6ED}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
  523. FirewallRules: [{C79897A3-40C4-4D99-A3D8-F0FD22F3642E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
  524. FirewallRules: [{48AA967A-3337-4D6E-A435-8674E6ECB949}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
  525. FirewallRules: [{0AF97583-4958-45AF-B3E8-58B44E56D006}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
  526. FirewallRules: [{6F28EC43-F1CE-4BED-A7CA-6EAFECECC385}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
  527. FirewallRules: [{FEE3658E-2A77-41FF-B9E9-D2A52F3ABB47}] => (Allow) LPort=54925
  528. FirewallRules: [TCP Query User{FCF09468-8C33-423D-8ADB-02CB977FE160}C:\windows.old\users\hien\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\windows.old\users\hien\appdata\roaming\utorrent\utorrent.exe
  529. FirewallRules: [UDP Query User{9FAE0EF8-CF09-446B-9AD9-FAA467133D61}C:\windows.old\users\hien\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\windows.old\users\hien\appdata\roaming\utorrent\utorrent.exe
  530. FirewallRules: [{5A340419-36BB-44C1-9080-8FDAC9238AA2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  531. FirewallRules: [{2A3A8DAA-AF49-495B-B8BE-14F2806A970E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  532. FirewallRules: [{DCBB9884-09A7-4786-A753-6E5300BECFA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  533. FirewallRules: [{3A668036-3563-4AEB-AD40-C1F62B9B72B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  534. FirewallRules: [{EF6401FA-D2E5-401B-86E2-E1EE8BDF1A05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  535. FirewallRules: [{93309145-5A73-4934-B841-F52083A7A646}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
  536. FirewallRules: [{A7785B8E-67C3-4F3D-B28F-4719EA9B5DF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
  537. FirewallRules: [{7E9C7A8C-EBBA-43E7-8966-792F402DEA5A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
  538. FirewallRules: [{0745FBCA-149E-42C3-9C9A-BA1D982507B5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
  539. FirewallRules: [{2039038E-AD39-4A00-924F-0484AB18DB06}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
  540. FirewallRules: [{A689342D-3E12-4A3F-A5D7-991182325F3C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
  541. FirewallRules: [{9CAE6D62-051A-47B1-8D1B-CAACF048AD65}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
  542. FirewallRules: [{9F6D1B2F-1553-43AD-82FD-8BD6D6476512}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
  543. FirewallRules: [TCP Query User{0C7D710A-1815-41B7-AC87-D59EC9655288}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe
  544. FirewallRules: [UDP Query User{6506D9A2-3414-4D4B-AD66-6D0179E970F2}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe
  545. FirewallRules: [{36E488B4-E671-4D7F-B0B7-163F1A057198}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
  546. FirewallRules: [{07890756-1C27-4B50-AA45-48A53F68D975}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
  547. FirewallRules: [{B46340A9-DE0A-414B-BD1A-DD2B6C5262BB}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
  548. FirewallRules: [{20E73C48-ABF7-42F9-B243-13ACE9E4DA32}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
  549. FirewallRules: [{D74B3322-0B92-4BF0-BECC-B2742E9C48C8}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
  550. FirewallRules: [{4249888B-CD16-4B6B-B6C4-9E1D0EB11782}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
  551. FirewallRules: [{8CD2E321-7F92-42D5-91E7-3911EB2E621E}] => (Allow) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  552. FirewallRules: [{88415DA8-C860-49EE-93F9-0A31473ED84B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
  553. FirewallRules: [{027185E9-D760-4B1C-ABB6-F8D68CE2823D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
  554. FirewallRules: [{F78C22B6-E7C4-437B-A128-C4E974AA43F8}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
  555. FirewallRules: [{C351DBAF-511C-4E0F-B310-99F4A8DCE3EA}] => (Allow) C:\WINDOWS\system32\rundll32.exe
  556.  
  557. ==================== Restore Points =========================
  558.  
  559. 16-10-2017 20:50:25 Scheduled Checkpoint
  560.  
  561. ==================== Faulty Device Manager Devices =============
  562.  
  563. Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
  564. Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
  565. Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
  566. Manufacturer: Cisco Systems
  567. Service: vpnva
  568. Problem: : This device is disabled. (Code 22)
  569. Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
  570.  
  571.  
  572. ==================== Event log errors: =========================
  573.  
  574. Application errors:
  575. ==================
  576. Error: (10/18/2017 09:40:24 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
  577. Description: License Activation (slui.exe) failed with the following error code:
  578. hr=0x8007232B
  579. Command-line arguments:
  580. RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
  581.  
  582. Error: (10/18/2017 09:39:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
  583. Description: License Activation (slui.exe) failed with the following error code:
  584. hr=0x8007232B
  585. Command-line arguments:
  586. RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
  587.  
  588. Error: (10/18/2017 07:41:54 PM) (Source: Application Error) (EventID: 1000) (User: )
  589. Description: Faulting application name: ksdeui.exe, version: 18.0.0.405, time stamp: 0x58876d8f
  590. Faulting module name: 0Kraken0510DevProps.dll, version: 0.0.0.0, time stamp: 0x57d0fdf1
  591. Exception code: 0xc0000005
  592. Fault offset: 0x000047e4
  593. Faulting process id: 0x3018
  594. Faulting application start time: 0x01d34883d26f3b0d
  595. Faulting application path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
  596. Faulting module path: C:\Users\mrsha\AppData\Local\Temp\0Kraken0510DevProps.dll
  597. Report Id: 31997091-b348-4f40-9cc4-c2637e3cd26b
  598. Faulting package full name:
  599. Faulting package-relative application ID:
  600.  
  601. Error: (10/18/2017 07:40:54 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
  602. Description: License Activation (slui.exe) failed with the following error code:
  603. hr=0x8007232B
  604. Command-line arguments:
  605. RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
  606.  
  607. Error: (10/18/2017 07:40:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
  608. Description: License Activation (slui.exe) failed with the following error code:
  609. hr=0x8007232B
  610. Command-line arguments:
  611. RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
  612.  
  613. Error: (10/18/2017 07:31:17 PM) (Source: Application Error) (EventID: 1000) (User: )
  614. Description: Faulting application name: ksdeui.exe, version: 18.0.0.405, time stamp: 0x58876d8f
  615. Faulting module name: 0Kraken0510DevProps.dll, version: 0.0.0.0, time stamp: 0x57d0fdf1
  616. Exception code: 0xc0000005
  617. Fault offset: 0x000047e4
  618. Faulting process id: 0x2dd8
  619. Faulting application start time: 0x01d3488256b62c42
  620. Faulting application path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
  621. Faulting module path: C:\Users\mrsha\AppData\Local\Temp\0Kraken0510DevProps.dll
  622. Report Id: 1b389b9d-7646-4bcc-89d1-03e8216b304c
  623. Faulting package full name:
  624. Faulting package-relative application ID:
  625.  
  626. Error: (10/18/2017 07:12:35 PM) (Source: MsiInstaller) (EventID: 10005) (User: HIEN-PC)
  627. Description: Application: Kaspersky Total Security -- Error 29005. The selected folder or drive already contains files. The application cannot be installed to a folder that contains other data because this data can become unavailable after Self-Defense is enabled.<<29005>>InstallDir=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\<<31709>>
  628.  
  629. Error: (10/18/2017 07:12:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
  630. Description: License Activation (slui.exe) failed with the following error code:
  631. hr=0x8007232B
  632. Command-line arguments:
  633. RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
  634.  
  635. Error: (10/18/2017 07:12:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
  636. Description: License Activation (slui.exe) failed with the following error code:
  637. hr=0x8007232B
  638. Command-line arguments:
  639. RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
  640.  
  641. Error: (10/18/2017 07:09:49 PM) (Source: SecurityCenter) (EventID: 16) (User: )
  642. Description: Error while updating status to SECURITY_PRODUCT_STATE_SNOOZED.
  643.  
  644.  
  645. System errors:
  646. =============
  647. Error: (10/18/2017 07:39:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  648. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  649. {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
  650. and APPID
  651. {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
  652. to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  653.  
  654. Error: (10/18/2017 07:39:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  655. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  656. {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
  657. and APPID
  658. {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
  659. to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  660.  
  661. Error: (10/18/2017 07:39:44 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
  662. Description: The Automaton service has reported an invalid current state 0.
  663.  
  664. Error: (10/18/2017 07:39:44 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
  665. Description: The Automaton service has reported an invalid current state 0.
  666.  
  667. Error: (10/18/2017 07:39:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  668. Description: The CldFlt service failed to start due to the following error:
  669. The request is not supported.
  670.  
  671. Error: (10/18/2017 07:38:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
  672. Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
  673.  
  674. Error: (10/18/2017 07:37:19 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
  675. Description: The ScRegSetValueExW call failed for Start with the following error:
  676. The maximum number of secrets that may be stored in a single system has been exceeded.
  677.  
  678. Error: (10/18/2017 07:30:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
  679. Description: The Interactive Services Detection service terminated with the following error:
  680. Incorrect function.
  681.  
  682. Error: (10/18/2017 07:30:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
  683. Description: The Interactive Services Detection service terminated with the following error:
  684. Incorrect function.
  685.  
  686. Error: (10/18/2017 07:11:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  687. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  688. {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
  689. and APPID
  690. {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
  691. to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  692.  
  693.  
  694. CodeIntegrity:
  695. ===================================
  696. Date: 2017-10-15 19:05:42.184
  697. Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Users\mrsha\AppData\Roaming\Microsoft\Protect\f5a4d396-2a3c-44a9-b77f-941d2f8775e7.rs that did not meet the Microsoft signing level requirements.
  698.  
  699. Date: 2017-10-14 17:21:38.787
  700. Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  701.  
  702. Date: 2017-10-13 20:23:35.876
  703. Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  704.  
  705. Date: 2017-10-08 00:19:58.306
  706. Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  707.  
  708. Date: 2017-10-03 19:13:36.722
  709. Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  710.  
  711. Date: 2017-09-29 17:38:02.162
  712. Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  713.  
  714. Date: 2017-09-28 17:49:53.648
  715. Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  716.  
  717. Date: 2017-09-27 17:06:27.417
  718. Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  719.  
  720. Date: 2017-09-26 19:11:58.598
  721. Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  722.  
  723. Date: 2017-09-25 17:16:34.775
  724. Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  725.  
  726.  
  727. ==================== Memory info ===========================
  728.  
  729. Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
  730. Percentage of memory in use: 61%
  731. Total physical RAM: 8143.2 MB
  732. Available physical RAM: 3145.76 MB
  733. Total Virtual: 22351.2 MB
  734. Available Virtual: 14968.16 MB
  735.  
  736. ==================== Drives ================================
  737.  
  738. Drive c: () (Fixed) (Total:222.2 GB) (Free:37.38 GB) NTFS
  739. Drive d: (OS) (Fixed) (Total:922.31 GB) (Free:296.93 GB) NTFS
  740. Drive n: (USB DISK) (Removable) (Total:3.73 GB) (Free:2.6 GB) FAT32
  741.  
  742. ==================== MBR & Partition Table ==================
  743.  
  744. ========================================================
  745. Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 00000000)
  746.  
  747. Partition: GPT.
  748.  
  749. ========================================================
  750. Disk: 1 (Size: 931.5 GB) (Disk ID: B7575307)
  751.  
  752. Partition: GPT.
  753.  
  754. ========================================================
  755. Disk: 10 (MBR Code: Windows 7 or 8) (Size: 3.7 GB) (Disk ID: 00081E8D)
  756. Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
  757.  
  758. ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!