API tools faq
paste
Advertisement
Guest User

FRST/Addition

a guest
Nov 20th, 2017
13,718
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 145.94 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-11-2017
  2. Ran by Main (administrator) on DESKTOP-UJO3IF7 (20-11-2017 16:35:23)
  3. Running from C:\Users\Main\Desktop
  4. Loaded Profiles: Main (Available Profiles: defaultuser0 & Main)
  5. Platform: Windows 10 Education Version 1703 15063.726 (X64) Language: English (United States)
  6. Internet Explorer Version 11 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
  15. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
  16. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
  17. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
  18. (The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
  19. () C:\Windows\SysWOW64\PnkBstrA.exe
  20. (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
  21. (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
  22. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  23. (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
  24. () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
  25. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
  26. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
  27. (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
  28. (FileZilla Project) F:\FileZilla Server\FileZilla Server.exe
  29. (Microvirt Software Technology Co. Ltd.) F:\Memu\Microvirt\MEmu\MemuService.exe
  30. (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
  31. (Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
  32. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
  33. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
  34. (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
  35. () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
  36. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
  37. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
  38. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
  39. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
  40. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
  41. (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
  42. (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
  43. (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
  44. (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
  45. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
  46. () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
  47. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
  48. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
  49. (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
  50. () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
  51. (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
  52. (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
  53. (Razer, Inc.) C:\Users\Main\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
  54. (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
  55. (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
  56.  
  57. ==================== Registry (Whitelisted) ===========================
  58.  
  59. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  60.  
  61. HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
  62. HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
  63. HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
  64. HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
  65. HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
  66. HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
  67. HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
  68. HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Acrotray.exe [1868272 2017-11-03] (Adobe Systems Inc.)
  69. HKLM-x32\...\Run: [FileZilla Server Interface] => F:\FileZilla Server\FileZilla Server Interface.exe [2770088 2017-02-08] (FileZilla Project)
  70. HKLM-x32\...\Run: [] => [X]
  71. HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
  72. HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
  73. HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
  74. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [5489808 2017-01-22] (IDRIX)
  75. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-30] (Valve Corporation)
  76. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [582784 2016-12-27] ()
  77. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Main\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2012616 2017-04-04] (Gaijin Entertainment)
  78. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\Run: [Discord] => C:\Users\Main\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
  79. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\Run: [Spotify] => C:\Users\Main\AppData\Roaming\Spotify\Spotify.exe [15866480 2017-11-05] (Spotify Ltd)
  80. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
  81. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\Run: [Spotify Web Helper] => C:\Users\Main\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-11-05] (Spotify Ltd)
  82. Startup: C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EmEditor.lnk [2017-01-29]
  83. ShortcutTarget: EmEditor.lnk -> C:\Users\Main\AppData\Local\Programs\EmEditor\emedtray.exe (Emurasoft, Inc.)
  84.  
  85. ==================== Internet (Whitelisted) ====================
  86.  
  87. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  88.  
  89. ProxyEnable: [S-1-5-21-2480641496-3029473293-3521873248-1001] => Proxy is enabled.
  90. ProxyServer: [S-1-5-21-2480641496-3029473293-3521873248-1001] => 103.11.115.41:80
  91. Tcpip\..\Interfaces\{469ad12b-9c70-4225-aef2-56ba55e7fe40}: [DhcpNameServer] 8.8.8.8 8.8.4.4
  92. Tcpip\..\Interfaces\{f0268d32-900d-4a22-a5f4-531845674e06}: [NameServer] 84.200.69.80,84.200.70.40
  93. Tcpip\..\Interfaces\{f0268d32-900d-4a22-a5f4-531845674e06}: [DhcpNameServer] 192.168.1.1
  94. ManualProxies: 1103.11.115.41:80
  95.  
  96. Internet Explorer:
  97. ==================
  98. BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-08] (Oracle Corporation)
  99. BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2017-03-29] (Adobe Systems Incorporated)
  100. BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-08] (Oracle Corporation)
  101. BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2017-03-29] (Adobe Systems Incorporated)
  102. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-23] (Oracle Corporation)
  103. BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2017-03-29] (Adobe Systems Incorporated)
  104. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-23] (Oracle Corporation)
  105. BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2017-03-29] (Adobe Systems Incorporated)
  106. Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2017-03-29] (Adobe Systems Incorporated)
  107. Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2017-03-29] (Adobe Systems Incorporated)
  108.  
  109. FireFox:
  110. ========
  111. FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
  112. FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-03]
  113. FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
  114. FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-08] (Oracle Corporation)
  115. FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-08] (Oracle Corporation)
  116. FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
  117. FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
  118. FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-23] (Oracle Corporation)
  119. FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-23] (Oracle Corporation)
  120. FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
  121. FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
  122. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
  123. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
  124. FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
  125. FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Air\nppdf32.dll [2017-11-03] (Adobe Systems Inc.)
  126. FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
  127.  
  128. Chrome:
  129. =======
  130. CHR DefaultProfile: Default
  131. CHR Profile: C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default [2017-11-20]
  132. CHR Extension: (Slides) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
  133. CHR Extension: (Docs) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
  134. CHR Extension: (Google Drive) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-22]
  135. CHR Extension: (YouTube) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-22]
  136. CHR Extension: (Adblock Plus) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-19]
  137. CHR Extension: (Adobe Acrobat) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-25]
  138. CHR Extension: (Dark Reader) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2017-10-19]
  139. CHR Extension: (Sheets) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
  140. CHR Extension: (Stylish - Custom themes for any website) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2017-10-22]
  141. CHR Extension: (Google Docs Offline) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-22]
  142. CHR Extension: (Chrome Web Store Payments) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-19]
  143. CHR Extension: (Bittrex Enhanced) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\opefelljddckamffnphohkknfgbdnham [2017-11-15]
  144. CHR Extension: (Gmail) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-22]
  145. CHR Extension: (Chrome Media Router) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-15]
  146. CHR Profile: C:\Users\Main\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-10-20]
  147. CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
  148.  
  149. ==================== Services (Whitelisted) ====================
  150.  
  151. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  152.  
  153. R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
  154. R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
  155. S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-10] ()
  156. S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [392480 2017-03-20] (EasyAntiCheat Ltd)
  157. R2 FileZilla Server; F:\FileZilla Server\FileZilla Server.exe [859304 2017-02-08] (FileZilla Project)
  158. R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
  159. R2 MEmusvc; F:\Memu\Microvirt\MEmu\MemuService.exe [269480 2017-05-26] (Microvirt Software Technology Co. Ltd.)
  160. R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation)
  161. S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation)
  162. R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-27] (NVIDIA Corporation)
  163. R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-10] (NVIDIA Corporation)
  164. S3 OpenVpnService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
  165. R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [70272 2016-12-27] (The OpenVPN Project)
  166. S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [70272 2016-12-27] (The OpenVPN Project)
  167. R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-04-24] ()
  168. R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-07-02] (Razer Inc.)
  169. R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [179840 2017-06-20] (Razer Inc.)
  170. R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
  171. S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
  172. R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
  173. S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-18] (Microsoft Corporation)
  174. R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
  175. R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
  176.  
  177. ===================== Drivers (Whitelisted) ======================
  178.  
  179. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  180.  
  181. S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
  182. R3 kmloop; C:\WINDOWS\System32\drivers\loop.sys [16896 2017-03-18] (Microsoft Corporation)
  183. R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-20] (Malwarebytes)
  184. R2 memudrv; F:\Memu\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (Microvirt Corporation)
  185. S1 MpKsle665cd88; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2ADB8F0C-8009-4C50-9BCC-EAFB6AED3027}\MpKsle665cd88.sys [58120 2017-11-20] () [File not signed]
  186. R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81736 2017-07-27] (Insecure.Com LLC.)
  187. S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
  188. R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_0109a19b5125cb43\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
  189. S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-10] (NVIDIA Corporation)
  190. R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation)
  191. R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-06] (NVIDIA Corporation)
  192. R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
  193. S3 RTCore64; F:\AfterBurner\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
  194. R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer Inc)
  195. R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
  196. R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
  197. S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
  198. S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
  199. R0 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [467368 2017-01-22] (IDRIX)
  200. S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
  201. R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
  202. R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
  203. R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-07-29] (BigNox Corporation)
  204. U4 npcap_wifi; no ImagePath
  205.  
  206. ==================== NetSvcs (Whitelisted) ===================
  207.  
  208. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  209.  
  210.  
  211. ==================== One Month Created files and folders ========
  212.  
  213. (If an entry is included in the fixlist, the file/folder will be moved.)
  214.  
  215. 2017-11-20 16:35 - 2017-11-20 16:35 - 000021142 _____ C:\Users\Main\Desktop\FRST.txt
  216. 2017-11-20 16:34 - 2017-11-20 16:34 - 000001836 _____ C:\Users\Main\Desktop\mb.txt
  217. 2017-11-20 16:31 - 2017-11-20 16:31 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
  218. 2017-11-20 16:31 - 2017-11-20 16:31 - 000001918 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
  219. 2017-11-20 16:31 - 2017-11-20 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
  220. 2017-11-20 16:31 - 2017-11-20 16:31 - 000000000 ____D C:\ProgramData\Malwarebytes
  221. 2017-11-20 16:31 - 2017-11-20 16:31 - 000000000 ____D C:\Program Files\Malwarebytes
  222. 2017-11-20 16:31 - 2017-11-20 16:30 - 002391552 _____ (Farbar) C:\Users\Main\Desktop\FRST64.exe
  223. 2017-11-20 16:31 - 2017-11-20 16:29 - 078346672 _____ (Malwarebytes ) C:\Users\Main\Desktop\mb3-setup-consumer-3.3.1.2183.exe
  224. 2017-11-20 16:31 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
  225. 2017-11-20 16:23 - 2017-11-20 16:23 - 1773374554 _____ C:\WINDOWS\MEMORY.DMP
  226. 2017-11-20 16:23 - 2017-11-20 16:23 - 000703524 _____ C:\WINDOWS\Minidump\112017-10406-01.dmp
  227. 2017-11-20 16:23 - 2017-11-20 16:23 - 000000000 ____D C:\WINDOWS\Minidump
  228. 2017-11-20 14:52 - 2017-11-20 15:13 - 000000000 ____D C:\Users\Main\Desktop\All in One
  229. 2017-11-20 14:52 - 2017-11-20 14:52 - 006840093 _____ C:\Users\Main\Downloads\All in One.7z
  230. 2017-11-20 04:35 - 2017-11-20 04:35 - 000001042 _____ C:\Users\Main\Desktop\Nmap - Zenmap GUI.lnk
  231. 2017-11-20 04:35 - 2017-11-20 04:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap
  232. 2017-11-20 04:35 - 2017-11-20 04:35 - 000000000 ____D C:\WINDOWS\system32\Npcap
  233. 2017-11-20 04:34 - 2017-11-20 04:34 - 027374712 _____ (Insecure.org) C:\Users\Main\Downloads\nmap-7.60-setup.exe
  234. 2017-11-19 22:59 - 2017-11-19 22:59 - 000234464 _____ C:\Users\Main\Downloads\Homework (1).rar
  235. 2017-11-19 22:47 - 2017-11-19 22:47 - 000006092 _____ C:\Users\Main\Downloads\src.rar
  236. 2017-11-19 22:31 - 2017-11-19 22:31 - 000234464 _____ C:\Users\Main\Downloads\Homework.rar
  237. 2017-11-17 18:48 - 2017-11-17 18:49 - 000000000 ____D C:\ProgramData\Epic
  238. 2017-11-17 18:48 - 2017-11-17 18:48 - 000000891 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
  239. 2017-11-17 18:48 - 2017-11-17 18:48 - 000000891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
  240. 2017-11-17 18:48 - 2017-11-17 18:48 - 000000000 ____D C:\Users\Main\AppData\Local\UnrealEngineLauncher
  241. 2017-11-17 18:48 - 2017-11-17 18:48 - 000000000 ____D C:\Users\Main\AppData\Local\EpicGamesLauncher
  242. 2017-11-17 17:28 - 2017-11-17 17:29 - 032059392 _____ C:\Users\Main\Downloads\EpicInstaller-6.9.0-fortnite-8aebcfe0568c4a7cbcc89d60fbb7127b.msi
  243. 2017-11-17 17:28 - 2017-11-17 17:29 - 032059392 _____ C:\Users\Main\Downloads\EpicInstaller-6.9.0-fortnite-8aebcfe0568c4a7cbcc89d60fbb7127b (1).msi
  244. 2017-11-17 14:26 - 2017-11-17 14:26 - 000000291 _____ C:\Users\Main\Downloads\accesslog_citizencold.studio_11_17_2017.gz
  245. 2017-11-17 14:04 - 2017-11-17 14:04 - 000000000 ____D C:\Program Files (x86)\VulkanRT
  246. 2017-11-17 14:04 - 2017-10-27 10:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
  247. 2017-11-17 14:04 - 2017-09-13 17:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
  248. 2017-11-17 14:04 - 2017-09-13 17:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
  249. 2017-11-17 14:04 - 2017-09-13 17:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
  250. 2017-11-17 14:04 - 2017-09-13 17:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
  251. 2017-11-17 14:03 - 2017-11-17 14:04 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
  252. 2017-11-15 19:57 - 2017-11-15 19:57 - 000002987 _____ C:\Users\Main\Desktop\order.csv
  253. 2017-11-15 00:02 - 2017-11-01 23:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
  254. 2017-11-15 00:02 - 2017-11-01 23:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
  255. 2017-11-15 00:02 - 2017-11-01 23:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
  256. 2017-11-15 00:02 - 2017-11-01 23:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
  257. 2017-11-15 00:02 - 2017-11-01 23:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
  258. 2017-11-15 00:02 - 2017-11-01 23:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
  259. 2017-11-15 00:02 - 2017-11-01 23:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
  260. 2017-11-15 00:02 - 2017-11-01 23:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
  261. 2017-11-15 00:02 - 2017-11-01 23:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
  262. 2017-11-15 00:02 - 2017-11-01 23:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
  263. 2017-11-15 00:02 - 2017-11-01 23:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
  264. 2017-11-15 00:02 - 2017-11-01 23:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
  265. 2017-11-15 00:02 - 2017-11-01 23:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
  266. 2017-11-15 00:02 - 2017-11-01 23:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
  267. 2017-11-15 00:02 - 2017-11-01 23:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
  268. 2017-11-15 00:02 - 2017-11-01 22:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
  269. 2017-11-15 00:02 - 2017-11-01 22:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
  270. 2017-11-15 00:02 - 2017-11-01 22:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
  271. 2017-11-15 00:02 - 2017-11-01 22:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
  272. 2017-11-15 00:02 - 2017-11-01 22:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
  273. 2017-11-15 00:02 - 2017-11-01 22:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
  274. 2017-11-15 00:02 - 2017-11-01 22:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
  275. 2017-11-15 00:02 - 2017-11-01 22:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
  276. 2017-11-15 00:02 - 2017-11-01 22:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
  277. 2017-11-15 00:02 - 2017-11-01 22:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
  278. 2017-11-15 00:02 - 2017-11-01 22:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
  279. 2017-11-15 00:02 - 2017-11-01 22:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
  280. 2017-11-15 00:02 - 2017-11-01 22:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
  281. 2017-11-15 00:02 - 2017-11-01 22:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
  282. 2017-11-15 00:02 - 2017-11-01 22:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
  283. 2017-11-15 00:02 - 2017-11-01 22:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
  284. 2017-11-15 00:02 - 2017-11-01 22:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
  285. 2017-11-15 00:02 - 2017-11-01 22:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
  286. 2017-11-15 00:02 - 2017-11-01 22:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
  287. 2017-11-15 00:02 - 2017-11-01 22:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
  288. 2017-11-15 00:02 - 2017-11-01 22:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
  289. 2017-11-15 00:02 - 2017-11-01 22:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
  290. 2017-11-15 00:02 - 2017-11-01 22:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
  291. 2017-11-15 00:02 - 2017-11-01 22:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
  292. 2017-11-15 00:02 - 2017-11-01 22:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
  293. 2017-11-15 00:02 - 2017-11-01 22:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
  294. 2017-11-15 00:02 - 2017-11-01 22:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
  295. 2017-11-15 00:02 - 2017-11-01 22:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
  296. 2017-11-15 00:02 - 2017-11-01 22:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
  297. 2017-11-15 00:02 - 2017-11-01 22:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
  298. 2017-11-15 00:02 - 2017-11-01 22:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
  299. 2017-11-15 00:02 - 2017-11-01 22:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
  300. 2017-11-15 00:02 - 2017-11-01 22:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
  301. 2017-11-15 00:02 - 2017-11-01 22:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
  302. 2017-11-15 00:02 - 2017-11-01 22:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
  303. 2017-11-15 00:02 - 2017-11-01 22:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
  304. 2017-11-15 00:02 - 2017-11-01 22:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
  305. 2017-11-15 00:02 - 2017-11-01 22:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
  306. 2017-11-15 00:02 - 2017-11-01 22:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
  307. 2017-11-15 00:02 - 2017-11-01 22:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
  308. 2017-11-15 00:02 - 2017-11-01 22:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
  309. 2017-11-15 00:02 - 2017-11-01 22:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
  310. 2017-11-15 00:02 - 2017-11-01 22:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
  311. 2017-11-15 00:02 - 2017-11-01 22:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
  312. 2017-11-15 00:02 - 2017-11-01 22:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
  313. 2017-11-15 00:02 - 2017-11-01 22:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
  314. 2017-11-15 00:02 - 2017-11-01 22:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
  315. 2017-11-15 00:02 - 2017-11-01 22:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
  316. 2017-11-15 00:02 - 2017-11-01 22:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
  317. 2017-11-15 00:02 - 2017-11-01 22:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
  318. 2017-11-15 00:02 - 2017-11-01 22:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
  319. 2017-11-15 00:02 - 2017-11-01 22:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
  320. 2017-11-15 00:02 - 2017-11-01 22:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
  321. 2017-11-15 00:02 - 2017-11-01 22:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
  322. 2017-11-15 00:02 - 2017-11-01 22:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
  323. 2017-11-15 00:02 - 2017-11-01 22:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
  324. 2017-11-15 00:02 - 2017-11-01 22:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
  325. 2017-11-15 00:02 - 2017-11-01 22:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
  326. 2017-11-15 00:02 - 2017-11-01 22:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
  327. 2017-11-15 00:02 - 2017-11-01 22:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
  328. 2017-11-15 00:02 - 2017-11-01 22:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
  329. 2017-11-15 00:02 - 2017-11-01 22:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
  330. 2017-11-15 00:02 - 2017-11-01 22:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
  331. 2017-11-15 00:02 - 2017-11-01 22:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
  332. 2017-11-15 00:02 - 2017-11-01 22:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
  333. 2017-11-15 00:02 - 2017-11-01 22:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
  334. 2017-11-15 00:02 - 2017-11-01 22:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
  335. 2017-11-15 00:02 - 2017-11-01 22:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
  336. 2017-11-15 00:02 - 2017-11-01 22:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
  337. 2017-11-15 00:02 - 2017-11-01 22:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
  338. 2017-11-15 00:02 - 2017-11-01 22:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
  339. 2017-11-15 00:02 - 2017-11-01 22:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
  340. 2017-11-15 00:02 - 2017-11-01 22:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
  341. 2017-11-15 00:02 - 2017-11-01 22:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
  342. 2017-11-15 00:02 - 2017-10-25 01:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
  343. 2017-11-15 00:02 - 2017-10-15 09:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
  344. 2017-11-15 00:02 - 2017-10-15 09:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
  345. 2017-11-15 00:02 - 2017-10-15 09:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
  346. 2017-11-15 00:02 - 2017-10-15 08:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
  347. 2017-11-15 00:02 - 2017-10-15 08:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
  348. 2017-11-15 00:02 - 2017-10-15 08:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
  349. 2017-11-15 00:02 - 2017-10-15 08:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
  350. 2017-11-15 00:02 - 2017-10-15 08:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
  351. 2017-11-15 00:02 - 2017-10-15 08:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
  352. 2017-11-15 00:02 - 2017-10-15 08:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
  353. 2017-11-15 00:02 - 2017-10-15 08:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
  354. 2017-11-15 00:02 - 2017-10-15 08:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
  355. 2017-11-15 00:02 - 2017-10-15 08:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
  356. 2017-11-15 00:02 - 2017-10-15 08:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
  357. 2017-11-15 00:02 - 2017-10-15 08:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
  358. 2017-11-15 00:02 - 2017-10-15 08:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
  359. 2017-11-15 00:02 - 2017-10-15 08:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
  360. 2017-11-15 00:02 - 2017-10-15 08:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
  361. 2017-11-15 00:02 - 2017-10-15 08:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
  362. 2017-11-15 00:02 - 2017-10-15 08:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
  363. 2017-11-15 00:01 - 2017-11-01 23:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
  364. 2017-11-15 00:01 - 2017-11-01 23:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
  365. 2017-11-15 00:01 - 2017-11-01 23:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
  366. 2017-11-15 00:01 - 2017-11-01 23:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
  367. 2017-11-15 00:01 - 2017-11-01 23:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
  368. 2017-11-15 00:01 - 2017-11-01 23:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
  369. 2017-11-15 00:01 - 2017-11-01 23:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
  370. 2017-11-15 00:01 - 2017-11-01 23:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
  371. 2017-11-15 00:01 - 2017-11-01 23:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
  372. 2017-11-15 00:01 - 2017-11-01 23:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
  373. 2017-11-15 00:01 - 2017-11-01 23:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
  374. 2017-11-15 00:01 - 2017-11-01 23:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
  375. 2017-11-15 00:01 - 2017-11-01 23:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
  376. 2017-11-15 00:01 - 2017-11-01 23:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
  377. 2017-11-15 00:01 - 2017-11-01 23:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
  378. 2017-11-15 00:01 - 2017-11-01 23:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
  379. 2017-11-15 00:01 - 2017-11-01 23:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
  380. 2017-11-15 00:01 - 2017-11-01 23:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
  381. 2017-11-15 00:01 - 2017-11-01 23:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
  382. 2017-11-15 00:01 - 2017-11-01 23:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
  383. 2017-11-15 00:01 - 2017-11-01 23:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
  384. 2017-11-15 00:01 - 2017-11-01 23:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
  385. 2017-11-15 00:01 - 2017-11-01 23:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
  386. 2017-11-15 00:01 - 2017-11-01 23:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
  387. 2017-11-15 00:01 - 2017-11-01 23:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
  388. 2017-11-15 00:01 - 2017-11-01 23:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
  389. 2017-11-15 00:01 - 2017-11-01 23:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
  390. 2017-11-15 00:01 - 2017-11-01 23:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
  391. 2017-11-15 00:01 - 2017-11-01 23:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
  392. 2017-11-15 00:01 - 2017-11-01 23:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
  393. 2017-11-15 00:01 - 2017-11-01 23:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
  394. 2017-11-15 00:01 - 2017-11-01 22:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
  395. 2017-11-15 00:01 - 2017-11-01 22:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
  396. 2017-11-15 00:01 - 2017-11-01 22:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
  397. 2017-11-15 00:01 - 2017-11-01 22:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
  398. 2017-11-15 00:01 - 2017-11-01 22:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
  399. 2017-11-15 00:01 - 2017-11-01 22:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
  400. 2017-11-15 00:01 - 2017-11-01 22:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
  401. 2017-11-15 00:01 - 2017-11-01 22:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
  402. 2017-11-15 00:01 - 2017-11-01 22:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
  403. 2017-11-15 00:01 - 2017-11-01 22:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
  404. 2017-11-15 00:01 - 2017-11-01 22:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
  405. 2017-11-15 00:01 - 2017-11-01 22:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
  406. 2017-11-15 00:01 - 2017-11-01 22:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
  407. 2017-11-15 00:01 - 2017-11-01 22:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
  408. 2017-11-15 00:01 - 2017-11-01 22:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
  409. 2017-11-15 00:01 - 2017-11-01 22:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
  410. 2017-11-15 00:01 - 2017-11-01 22:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
  411. 2017-11-15 00:01 - 2017-11-01 22:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
  412. 2017-11-15 00:01 - 2017-11-01 22:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
  413. 2017-11-15 00:01 - 2017-11-01 22:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
  414. 2017-11-15 00:01 - 2017-11-01 22:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
  415. 2017-11-15 00:01 - 2017-11-01 22:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
  416. 2017-11-15 00:01 - 2017-11-01 22:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
  417. 2017-11-15 00:01 - 2017-11-01 22:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
  418. 2017-11-15 00:01 - 2017-11-01 22:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
  419. 2017-11-15 00:01 - 2017-11-01 22:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
  420. 2017-11-15 00:01 - 2017-11-01 22:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
  421. 2017-11-15 00:01 - 2017-11-01 22:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
  422. 2017-11-15 00:01 - 2017-11-01 22:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
  423. 2017-11-15 00:01 - 2017-11-01 22:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
  424. 2017-11-15 00:01 - 2017-11-01 22:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
  425. 2017-11-15 00:01 - 2017-11-01 22:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
  426. 2017-11-15 00:01 - 2017-11-01 22:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
  427. 2017-11-15 00:01 - 2017-11-01 22:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
  428. 2017-11-15 00:01 - 2017-11-01 22:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
  429. 2017-11-15 00:01 - 2017-11-01 22:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
  430. 2017-11-15 00:01 - 2017-11-01 22:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
  431. 2017-11-15 00:01 - 2017-11-01 22:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
  432. 2017-11-15 00:01 - 2017-11-01 22:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
  433. 2017-11-15 00:01 - 2017-11-01 22:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
  434. 2017-11-15 00:01 - 2017-11-01 22:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
  435. 2017-11-15 00:01 - 2017-11-01 22:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
  436. 2017-11-15 00:01 - 2017-11-01 22:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
  437. 2017-11-15 00:01 - 2017-11-01 22:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
  438. 2017-11-15 00:01 - 2017-11-01 22:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
  439. 2017-11-15 00:01 - 2017-11-01 22:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
  440. 2017-11-15 00:01 - 2017-11-01 22:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
  441. 2017-11-15 00:01 - 2017-11-01 22:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
  442. 2017-11-15 00:01 - 2017-11-01 22:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
  443. 2017-11-15 00:01 - 2017-11-01 22:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
  444. 2017-11-15 00:01 - 2017-10-15 08:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
  445. 2017-11-15 00:01 - 2017-10-15 08:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
  446. 2017-11-15 00:01 - 2017-10-15 08:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
  447. 2017-11-15 00:01 - 2017-10-15 08:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
  448. 2017-11-15 00:01 - 2017-10-15 08:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
  449. 2017-11-15 00:01 - 2017-10-15 08:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
  450. 2017-11-15 00:01 - 2017-10-15 08:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
  451. 2017-11-15 00:01 - 2017-10-15 08:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
  452. 2017-11-15 00:01 - 2017-10-15 08:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
  453. 2017-11-15 00:01 - 2017-10-15 08:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
  454. 2017-11-15 00:01 - 2017-10-15 08:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
  455. 2017-11-15 00:01 - 2017-10-15 08:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
  456. 2017-11-15 00:01 - 2017-10-15 08:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
  457. 2017-11-15 00:01 - 2017-10-15 08:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
  458. 2017-11-15 00:01 - 2017-10-15 08:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
  459. 2017-11-15 00:01 - 2017-10-15 08:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
  460. 2017-11-14 22:35 - 2017-11-14 22:35 - 000002572 _____ C:\Users\Main\Downloads\error_log (2)
  461. 2017-11-14 22:26 - 2017-11-14 22:26 - 000000852 _____ C:\Users\Main\Downloads\error_log (1)
  462. 2017-11-14 22:24 - 2017-11-14 22:24 - 000000425 _____ C:\Users\Main\Downloads\error_log
  463. 2017-11-14 22:05 - 2017-11-14 22:05 - 000001492 _____ C:\Users\Main\Downloads\upload-manager.php
  464. 2017-11-13 19:06 - 2017-11-13 19:06 - 000978588 _____ C:\Users\Main\Downloads\CaroPackfotos.rar
  465. 2017-11-12 18:42 - 2017-11-12 18:42 - 000003349 _____ C:\Users\Main\Downloads\2017.11.08.Exceptions (1).zip
  466. 2017-11-12 18:41 - 2017-11-12 18:41 - 000002805 _____ C:\Users\Main\Downloads\2017.11.06.Streams.zip
  467. 2017-11-10 23:40 - 2017-11-10 23:40 - 012562884 _____ C:\Users\Main\Downloads\Remcos 1.7.rar
  468. 2017-11-10 14:14 - 2017-11-10 14:14 - 000015208 _____ C:\Users\Main\Desktop\SheepleComboMaker.jar
  469. 2017-11-10 13:58 - 2017-11-10 13:58 - 003061692 _____ C:\Users\Main\Downloads\proguard5.3.1.zip
  470. 2017-11-10 01:55 - 2017-11-10 01:55 - 000306733 _____ C:\Users\Main\Downloads\nimbus-jose-jwt-5.1.jar
  471. 2017-11-09 20:02 - 2017-11-09 20:02 - 000009114 _____ C:\Users\Main\Downloads\2017.10.30.JavaFXEvents (4).zip
  472. 2017-11-09 20:02 - 2017-11-09 20:02 - 000003349 _____ C:\Users\Main\Downloads\2017.11.08.Exceptions.zip
  473. 2017-11-09 20:02 - 2017-11-08 12:49 - 000002028 _____ C:\Users\Main\Desktop\Main.java
  474. 2017-11-09 16:23 - 2017-11-09 16:23 - 000009114 _____ C:\Users\Main\Downloads\2017.10.30.JavaFXEvents (3).zip
  475. 2017-11-09 16:18 - 2017-11-09 16:18 - 000074735 _____ C:\Users\Main\Downloads\zyLba09-JavaFX-Events (3).pdf
  476. 2017-11-09 05:32 - 2017-11-09 05:32 - 036248176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
  477. 2017-11-09 05:32 - 2017-11-09 05:32 - 000989808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
  478. 2017-11-09 05:32 - 2017-11-09 05:32 - 000624240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
  479. 2017-11-09 05:32 - 2017-11-09 05:32 - 000514672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
  480. 2017-11-09 05:31 - 2017-11-09 05:31 - 000940984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
  481. 2017-11-09 05:31 - 2017-11-09 05:31 - 000054192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
  482. 2017-11-09 05:30 - 2017-11-09 05:30 - 004210288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
  483. 2017-11-09 05:30 - 2017-11-09 05:30 - 001997744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438813.dll
  484. 2017-11-09 05:30 - 2017-11-09 05:30 - 001682544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438813.dll
  485. 2017-11-09 05:30 - 2017-11-09 05:30 - 001108408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
  486. 2017-11-09 05:30 - 2017-11-09 05:30 - 000748144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
  487. 2017-11-09 05:30 - 2017-11-09 05:30 - 000607160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
  488. 2017-11-09 05:29 - 2017-11-09 05:29 - 040246384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
  489. 2017-11-09 05:29 - 2017-11-09 05:29 - 035165624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
  490. 2017-11-09 05:29 - 2017-11-09 05:29 - 003623024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
  491. 2017-11-09 04:48 - 2017-11-09 04:48 - 023474480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
  492. 2017-11-09 04:48 - 2017-11-09 04:48 - 019212720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
  493. 2017-11-09 04:48 - 2017-11-09 04:48 - 013379352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
  494. 2017-11-09 04:48 - 2017-11-09 04:48 - 010986776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
  495. 2017-11-09 04:48 - 2017-11-09 04:48 - 001154288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
  496. 2017-11-09 04:48 - 2017-11-09 04:48 - 000902312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
  497. 2017-11-09 04:48 - 2017-11-09 04:48 - 000633256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
  498. 2017-11-09 04:47 - 2017-11-09 04:47 - 013994128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
  499. 2017-11-09 04:47 - 2017-11-09 04:47 - 011891200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
  500. 2017-11-09 04:47 - 2017-11-09 04:47 - 001351792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
  501. 2017-11-09 04:47 - 2017-11-09 04:47 - 001342000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
  502. 2017-11-09 04:47 - 2017-11-09 04:47 - 001062920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
  503. 2017-11-09 04:47 - 2017-11-09 04:47 - 001056720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
  504. 2017-11-09 04:47 - 2017-11-09 04:47 - 000810304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
  505. 2017-11-09 04:47 - 2017-11-09 04:47 - 000648728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
  506. 2017-11-08 15:09 - 2017-11-08 15:09 - 000005470 _____ C:\Users\Main\Downloads\2017.10.30.JavaFXEvents (2).zip
  507. 2017-11-08 15:01 - 2017-11-08 15:01 - 000005696 _____ C:\Users\Main\Downloads\2017.11.03.javaFX-Rect.zip
  508. 2017-11-08 15:01 - 2017-11-08 15:01 - 000005470 _____ C:\Users\Main\Downloads\2017.10.30.JavaFXEvents (1).zip
  509. 2017-11-08 14:46 - 2017-11-08 14:46 - 000074735 _____ C:\Users\Main\Downloads\zyLba09-JavaFX-Events (2).pdf
  510. 2017-11-08 14:34 - 2017-11-08 14:34 - 000074735 _____ C:\Users\Main\Downloads\zyLba09-JavaFX-Events (1).pdf
  511. 2017-11-07 17:41 - 2017-11-07 17:41 - 000017204 _____ C:\Users\Main\Downloads\ModuleMarker.rar
  512. 2017-11-07 17:41 - 2017-11-07 17:41 - 000017204 _____ C:\Users\Main\Downloads\ModuleMarker (1).rar
  513. 2017-11-07 17:05 - 2017-11-07 17:05 - 021372845 _____ C:\Users\Main\Downloads\SQLi_Dumper_9.2.1_Cracked_by_CN$quad_NextGenZ_&_Bleach.rar
  514. 2017-11-07 16:14 - 2017-11-07 16:14 - 000004108 _____ C:\Users\Main\Downloads\114+spotify.txt
  515. 2017-11-04 17:37 - 2017-11-04 17:37 - 001097492 _____ C:\Users\Main\Downloads\Ultimate Ewhoring Guide www.ebookleaks.org (1).rar
  516. 2017-11-03 11:56 - 2017-11-03 11:56 - 001127082 _____ C:\Users\Main\Downloads\fwdsomenudes.zip
  517. 2017-11-02 15:52 - 2017-11-02 18:09 - 000000125 _____ C:\Users\Main\Desktop\New Text Document.txt
  518. 2017-11-02 15:37 - 2017-11-02 15:37 - 000015764 _____ C:\Users\Main\Downloads\index (3).html
  519. 2017-11-02 15:12 - 2017-11-02 15:12 - 000015532 _____ C:\Users\Main\Downloads\index (2).html
  520. 2017-11-01 22:14 - 2017-11-01 22:14 - 000015532 _____ C:\Users\Main\Downloads\charl
  521. 2017-11-01 20:53 - 2017-11-01 20:53 - 000016921 _____ C:\Users\Main\Downloads\index (1).html
  522. 2017-11-01 20:52 - 2017-11-01 20:52 - 003450877 _____ C:\Users\Main\Desktop\assets.zip
  523. 2017-11-01 20:51 - 2017-11-02 15:37 - 000000000 ____D C:\Users\Main\Desktop\assets
  524. 2017-11-01 20:48 - 2017-11-01 20:48 - 003450077 _____ C:\Users\Main\Desktop\asse2ts.zip
  525. 2017-11-01 17:25 - 2017-11-01 17:25 - 000123041 _____ C:\Users\Main\Downloads\zyLba08-JavaFX (1).pdf
  526. 2017-11-01 16:51 - 2017-11-01 16:51 - 000006886 _____ C:\Users\Main\Downloads\2017.10.25.SalaryGridPane (3).zip
  527. 2017-11-01 15:46 - 2017-11-01 15:46 - 000000000 ____D C:\Users\Main\Desktop\CS140_150
  528. 2017-11-01 15:30 - 2017-11-01 15:30 - 000002841 _____ C:\Users\Main\Downloads\2017.10.23.JavaFX (3).zip
  529. 2017-11-01 15:26 - 2017-11-01 15:26 - 000005470 _____ C:\Users\Main\Downloads\2017.10.30.JavaFXEvents.zip
  530. 2017-11-01 15:21 - 2017-11-01 15:21 - 000004360 _____ C:\Users\Main\Downloads\2017.10.25.SalaryGridPane (2).zip
  531. 2017-11-01 15:21 - 2017-11-01 15:21 - 000004360 _____ C:\Users\Main\Desktop\2017.10.25.SalaryGridPane (2).zip
  532. 2017-11-01 15:21 - 2017-11-01 15:21 - 000002841 _____ C:\Users\Main\Downloads\2017.10.23.JavaFX (2).zip
  533. 2017-11-01 15:21 - 2017-11-01 15:21 - 000002841 _____ C:\Users\Main\Desktop\2017.10.23.JavaFX (2).zip
  534. 2017-11-01 15:20 - 2017-11-01 15:20 - 000006886 _____ C:\Users\Main\Downloads\2017.10.25.SalaryGridPane (1).zip
  535. 2017-11-01 15:20 - 2017-11-01 15:20 - 000004360 _____ C:\Users\Main\Downloads\2017.10.25.SalaryGridPane.zip
  536. 2017-11-01 15:20 - 2017-11-01 15:20 - 000002841 _____ C:\Users\Main\Downloads\2017.10.23.JavaFX (1).zip
  537. 2017-11-01 15:20 - 2017-11-01 15:20 - 000002634 _____ C:\Users\Main\Downloads\2017.10.23.JavaFX.zip
  538. 2017-11-01 15:13 - 2017-11-01 15:13 - 000123041 _____ C:\Users\Main\Downloads\zyLba08-JavaFX.pdf
  539. 2017-11-01 15:13 - 2017-11-01 15:13 - 000074735 _____ C:\Users\Main\Downloads\zyLba09-JavaFX-Events.pdf
  540. 2017-11-01 14:42 - 2017-11-01 14:42 - 000017381 _____ C:\Users\Main\Downloads\index.html
  541. 2017-11-01 14:20 - 2017-11-01 14:26 - 000000000 ____D C:\Users\Main\Desktop\chive
  542. 2017-11-01 14:05 - 2017-11-01 14:05 - 002557206 _____ C:\Users\Main\Downloads\Ewhorng.pdf
  543. 2017-10-31 19:22 - 2017-10-31 19:23 - 185725517 _____ C:\Users\Main\Downloads\The virtual geisha.zip
  544. 2017-10-31 14:07 - 2017-10-31 14:07 - 005220911 _____ C:\Users\Main\Downloads\vnmeio.exe
  545. 2017-10-31 14:03 - 2017-10-31 14:03 - 005220911 _____ C:\Users\Main\Desktop\PyStealer_client2.exe
  546. 2017-10-31 13:44 - 2017-10-31 13:44 - 000402215 _____ C:\Users\Main\Downloads\Free Sports Items.pdf
  547. 2017-10-31 13:25 - 2017-11-07 17:22 - 000001979 _____ C:\Users\Main\Desktop\stub.py
  548. 2017-10-31 13:08 - 2017-10-31 13:08 - 000144714 _____ C:\Users\Main\Downloads\cx_Freeze-5.0.2-cp27-cp27m-win32.whl
  549. 2017-10-31 13:01 - 2017-10-31 13:01 - 000201234 _____ C:\Users\Main\Downloads\py2exe-0.6.9.win32-py2.7.exe
  550. 2017-10-31 12:51 - 2017-10-31 13:10 - 000000000 ____D C:\Users\Main\Documents\PyStealer
  551. 2017-10-31 12:51 - 2017-10-31 12:51 - 008956593 _____ C:\Users\Main\Downloads\PyStealer Setup (1).exe
  552. 2017-10-31 12:51 - 2017-10-31 12:51 - 000001649 _____ C:\Users\Main\Desktop\PyStealer.lnk
  553. 2017-10-31 12:39 - 2017-10-31 12:39 - 000854072 _____ (Simon Tatham) C:\Users\Main\putty.exe
  554. 2017-10-31 12:39 - 2017-10-31 12:39 - 000000612 _____ C:\Users\Main\download.vbs
  555. 2017-10-31 11:47 - 2017-10-31 11:47 - 008956593 _____ C:\Users\Main\Downloads\PyStealer Setup.exe
  556. 2017-10-31 11:47 - 2017-10-31 11:47 - 008956593 _____ C:\Users\Main\Desktop\PyStealer Setup.exe
  557. 2017-10-30 22:09 - 2017-10-30 22:09 - 003462382 _____ C:\Users\Main\Downloads\iStick_Power_V1.03 (1).zip
  558. 2017-10-30 22:09 - 2016-11-01 01:01 - 000039828 _____ C:\Users\Main\Desktop\iStick_Power_V1.03.bin
  559. 2017-10-29 13:28 - 2017-11-20 14:49 - 000000000 ____D C:\Users\Main\.MemuHyperv
  560. 2017-10-29 13:28 - 2017-11-19 18:08 - 000000000 ____D C:\Users\Main\Downloads\MEmu Download
  561. 2017-10-29 13:28 - 2017-10-29 13:28 - 000000607 _____ C:\Users\Main\Desktop\MEmu.lnk
  562. 2017-10-29 13:28 - 2017-10-29 13:28 - 000000000 ____D C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu
  563. 2017-10-29 13:17 - 2017-10-29 13:18 - 344913872 _____ (Microvirt Software Technology Co. Ltd.) C:\Users\Main\Downloads\Memu-Setup-3.5.0.2.exe
  564. 2017-10-26 23:25 - 2017-10-26 23:25 - 000048640 _____ C:\Users\Main\Downloads\KA34s Cheats (3).exe
  565. 2017-10-26 23:25 - 2017-10-26 23:25 - 000048640 _____ C:\Users\Main\Desktop\KA34s Cheats (3).exe
  566. 2017-10-26 22:42 - 2017-10-26 22:43 - 714340664 _____ (Google Inc.) C:\Users\Main\Downloads\android-studio-ide-171.4408382-windows.exe
  567. 2017-10-26 12:47 - 2017-10-26 12:47 - 007140873 _____ C:\Users\Main\Downloads\pidgin-otr-4.0.2.exe
  568. 2017-10-26 12:47 - 2017-10-26 12:47 - 000000000 ____D C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pidgin-otr
  569. 2017-10-26 12:47 - 2017-10-26 12:47 - 000000000 ____D C:\Program Files (x86)\pidgin-otr
  570. 2017-10-26 01:57 - 2017-10-26 01:57 - 000000000 ____D C:\Users\Main\AppData\Local\Wondershare
  571. 2017-10-26 01:57 - 2017-10-26 01:57 - 000000000 ____D C:\ProgramData\Wondershare
  572. 2017-10-26 01:57 - 2017-10-26 01:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
  573. 2017-10-26 01:56 - 2017-10-26 02:00 - 000000000 ____D C:\Users\Main\Documents\Wondershare Filmora
  574. 2017-10-26 01:56 - 2017-10-26 01:56 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
  575. 2017-10-26 01:56 - 2017-10-26 01:56 - 000000000 ____D C:\Program Files\Wondershare
  576. 2017-10-26 01:56 - 2017-03-17 10:43 - 001250304 _____ (CineForm Inc.) C:\WINDOWS\system32\CFDecode64.ax
  577. 2017-10-26 01:55 - 2017-10-26 01:57 - 000000000 ____D C:\Users\Public\Documents\Wondershare
  578. 2017-10-26 01:55 - 2017-10-26 01:55 - 001034976 _____ C:\Users\Main\Downloads\filmora_setup_full846.exe
  579. 2017-10-26 00:13 - 2017-10-29 19:12 - 000000000 ____D C:\Users\Main\Desktop\New folder
  580. 2017-10-26 00:07 - 2017-10-26 00:07 - 000086350 _____ C:\Users\Main\Downloads\KeyFramesMovie64.zip
  581. 2017-10-25 23:57 - 2017-10-25 23:57 - 000501163 _____ C:\Users\Main\Downloads\fraktal_sft64.zip
  582. 2017-10-25 15:03 - 2017-10-25 15:03 - 000574648 _____ C:\Users\Main\Downloads\NeeonnUS Cracked.rar
  583. 2017-10-25 12:50 - 2017-10-25 12:50 - 000104047 _____ C:\Users\Main\Downloads\zyLba07-GUI.pdf
  584. 2017-10-25 12:48 - 2017-10-25 12:48 - 000004688 _____ C:\Users\Main\Downloads\2017.10.18.GUI-GridBag.zip
  585. 2017-10-25 12:48 - 2017-10-25 12:48 - 000002859 _____ C:\Users\Main\Downloads\2017.10.18.GUI-TextField.zip
  586. 2017-10-25 12:36 - 2017-10-25 12:36 - 000003322 _____ C:\Users\Main\Downloads\zyLab07-GUI.zip
  587. 2017-10-24 15:13 - 2017-11-01 20:43 - 006016228 _____ C:\Users\Main\Desktop\assets4.zip
  588. 2017-10-24 14:51 - 2017-10-24 14:51 - 002569427 _____ C:\Users\Main\Downloads\DJ Kranks Free Website Template - Free-CSS.com.zip
  589. 2017-10-24 14:19 - 2017-10-24 14:19 - 007905536 _____ (Tim Kosse) C:\Users\Main\Downloads\FileZilla_3.28.0_win64-setup.exe
  590. 2017-10-23 17:52 - 2017-10-23 17:52 - 000000000 _____ C:\Users\Main\Downloads\index.php
  591. 2017-10-22 17:50 - 2017-10-22 17:50 - 001466176 _____ C:\Users\Main\Downloads\RA4WVPN Setup Guide v2.0.pdf
  592. 2017-10-22 00:59 - 2017-11-19 20:51 - 000000132 _____ C:\Users\Main\Desktop\movies.txt
  593. 2017-10-21 13:00 - 2017-11-20 16:16 - 000000000 ____D C:\Users\Main\AppData\Roaming\.purple
  594. 2017-10-21 13:00 - 2017-10-21 13:00 - 000001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
  595. 2017-10-21 12:59 - 2017-10-26 12:47 - 000000000 ____D C:\Program Files (x86)\Pidgin
  596. 2017-10-21 12:59 - 2017-10-21 12:59 - 008807144 _____ C:\Users\Main\Downloads\pidgin-2.12.0.exe
  597.  
  598. ==================== One Month Modified files and folders ========
  599.  
  600. (If an entry is included in the fixlist, the file/folder will be moved.)
  601.  
  602. 2017-11-20 16:35 - 2017-07-27 15:22 - 000000000 ____D C:\FRST
  603. 2017-11-20 16:35 - 2017-05-11 11:00 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C279C7BB-5D2E-4292-A0C8-0258D83FC413}
  604. 2017-11-20 16:30 - 2017-01-22 15:30 - 000000000 ____D C:\Program Files (x86)\Steam
  605. 2017-11-20 16:29 - 2017-01-22 15:10 - 000000000 ____D C:\ProgramData\NVIDIA
  606. 2017-11-20 16:27 - 2017-05-11 11:03 - 001464318 _____ C:\WINDOWS\system32\PerfStringBackup.INI
  607. 2017-11-20 16:23 - 2017-05-11 11:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
  608. 2017-11-20 16:23 - 2017-05-11 10:57 - 000000000 ____D C:\Users\Main
  609. 2017-11-20 16:23 - 2017-03-18 15:01 - 000000000 ____D C:\WINDOWS\INF
  610. 2017-11-20 16:01 - 2017-05-11 10:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
  611. 2017-11-20 14:59 - 2017-04-25 10:57 - 000000000 ____D C:\Users\Main\AppData\Local\Adobe
  612. 2017-11-20 06:30 - 2017-02-09 00:31 - 000000000 ____D C:\Users\Main\AppData\Local\CrashDumps
  613. 2017-11-20 05:08 - 2017-04-10 15:06 - 000000000 ____D C:\Users\Main\.zenmap
  614. 2017-11-20 04:48 - 2017-04-10 15:05 - 000000000 ____D C:\Program Files (x86)\Nmap
  615. 2017-11-20 04:35 - 2017-04-10 15:06 - 000000000 ____D C:\Program Files\Npcap
  616. 2017-11-20 03:23 - 2017-04-28 11:13 - 000000000 ____D C:\Users\Main\AppData\Local\Arduino15
  617. 2017-11-20 03:07 - 2017-07-31 13:16 - 000001649 _____ C:\Users\Main\Desktop\pay.txt
  618. 2017-11-20 03:04 - 2017-03-08 23:39 - 000000000 ____D C:\Users\Main\AppData\Local\Eclipse
  619. 2017-11-20 03:04 - 2017-03-08 23:34 - 000000000 ____D C:\Users\Main\.p2
  620. 2017-11-20 03:01 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\AppReadiness
  621. 2017-11-20 02:17 - 2017-05-02 15:53 - 000000000 ____D C:\Users\Main\Desktop\BlueJ
  622. 2017-11-19 20:52 - 2017-03-08 23:19 - 000000000 ____D C:\Users\Main\AppData\Local\Spotify
  623. 2017-11-19 20:51 - 2017-03-08 23:17 - 000000000 ____D C:\Users\Main\AppData\Roaming\Spotify
  624. 2017-11-18 08:31 - 2017-03-18 15:03 - 000000000 ___HD C:\Program Files\WindowsApps
  625. 2017-11-17 18:49 - 2017-02-01 19:45 - 000000000 ____D C:\ProgramData\Package Cache
  626. 2017-11-17 17:29 - 2017-04-15 16:57 - 000000000 ____D C:\Users\Main\AppData\Local\UnrealEngine
  627. 2017-11-17 14:04 - 2017-05-13 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
  628. 2017-11-17 14:04 - 2017-05-11 10:56 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
  629. 2017-11-16 13:33 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\rescache
  630. 2017-11-16 04:41 - 2017-05-11 11:00 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
  631. 2017-11-16 04:41 - 2017-04-25 10:56 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
  632. 2017-11-16 04:41 - 2017-04-25 10:56 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
  633. 2017-11-15 14:29 - 2017-01-22 15:01 - 000002278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  634. 2017-11-15 14:29 - 2017-01-22 15:01 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  635. 2017-11-15 14:28 - 2017-06-09 11:36 - 000000000 ___RD C:\Users\Main\Creative Cloud Files
  636. 2017-11-15 14:28 - 2017-01-22 14:50 - 000000000 __RHD C:\Users\Public\AccountPictures
  637. 2017-11-15 14:27 - 2017-06-12 17:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
  638. 2017-11-15 14:27 - 2017-06-12 17:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
  639. 2017-11-15 14:27 - 2017-05-11 10:56 - 000237024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
  640. 2017-11-15 02:14 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
  641. 2017-11-15 02:14 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
  642. 2017-11-15 02:14 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\Provisioning
  643. 2017-11-15 02:14 - 2017-03-18 15:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
  644. 2017-11-15 02:14 - 2017-03-18 15:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
  645. 2017-11-15 02:14 - 2017-03-18 05:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
  646. 2017-11-15 00:04 - 2017-03-18 14:51 - 000000000 ____D C:\WINDOWS\CbsTemp
  647. 2017-11-14 22:13 - 2017-10-19 17:12 - 000000000 ____D C:\Users\Main\Desktop\wannacry-version2
  648. 2017-11-13 22:26 - 2017-05-11 11:00 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
  649. 2017-11-13 22:26 - 2017-05-11 11:00 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
  650. 2017-11-10 21:46 - 2017-06-12 17:21 - 000000000 ____D C:\Users\Main\AppData\LocalLow\Mozilla
  651. 2017-11-10 14:15 - 2017-01-29 15:15 - 000000643 _____ C:\Users\Main\Desktop\jd-gui.cfg
  652. 2017-11-10 02:50 - 2017-06-15 08:54 - 000000000 ____D C:\Users\Main\Desktop\Sheeple
  653. 2017-11-09 23:18 - 2017-06-12 16:26 - 000000000 ____D C:\Users\Main\AppData\Local\YoMail
  654. 2017-11-09 05:32 - 2017-10-20 13:38 - 029279672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
  655. 2017-11-09 05:31 - 2017-01-04 15:27 - 001624168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
  656. 2017-11-09 05:30 - 2017-10-20 13:38 - 001039800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
  657. 2017-11-09 05:30 - 2017-01-04 15:27 - 000233904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
  658. 2017-11-09 04:47 - 2017-05-13 21:29 - 003859848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
  659. 2017-11-09 04:47 - 2017-01-04 15:08 - 004533184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
  660. 2017-11-09 04:08 - 2017-01-04 10:11 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
  661. 2017-11-04 19:40 - 2017-03-18 15:06 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
  662. 2017-11-04 19:40 - 2017-03-18 15:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
  663. 2017-11-03 16:57 - 2017-07-27 15:47 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2480641496-3029473293-3521873248-1001
  664. 2017-11-03 16:57 - 2017-01-22 14:51 - 000002370 _____ C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
  665. 2017-11-03 16:57 - 2017-01-22 14:51 - 000000000 ___RD C:\Users\Main\OneDrive
  666. 2017-10-31 14:21 - 2017-05-14 20:29 - 000000000 ____D C:\Users\Main\AppData\Roaming\FileZilla
  667. 2017-10-31 13:10 - 2017-02-08 16:01 - 000000000 ____D C:\Python27
  668. 2017-10-31 12:57 - 2017-05-14 20:29 - 000000000 ____D C:\Users\Main\AppData\Local\FileZilla
  669. 2017-10-31 12:30 - 2017-05-11 18:52 - 000000000 ____D C:\Users\Main\Desktop\Duckuino-master
  670. 2017-10-31 12:05 - 2017-04-28 11:13 - 000000000 ____D C:\Users\Main\Documents\Arduino
  671. 2017-10-30 21:37 - 2017-06-07 14:02 - 000000156 _____ C:\update.cfg
  672. 2017-10-30 18:18 - 2017-06-13 11:04 - 000000000 ____D C:\Users\Main\.android
  673. 2017-10-30 18:17 - 2017-07-29 16:52 - 000000000 ____D C:\Users\Main\vmlogs
  674. 2017-10-30 18:17 - 2017-07-29 16:51 - 000000000 ____D C:\Users\Main\.BigNox
  675. 2017-10-30 18:17 - 2017-07-29 16:49 - 000000000 ____D C:\Users\Main\AppData\Local\Nox
  676. 2017-10-27 10:36 - 2017-02-07 21:54 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
  677. 2017-10-27 10:12 - 2017-05-11 10:57 - 005960824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
  678. 2017-10-27 10:12 - 2017-05-11 10:57 - 002587768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
  679. 2017-10-27 10:12 - 2017-05-11 10:57 - 001766520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
  680. 2017-10-27 10:12 - 2017-05-11 10:57 - 000607168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
  681. 2017-10-27 10:12 - 2017-05-11 10:57 - 000449656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
  682. 2017-10-27 10:12 - 2017-05-11 10:57 - 000123000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
  683. 2017-10-27 10:12 - 2017-05-11 10:57 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
  684. 2017-10-26 21:13 - 2017-05-14 20:19 - 007050154 _____ C:\Users\Main\Desktop\ducky-bot-1.5.2.zip
  685. 2017-10-26 02:02 - 2017-07-22 22:14 - 000000000 ____D C:\Users\Main\AppData\Roaming\vlc
  686. 2017-10-25 15:12 - 2017-01-30 14:10 - 000000000 ____D C:\Users\Main\Desktop\Python
  687. 2017-10-25 04:33 - 2017-05-11 10:57 - 007802921 _____ C:\WINDOWS\system32\nvcoproc.bin
  688. 2017-10-24 14:25 - 2017-05-14 20:29 - 000000000 ____D C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
  689. 2017-10-23 15:45 - 2017-05-14 11:25 - 000000000 ____D C:\Users\Main\AppData\Local\NVIDIA Corporation
  690.  
  691. ==================== Files in the root of some directories =======
  692.  
  693. 2017-10-31 12:39 - 2017-10-31 12:39 - 000000612 _____ () C:\Users\Main\download.vbs
  694. 2017-10-31 12:39 - 2017-10-31 12:39 - 000854072 _____ (Simon Tatham) C:\Users\Main\putty.exe
  695. 2017-02-11 13:16 - 2017-02-11 13:16 - 000000600 _____ () C:\Users\Main\AppData\Local\PUTTY.RND
  696. 2017-05-03 13:44 - 2017-07-16 12:59 - 000007605 _____ () C:\Users\Main\AppData\Local\Resmon.ResmonCfg
  697. 2017-02-27 15:25 - 2017-02-27 15:25 - 000000003 _____ () C:\Users\Main\AppData\Local\updater.log
  698. 2017-02-27 15:25 - 2017-05-06 14:48 - 000000425 _____ () C:\Users\Main\AppData\Local\UserProducts.xml
  699. 2017-04-10 15:06 - 2017-04-10 15:06 - 000000000 _____ () C:\Users\Main\AppData\Local\zenmap.exe.log
  700.  
  701. Some files in TEMP:
  702. ====================
  703. 2017-05-13 21:31 - 2017-05-01 14:14 - 000754680 ____N (NVIDIA Corporation) C:\Users\Main\AppData\Local\Temp\nvSCPAPI.dll
  704. 2017-10-20 13:38 - 2017-05-01 14:14 - 000367552 _____ (NVIDIA Corporation) C:\Users\Main\AppData\Local\Temp\nvStInst.exe
  705. 2017-10-31 12:42 - 2017-10-31 12:43 - 000854072 _____ (Simon Tatham) C:\Users\Main\AppData\Local\Temp\putty.exe
  706. 2017-10-29 13:28 - 2017-11-20 14:50 - 000492544 _____ () C:\Users\Main\AppData\Local\Temp\s3.exe
  707. 2017-10-31 14:09 - 2017-11-20 03:19 - 005220911 _____ () C:\Users\Main\AppData\Local\Temp\vnmeio.exe
  708.  
  709. ==================== Bamital & volsnap ======================
  710.  
  711. (There is no automatic fix for files that do not pass verification.)
  712.  
  713. C:\WINDOWS\system32\winlogon.exe => File is digitally signed
  714. C:\WINDOWS\system32\wininit.exe => File is digitally signed
  715. C:\WINDOWS\explorer.exe => File is digitally signed
  716. C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
  717. C:\WINDOWS\system32\svchost.exe => File is digitally signed
  718. C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
  719. C:\WINDOWS\system32\services.exe => File is digitally signed
  720. C:\WINDOWS\system32\User32.dll => File is digitally signed
  721. C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
  722. C:\WINDOWS\system32\userinit.exe => File is digitally signed
  723. C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
  724. C:\WINDOWS\system32\rpcss.dll => File is digitally signed
  725. C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
  726. C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
  727. C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
  728.  
  729. LastRegBack: 2017-11-19 16:52
  730.  
  731. ==================== End of FRST.txt ============================
  732.  
  733. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2017
  734. Ran by Main (20-11-2017 16:35:48)
  735. Running from C:\Users\Main\Desktop
  736. Windows 10 Education Version 1703 15063.726 (X64) (2017-05-11 17:02:38)
  737. Boot Mode: Normal
  738. ==========================================================
  739.  
  740.  
  741. ==================== Accounts: =============================
  742.  
  743. Administrator (S-1-5-21-2480641496-3029473293-3521873248-500 - Administrator - Disabled)
  744. DefaultAccount (S-1-5-21-2480641496-3029473293-3521873248-503 - Limited - Disabled)
  745. defaultuser0 (S-1-5-21-2480641496-3029473293-3521873248-1000 - Limited - Disabled) => C:\Users\defaultuser0
  746. Guest (S-1-5-21-2480641496-3029473293-3521873248-501 - Limited - Disabled)
  747. Main (S-1-5-21-2480641496-3029473293-3521873248-1001 - Administrator - Enabled) => C:\Users\Main
  748.  
  749. ==================== Security Center ========================
  750.  
  751. (If an entry is included in the fixlist, it will be removed.)
  752.  
  753. AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  754. AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  755.  
  756. ==================== Installed Programs ======================
  757.  
  758. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  759.  
  760. µTorrent (HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
  761. Adobe Acrobat DC (2015) (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0E0F06755100}) (Version: 15.006.30392 - Adobe Systems Incorporated)
  762. Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
  763. Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
  764. Arduino (HKLM-x32\...\Arduino) (Version: 1.8.2 - Arduino LLC)
  765. Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
  766. Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
  767. Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
  768. Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
  769. BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.7 - BlueJ Team)
  770. CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
  771. Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
  772. Discord (HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
  773. DZLauncher version 0.1.5.5 (HKLM-x32\...\{1E299AE2-74C8-4CD8-6B17-A86E0ED3C4D2}_is1) (Version: 0.1.5.5 - Maca134)
  774. EmEditor (32-bit) (HKLM-x32\...\{06DD37B4-9562-4023-AD14-FA006BFE0A21}) (Version: 16.4.0 - Emurasoft, Inc.)
  775. Epic Games Launcher (HKLM-x32\...\{80B15934-444B-4B4F-B2A9-439FCCBA4C81}) (Version: 1.1.132.0 - Epic Games, Inc.)
  776. Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
  777. FileZilla Client 3.28.0 (HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\FileZilla Client) (Version: 3.28.0 - Tim Kosse)
  778. FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.60 - FileZilla Project)
  779. GnuWin32: Wget-1.11.4-1 (HKLM-x32\...\Wget-1.11.4-1_is1) (Version: 1.11.4-1 - GnuWin32)
  780. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
  781. Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
  782. Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
  783. Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
  784. Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
  785. JetBrains PyCharm Edu 3.5 (HKLM-x32\...\PyCharm Edu 3.5) (Version: 163.12429 - JetBrains s.r.o.)
  786. Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
  787. Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
  788. Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
  789. MEmu (HKLM-x32\...\MEmu) (Version: 3.5.0.0 - Microvirt Software Technology Co. Ltd.)
  790. Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
  791. Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
  792. Microsoft OneDrive (HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
  793. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
  794. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
  795. Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
  796. Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
  797. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
  798. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  799. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
  800. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  801. Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
  802. Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
  803. Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
  804. Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
  805. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
  806. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
  807. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
  808. Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
  809. Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
  810. Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
  811. Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.4.0.6486 - Mozilla)
  812. Mozilla Thunderbird 52.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.4.0 (x86 en-US)) (Version: 52.4.0 - Mozilla)
  813. MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
  814. MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
  815. Nmap 7.60 (HKLM-x32\...\Nmap) (Version: 7.60 - )
  816. Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.1 - Notepad++ Team)
  817. Nox APP Player (HKLM-x32\...\Nox) (Version: 5.0.0.0 - Duodian Technology Co. Ltd.)
  818. Npcap 0.93 (HKLM-x32\...\NpcapInst) (Version: 0.93 - Nmap Project)
  819. NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
  820. NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
  821. NVIDIA Alien vs. Triangles demo (HKLM-x32\...\Alien vs. Triangles) (Version: 1.0 - NVIDIA Corporation)
  822. NVIDIA Apollo 11 Demo (HKLM-x32\...\Apollo 11) (Version: 1.05 - NVIDIA Corporation)
  823. NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
  824. NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
  825. NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
  826. NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
  827. OpenAL (HKLM-x32\...\OpenAL) (Version: - )
  828. OpenVPN 2.4.0-I601 (HKLM\...\OpenVPN) (Version: 2.4.0-I601 - OpenVPN Technologies, Inc.)
  829. Origin (HKLM-x32\...\Origin) (Version: 10.4.8.36918 - Electronic Arts, Inc.)
  830. Pidgin (HKLM-x32\...\Pidgin) (Version: 2.12.0 - )
  831. pidgin-otr 4.0.2 (HKLM-x32\...\pidgin-otr) (Version: 4.0.2 - Cypherpunks CA)
  832. Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
  833. PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
  834. PuTTY (HKLM-x32\...\{ED9EF59B-0799-428E-823D-6D2B7B4FE2E0}) (Version: 0.67.0.0 - Simon Tatham)
  835. PyStealer (HKLM-x32\...\PyStealer) (Version: - )
  836. Python 2.7 (64-bit) (HKLM\...\{20C31435-2A0A-4580-BE8B-AC06FC243CA5}) (Version: 2.7.150 - Python Software Foundation)
  837. Python 2.7 py2exe-0.6.9 (HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\py2exe-py2.7) (Version: - )
  838. Python 3.6.1 (32-bit) (HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\{1babc3bc-6a32-44f7-bf4d-60eec36c9ad1}) (Version: 3.6.1150.0 - Python Software Foundation)
  839. Python 3.6.1 Add to Path (32-bit) (HKLM-x32\...\{ED8BD450-5015-4CB3-95B5-2D93F23E111B}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  840. Python 3.6.1 Core Interpreter (32-bit) (HKLM-x32\...\{E63E60CA-437B-4894-8395-81F2F66483B0}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  841. Python 3.6.1 Development Libraries (32-bit) (HKLM-x32\...\{3029D656-0C32-4AC9-84FB-A15056F356CC}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  842. Python 3.6.1 Documentation (32-bit) (HKLM-x32\...\{D1198C40-C6F5-4FFB-B98C-79BF1FE706C1}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  843. Python 3.6.1 Executables (32-bit) (HKLM-x32\...\{A7036382-80F1-4FC1-B244-D31AA50337F4}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  844. Python 3.6.1 pip Bootstrap (32-bit) (HKLM-x32\...\{899F7F28-F6D3-4E5B-8FBE-F7929036172A}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  845. Python 3.6.1 Standard Library (32-bit) (HKLM-x32\...\{3BCCB89B-CD98-4F78-8436-78847FABFD68}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  846. Python 3.6.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F6ED0771-FE83-4A1C-BE65-A06CB65B46D5}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  847. Python 3.6.1 Test Suite (32-bit) (HKLM-x32\...\{F44EF183-905E-48BB-998E-53FC99B36FE3}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  848. Python 3.6.1 Utility Scripts (32-bit) (HKLM-x32\...\{2AA7DAB3-6778-42A7-9F33-22615234540E}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  849. Python Launcher (HKLM-x32\...\{323AC113-C6CE-4F99-842F-4936332D055A}) (Version: 3.6.5923.0 - Python Software Foundation)
  850. Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.3.6 - Razer Inc.)
  851. Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
  852. Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
  853. RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
  854. Spotify (HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
  855. Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
  856. TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
  857. TeamSpeak 3 Client (HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH)
  858. Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
  859. Uplay (HKLM-x32\...\Uplay) (Version: 25.0 - Ubisoft)
  860. VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.19 - IDRIX)
  861. VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
  862. Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
  863. Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
  864. WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
  865. WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
  866. Wireshark 2.2.6 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.6 - The Wireshark developer community, hxxps://www.wireshark.org)
  867. Wondershare Filmora(Build 8.4.0) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
  868. Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
  869. World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
  870. YoMail 7.8.0.10 (HKLM-x32\...\YoMail) (Version: 7.8.0.10 - Shanghai Wuju Information Technology Co., Ltd.)
  871.  
  872. ==================== Custom CLSID (Whitelisted): ==========================
  873.  
  874. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  875.  
  876. CustomCLSID: HKU\S-1-5-21-2480641496-3029473293-3521873248-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
  877. CustomCLSID: HKU\S-1-5-21-2480641496-3029473293-3521873248-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
  878. CustomCLSID: HKU\S-1-5-21-2480641496-3029473293-3521873248-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
  879. CustomCLSID: HKU\S-1-5-21-2480641496-3029473293-3521873248-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
  880. CustomCLSID: HKU\S-1-5-21-2480641496-3029473293-3521873248-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
  881. CustomCLSID: HKU\S-1-5-21-2480641496-3029473293-3521873248-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
  882. CustomCLSID: HKU\S-1-5-21-2480641496-3029473293-3521873248-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-04001492D440}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
  883. CustomCLSID: HKU\S-1-5-21-2480641496-3029473293-3521873248-1001_Classes\CLSID\{D4D48C93-BDC7-4E76-B530-2E4D13B0150F}\InprocServer32 -> C:\Users\Main\AppData\Local\Programs\EmEditor\emedshl64.dll (Emurasoft, Inc.)
  884. CustomCLSID: HKU\S-1-5-21-2480641496-3029473293-3521873248-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
  885. ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
  886. ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
  887. ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
  888. ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
  889. ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
  890. ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-01-16] ()
  891. ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
  892. ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
  893. ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
  894. ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
  895. ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
  896. ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
  897. ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
  898. ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
  899. ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
  900. ContextMenuHandlers1_S-1-5-21-2480641496-3029473293-3521873248-1001: [EmEditor] -> {D4D48C93-BDC7-4E76-B530-2E4D13B0150F} => C:\Users\Main\AppData\Local\Programs\EmEditor\emedshl64.dll [2017-01-24] (Emurasoft, Inc.)
  901. ContextMenuHandlers2_S-1-5-21-2480641496-3029473293-3521873248-1001: [EmEditor] -> {D4D48C93-BDC7-4E76-B530-2E4D13B0150F} => C:\Users\Main\AppData\Local\Programs\EmEditor\emedshl64.dll [2017-01-24] (Emurasoft, Inc.)
  902. ContextMenuHandlers4_S-1-5-21-2480641496-3029473293-3521873248-1001: [EmEditor] -> {D4D48C93-BDC7-4E76-B530-2E4D13B0150F} => C:\Users\Main\AppData\Local\Programs\EmEditor\emedshl64.dll [2017-01-24] (Emurasoft, Inc.)
  903.  
  904. ==================== Scheduled Tasks (Whitelisted) =============
  905.  
  906. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  907.  
  908. Task: {05FB1F79-4FBE-4E17-AD92-BA0B60059BBC} - System32\Tasks\Microsoft\Windows\Display\Brightness\BrightnessReset
  909. Task: {1803E6A1-B5F8-4402-A22B-5830E4060B3A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-10] (NVIDIA Corporation)
  910. Task: {2E60DA73-4B64-4017-BF89-B6B5010EC276} - System32\Tasks\update-S-1-5-21-2480641496-3029473293-3521873248-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
  911. Task: {3403FED4-44AD-4860-9B27-02B5FBE45AA1} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-UJO3IF7-Main => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
  912. Task: {431B4C1C-DD9C-4811-8DE1-B4B87626D6D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-22] (Google Inc.)
  913. Task: {74865C50-2839-4FF8-9336-24D3484FBF2D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-10] (NVIDIA Corporation)
  914. Task: {7DC54A4E-FD64-4295-9114-8E54450B5DFC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
  915. Task: {936472BC-9A1E-48E7-B3DF-CF67C2931900} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-10] (NVIDIA Corporation)
  916. Task: {9D511289-66E5-44F9-BB23-E55E4B091CCE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-10] (NVIDIA Corporation)
  917. Task: {AF263E90-1CF7-4A23-8B88-63CD91C6D49C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-10] (NVIDIA Corporation)
  918. Task: {BF456795-FDF3-4329-820A-27B445F25295} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-10] (NVIDIA Corporation)
  919. Task: {C6214568-9816-4B64-97A4-6A0F1F685554} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-10] (NVIDIA Corporation)
  920. Task: {E0EDAC7C-2E0C-474A-9C4D-005DF7B66C6E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-10] (NVIDIA Corporation)
  921. Task: {EDA8A58D-F9C0-45EF-B392-326810CF57F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-22] (Google Inc.)
  922. Task: {EEFE4886-25CB-42C0-9761-AF5D7BF130BB} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
  923. Task: {F4C8EC65-9FA5-415F-A9FF-BF6E20CBDD05} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
  924.  
  925. (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
  926.  
  927. Task: C:\WINDOWS\Tasks\update-S-1-5-21-2480641496-3029473293-3521873248-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
  928. Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
  929.  
  930. ==================== Shortcuts & WMI ========================
  931.  
  932. (The entries could be listed to be restored or removed.)
  933.  
  934.  
  935. ==================== Loaded Modules (Whitelisted) ==============
  936.  
  937. 2017-04-24 17:57 - 2017-04-24 17:57 - 000076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
  938. 2017-05-13 21:31 - 2017-10-10 19:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
  939. 2016-09-24 16:20 - 2016-09-24 16:21 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
  940. 2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
  941. 2017-03-18 14:58 - 2017-03-18 14:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
  942. 2017-03-18 14:59 - 2017-03-18 20:30 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
  943. 2017-11-12 12:18 - 2017-11-12 12:18 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
  944. 2017-11-12 12:18 - 2017-11-12 12:18 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
  945. 2017-11-12 12:18 - 2017-11-12 12:18 - 025461760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkyWrap.dll
  946. 2017-11-07 01:39 - 2017-11-07 01:39 - 002552832 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\skypert.dll
  947. 2017-11-12 12:18 - 2017-11-12 12:18 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
  948. 2017-04-07 00:37 - 2017-04-07 00:37 - 000298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
  949. 2017-09-26 01:52 - 2017-09-26 01:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
  950. 2017-11-20 16:31 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
  951. 2017-09-29 04:32 - 2017-09-29 04:32 - 000076456 _____ () F:\FileZilla FTP Client\fzshellext_64.dll
  952. 2017-05-13 21:31 - 2017-10-10 19:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
  953. 2017-05-13 21:31 - 2017-10-10 19:05 - 070805952 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
  954. 2017-05-22 04:13 - 2017-05-22 04:13 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
  955. 2017-09-20 01:42 - 2017-09-20 01:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
  956. 2017-05-29 12:07 - 2016-10-08 01:13 - 050656768 _____ () C:\Users\Main\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
  957. 2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
  958. 2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
  959. 2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
  960. 2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
  961. 2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
  962. 2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
  963. 2017-05-29 12:07 - 2016-10-08 01:13 - 001874944 _____ () C:\Users\Main\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
  964. 2017-05-29 12:07 - 2016-10-08 01:13 - 000075264 _____ () C:\Users\Main\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
  965.  
  966. ==================== Alternate Data Streams (Whitelisted) =========
  967.  
  968. (If an entry is included in the fixlist, only the ADS will be removed.)
  969.  
  970.  
  971. ==================== Safe Mode (Whitelisted) ===================
  972.  
  973. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
  974.  
  975. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
  976. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
  977.  
  978. ==================== Association (Whitelisted) ===============
  979.  
  980. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  981.  
  982.  
  983. ==================== Internet Explorer trusted/restricted ===============
  984.  
  985. (If an entry is included in the fixlist, it will be removed from the registry.)
  986.  
  987.  
  988. ==================== Hosts content: ===============================
  989.  
  990. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  991.  
  992. 2016-07-16 05:47 - 2017-04-17 16:33 - 000000822 _____ C:\WINDOWS\system32\Drivers\etc\hosts
  993.  
  994.  
  995. ==================== Other Areas ============================
  996.  
  997. (Currently there is no automatic fix for this section.)
  998.  
  999. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Main\Desktop\i90wc.jpg
  1000. DNS Servers: Media is not connected to internet.
  1001. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  1002. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
  1003. Windows Firewall is enabled.
  1004.  
  1005. ==================== MSCONFIG/TASK MANAGER disabled items ==
  1006.  
  1007. HKLM\...\StartupApproved\Run: => "SecurityHealth"
  1008. HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
  1009. HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
  1010. HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
  1011. HKLM\...\StartupApproved\Run32: => "RzWizard"
  1012. HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
  1013. HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
  1014. HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
  1015. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\StartupApproved\StartupFolder: => "EmEditor.lnk"
  1016. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\StartupApproved\StartupFolder: => "javax.lnk"
  1017. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\StartupApproved\Run: => "OneDrive"
  1018. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\StartupApproved\Run: => "VeraCrypt"
  1019. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
  1020. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\StartupApproved\Run: => "RDQtQkUtRDktQTItMzYtQzM="
  1021. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
  1022. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\StartupApproved\Run: => "Spotify"
  1023. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\StartupApproved\Run: => "Spotify Web Helper"
  1024. HKU\S-1-5-21-2480641496-3029473293-3521873248-1001\...\StartupApproved\Run: => "Discord"
  1025.  
  1026. ==================== FirewallRules (Whitelisted) ===============
  1027.  
  1028. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  1029.  
  1030. FirewallRules: [UDP Query User{AAD573AB-2C53-4113-BDC0-50A41BD3FE5C}A:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) A:\program files (x86)\origin games\battlefield 4\bf4.exe
  1031. FirewallRules: [TCP Query User{DAA26114-6547-4901-A616-4A477F13BAE4}A:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) A:\program files (x86)\origin games\battlefield 4\bf4.exe
  1032. FirewallRules: [{9206EA5B-1030-4678-A277-1ADE70B609D3}] => (Allow) A:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
  1033. FirewallRules: [{0B81673B-E2A5-4053-9091-879EDB48ABF1}] => (Allow) A:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
  1034. FirewallRules: [{9FFC1834-3D97-45D1-AE89-B445941CAD02}] => (Allow) A:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
  1035. FirewallRules: [{33834905-02E9-4FF7-8C13-3C4404FE527A}] => (Allow) A:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
  1036. FirewallRules: [{20013240-2A00-4081-BB17-D8CC582294C5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
  1037. FirewallRules: [{FD4F1CA7-6FD0-41E8-9939-942E430A9E8F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
  1038. FirewallRules: [{5C6D3B86-9AFE-42F1-B580-42216CAB5A3C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
  1039. FirewallRules: [{AFFB9750-C472-4087-8C56-1477E71A956B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
  1040. FirewallRules: [{09BB475C-122F-41F8-82B8-03DAAA1AF525}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
  1041. FirewallRules: [{429A8CE7-F018-490F-B4AF-C1AE6EE99F3A}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
  1042. FirewallRules: [UDP Query User{9402E4BC-96D2-49BB-A8B1-43E548E78E41}A:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Block) A:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
  1043. FirewallRules: [TCP Query User{9567C347-3615-42BB-8F09-CEF028992257}A:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Block) A:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
  1044. FirewallRules: [{12D8E821-0FF3-4640-A995-7B19EE6AD2F6}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Moirai\Moirai.exe
  1045. FirewallRules: [{1176FF9B-2269-4DC5-A1C8-55906367FCE8}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Moirai\Moirai.exe
  1046. FirewallRules: [{9442FE89-67BC-4CE1-A6F8-D44F6DDDE0EC}] => (Block) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
  1047. FirewallRules: [{382C9734-E548-490B-9F77-4CFDBF745607}] => (Block) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
  1048. FirewallRules: [UDP Query User{8E8EB9FE-8134-4912-AB6E-E5F5649B964C}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
  1049. FirewallRules: [TCP Query User{66BF4629-07FF-48C8-B43B-800C83878A33}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
  1050. FirewallRules: [UDP Query User{3AC64FA2-0551-4AF1-B57D-C58546172B7B}A:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) A:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
  1051. FirewallRules: [TCP Query User{CE5FE174-7366-4A3F-94D8-58FD60A35BAE}A:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) A:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
  1052. FirewallRules: [{9AA0295F-2741-4C49-AE4F-2F189379FF49}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout Shelter\FalloutShelter.exe
  1053. FirewallRules: [{BF41473F-B287-4931-B910-A671D2C92468}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout Shelter\FalloutShelter.exe
  1054. FirewallRules: [{AB82207E-345D-49BB-8FC7-38537F0F801F}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
  1055. FirewallRules: [{979C7432-38DF-493E-9C97-0658CF59756A}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
  1056. FirewallRules: [UDP Query User{C19C72FF-C7A6-4210-A87C-220E0A449B39}A:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Block) A:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe
  1057. FirewallRules: [TCP Query User{FE604C45-F3F9-4E14-BB60-89809A38ECF0}A:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Block) A:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe
  1058. FirewallRules: [UDP Query User{EBC9970B-F7F2-4FFB-8139-0573CF0ACE7D}F:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Block) F:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
  1059. FirewallRules: [TCP Query User{AF579300-051A-42E9-99E6-27AFFB54FCF1}F:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Block) F:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
  1060. FirewallRules: [{1603A18B-839F-4B82-BD48-9C1FBDB39815}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
  1061. FirewallRules: [{09D7A978-483F-4A87-8815-1886533DD70F}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
  1062. FirewallRules: [{DE52DACA-30B1-4B0F-AA44-8773CA7FB873}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Reign Of Kings\Reign of Kings.exe
  1063. FirewallRules: [{AC44E73F-E905-43ED-BD1C-42F460AECAA3}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Reign Of Kings\Reign of Kings.exe
  1064. FirewallRules: [{6031E7D6-B299-45F4-AFCD-65D1D8A9D95F}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
  1065. FirewallRules: [{059401D4-336B-48EC-9D03-AE74D7581B30}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
  1066. FirewallRules: [{C149C6C2-E457-4877-BFED-3F250BF30A61}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
  1067. FirewallRules: [{23E732B7-4FEF-4745-81C0-D89E53B28116}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
  1068. FirewallRules: [{75282ECD-2667-4E1F-8D19-166D62A5EE3C}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
  1069. FirewallRules: [{37A896AC-B545-47AA-8D3F-A2F731DD5C19}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
  1070. FirewallRules: [{995BE0AF-5381-4753-BA00-8040820E93DA}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
  1071. FirewallRules: [{38E2C53B-2BC3-4CBB-A7AE-45E351B90C81}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
  1072. FirewallRules: [UDP Query User{FD56C5E7-46BB-46F6-AD2D-D13A73E765F2}F:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe
  1073. FirewallRules: [TCP Query User{1F887E69-FA16-43D4-9B3D-6AB970498BDE}F:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe
  1074. FirewallRules: [{005A7047-746D-4B54-9E7D-F656E8C454D8}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
  1075. FirewallRules: [{341E83E7-A05B-4ED8-9D0A-49A458A3640D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
  1076. FirewallRules: [UDP Query User{A791C9DA-E37B-4D3D-94E6-5597C8C60062}A:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) A:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
  1077. FirewallRules: [TCP Query User{CEC72D89-52D3-40E8-8B36-7912DF7AA41E}A:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) A:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
  1078. FirewallRules: [{1D4F29B3-4C50-4FEC-9079-DEED630769A4}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
  1079. FirewallRules: [{D8B9FBFD-D145-4D92-857A-C5B1868F46E6}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
  1080. FirewallRules: [UDP Query User{E983B589-08E7-4C98-A593-737456533AF7}C:\users\main\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\main\appdata\roaming\spotify\spotify.exe
  1081. FirewallRules: [TCP Query User{5266E584-BADB-4C69-ADEC-FD365CB96D4E}C:\users\main\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\main\appdata\roaming\spotify\spotify.exe
  1082. FirewallRules: [UDP Query User{4D718DA6-9C1E-429E-B1F3-012EC9FAEB3E}F:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
  1083. FirewallRules: [TCP Query User{0ABD2419-679B-4D05-ACD3-050CFE837391}F:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
  1084. FirewallRules: [UDP Query User{8C07319F-BF5A-4B2B-AD57-FD1195D2C21E}C:\users\main\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\main\appdata\roaming\spotify\spotify.exe
  1085. FirewallRules: [TCP Query User{E71CD6D5-D6E2-4638-A079-1B543128A0FC}C:\users\main\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\main\appdata\roaming\spotify\spotify.exe
  1086. FirewallRules: [{5D84DCFF-955F-4D0B-904A-92B8D3C65696}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe
  1087. FirewallRules: [{C769E828-D2B8-44C1-A96B-A2A98FC48124}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe
  1088. FirewallRules: [{F6AA33CC-9C08-4ED0-8E7B-9F0F8B1C06B5}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
  1089. FirewallRules: [{98F4C51B-1A16-429D-9088-201A24EDCFB9}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
  1090. FirewallRules: [UDP Query User{3BCEF943-088C-41C1-B7BB-38897AD279D6}F:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
  1091. FirewallRules: [TCP Query User{9B387342-61BC-4F08-974A-4127EADDCC0B}F:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
  1092. FirewallRules: [{E3ABA45B-F5A8-47D9-A1F8-DC79EDDEE735}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
  1093. FirewallRules: [{FA3B248C-2AD9-4246-877B-99B65BA40D9A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
  1094. FirewallRules: [{5DB7E9CB-80E6-4255-851A-B38A10763DA4}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
  1095. FirewallRules: [{2AA290BF-2D79-487D-9049-D555FF534B43}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
  1096. FirewallRules: [{7CC4DF85-9259-4DE2-97D1-EFA63AFB5858}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
  1097. FirewallRules: [{40167864-BA9B-42DD-960B-3E49D4072138}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
  1098. FirewallRules: [{29E3C860-1177-4EDF-8184-095C230C2694}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
  1099. FirewallRules: [{F7E75850-985B-4633-869F-CABCD4005558}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
  1100. FirewallRules: [{6504B0AB-62A7-476A-A6C3-9BD8BE20B45B}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
  1101. FirewallRules: [{65712BC0-6C81-4815-A461-542A9C1511FA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
  1102. FirewallRules: [UDP Query User{D9DE1F27-49C8-438C-8634-C4AF7ACFC33A}F:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe
  1103. FirewallRules: [TCP Query User{FD449E56-49C0-4BC0-80BB-7FD703411164}F:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe
  1104. FirewallRules: [{29398916-BC0E-4396-96E8-FC3A85C1B23C}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe
  1105. FirewallRules: [{03B7D841-6EDF-4247-9FD0-797C23E537A3}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe
  1106. FirewallRules: [{3673E859-5EEE-4129-8929-FA1F9014DC56}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
  1107. FirewallRules: [{1C7A4290-D314-4756-A0EF-527E804702FE}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
  1108. FirewallRules: [{BF0D9FBD-9CBA-4ABC-BF16-732F14997F47}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\8BitArmies\ClientLauncherG.exe
  1109. FirewallRules: [{71B4A2C1-7404-4377-9E5D-2BF96E48D6AE}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\8BitArmies\ClientLauncherG.exe
  1110. FirewallRules: [{B81BF804-F75B-46A9-A6FB-DB32E5DFBC91}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\No Man's Sky\Binaries\NMS.exe
  1111. FirewallRules: [{CE218FB5-3F18-4CEB-AE10-EC8168592BCF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\No Man's Sky\Binaries\NMS.exe
  1112. FirewallRules: [{BA7C1421-06FE-437A-85BC-FBB12F6431D9}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP_x64.exe
  1113. FirewallRules: [{BFC7C980-1F48-46CC-8F66-BF2C2AEB8AF4}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP_x64.exe
  1114. FirewallRules: [{DCBE7722-F9BF-400A-ABF7-3ECC264C6829}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
  1115. FirewallRules: [{AAFF5B54-E6C4-435C-B2E8-45B975E0CFFA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
  1116. FirewallRules: [{158BA57D-52AC-40E3-846E-F75F49A41DA4}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
  1117. FirewallRules: [{35693B8D-610C-4B11-A8D0-E386C4A24021}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
  1118. FirewallRules: [{F59BACE7-2F28-4764-A779-3A10BADE1B5A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
  1119. FirewallRules: [{DF8123AF-1297-4F8D-96C2-93992B68A1E5}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
  1120. FirewallRules: [{B3F276DA-5561-4B87-92AA-978B1C0B0CAC}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Estranged Act I\hl2.exe
  1121. FirewallRules: [{19074F25-DA9A-43FA-BAF2-0207998DB898}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Estranged Act I\hl2.exe
  1122. FirewallRules: [{AEC5C2A5-A5C7-46C6-B65D-EB59378E8AC0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\Arma2OA.exe
  1123. FirewallRules: [{9C1C6C2B-EAD0-4147-A139-4C0B3325B421}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\Arma2OA.exe
  1124. FirewallRules: [{A03A3174-3EF6-4B60-98CA-3369792AA3AF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
  1125. FirewallRules: [{E485E5D6-ACBC-475C-BC6F-67038D78FEAA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
  1126. FirewallRules: [{8F3E6DA4-B8FB-48FF-9B35-89B9A828F822}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
  1127. FirewallRules: [{28F9F8CD-03A0-40D9-A57B-9C00F43B7AFC}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
  1128. FirewallRules: [{34242D79-C640-4C48-B7F5-C963FAAAABF0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
  1129. FirewallRules: [{3FBED07F-5C7A-4E8A-BC81-521F46714DC3}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
  1130. FirewallRules: [{274BF7E2-0958-4981-B54C-94BFBC6627AD}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
  1131. FirewallRules: [{808F1EA8-ADC9-4E82-89DD-EA12201E4109}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
  1132. FirewallRules: [{AF4F4427-83FB-4A5E-A50A-A870FDFFE0B5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
  1133. FirewallRules: [{042E142D-C38D-4866-857C-62BD9C25448B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
  1134. FirewallRules: [{A740439B-C70C-4EC7-9527-011E8DAF383D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  1135. FirewallRules: [{DCC9F5A9-F9CA-42FB-94AB-EC1504FCFEE5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  1136. FirewallRules: [{8E5BF6C0-6ED3-4E54-AE8A-B9899146ED28}] => (Allow) F:\RainBowSix\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
  1137. FirewallRules: [{66703381-97DF-421B-87F8-1E34E9A636EA}] => (Allow) F:\RainBowSix\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
  1138. FirewallRules: [{367B1DD3-ED3E-489C-94AD-8237A83C235C}] => (Allow) F:\RainBowSix\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
  1139. FirewallRules: [{B34F47B9-AB3F-4BCC-87DF-1EA4D2E6D0D9}] => (Allow) F:\RainBowSix\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
  1140. FirewallRules: [{FB209201-6025-4F6A-9D1B-C29A0BCFCDC3}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned_BE.exe
  1141. FirewallRules: [{C0910B1C-FCEE-43A5-B52F-0239E8F19EB5}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned_BE.exe
  1142. FirewallRules: [{3953EC63-D81F-4BB9-8980-012719C04D79}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
  1143. FirewallRules: [{24B026F1-21DE-4084-A0F3-8CB486BC8316}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
  1144. FirewallRules: [{30079122-78E1-4134-B014-EDF45467775E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  1145. FirewallRules: [{6B7765E7-8DE0-4568-9FEF-53CFB79EB734}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  1146. FirewallRules: [{6F8204CC-E00F-430C-873B-D30C4048B64A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
  1147. FirewallRules: [{D5E42B21-9312-4A2F-BF46-9243DE6A4CE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
  1148. FirewallRules: [{1843136D-9698-4994-8194-56340579A478}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\DCSWorld\Run.exe
  1149. FirewallRules: [{B07D2B80-FED3-4ACE-92D2-8BC6CB783291}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\DCSWorld\Run.exe
  1150. FirewallRules: [{554501DB-B4F9-4AA0-8A8E-3C4F36B896CB}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FSX\fsx.exe
  1151. FirewallRules: [{6BD6C205-CE42-4013-8CFC-6A1BA6D654AD}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FSX\fsx.exe
  1152. FirewallRules: [{24676A97-75C6-43E9-93B8-F4D8A16CE313}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Istrolid\istrolid.exe
  1153. FirewallRules: [{99715C80-7F1A-49C9-AABF-590A94A80325}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Istrolid\istrolid.exe
  1154. FirewallRules: [{E3034C55-5476-4255-9F7B-9199D9A7C4F9}] => (Allow) LPort=58172
  1155. FirewallRules: [TCP Query User{FC2E2091-CE37-4B6E-A5DF-A9DFEF142B9E}A:\program files (x86)\steam\steamapps\common\8bitarmies\clientg.exe] => (Allow) A:\program files (x86)\steam\steamapps\common\8bitarmies\clientg.exe
  1156. FirewallRules: [UDP Query User{1EE12A64-5C14-4807-B1B0-92532297B2C2}A:\program files (x86)\steam\steamapps\common\8bitarmies\clientg.exe] => (Allow) A:\program files (x86)\steam\steamapps\common\8bitarmies\clientg.exe
  1157. FirewallRules: [TCP Query User{3D6A2885-81FB-4461-8908-07F99CBFE91E}A:\program files (x86)\steam\steamapps\common\8bitarmies\instanceserverg.exe] => (Allow) A:\program files (x86)\steam\steamapps\common\8bitarmies\instanceserverg.exe
  1158. FirewallRules: [UDP Query User{62EABFF4-4448-4B6E-9096-B3AA12FBFFFF}A:\program files (x86)\steam\steamapps\common\8bitarmies\instanceserverg.exe] => (Allow) A:\program files (x86)\steam\steamapps\common\8bitarmies\instanceserverg.exe
  1159. FirewallRules: [{44E2A074-0DB4-4CFD-83DE-B9DC89E12FF1}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\PA.exe
  1160. FirewallRules: [{7F0F8D9D-A9FF-4373-A5A7-85AA94625DF4}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\PA.exe
  1161. FirewallRules: [TCP Query User{982FCF1B-0F1F-4765-8E0A-B4100FB75BCE}A:\users\main\appdata\roaming\utorrent\utorrent.exe] => (Allow) A:\users\main\appdata\roaming\utorrent\utorrent.exe
  1162. FirewallRules: [UDP Query User{04F15692-0152-4052-A1DF-BDC4C7FC4140}A:\users\main\appdata\roaming\utorrent\utorrent.exe] => (Allow) A:\users\main\appdata\roaming\utorrent\utorrent.exe
  1163. FirewallRules: [{E568687B-465E-4F4A-A088-7E0E5039CD1D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sword With Sauce Alpha\SwordWithSauce.exe
  1164. FirewallRules: [{1D4076E1-49CE-4280-A016-538429BE3934}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sword With Sauce Alpha\SwordWithSauce.exe
  1165. FirewallRules: [TCP Query User{6AD83E98-A812-4E90-8887-A19EF88D70ED}F:\program files (x86)\steam\steamapps\common\sword with sauce alpha\swordwithsauce\binaries\win64\swordwithsauce-win64-shipping.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\sword with sauce alpha\swordwithsauce\binaries\win64\swordwithsauce-win64-shipping.exe
  1166. FirewallRules: [UDP Query User{F6C0C82A-8E09-4A87-A905-8AB2823656E3}F:\program files (x86)\steam\steamapps\common\sword with sauce alpha\swordwithsauce\binaries\win64\swordwithsauce-win64-shipping.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\sword with sauce alpha\swordwithsauce\binaries\win64\swordwithsauce-win64-shipping.exe
  1167. FirewallRules: [{9B4337B7-3036-47D3-9D5D-0862F776C66D}] => (Allow) C:\Users\Main\AppData\Roaming\uTorrent\uTorrent.exe
  1168. FirewallRules: [{20250FBA-0DD8-4202-A58C-9FE7595F8353}] => (Allow) C:\Users\Main\AppData\Roaming\uTorrent\uTorrent.exe
  1169. FirewallRules: [{10EFFABA-B2C2-4A7E-A474-EF8DBA19A6B1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Move or Die\MoveOrDie.exe
  1170. FirewallRules: [{AB9D71A2-F285-4850-B5F7-5CB25B2FF37B}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Move or Die\MoveOrDie.exe
  1171. FirewallRules: [{F9EE38D0-3EE4-49E3-A1AB-6474FFA61D83}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Move or Die\Editor.exe
  1172. FirewallRules: [{6A822FBD-D94A-4201-ABE7-E54E3F69028C}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Move or Die\Editor.exe
  1173. FirewallRules: [{DD60CCA1-9AB9-484C-B0B6-75ED7878D13B}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Argo\argobattleye.exe
  1174. FirewallRules: [{507E3598-6BDA-47E6-BA08-04B5609EB074}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Argo\argobattleye.exe
  1175. FirewallRules: [TCP Query User{F863AAB9-5183-4C6B-B52F-55EF7C8A53F3}F:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe
  1176. FirewallRules: [UDP Query User{5D0A5BA2-7BFB-485D-8129-5D913632866E}F:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe
  1177. FirewallRules: [TCP Query User{88EFF087-5353-4896-B81C-AB4BEA20F085}F:\program files (x86)\steam\steamapps\common\argo\argo.exe] => (Block) F:\program files (x86)\steam\steamapps\common\argo\argo.exe
  1178. FirewallRules: [UDP Query User{36595474-6C2B-469E-A0E6-9D1F2BC60397}F:\program files (x86)\steam\steamapps\common\argo\argo.exe] => (Block) F:\program files (x86)\steam\steamapps\common\argo\argo.exe
  1179. FirewallRules: [{7E49ACDA-D6DE-4340-BE5A-04B040EF3862}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe
  1180. FirewallRules: [{54520232-797E-4E84-8FE1-62B4440550BB}] => (Allow) NoxVMHandle.exe
  1181. FirewallRules: [{048BE4A6-8B51-45B9-9257-E8E83EB074A4}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\DCSWorld\bin\DCS.exe
  1182. FirewallRules: [{B50E9077-00FD-431D-B368-392C11D60133}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\DCSWorld\bin\DCS.exe
  1183. FirewallRules: [{C090DFDB-93DF-42A1-8E05-D74A44521E19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  1184. FirewallRules: [{60F00811-A7A2-437C-9F82-6939A7B6FEE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  1185. FirewallRules: [{41A81B38-9285-48A3-B197-940120EC6FCD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  1186. FirewallRules: [{807CF222-CD98-4220-B054-2145B06338F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
  1187. FirewallRules: [{15251392-5471-4F60-90A5-F938044E354A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
  1188. FirewallRules: [{811A636D-D669-4834-B311-163A7EAC599A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
  1189. FirewallRules: [{43BD319F-026C-47E3-B0E1-FFF0465C4BBE}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
  1190. FirewallRules: [TCP Query User{16D9E069-D92A-4189-BD02-5A17EAE24B0A}F:\filezilla ftp client\filezilla.exe] => (Allow) F:\filezilla ftp client\filezilla.exe
  1191. FirewallRules: [UDP Query User{DE9EF4FF-E3B7-4197-AA99-D49176FCF45F}F:\filezilla ftp client\filezilla.exe] => (Allow) F:\filezilla ftp client\filezilla.exe
  1192. FirewallRules: [TCP Query User{DDAB4933-26C4-4008-BE63-44EEABF09C40}F:\arduino\java\bin\javaw.exe] => (Allow) F:\arduino\java\bin\javaw.exe
  1193. FirewallRules: [UDP Query User{64468FB9-3BD9-414B-B618-7690A30796AD}F:\arduino\java\bin\javaw.exe] => (Allow) F:\arduino\java\bin\javaw.exe
  1194. FirewallRules: [{6CEDE54B-52C7-4223-8D74-A32F7DCEF96D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
  1195. FirewallRules: [{868D0A2B-E94B-47EB-9818-2D789245936D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
  1196. FirewallRules: [{A95B35F0-E7D3-46A1-A746-0F8F5D182F90}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  1197. FirewallRules: [TCP Query User{4CC050E8-8AAB-4F61-A26B-78C0E0688A12}C:\users\main\eclipse\java-neon\eclipse\eclipse.exe] => (Allow) C:\users\main\eclipse\java-neon\eclipse\eclipse.exe
  1198. FirewallRules: [UDP Query User{F470487C-C45B-4E96-AC51-9010C29F6492}C:\users\main\eclipse\java-neon\eclipse\eclipse.exe] => (Allow) C:\users\main\eclipse\java-neon\eclipse\eclipse.exe
  1199. FirewallRules: [TCP Query User{EC44EEF0-7B5E-461D-93CB-64D4981163A4}F:\fornite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\fornite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
  1200. FirewallRules: [UDP Query User{8C5016CB-19BD-4A5E-931A-AD5B3F6F96DB}F:\fornite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\fornite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
  1201. FirewallRules: [TCP Query User{B89A3F4D-A669-4353-B5DA-9056AC9571F5}F:\fornite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\fornite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
  1202. FirewallRules: [UDP Query User{9E083B8E-30CA-481B-8EDC-9A27617E91E7}F:\fornite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\fornite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
  1203.  
  1204. ==================== Restore Points =========================
  1205.  
  1206. 08-11-2017 11:14:12 Scheduled Checkpoint
  1207. 15-11-2017 00:02:38 Windows Update
  1208. 15-11-2017 00:02:51 Windows Update
  1209. 17-11-2017 17:29:40 Installed DirectX
  1210. 20-11-2017 04:35:08 Before installation of Npcap 0.93
  1211.  
  1212. ==================== Faulty Device Manager Devices =============
  1213.  
  1214. Name: Unknown USB Device (Device Descriptor Request Failed)
  1215. Description: Unknown USB Device (Device Descriptor Request Failed)
  1216. Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
  1217. Manufacturer: (Standard USB Host Controller)
  1218. Service:
  1219. Problem: : Windows has stopped this device because it has reported problems. (Code 43)
  1220. Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
  1221.  
  1222.  
  1223. ==================== Event log errors: =========================
  1224.  
  1225. Application errors:
  1226. ==================
  1227. Error: (11/20/2017 04:23:33 PM) (Source: openvpnserv) (EventID: 0) (User: )
  1228. Description: Event-ID 0
  1229.  
  1230. Error: (11/20/2017 04:18:01 PM) (Source: SideBySide) (EventID: 78) (User: )
  1231. Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
  1232. A component version required by the application conflicts with another component version already active.
  1233. Conflicting components are:.
  1234. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
  1235. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
  1236.  
  1237. Error: (11/20/2017 04:17:30 PM) (Source: SideBySide) (EventID: 78) (User: )
  1238. Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
  1239. A component version required by the application conflicts with another component version already active.
  1240. Conflicting components are:.
  1241. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
  1242. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
  1243.  
  1244. Error: (11/20/2017 04:17:00 PM) (Source: SideBySide) (EventID: 78) (User: )
  1245. Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
  1246. A component version required by the application conflicts with another component version already active.
  1247. Conflicting components are:.
  1248. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
  1249. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
  1250.  
  1251. Error: (11/20/2017 04:16:29 PM) (Source: SideBySide) (EventID: 78) (User: )
  1252. Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
  1253. A component version required by the application conflicts with another component version already active.
  1254. Conflicting components are:.
  1255. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
  1256. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
  1257.  
  1258. Error: (11/20/2017 04:16:04 PM) (Source: SideBySide) (EventID: 78) (User: )
  1259. Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
  1260. A component version required by the application conflicts with another component version already active.
  1261. Conflicting components are:.
  1262. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
  1263. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
  1264.  
  1265. Error: (11/20/2017 04:15:34 PM) (Source: SideBySide) (EventID: 78) (User: )
  1266. Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
  1267. A component version required by the application conflicts with another component version already active.
  1268. Conflicting components are:.
  1269. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
  1270. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
  1271.  
  1272. Error: (11/20/2017 04:15:04 PM) (Source: SideBySide) (EventID: 78) (User: )
  1273. Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
  1274. A component version required by the application conflicts with another component version already active.
  1275. Conflicting components are:.
  1276. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
  1277. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
  1278.  
  1279. Error: (11/20/2017 04:14:34 PM) (Source: SideBySide) (EventID: 78) (User: )
  1280. Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
  1281. A component version required by the application conflicts with another component version already active.
  1282. Conflicting components are:.
  1283. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
  1284. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
  1285.  
  1286. Error: (11/20/2017 04:14:04 PM) (Source: SideBySide) (EventID: 78) (User: )
  1287. Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
  1288. A component version required by the application conflicts with another component version already active.
  1289. Conflicting components are:.
  1290. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
  1291. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
  1292.  
  1293.  
  1294. System errors:
  1295. =============
  1296. Error: (11/20/2017 04:29:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  1297. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  1298. {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
  1299. and APPID
  1300. {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
  1301. to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  1302.  
  1303. Error: (11/20/2017 04:29:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  1304. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  1305. {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
  1306. and APPID
  1307. {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
  1308. to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  1309.  
  1310. Error: (11/20/2017 04:23:35 PM) (Source: BugCheck) (EventID: 1001) (User: )
  1311. Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x000000ef (0xffff88034b17a7c0, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 4497126e-fa0a-4e73-9fd9-0b2d39bbb3ca.
  1312.  
  1313. Error: (11/20/2017 04:23:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  1314. Description: The CldFlt service failed to start due to the following error:
  1315. The request is not supported.
  1316.  
  1317. Error: (11/20/2017 04:23:31 PM) (Source: EventLog) (EventID: 6008) (User: )
  1318. Description: The previous system shutdown at 3:47:28 PM on ‎11/‎20/‎2017 was unexpected.
  1319.  
  1320. Error: (11/20/2017 02:45:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  1321. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  1322. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  1323. and APPID
  1324. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  1325. to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  1326.  
  1327. Error: (11/20/2017 03:38:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  1328. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  1329. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  1330. and APPID
  1331. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  1332. to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  1333.  
  1334. Error: (11/19/2017 03:46:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  1335. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  1336. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  1337. and APPID
  1338. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  1339. to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  1340.  
  1341. Error: (11/18/2017 10:51:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  1342. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  1343. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  1344. and APPID
  1345. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  1346. to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  1347.  
  1348. Error: (11/18/2017 01:02:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  1349. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  1350. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  1351. and APPID
  1352. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  1353. to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  1354.  
  1355.  
  1356. CodeIntegrity:
  1357. ===================================
  1358. Date: 2017-10-19 18:13:56.816
  1359. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  1360.  
  1361. Date: 2017-08-02 11:21:36.383
  1362. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  1363.  
  1364. Date: 2017-07-31 18:58:57.352
  1365. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  1366.  
  1367. Date: 2017-07-30 15:30:05.536
  1368. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  1369.  
  1370. Date: 2017-07-29 15:18:30.827
  1371. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  1372.  
  1373. Date: 2017-06-26 14:54:17.593
  1374. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  1375.  
  1376. Date: 2017-06-26 14:40:08.510
  1377. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  1378.  
  1379. Date: 2017-06-20 10:30:09.808
  1380. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  1381.  
  1382. Date: 2017-06-15 20:52:01.112
  1383. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\HMIPCore64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  1384.  
  1385. Date: 2017-06-15 20:52:01.109
  1386. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\HMIPCore64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  1387.  
  1388.  
  1389. ==================== Memory info ===========================
  1390.  
  1391. Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
  1392. Percentage of memory in use: 15%
  1393. Total physical RAM: 16344.89 MB
  1394. Available physical RAM: 13766.66 MB
  1395. Total Virtual: 18776.89 MB
  1396. Available Virtual: 16072.8 MB
  1397.  
  1398. ==================== Drives ================================
  1399.  
  1400. Drive c: (OS SSD) (Fixed) (Total:229.99 GB) (Free:60.77 GB) NTFS
  1401. Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
  1402. Drive e: (ESD-USB) (Removable) (Total:7.21 GB) (Free:2.49 GB) FAT32
  1403. Drive f: (CyberPower/Steam Main) (Fixed) (Total:931.41 GB) (Free:449.61 GB) NTFS
  1404. Drive h: (RECOVERY) (Fixed) (Total:15 GB) (Free:7.23 GB) NTFS ==>[system with boot components (obtained from drive)]
  1405.  
  1406. ==================== MBR & Partition Table ==================
  1407.  
  1408. ========================================================
  1409. Disk: 0 (Size: 238.5 GB) (Disk ID: 7B4BE300)
  1410. Partition 1: (Not Active) - (Size=46 MB) - (Type=DE)
  1411. Partition 2: (Active) - (Size=8.4 GB) - (Type=07 NTFS)
  1412. Partition 3: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
  1413.  
  1414. ========================================================
  1415. Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 485FE6FD)
  1416. Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
  1417. Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
  1418.  
  1419. ========================================================
  1420. Disk: 2 (Size: 1863 GB) (Disk ID: DF19A4FC)
  1421. Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
  1422. Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
  1423. Partition 3: (Not Active) - (Size=1848 GB) - (Type=07 NTFS)
  1424.  
  1425. ========================================================
  1426. Disk: 3 (MBR Code: Windows 7 or 8) (Size: 7.2 GB) (Disk ID: 1A15F0EB)
  1427. Partition 1: (Active) - (Size=7.2 GB) - (Type=0C)
  1428.  
  1429. ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!