• Rustangelo PRO (Advanced) free steam key is now available on SteamUnlock.co. Register now and get Rustangelo PRO (Advanced) steam key for free. CD keys, games keys, free steam games. Is an automatic sign painter for The Advanced package includes the Royalty-Free Graphics Package.
• The latest & working serial keys to activate Windows 7 Ultimate SP1. Activate both 32 bit and Ultimate 64 bit versions, All languages. Windows 7 Ultimate Product Key Online Activation is 100% Genuine. Use Microsoft Windows 7 Ultimate Product key to install Windows 7. Win 7 Product keys activate the full functions of Windows 7 Ultimate.

• Newbluefx Titler Pro 5 Ultimate Serial Key
• Rustangelo Pro Ultimate Serial Key Code
• Advanced Systemcare Ultimate Serial Key
• Cyberlink Powerdirector 15 Ultimate Serial Key
• Visual Studio 2010 Ultimate Serial Key
• Rustangelo Pro Ultimate Serial Key Replacement

This is the ultimate guide to Windows 7 product keys. Here, you will find the latest genuine Windows 7 product keys.

In this Windows system, you need to have the activated and licensed Windows 7 ultimate serial key for activation of their Windows. Windows 7 Ultimate Product Key is the adorable windows used worldwide. It is favorite day by day. Of course, there has released many editions of MS Windows, but it is the best choice for you.

Windows 7 is by far the most widely used Windows OS. You can download Windows 7 from Microsoft’s website. But you will need a genuine Windows Serial Key to activate the operating system.

To get working keys, you will have to buy them from Microsoft. But this is not a viable option for many people because of many reasons.

Luckily, you can get free Windows 7 product keys online.

In this post, you will find product keys for all Windows 7 versions and learn how to activate Windows 7 with and without a product key.

Newbluefx Titler Pro 5 Ultimate Serial Key

Windows 7 Product Keys

The Windows 7 product key is a 25-digit character code. It looks like this: XXXXX-XXXXX-XXXXX-XXXXX-XXXXX.

Mainstream support for Windows 7 ended on January 13^th, 2015. But the tech giant said it would provide extended support until January 14^th, 2020. As such, it is not easy to find product keys today that can activate Windows 7. Fortunately, we have sourced genuine product keys you can use.

The product keys you will find on this page are genuine. They work for both 32-bit and 64-bit systems.

But before you try a Windows 7 product key from this page, let’s look at where you can find your product key.

Where to find your Windows 7 product key

You should be able to see the product key of the version of Windows 7 your computer is running in these locations:

If you bought Windows 7 from Microsoft’s official website, you should have received the product key via the email you used to set up your Microsoft account.

If you bought Windows 7 from an authorized dealer, you should be able to find the activation key inside the box containing the CD or DVD.

If you bought a PC with preinstalled Windows 7, you should see the Windows 7 product key somewhere on a sticker on the PC. If you cannot find your product key on a sticker, follow these simple methods to retrieve it:

1. Download a free product key finder from an official website
2. Hit the download button on the site and save the executable file on your desktop
3. Go to your desktop and click the install file twice in rapid succession. Then follow the instructions on your screen to complete the installation process
4. When the finder prompts you to install games and other programs, click I do not accept. This will prevent the installation of unwanted bloatware on your computer
5. Launch the product key finder. The program will scan your PC to find the product key. It will display your Windows 7 version and other Office programs you have on your PC
6. Click Windows 7. Your product key will appear under the label “CD Key” on the right side panel of the finder.

If you have downloaded Windows 7 and your free trial period is over, you can use a free Windows serial key on this page to activate the OS.

Read on to find a working Windows 7 product key.

Before using a free Windows 7 Ultimate activation key on this page, make sure you turn off Windows Update. Otherwise, the product keys won’t activate your Windows 7. And that’s because Microsoft will detect the new product key as a duplicate. As such, the verification process won’t take place.

Windows 7 Product Keys 32-bit (Updated)

ZPXOCI-VUBYN-MTNRB-EFHEK-SWOAA

PQL19-DN4BD-G6HIZ7-XM358-W9SKZ

MVCCV-KSKDU-ROW8R-5U42K-CVBSC

SASDS-WE235-486PU-PJLNM-GNFYR

56452-EWDSX-ZCAFQ-R1436-RYVHG

NBJRU-IYNMJ-LUOU0-794JS-VDFET

09MMU-8AKOO-W2IJZ-MNXHT-Y75WO

MZXNC-NVBQP-WOEIR-ITUYA-LSKDK

FJGHZ-PXOCI-VUBYN-TMEWN-ATDRR

KJHNE-RAZSEX-DFTVG-UHBJI-JNKPL

JIFTC-FSRCY-XTSRO-MIJHB-GVXFZ

DSESA-TFGYH-JIKMJ-NBHGV-CFXDZ

SWASE-DRTFG-YQ2W3-4ER56-TY78U

Windows 7 Product Keys 64-bit (Updated)

M9N8B-7V6C5-X4Z32-SDA4D-EF5GHT6HJY-67JKI-U789L-KMNBV-GCFXDSREW3-QAZXS-DWE34-MONKJ-IH789HYGTV-FCDR5-5ZZC3-32SXD-ER43556GTF-CVBXX-XZSDE-4MMN8-00KMJIUYYB-BYYYT-RCVFF-6REEW-MMKPPLLIIU-HGGYT-TFCXX-ZMMNB-BJGGFFRRRW-WEQAW-SEDRF-TGUHI-JBIUVYCTXT-DRSEA-AQ989-9MKNJ-BHBGVRCGX7-P3XWP-PPPCV-Q2H7C-FCGFR49PB6-6BJ6Y-KHGCQ-7DDY6-TF7C3E

Windows 7 Ultimate Product Keys

Here are genuine Windows 7 Ultimate product keys you should try:

Windows 7 Home Product Keys

All Windows 7 Home product keys on this page are free. We update these keys every day. So, if you don’t find a key that works for you, you can always come back tomorrow for new keys. Here are Windows 7 Home Premium product keys:

Rustangelo Pro Ultimate Serial Key Code

Other Ways to Get a Free Windows 7 Product Key

By now, you have probably grabbed an ultimate product (key) from this page and activated your Windows 7. But if you were not able to activate your Windows 7 using a Windows serial key from this page, we still have a few suggestions that might help you. Here are more ways to get free Windows 7 product key.

Preinstalled Windows 7 on a new computer

The simplest way to get an activated copy of Windows 7 is by purchasing a computer with preinstalled Windows 7. This method will save you time. You will also be able to access all the great features and drivers the OS has to offer. Another advantage of preinstalled Windows is that you can restore your PC anytime. You can install the same activated Windows 7 without any problem. The downside is that you may get a basic version of the activated Windows. As such, you will have to upgrade to access all the features of Windows 7. So, you have to think twice before choosing this method.

Refurbished computer with activated Windows 7

This is another great way to get a Windows 7 product key for free. Getting a refurbished computer with activated Windows 7 means you don’t need a product key to activate the operating system. It already has its activation key. You can use the computer until its hardware wears out and just scrap it off and get a new one. You will have an activated Windows 7 that you can use on any computer. So, you will not have to search for product keys anymore.

Downgrade from Windows 8, 8.1, or 10 to Windows 7 Ultimate or Professional

If your computer is running an activated version of Windows 8, 8.1, or 10, you can downgrade it. Microsoft allows you to downgrade to any version of Windows without having to provide a product key. This is the simplest way to get a free Windows 7 product key. But remember that you can only downgrade from an activated higher version of Windows.

How to activate Windows 7 using a product key

Activating Windows 7 using a Windows serial key is easy. But you will, of course, need a genuine Windows 7 product key. Here are the steps you need to follow:

Step 1: Click the Start menu

Step 2: Enter activate windows in the search box

Step 3: Click the option Activate Windows from the search results

Step 4: You can also click the Activate Now notification that often appears on the taskbar

Step 5: Enter the Windows 7 product key and click Validate

It should only take a few minutes. But it depends on how strong your internet connection is.If someone else has already used the product key, you will receive a message saying you have exceeded the number of activations for that particular key. The OS will then ask you to provide a different key and click Retry.

How to activate Windows 7 without a product key

Using a product key is one way of activating Windows 7. But sometimes it’s not easy to get a working product key. You can activate Windows 7 without a product key. Here are two simple methods to activate Windows 7 if you don’t have a product key.

Method 1: Remove the SLUI file

Follow these simple steps to delete the SLUI file:

Step 1: Go to C:// drive (or where the folder with Windows 7 is

Step 2: Find the folder named System-32 and double-click it

Step 3: Use the search tool in File Manager to find SLUI file

Step 4: This file contains the Windows 7 key, so you have to delete it

Step 5: Right-click on the file and select the properties option

Step 6: In the new window, click on the Security tab and select Users

Step 7: Click Advanced to open a new window with SLUI Advanced security settings

Step 8: Click the Owner tab and select owner as user and then click Apply

Step 9: Go back to the folder containing the SLUI file

Step 10: Right-click on it again and select the properties option

Step 11: Again, click on the Security tab, select users, and hit the Edit button

Step 12: Edit Permissions for the system owner or current user in the next window

Step 13: Click the username and tick the box next to Full control to okay this permission. This should activate Windows 7 without a product key

Step 14: Click OK and close all open windows. Only leave the System 32 folder.

Step 15: Click the SLUI file once and hit the Delete button on the keyboard If this method doesn’t work, try out the next method below.

Method 2: Using CMD

Advanced Systemcare Ultimate Serial Key

Follow these steps to activate your Windows 7 using CMD:

Step 1: Enter CMD into the Windows search and run it as system administrator

Step 2: Enter the command slmgr –rearm in CMD

Step 3: Hit Enter on your keyboard

Cyberlink Powerdirector 15 Ultimate Serial Key

Step 4: Restart your computer after getting a prompt to do so

Step 5: After restarting the computer, go to CMD again and type the command slmgr –ato

Step 6: Press Enter againStep 7: You will get a message that you have activated Windows 7 successfully

Conclusion

Visual Studio 2010 Ultimate Serial Key

Hopefully, you have found a working Windows 7 product key here, and you’ve successfully activated your Windows 7. You can also try one of the methods here that allow you to activate Windows 7 without a product key.

Rustangelo Pro Ultimate Serial Key Replacement

1. Phished fontdrvhost.exe Infection?

   JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

   I have finally solved the issue. Through using your 'Recovery Environment' method you taught me, I entered the commands I did in the pictures above and forcefully deleted the folder and all of it's subsidiaries. I believe the issue to be solved, as the folder is completely gone. Please get back to me and tell me if there is any other things I need to do to make sure my PC is clean. It's been a pleasure working with you!

2. Phished fontdrvhost.exe Infection?

   JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

   Can confirm as of now, I no longer have permissions over the file. I get access denied on even viewing the permissions and cannot see who owns the file anymore.

3. Phished fontdrvhost.exe Infection?

   JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

   Logic, Studio One, Cubase, Sonar, Pro Tools, etc. I've tried quite a few programs over past 5 years of playing around and learning about daw and home studio for fun, and I can say they are all great, yet all have issues in one way or another for some as I've seen or experienced myself in some cases. All the same version til it gets sorted out. Lots of complaints out there for them all for different reasons. Problem is most daws do a million things, and each user is using it differently and features that nobody else is, so could be solid for most, not at all for some.

   I've also tried deleting the file through commands, to no avail. I get access denied. https://gyazo.com/bf1e937e30d887268793e12f633e7321 https://gyazo.com/8c82f84f62c7f0eae2a75b57514f0e7f

4. Phished fontdrvhost.exe Infection?

   JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

   Yeah, I understand if you need to go to bed. Anyway, https://gyazo.com/ac8488d39e19e6c90bcff6e5a2d01eb1 is the result of me doing so after attempting to unlock it. I had a feeling this would be the outcome since the file in the folder is constantly in use. If you have any more ideas about how to solve this problem, please get back to me.

5. Phished fontdrvhost.exe Infection?

   JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

   I'm going to leave and come back in an hr. Thank you so much for helping me thus far, but I've decided to treat my family for dinner and take an hr break. I'll be back in like 1 hr to continue working with you, I'm sure you could probably use a break as well Thanks again, and see you soon.

6. Phished fontdrvhost.exe Infection?

   JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

   GrantPerms by Farbar Ran by Gina (administrator) at 2018-04-29 19:15:33 ?D:CProgram Files (x86)Imouto Paradise 3 Owner: DESKTOP-8CFTPA0Gina DACL(NP)(AI): Everyone FULL ALLOW (I) Everyone FULL ALLOW (CI)(OI)(IO)(I) BUILTINAdministrators FULL ALLOW (I) BUILTINAdministrators FULL ALLOW (CI)(OI)(IO)(I) NT AUTHORITYSYSTEM FULL ALLOW (I) NT AUTHORITYSYSTEM FULL ALLOW (CI)(OI)(IO)(I) NT AUTHORITYAuthenticated Users change ALLOW (I) NT AUTHORITYAuthenticated Users change ALLOW (CI)(OI)(IO)(I) BUILTINUsers READ/EXECUTE ALLOW (I) BUILTINUsers READ/EXECUTE ALLOW (CI)(OI)(IO)(I) End Of List

7. Phished fontdrvhost.exe Infection?

   JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

   I got an error. I can say with surety that the majority of our problems are because it's hidden behind Asian characters. Once again, the program we tried to use couldn't recognize the lettering and find the path as seen in the below log, apparently it shows it as '?'s. GrantPerms by Farbar Ran by Gina (administrator) at 2018-04-29 19:06:54 ERROR: Parsing the SD of <?D:CProgram Files (x86)Imouto Paradise 3Game ???????? resmoonstone.TTE> failed with: The system cannot find the path specified. Operating system error message: The system cannot find the path specified. End Of List

8. Phished fontdrvhost.exe Infection?

   JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

   https://gyazo.com/87a6ac9d31365c6b3d280f4d3cf7ed3f My admin account isn't listed, it's quoted as everyone has full control. Doesn't seem to be true though, as when I tried deleting it a couple times through different methods, I ended up getting a 'you don't have permission to do this' error.

9. Phished fontdrvhost.exe Infection?

   JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

   The directory remains the same, and the file is still there at the end https://gyazo.com/3ed2f38abd840355ad1c9276ae217ee8 Fix result of Farbar Recovery Scan Tool (x64) Version: 25.04.2018 Ran by SYSTEM (29-04-2018 18:15:22) Run:4 Running from E: Boot Mode: Recovery fixlist content: ***************** start D:CProgram Files (x86)Imouto Paradise 3 end ***************** 'D:CProgram Files (x86)Imouto Paradise 3' => not found End of Fixlog 18:15:24

10. Phished fontdrvhost.exe Infection?

    JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

    Yes, I navigated there the moment I rebooted after the recovery environment fix. It remains.

11. Phished fontdrvhost.exe Infection?

    JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

    The log requested is below, though I can confirm the file remains. Fix result of Farbar Recovery Scan Tool (x64) Version: 25.04.2018 Ran by SYSTEM (29-04-2018 18:00:40) Run:3 Running from E: Boot Mode: Recovery fixlist content: ***************** start D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３resmoonstone.TTE end ***************** 'D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３resmoonstone.TTE' => not found End of Fixlog 18:00:41

12. Phished fontdrvhost.exe Infection?

    JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

    I have a USB, but don't know how to access what you are talking about. You'll need to explain it to me.

13. Phished fontdrvhost.exe Infection?

    JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

    I got an 'invalid file path' Syntax error when trying to execute the script. I'll repeat the directory just incase, D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３res I believe the problem may be in the Asian text beforehand, but I don't know, I'm not an expert. (edit) this symbol '！' inside of the file path is much larger than a normal ! symbol is, when I highlight it with my mouse it's very large within the file path. It seems to be an error in fonts because my computer doesn't recognize whatever was written. That may be the source of the problem.

14. Phished fontdrvhost.exe Infection?

    JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

    The log requested Fix result of Farbar Recovery Scan Tool (x64) Version: 25.04.2018 Ran by Gina (29-04-2018 17:02:16) Run:2 Running from D:Desktop Loaded Profiles: Gina (Available Profiles: defaultuser0 & Gina) Boot Mode: Normal fixlist content: ***************** start Unlock: D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３resmoonstone.TTE D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３resmoonstone.TTE end ***************** 'D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３resmoonstone.TTE' => was unlocked Could not move 'D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３resmoonstone.TTE' => Scheduled to move on reboot. Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-04-2018 17:03:14) D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３resmoonstone.TTE => Could not move End of Fixlog 17:03:14 File is still there

15. Phished fontdrvhost.exe Infection?

    JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

    The log you requested is below Fix result of Farbar Recovery Scan Tool (x64) Version: 25.04.2018 Ran by Gina (29-04-2018 16:43:01) Run:1 Running from D:Desktop Loaded Profiles: Gina (Available Profiles: defaultuser0 & Gina) Boot Mode: Normal fixlist content: ***************** start CloseProcesses: CreateRestorePoint: D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３resmoonstone.TTE EmptyTemp: end ***************** Processes closed successfully. Error: (0) Failed to create a restore point. Could not move 'D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３resmoonstone.TTE' => Scheduled to move on reboot. EmptyTemp: BITS transfer queue => 7888896 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 320422923 B Java, Flash, Steam htmlcache => 191568665 B Windows/system/drivers => 3784415 B Edge => 5228981 B Chrome => 83738103 B Firefox => 24613268 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 99918 B NetworkService => 153648 B defaultuser0 => 0 B Gina => 5524690739 B RecycleBin => 0 B EmptyTemp: => 5.7 GB temporary data Removed. Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-04-2018 16:48:59) D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３resmoonstone.TTE => Could not move End of Fixlog 16:48:59 From what I can understand, the problem is still unsolved. The fix listed 'Could not move' next to the file, and the file still remains in the directory unable to be deleted.

16. Phished fontdrvhost.exe Infection?

    JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

    Hello Kevin, I removed the game, and the mail.ru stuff associated with said game. I did not have any extensions or things that seemed malicious as seen on the guide, just the files you found associated with a game called Warface. Yes that is the correct directory of the moonstone.TTE I need removed, it's the only file remaining inside of those folders so it is what's preventing deletion of the folder. Please help me get rid of the moonstone.TTE Thank you.

17. Phished fontdrvhost.exe Infection?

    JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

    The directory of whatever this crap is, is this D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３res The file is inside the final folder And I did some research on the origin on those anticheat files, and apparently they are from a game called Warface that I installed a while back. I suppose I am fine with them being there since anticheats have a bad habit of sticking around after you uninstall a game, I'm kind of used to the annoyance. Feel free to give me directions on how to remove them so that I may do so if need be in the future, but I'd like to focus on removing the previous file mentioned on my PC. Thanks again

18. Phished fontdrvhost.exe Infection?

    JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

    Thanks once more for the fast response https://www.virustotal.com/#/file/56b789f1a4cdddfe382c9ede5f2c749ae1c68c783945699600e01e9688720bb3/detection https://www.virustotal.com/#/file/c07025fc09ba541fa7fd2f1a84bea26083b9d72c4507094cb0cc2abe44e06568/detection The files you requested are apparently some sort of anti cheat for a game, thought I don't know which they are for. As of right now, my main concern is the file listed below, which is currently undeletable from my computer since the assumed phishing attempt by my 'friend'. It came with the install, and is the only remnant of whatever it is I installed left on my computer, and so far I'm still unable to remove it. https://www.virustotal.com/#/file/f4e3a2f1075474b7d87d313cd1fdcd5bd6880994b5e6d4caeaa198fb8fad198a/detection Virus total pings it as clear, but whatever the problem is, it's seemingly immune to deletion. I've tried clearing it through a shred program, removing it's permissions, safemode booting, etc. I'm honestly at a loss.

19. Phished fontdrvhost.exe Infection?

    JJ10157 replied to JJ10157's topic in Resolved Malware Removal Logs

    Thank you so much for the speedy reply, My logs are below, I included a safemode scan I did just before posting this thread as a bonus, the logs you requested will be found below that. Here is the export from a full scan I did in safemode before starting the thread, it ended moments ago after an hr or so. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 4/29/18 Scan Time: 3:26 AM Log File: b019bf2d-4b7e-11e8-a069-000000000000.json Administrator: Yes -Software Information- Version: 3.4.5.2467 Components Version: 1.0.0 Update Package Version: 1.0.4914 License: Premium -System Information- OS: Windows 8 CPU: x64 File System: NTFS User: DESKTOP-8CFTPA0Gina -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1172975 Threats Detected: 0 (No malicious items detected) Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 1 hr, 48 min, 44 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end) Here is a new log I just did outside of safemode, done with Scan for Rootkits on as requested Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 4/29/18 Scan Time: 5:27 AM Log File: 95d73aca-4b8f-11e8-ab59-00ff4aa4be0c.json Administrator: Yes -Software Information- Version: 3.4.5.2467 Components Version: 1.0.0 Update Package Version: 1.0.4914 License: Premium -System Information- OS: Windows 10 (Build 16299.371) CPU: x64 File System: NTFS User: DESKTOP-8CFTPA0Gina -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 377636 Threats Detected: 0 (No malicious items detected) Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 3 min, 56 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end) The FRST.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.04.2018 Ran by Gina (administrator) on DESKTOP-8CFTPA0 (29-04-2018 05:33:20) Running from D:Desktop Loaded Profiles: Gina & (Available Profiles: defaultuser0 & Gina) Platform: Windows 10 Pro Version 1709 16299.371 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ Processes (Whitelisted) (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe (NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe (Sandboxie Holdings, LLC) C:Program FilesSandboxieSbieSvc.exe (Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraAntivirussched.exe (Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraAntivirusavguard.exe (Apple Inc.) C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe (Windows (R) Win 7 DDK provider) C:WindowsSystem32AdminService.exe (Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraLauncherAvira.ServiceHost.exe () C:Program Files (x86)IntelIntel(R) Security AssistisaHelperService.exe (Apple Inc.) C:Program FilesBonjourmDNSResponder.exe () C:Program Files (x86)RazerRazer ServicesGSSGameScannerService.exe (Rivet Networks) C:Program FilesKiller NetworkingNetwork ManagerKillerService.exe (NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe (Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe (SecureMix LLC) C:Program Files (x86)GlassWireGWCtlSrv.exe (NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.14.17639.18041-0MsMpEng.exe (NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNvTelemetryNvTelemetryContainer.exe (Logitech Inc.) C:Program FilesLogitech Gaming SoftwareDriversAPOServiceLogiRegistryService.exe (Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe (Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe (TeamViewer GmbH) C:Program Files (x86)TeamViewerTeamViewer_Service.exe () C:Program FilesSentinelSentinel.exe () C:Program Filespia_managerpia_manager.exe (NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNvContainernvcontainer.exe (Microsoft Corporation) C:WindowsSystem32dllhost.exe (SecureMix LLC) C:Program Files (x86)GlassWireGWIdlMon.exe (Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe (Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe (Microsoft Corporation) C:Program FilesWindows DefenderMSASCuiL.exe (Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraAntivirusavshadow.exe (Valve Corporation) D:CProgram Files (x86)SteamSteam.exe (Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembam.exe (Valve Corporation) D:CProgram Files (x86)Steambincefcef.win7steamwebhelper.exe (Valve Corporation) C:Program Files (x86)Common FilesSteamSteamService.exe (Valve Corporation) D:CProgram Files (x86)Steambincefcef.win7steamwebhelper.exe (Nota Inc.) C:Program Files (x86)GyazoGyStation.exe () D:CProgram Files (x86)Steamsteamappscommonwallpaper_enginewallpaper64.exe (SecureMix LLC) C:Program Files (x86)GlassWireGlassWire.exe (Razer Inc.) C:Program Files (x86)RazerSynapseRzSynapse.exe (hxxp://www.ruby-lang.org/) C:UsersGinaAppDataLocalTempocr5227.tmpbinrubyw.exe (Valve Corporation) D:CProgram Files (x86)Steambincefcef.win7steamwebhelper.exe (NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe (NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe () C:Program Filespia_managerpia_manager.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe (NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraAntivirusavgnt.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraLauncherAvira.Systray.exe (hxxp://www.ruby-lang.org/) C:UsersGinaAppDataLocalTempocrBBAE.tmpbinrubyw.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Intel Corporation) C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe (Intel Corporation) C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (Don HO don.h@free.fr) D:CProgram FilesNotepad++notepad++.exe (Microsoft Corporation) C:WindowsSystem32wbemWMIADAP.exe (The NWJS Community) C:Program Filespia_managerpia_tray_binnw-winpia_nw.exe (The NWJS Community) C:Program Filespia_managerpia_tray_binnw-winpia_nw.exe (The NWJS Community) C:Program Filespia_managerpia_tray_binnw-winpia_nw.exe (Microsoft Corporation) C:WindowsWinSxSamd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.367_none_16d8803832210deeTiWorker.exe Registry (Whitelisted) (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM..Run: [SecurityHealth] => C:Program FilesWindows DefenderMSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM..Run: [Launch LCore] => C:Program FilesLogitech Gaming SoftwareLCore.exe [17406072 2017-01-23] (Logitech Inc.) HKLM..Run: [MS7966] => C:Program FilesXtreme Audio DACCPLXtreme Audio DAC_x64.exe [2883072 2016-03-21] () HKLM..Run: [iTunesHelper] => C:Program FilesiTunesiTunesHelper.exe [298296 2018-01-22] (Apple Inc.) HKLM-x32..Run: [Razer Synapse] => C:Program Files (x86)RazerSynapseRzSynapse.exe [596664 2017-08-30] (Razer Inc.) HKLM-x32..Run: [Avira SystrayStartTrigger] => C:Program Files (x86)AviraLauncherAvira.SystrayStartTrigger.exe [98024 2018-03-28] (Avira Operations GmbH & Co. KG) HKLM-x32..Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [587288 2017-12-19] (Oracle Corporation) HKUS-1-5-21-3136049691-254176528-2049032503-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751448..RunOnce: [WAB Migrate] => C:Program FilesWindows Mailwab.exe [519680 2017-09-29] (Microsoft Corporation) HKUS-1-5-21-3136049691-254176528-2049032503-1002..Run: [Steam] => D:CProgram Files (x86)Steamsteam.exe [3199776 2018-04-02] (Valve Corporation) HKUS-1-5-21-3136049691-254176528-2049032503-1002..Run: [DAEMON Tools Lite Automount] => C:Program FilesDAEMON Tools LiteDTAgent.exe [4701888 2017-02-06] (Disc Soft Ltd) HKUS-1-5-21-3136049691-254176528-2049032503-1002..Run: [MyComGames] => 'C:UsersGinaAppDataLocalMyComGamesMyComGames.exe' -autostart HKUS-1-5-21-3136049691-254176528-2049032503-1002..Run: [SandboxieControl] => C:Program FilesSandboxieSbieCtrl.exe [3682968 2018-03-08] (Sandboxie Holdings, LLC) HKUS-1-5-21-3136049691-254176528-2049032503-1002..Run: [Gyazo] => C:Program Files (x86)GyazoGyStation.exe [5345672 2017-12-21] (Nota Inc.) HKUS-1-5-21-3136049691-254176528-2049032503-1002..Run: [WallpaperEngine] => D:CProgram Files (x86)Steamsteamappscommonwallpaper_enginewallpaper64.exe [1845224 2018-04-08] () HKUS-1-5-21-3136049691-254176528-2049032503-1002..Run: [Skype] => C:Program Files (x86)SkypePhoneSkype.exe [27832264 2017-10-10] (Skype Technologies S.A.) HKUS-1-5-21-3136049691-254176528-2049032503-1002..Run: [iCloudServices] => C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe [67384 2018-01-10] (Apple Inc.) HKUS-1-5-21-3136049691-254176528-2049032503-1002..Run: [GalaxyClient] => D:CProgram Files (x86)GOG GalaxyGalaxyClient.exe [6448712 2018-04-23] (GOG.com) HKUS-1-5-21-3136049691-254176528-2049032503-1002..Run: [GlassWire] => C:Program Files (x86)GlassWireglasswire.exe [5429712 2018-04-02] (SecureMix LLC) HKUS-1-5-21-3136049691-254176528-2049032503-1002..Run: [TSMApplication] => C:Program Files (x86)TradeSkillMaster ApplicationappTSMApplication.exe [1623040 2017-12-03] () HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Run: [Steam] => D:CProgram Files (x86)Steamsteam.exe [3199776 2018-04-02] (Valve Corporation) HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Run: [DAEMON Tools Lite Automount] => C:Program FilesDAEMON Tools LiteDTAgent.exe [4701888 2017-02-06] (Disc Soft Ltd) HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Run: [MyComGames] => 'C:UsersGinaAppDataLocalMyComGamesMyComGames.exe' -autostart HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Run: [SandboxieControl] => C:Program FilesSandboxieSbieCtrl.exe [3682968 2018-03-08] (Sandboxie Holdings, LLC) HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Run: [Gyazo] => C:Program Files (x86)GyazoGyStation.exe [5345672 2017-12-21] (Nota Inc.) HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Run: [WallpaperEngine] => D:CProgram Files (x86)Steamsteamappscommonwallpaper_enginewallpaper64.exe [1845224 2018-04-08] () HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Run: [Skype] => C:Program Files (x86)SkypePhoneSkype.exe [27832264 2017-10-10] (Skype Technologies S.A.) HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Run: [iCloudServices] => C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe [67384 2018-01-10] (Apple Inc.) HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Run: [GalaxyClient] => D:CProgram Files (x86)GOG GalaxyGalaxyClient.exe [6448712 2018-04-23] (GOG.com) HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Run: [GlassWire] => C:Program Files (x86)GlassWireglasswire.exe [5429712 2018-04-02] (SecureMix LLC) HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Run: [TSMApplication] => C:Program Files (x86)TradeSkillMaster ApplicationappTSMApplication.exe [1623040 2017-12-03] () Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupKiller Network Manager.lnk [2017-03-10] ShortcutTarget: Killer Network Manager.lnk -> C:Program FilesKiller NetworkingNetwork ManagerNetworkManager.exe (Rivet Networks) Startup: C:UsersGinaAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupTwitch.lnk [2018-04-19] ShortcutTarget: Twitch.lnk -> D:CProgram Files (x86)TwitchBinTwitch.exe (Twitch Interactive, Inc.) GroupPolicy: Restriction < ATTENTION Internet (Whitelisted) (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) TcpipParameters: [DhcpNameServer] 192.168.1.1 Tcpip.Interfaces{06612889-82f6-4bd7-8618-ef0b5ac2d66e}: [DhcpNameServer] 192.168.1.1 Tcpip.Interfaces{4aa4be0c-c107-4342-a6fc-f6d727638a75}: [DhcpNameServer] 209.222.18.222 209.222.18.218 Tcpip.Interfaces{b5498119-0702-465f-ad52-0e08033f3bb1}: [DhcpNameServer] 192.168.1.1 Internet Explorer: HKUS-1-5-21-3136049691-254176528-2049032503-1002SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://www.originpc.com/ HKUS-1-5-21-3136049691-254176528-2049032503-1002SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://www.originpc.com/ HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://www.originpc.com/ HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://www.originpc.com/ BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program Files (x86)Javajre1.8.0_161binssv.dll [2018-01-19] (Oracle Corporation) BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:CProgram Files (x86)ArcPluginsArcPluginIE.dll [2017-04-28] (Perfect World Entertainment Inc) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program Files (x86)Javajre1.8.0_161binjp2ssv.dll [2018-01-19] (Oracle Corporation) FireFox: FF ProfilePath: C:UsersGinaAppDataRoamingMozillaFirefoxProfilesmJEGqlMi.default [2018-04-29] FF Extension: (Avira Browser Safety) - C:UsersGinaAppDataRoamingMozillaFirefoxProfilesmJEGqlMi.defaultExtensionsabs@avira.com.xpi [2018-01-27] FF Plugin: @adobe.com/FlashPlayer -> C:WINDOWSsystem32MacromedFlashNPSWF64_29_0_0_140.dll [2018-04-10] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:WINDOWSSysWOW64MacromedFlashNPSWF32_29_0_0_140.dll [2018-04-10] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:Program Files (x86)IntelIntel(R) Management Engine ComponentsIPTnpIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:Program Files (x86)IntelIntel(R) Management Engine ComponentsIPTnpIntelWebAPIUpdater.dll [2015-08-25] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:Program Files (x86)Javajre1.8.0_161bindtpluginnpDeployJava1.dll [2018-01-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:Program Files (x86)Javajre1.8.0_161binplugin2npjp2.dll [2018-01-19] (Oracle Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dv.dll [2018-03-15] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll [2018-03-15] (NVIDIA Corporation) FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:CProgram Files (x86)ArcPluginsnpArcPluginFF.dll [2017-04-28] (Perfect World Entertainment Inc) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:Program Files (x86)GoogleUpdate1.3.33.7npGoogleUpdate3.dll [2017-11-13] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:Program Files (x86)GoogleUpdate1.3.33.7npGoogleUpdate3.dll [2017-11-13] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2018-02-11] (Adobe Systems Inc.) FF Plugin HKUS-1-5-21-3136049691-254176528-2049032503-1002: @my.com/Games -> C:UsersGinaAppDataLocalMyComGamesNPMyComDetector.dll [No File] FF Plugin HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506: @my.com/Games -> C:UsersGinaAppDataLocalMyComGamesNPMyComDetector.dll [No File] Chrome: CHR Profile: C:UsersGinaAppDataLocalGoogleChromeUser DataDefault [2018-04-29] CHR Extension: (Slides) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (Docs) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Google Drive) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2016-10-09] CHR Extension: (YouTube) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-09] CHR Extension: (Adblock Plus) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb [2018-04-19] CHR Extension: (Share on Rabbit) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionsdplabnbcafdgpcjmibgkekpaejlfhnkl [2017-04-21] CHR Extension: (Adobe Acrobat) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionsefaidnbmnnnibpcajpcglclefindmkaj [2017-05-19] CHR Extension: (Sheets) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (Google Docs Offline) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-09] CHR Extension: (AdBlock) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2018-04-19] CHR Extension: (Disconnect) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionsjeoacafpbcihiomhlakheieifhpjdfeo [2017-02-25] CHR Extension: (Popup Blocker Pro) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionskiodaajmphnkcajieajajinghpejdjai [2018-04-17] CHR Extension: (Chrome Web Store Payments) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2018-04-02] CHR Extension: (Gmail) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2016-10-09] CHR Extension: (Chrome Media Router) - C:UsersGinaAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-23] CHR HKLM..ChromeExtension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32..ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32..ChromeExtension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx Services (Whitelisted) (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:Program Files (x86)AviraAntivirusavmailc7.exe [879128 2018-04-26] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:Program Files (x86)AviraAntivirussched.exe [224472 2018-04-26] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:Program Files (x86)AviraAntivirusavguard.exe [224472 2018-04-26] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:Program Files (x86)AviraAntivirusavwebg7.exe [1165320 2018-04-26] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.) S3 ArcService; D:CProgram Files (x86)ArcArcService.exe [87064 2017-04-28] (Perfect World Entertainment Inc) R2 Avira.ServiceHost; C:Program Files (x86)AviraLauncherAvira.ServiceHost.exe [449240 2018-03-28] (Avira Operations GmbH & Co. KG) S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [6076936 2018-04-05] () S3 Disc Soft Lite Bus Service; C:Program FilesDAEMON Tools LiteDiscSoftBusServiceLite.exe [1471168 2017-02-06] (Disc Soft Ltd) S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [610464 2018-01-18] (EasyAntiCheat Ltd) S3 EvoSvc; C:Program FilesEchobitEvolveEvoSvc.exe [1583488 2016-12-28] (Echobit LLC) S3 GalaxyClientService; D:CProgram Files (x86)GOG GalaxyGalaxyClientService.exe [665160 2018-04-23] (GOG.com) S3 GalaxyCommunication; C:ProgramDataGOG.comGalaxyredistsGalaxyCommunication.exe [8109640 2018-04-23] (GOG.com) R2 GlassWire; C:Program Files (x86)GlassWireGWCtlSrv.exe [4327376 2018-04-02] (SecureMix LLC) S3 Intel(R) Security Assist; C:Program Files (x86)IntelIntel(R) Security Assistisa.exe [335872 2015-05-19] (Intel Corporation) [File not signed] R2 isaHelperSvc; C:Program Files (x86)IntelIntel(R) Security AssistisaHelperService.exe [7680 2015-05-19] () [File not signed] R2 jhi_service; C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe [207648 2015-09-12] (Intel Corporation) R2 Killer Service V2; C:Program FilesKiller NetworkingNetwork ManagerKillerService.exe [457104 2017-03-03] (Rivet Networks) R2 LogiRegistryService; C:Program FilesLogitech Gaming SoftwareDriversAPOServiceLogiRegistryService.exe [225400 2017-01-23] (Logitech Inc.) S4 MBAMScheduler; D:CProgram Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:Program FilesMalwarebytesAnti-Malwarembamservice.exe [6479136 2018-03-27] (Malwarebytes) S3 mracsvc; C:WINDOWSSystem32mracsvc.exe [8010968 2018-03-09] (LLC Mail.Ru) S3 npggsvc; C:WindowsSysWOW64GameMon.des [7986816 2016-11-06] (INCA Internet Co., Ltd.) R2 NvContainerLocalSystem; C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation) S3 NvContainerNetworkService; C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation) R2 NvNetworkService; C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe [1881144 2016-06-14] (NVIDIA Corporation) R2 Razer Chroma SDK Server; C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe [431616 2017-11-07] (Razer Inc.) [File not signed] R2 Razer Chroma SDK Service; C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe [919200 2017-11-29] (Razer Inc.) R2 Razer Game Scanner Service; C:Program Files (x86)RazerRazer ServicesGSSGameScannerService.exe [189264 2017-07-19] () S3 rpcapd; C:Program Files (x86)WinPcaprpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.) R2 SbieSvc; C:Program FilesSandboxieSbieSvc.exe [328344 2018-03-09] (Sandboxie Holdings, LLC) S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [4329952 2017-11-26] (Microsoft Corporation) R2 TeamViewer; C:Program Files (x86)TeamViewerTeamViewer_Service.exe [11294448 2018-03-09] (TeamViewer GmbH) S3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.14.17639.18041-0NisSrv.exe [4632736 2018-04-25] (Microsoft Corporation) R2 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.14.17639.18041-0MsMpEng.exe [104680 2018-04-25] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; 'C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe' -s NVDisplay.ContainerLocalSystem -f 'C:ProgramDataNVIDIANVDisplay.ContainerLocalSystem.log' -l 3 -d 'C:Program FilesNVIDIA CorporationDisplay.NvContainerpluginsLocalSystem' -r -p 30000 R2 NvTelemetryContainer; 'C:Program Files (x86)NVIDIA CorporationNvTelemetryNvTelemetryContainer.exe' -s NvTelemetryContainer -f 'C:ProgramDataNVIDIANvTelemetryContainer.log' -l 3 -d 'C:Program Files (x86)NVIDIA CorporationNvTelemetryplugins' -r Drivers (Whitelisted) (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:WindowsSysWow64driversAsIO.sys [15232 2014-09-08] () R0 avdevprot; C:WINDOWSSystem32DRIVERSavdevprot.sys [60920 2017-06-13] (Avira Operations GmbH & Co. KG) R2 avgntflt; C:WINDOWSSystem32DRIVERSavgntflt.sys [179488 2018-04-26] (Avira Operations GmbH & Co. KG) R1 avipbb; C:WINDOWSsystem32DRIVERSavipbb.sys [170488 2018-04-26] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:WINDOWSsystem32DRIVERSavkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:WINDOWSsystem32DRIVERSavnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG) R0 avusbflt; C:WINDOWSSystem32Driversavusbflt.sys [38048 2017-06-13] (Avira Operations GmbH & Co. KG) R1 BfLwf; C:WINDOWSsystem32DRIVERSbwcW10x64.sys [148200 2017-02-28] (Rivet Networks, LLC.) R3 dtlitescsibus; C:WINDOWSSystem32driversdtlitescsibus.sys [30264 2017-04-01] (Disc Soft Ltd) R3 dtliteusbbus; C:WINDOWSSystem32driversdtliteusbbus.sys [47672 2017-04-01] (Disc Soft Ltd) R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [76192 2018-03-19] () S3 EvolveVirtualAdapter; C:WINDOWSSystem32driversevolve.sys [21656 2016-12-28] (Echobit, LLC) R3 FTDIBUS; C:WINDOWSsystem32driversftdibus.sys [118160 2016-10-04] (Future Technology Devices International Ltd.) R3 FTSER2K; C:WINDOWSsystem32driversftser2k.sys [88752 2016-10-04] () R1 gwdrv; C:WINDOWSsystem32DRIVERSgwdrv.sys [33152 2015-05-29] (SecureMix LLC) S3 Hamachi; C:WINDOWSSystem32driversHamdrv.sys [45680 2016-11-11] (LogMeIn Inc.) R3 KillerEth; C:WINDOWSSystem32driverse2xw10x64.sys [145920 2017-09-29] (Qualcomm Atheros, Inc.) R2 LGCoreTemp; C:Program FilesLogitech Gaming SoftwareDriversLgCoreTemplgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:WINDOWSsystem32driversLGJoyXlCore.sys [67736 2017-01-23] (Logitech Inc.) R3 LGSHidFilt; C:WINDOWSsystem32DRIVERSLGSHidFilt.Sys [64280 2017-01-23] (Logitech Inc.) R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [193768 2018-04-29] (Malwarebytes) R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [112864 2018-04-29] (Malwarebytes) R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [44768 2018-04-29] (Malwarebytes) R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [253664 2018-04-29] (Malwarebytes) R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [102112 2018-04-29] (Malwarebytes) S3 mracdrv; C:WINDOWSSystem32driversmracdrv.sys [7238880 2018-03-09] (LLC Mail.Ru) R3 MS7966; C:WINDOWSsystem32DRIVERSMS7966.sys [3769848 2015-07-31] (C-MEDIA Inc.) R3 mt7612US; C:WINDOWSSystem32driversmt7612US.sys [377864 2015-12-09] (MediaTek Inc.) R2 npf; C:Windowssystem32driversnpf.sys [36600 2013-02-28] (Riverbed Technology, Inc.) R3 nvlddmkm; C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_95d88c9d04436846nvlddmkm.sys [17526688 2018-03-16] (NVIDIA Corporation) S3 NvStreamKms; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:WINDOWSsystem32driversnvvad64v.sys [59240 2017-12-14] (NVIDIA Corporation) R3 nvvhci; C:WINDOWSSystem32driversnvvhci.sys [58816 2018-03-15] (NVIDIA Corporation) R3 rzendpt; C:WINDOWSSystem32driversrzendpt.sys [52240 2016-10-30] (Razer Inc) R2 rzpmgrk; C:Windowssystem32driversrzpmgrk.sys [45752 2017-07-19] (Razer, Inc.) R2 rzpnk; C:Windowssystem32driversrzpnk.sys [139704 2017-07-18] (Razer, Inc.) S3 RZSURROUNDVADService; C:WINDOWSsystem32driversRzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider) R3 SbieDrv; C:Program FilesSandboxieSbieDrv.sys [228208 2018-03-09] (Sandboxie Holdings, LLC) R3 USBPcap; C:WINDOWSsystem32DRIVERSUSBPcap.sys [51104 2016-08-02] (USBPcap) R3 VBAudioVACMME; C:WINDOWSsystem32DRIVERSvbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider) S3 VBoxNetAdp; C:WINDOWSsystem32DRIVERSVBoxNetAdp6.sys [196040 2017-09-13] (Oracle Corporation) R1 VBoxNetLwf; C:WINDOWSsystem32DRIVERSVBoxNetLwf.sys [206976 2017-09-13] (Oracle Corporation) S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [46072 2018-04-25] (Microsoft Corporation) R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [313888 2018-04-25] (Microsoft Corporation) S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [61472 2018-04-25] (Microsoft Corporation) R3 WinRing0_1_2_0; C:Program FilesSentinelSentinel.sys [14544 2018-04-29] (OpenLibSys.org) R3 XSplit_Dummy; C:WINDOWSsystem32driversxspltspk.sys [26200 2016-06-15] (SplitmediaLabs Limited) NetSvcs (Whitelisted) (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) One Month Created files and folders (If an entry is included in the fixlist, the file/folder will be moved.) 2018-04-29 05:32 - 2018-04-29 05:33 - 000000000 ____D C:FRST 2018-04-29 05:29 - 2018-04-29 05:29 - 002405888 _____ (Farbar) C:UsersGinaDownloadsFRST64.exe 2018-04-29 03:16 - 2018-04-29 03:16 - 001931969 _____ C:UsersGinaDownloadsProcessExplorer.zip 2018-04-29 02:50 - 2018-04-29 02:50 - 001531356 _____ (site2unblock.com ) C:UsersGinaDownloadsfile-folder-shredder-setup.exe 2018-04-29 02:50 - 2018-04-29 02:50 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFile Folder Shredder 2018-04-29 02:50 - 2018-04-29 02:50 - 000000000 ____D C:Program FilesFile Folder Shredder 2018-04-29 02:45 - 2018-04-29 02:45 - 000167034 _____ C:UsersGinaDownloadsfileassassin-setup-1.06.exe 2018-04-29 02:45 - 2018-04-29 02:45 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFileASSASSIN 2018-04-29 02:45 - 2018-04-29 02:45 - 000000000 ____D C:Program Files (x86)FileASSASSIN 2018-04-29 02:36 - 2018-04-29 02:36 - 000000000 ____D C:UsersGinaAppDataRoamingMicrosoftWindowsStart MenuProgramsムーンストーン 2018-04-26 14:19 - 2018-04-26 14:19 - 000288341 _____ C:UsersGinaDownloads_NPCScan.Overlay-7.1.0.1.zip 2018-04-26 14:19 - 2018-04-26 14:19 - 000277462 _____ C:UsersGinaDownloads_NPCScan.Overlay-7.3.0.1 (1).zip 2018-04-26 14:17 - 2018-04-26 14:17 - 000277462 _____ C:UsersGinaDownloads_NPCScan.Overlay-7.3.0.1.zip 2018-04-25 23:48 - 2018-04-25 23:48 - 000000000 ____D C:UsersGinaAppDataRoamingTradeSkillMaster 2018-04-25 23:47 - 2018-04-25 23:48 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsTradeSkillMaster Application 2018-04-25 23:47 - 2018-04-25 23:47 - 000000000 ____D C:Program Files (x86)TradeSkillMaster Application 2018-04-25 23:46 - 2018-04-25 23:47 - 012639434 _____ (TradeSkillMaster ) C:UsersGinaDownloadssetup.exe 2018-04-24 15:26 - 2018-04-24 15:26 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsIronsight 2018-04-24 15:10 - 2018-04-24 15:10 - 000577056 _____ (gamigo AG) C:UsersGinaDownloadsIronsight_US_downloader.exe 2018-04-22 22:00 - 2018-04-22 22:00 - 003510888 _____ C:UsersGinaDownloadselvui-10.73.zip 2018-04-22 15:50 - 2018-04-22 15:50 - 000000279 _____ C:UsersGinaAppDataRoamingMicrosoftWindowsStart MenuProgramsRecycle Bin (2).lnk 2018-04-21 21:39 - 2018-04-21 21:39 - 000000000 ____D C:UsersGinaDocumentsCPY_SAVES 2018-04-21 21:36 - 2018-04-21 21:36 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFar Cry 5 2018-04-21 17:24 - 2018-04-21 17:24 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRAR Password Unlocker 2018-04-21 17:19 - 2018-04-21 17:23 - 013338017 _____ (RAR Password Unlocker, Inc. ) C:UsersGinaDownloadsrar_password_unlocker_trial.exe 2018-04-19 20:07 - 2018-04-19 20:07 - 000000852 _____ C:UsersGinaAppDataRoamingMicrosoftWindowsStart MenuProgramsTwitch.lnk 2018-04-19 20:07 - 2018-04-19 20:07 - 000000000 ____D C:UsersGinaAppDataRoamingTwitch 2018-04-19 20:07 - 2018-04-19 20:07 - 000000000 ____D C:ProgramDataTwitch 2018-04-19 20:06 - 2018-04-19 20:06 - 086021744 _____ C:UsersGinaDownloadsTwitchSetup_[usher-96432503].exe 2018-04-19 17:00 - 2018-04-19 17:00 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWorld of Warcraft 2018-04-19 09:17 - 2018-04-19 09:17 - 052633556 _____ C:UsersGinaDownloadsWHO WILL SAVE US NOW _ by David Chappell.mp4 2018-04-17 14:51 - 2018-04-17 15:18 - 000000000 ____D C:UsersGinaAppDataLocalSpyParty 2018-04-15 19:58 - 2018-04-24 15:39 - 000000000 ____D C:UsersGinaAppDataRoamingEasyAntiCheat 2018-04-14 14:39 - 2018-04-14 14:39 - 000000000 ____D C:UsersGinaAppDataLocalGlassWire 2018-04-14 14:38 - 2018-04-14 14:38 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGlassWire 2018-04-14 14:38 - 2015-05-29 00:30 - 000008392 _____ C:WINDOWSsystem32Driversgwdrv.cat 2018-04-14 14:38 - 2015-05-29 00:15 - 000033152 _____ (SecureMix LLC) C:WINDOWSsystem32Driversgwdrv.sys 2018-04-14 14:35 - 2018-04-14 14:38 - 000000000 ____D C:Program Files (x86)GlassWire 2018-04-14 14:34 - 2018-04-14 14:35 - 035207040 _____ (SecureMix LLC) C:UsersGinaDownloadsGlassWireSetup.exe 2018-04-14 12:04 - 2018-04-23 14:32 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGOG.com 2018-04-14 11:59 - 2018-04-14 11:59 - 190806104 _____ (GOG.com ) C:UsersGinaDownloadssetup_galaxy_1.2.40.57.exe 2018-04-14 11:47 - 2018-04-14 11:47 - 000000000 ____D C:UsersGinaAppDataLocalLowCCCP 2018-04-12 21:45 - 2018-04-12 21:45 - 000000000 ____D C:UsersGinaDocumentsFruitbat Factory 2018-04-10 19:21 - 2018-03-30 01:12 - 000599448 _____ (Microsoft Corporation) C:WINDOWSsystem32securekernel.exe 2018-04-10 19:21 - 2018-03-30 01:08 - 002513920 _____ (Microsoft Corporation) C:WINDOWSsystem32KernelBase.dll 2018-04-10 19:21 - 2018-03-30 01:06 - 000166304 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspartmgr.sys 2018-04-10 19:21 - 2018-03-30 01:03 - 000319864 _____ (Microsoft Corporation) C:WINDOWSsystem32wow64.dll 2018-04-10 19:21 - 2018-03-30 01:03 - 000059808 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversbam.sys 2018-04-10 19:21 - 2018-03-30 01:03 - 000022400 _____ (Microsoft Corporation) C:WINDOWSsystem32wow64cpu.dll 2018-04-10 19:21 - 2018-03-30 01:01 - 008600480 _____ (Microsoft Corporation) C:WINDOWSsystem32ntoskrnl.exe 2018-04-10 19:21 - 2018-03-30 01:01 - 000649304 _____ (Microsoft Corporation) C:WINDOWSsystem32advapi32.dll 2018-04-10 19:21 - 2018-03-30 01:01 - 000471968 _____ (Microsoft Corporation) C:WINDOWSsystem32hal.dll 2018-04-10 19:21 - 2018-03-30 01:00 - 002395040 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversntfs.sys 2018-04-10 19:21 - 2018-03-30 00:59 - 000398744 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversfltMgr.sys 2018-04-10 19:21 - 2018-03-30 00:57 - 000081304 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvmbkmcl.sys 2018-04-10 19:21 - 2018-03-30 00:55 - 000062880 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversfsdepends.sys 2018-04-10 19:21 - 2018-03-30 00:54 - 000749984 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms2.sys 2018-04-10 19:21 - 2018-03-30 00:54 - 000461728 _____ (Microsoft Corporation) C:WINDOWSsystem32wifitask.exe 2018-04-10 19:21 - 2018-03-30 00:54 - 000408992 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms1.sys 2018-04-10 19:21 - 2018-03-30 00:53 - 002710736 _____ (Microsoft Corporation) C:WINDOWSsystem32iertutil.dll 2018-04-10 19:21 - 2018-03-30 00:53 - 000163744 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswfplwfs.sys 2018-04-10 19:21 - 2018-03-30 00:52 - 000727456 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversfvevol.sys 2018-04-10 19:21 - 2018-03-30 00:52 - 000428960 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdbss.sys 2018-04-10 19:21 - 2018-03-30 00:51 - 000902928 _____ (Microsoft Corporation) C:WINDOWSsystem32winhttp.dll 2018-04-10 19:21 - 2018-03-30 00:51 - 000147872 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswcifs.sys 2018-04-10 19:21 - 2018-03-30 00:50 - 000057760 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversnetbios.sys 2018-04-10 19:21 - 2018-03-30 00:28 - 001929712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KernelBase.dll 2018-04-10 19:21 - 2018-03-30 00:27 - 000481464 _____ (Microsoft Corporation) C:WINDOWSSysWOW64advapi32.dll 2018-04-10 19:21 - 2018-03-30 00:23 - 000566664 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CoreMessaging.dll 2018-04-10 19:21 - 2018-03-30 00:13 - 002193176 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iertutil.dll 2018-04-10 19:21 - 2018-03-30 00:10 - 000704080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64winhttp.dll 2018-04-10 19:21 - 2018-03-30 00:07 - 001003160 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ole32.dll 2018-04-10 19:21 - 2018-03-30 00:05 - 000027040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppVClientPS.dll 2018-04-10 19:21 - 2018-03-29 23:46 - 018925056 _____ (Microsoft Corporation) C:WINDOWSSysWOW64edgehtml.dll 2018-04-10 19:21 - 2018-03-29 23:46 - 002902528 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32kfull.sys 2018-04-10 19:21 - 2018-03-29 23:46 - 000133632 _____ (Microsoft Corporation) C:WINDOWSSysWOW64t2embed.dll 2018-04-10 19:21 - 2018-03-29 23:45 - 000344576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64edgeIso.dll 2018-04-10 19:21 - 2018-03-29 23:45 - 000162304 _____ (Microsoft Corporation) C:WINDOWSSysWOW64IndexedDbLegacy.dll 2018-04-10 19:21 - 2018-03-29 23:43 - 019355136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.dll 2018-04-10 19:21 - 2018-03-29 23:43 - 006576128 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Data.Pdf.dll 2018-04-10 19:21 - 2018-03-29 23:43 - 000155648 _____ (Microsoft Corporation) C:WINDOWSSysWOW64EdgeManager.dll 2018-04-10 19:21 - 2018-03-29 23:43 - 000048640 _____ (Microsoft Corporation) C:WINDOWSSysWOW64virtdisk.dll 2018-04-10 19:21 - 2018-03-29 23:43 - 000032768 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rfxvmt.dll 2018-04-10 19:21 - 2018-03-29 23:42 - 000397824 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dxtmsft.dll 2018-04-10 19:21 - 2018-03-29 23:42 - 000268288 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dxtrans.dll 2018-04-10 19:21 - 2018-03-29 23:42 - 000133632 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iepeers.dll 2018-04-10 19:21 - 2018-03-29 23:42 - 000078336 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtmled.dll 2018-04-10 19:21 - 2018-03-29 23:41 - 000459776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64webplatstorageserver.dll 2018-04-10 19:21 - 2018-03-29 23:41 - 000430080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Internal.Bluetooth.dll 2018-04-10 19:21 - 2018-03-29 23:41 - 000369152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msIso.dll 2018-04-10 19:21 - 2018-03-29 23:41 - 000365568 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ieproxy.dll 2018-04-10 19:21 - 2018-03-29 23:41 - 000340480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64html.iec 2018-04-10 19:21 - 2018-03-29 23:40 - 011924992 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ieframe.dll 2018-04-10 19:21 - 2018-03-29 23:40 - 000344064 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iedkcs32.dll 2018-04-10 19:21 - 2018-03-29 23:40 - 000261632 _____ (Microsoft Corporation) C:WINDOWSSysWOW64actxprxy.dll 2018-04-10 19:21 - 2018-03-29 23:39 - 001485312 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpserverbase.dll 2018-04-10 19:21 - 2018-03-29 23:39 - 000559104 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript9diag.dll 2018-04-10 19:21 - 2018-03-29 23:38 - 006032384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakra.dll 2018-04-10 19:21 - 2018-03-29 23:38 - 000966656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Unistore.dll 2018-04-10 19:21 - 2018-03-29 23:38 - 000956928 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpbase.dll 2018-04-10 19:21 - 2018-03-29 23:38 - 000669184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msfeeds.dll 2018-04-10 19:21 - 2018-03-29 23:38 - 000665088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript.dll 2018-04-10 19:21 - 2018-03-29 23:38 - 000463872 _____ (Microsoft Corporation) C:WINDOWSSysWOW64vbscript.dll 2018-04-10 19:21 - 2018-03-29 23:38 - 000235008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64webcheck.dll 2018-04-10 19:21 - 2018-03-29 23:37 - 003677184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript9.dll 2018-04-10 19:21 - 2018-03-29 23:36 - 003664384 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kfull.sys 2018-04-10 19:21 - 2018-03-29 23:36 - 002869760 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wininet.dll 2018-04-10 19:21 - 2018-03-29 23:36 - 002014720 _____ (Microsoft Corporation) C:WINDOWSSysWOW64inetcpl.cpl 2018-04-10 19:21 - 2018-03-29 23:36 - 001560064 _____ (Microsoft Corporation) C:WINDOWSSysWOW64urlmon.dll 2018-04-10 19:21 - 2018-03-29 23:36 - 000897024 _____ (Microsoft Corporation) C:WINDOWSSysWOW64inetcomm.dll 2018-04-10 19:21 - 2018-03-29 23:35 - 000536064 _____ (Microsoft Corporation) C:WINDOWSsystem32edgeIso.dll 2018-04-10 19:21 - 2018-03-29 23:35 - 000175616 _____ (Microsoft Corporation) C:WINDOWSsystem32t2embed.dll 2018-04-10 19:21 - 2018-03-29 23:35 - 000080384 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvmbkmclr.sys 2018-04-10 19:21 - 2018-03-29 23:33 - 000331264 _____ (Microsoft Corporation) C:WINDOWSsystem32browserexport.exe 2018-04-10 19:21 - 2018-03-29 23:33 - 000080896 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswanarp.sys 2018-04-10 19:21 - 2018-03-29 23:33 - 000055808 _____ (Microsoft Corporation) C:WINDOWSsystem32virtdisk.dll 2018-04-10 19:21 - 2018-03-29 23:33 - 000040448 _____ (Microsoft Corporation) C:WINDOWSsystem32rfxvmt.dll 2018-04-10 19:21 - 2018-03-29 23:33 - 000017408 _____ (Microsoft Corporation) C:WINDOWSsystem32VmApplicationHealthMonitorProxy.dll 2018-04-10 19:21 - 2018-03-29 23:32 - 000201728 _____ (Microsoft Corporation) C:WINDOWSsystem32EdgeManager.dll 2018-04-10 19:21 - 2018-03-29 23:32 - 000134656 _____ (Microsoft Corporation) C:WINDOWSsystem32WcnApi.dll 2018-04-10 19:21 - 2018-03-29 23:32 - 000075264 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswcnfs.sys 2018-04-10 19:21 - 2018-03-29 23:31 - 000316928 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversnetbt.sys 2018-04-10 19:21 - 2018-03-29 23:30 - 001498112 _____ (Microsoft Corporation) C:WINDOWSsystem32WebRuntimeManager.dll 2018-04-10 19:21 - 2018-03-29 23:30 - 000748032 _____ (Microsoft Corporation) C:WINDOWSsystem32PhoneProviders.dll 2018-04-10 19:21 - 2018-03-29 23:30 - 000465920 _____ (Microsoft Corporation) C:WINDOWSsystem32wcncsvc.dll 2018-04-10 19:21 - 2018-03-29 23:30 - 000392704 _____ (Microsoft Corporation) C:WINDOWSsystem32iedkcs32.dll 2018-04-10 19:21 - 2018-03-29 23:30 - 000276480 _____ (Microsoft Corporation) C:WINDOWSsystem32dxtrans.dll 2018-04-10 19:21 - 2018-03-29 23:30 - 000208384 _____ (Microsoft Corporation) C:WINDOWSsystem32tetheringservice.dll 2018-04-10 19:21 - 2018-03-29 23:29 - 000229888 _____ (Microsoft Corporation) C:WINDOWSsystem32ie4uinit.exe 2018-04-10 19:21 - 2018-03-29 23:28 - 000815616 _____ (Microsoft Corporation) C:WINDOWSsystem32ieproxy.dll 2018-04-10 19:21 - 2018-03-29 23:28 - 000757760 _____ (Microsoft Corporation) C:WINDOWSsystem32msfeeds.dll 2018-04-10 19:21 - 2018-03-29 23:28 - 000595456 _____ (Microsoft Corporation) C:WINDOWSsystem32vbscript.dll 2018-04-10 19:21 - 2018-03-29 23:27 - 001657856 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpserverbase.dll 2018-04-10 19:21 - 2018-03-29 23:27 - 001097728 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpbase.dll 2018-04-10 19:21 - 2018-03-29 23:27 - 000588800 _____ (Microsoft Corporation) C:WINDOWSsystem32actxprxy.dll 2018-04-10 19:21 - 2018-03-29 23:26 - 004747776 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript9.dll 2018-04-10 19:21 - 2018-03-29 23:26 - 002086400 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kbase.sys 2018-04-10 19:21 - 2018-03-29 23:25 - 002083840 _____ (Microsoft Corporation) C:WINDOWSsystem32inetcpl.cpl 2018-04-10 19:21 - 2018-03-29 23:25 - 001822720 _____ (Microsoft Corporation) C:WINDOWSsystem32urlmon.dll 2018-04-10 19:21 - 2018-03-29 23:25 - 001548288 _____ (Microsoft Corporation) C:WINDOWSsystem32lsasrv.dll 2018-04-10 19:21 - 2018-03-29 23:25 - 000401920 _____ (Microsoft Corporation) C:WINDOWSsystem32rascustom.dll 2018-04-10 19:21 - 2018-03-29 23:23 - 000726016 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssrv2.sys 2018-04-10 19:21 - 2018-03-29 23:23 - 000505344 _____ (Microsoft Corporation) C:WINDOWSsystem32taskcomp.dll 2018-04-10 19:21 - 2018-03-29 23:20 - 000073216 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversnpfs.sys 2018-04-10 19:21 - 2017-11-26 08:36 - 000169472 _____ (Microsoft Corporation) C:WINDOWSsystem32wuuhosdeployment.dll 2018-04-10 19:20 - 2018-03-30 08:34 - 000956416 _____ (Microsoft Corporation) C:WINDOWSsystem32Spectrum.exe 2018-04-10 19:20 - 2018-03-30 01:18 - 001092008 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi 2018-04-10 19:20 - 2018-03-30 01:14 - 000423320 _____ (Microsoft Corporation) C:WINDOWSsystem32invagent.dll 2018-04-10 19:20 - 2018-03-30 01:12 - 000270208 _____ (Microsoft Corporation) C:WINDOWSsystem32LsaIso.exe 2018-04-10 19:20 - 2018-03-30 01:12 - 000075168 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvpci.sys 2018-04-10 19:20 - 2018-03-30 01:10 - 000924648 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.exe 2018-04-10 19:20 - 2018-03-30 01:08 - 001568160 _____ (Microsoft Corporation) C:WINDOWSsystem32appraiser.dll 2018-04-10 19:20 - 2018-03-30 01:08 - 001415296 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi 2018-04-10 19:20 - 2018-03-30 01:08 - 000137112 _____ (Microsoft Corporation) C:WINDOWSsystem32CompatTelRunner.exe 2018-04-10 19:20 - 2018-03-30 01:07 - 000300448 _____ (Microsoft Corporation) C:WINDOWSsystem32acmigration.dll 2018-04-10 19:20 - 2018-03-30 01:07 - 000069528 _____ (Microsoft Corporation) C:WINDOWSsystem32win32appinventorycsp.dll 2018-04-10 19:20 - 2018-03-30 01:06 - 000053152 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspcw.sys 2018-04-10 19:20 - 2018-03-30 01:05 - 001206688 _____ (Microsoft Corporation) C:WINDOWSsystem32hvix64.exe 2018-04-10 19:20 - 2018-03-30 01:05 - 001056152 _____ (Microsoft Corporation) C:WINDOWSsystem32hvax64.exe 2018-04-10 19:20 - 2018-03-30 01:05 - 000748448 _____ (Microsoft Corporation) C:WINDOWSsystem32generaltel.dll 2018-04-10 19:20 - 2018-03-30 01:05 - 000191824 _____ (Microsoft Corporation) C:WINDOWSsystem32skci.dll 2018-04-10 19:20 - 2018-03-30 01:05 - 000073120 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershvservice.sys 2018-04-10 19:20 - 2018-03-30 01:05 - 000066720 _____ (Microsoft Corporation) C:WINDOWSsystem32iumcrypt.dll 2018-04-10 19:20 - 2018-03-30 01:05 - 000059808 _____ (Microsoft Corporation) C:WINDOWSsystem32hvhostsvc.dll 2018-04-10 19:20 - 2018-03-30 01:05 - 000035744 _____ (Microsoft Corporation) C:WINDOWSsystem32SDFHost.dll 2018-04-10 19:20 - 2018-03-30 01:05 - 000022800 _____ (Microsoft Corporation) C:WINDOWSsystem32iumbase.dll 2018-04-10 19:20 - 2018-03-30 01:05 - 000022208 _____ (Microsoft Corporation) C:WINDOWSsystem32IumSdk.dll 2018-04-10 19:20 - 2018-03-30 01:05 - 000020888 _____ (Microsoft Corporation) C:WINDOWSsystem32kdhvcom.dll 2018-04-10 19:20 - 2018-03-30 01:05 - 000015632 _____ (Microsoft Corporation) C:WINDOWSsystem32iumdll.dll 2018-04-10 19:20 - 2018-03-30 01:04 - 002002336 _____ (Microsoft Corporation) C:WINDOWSsystem32aitstatic.exe 2018-04-10 19:20 - 2018-03-30 01:04 - 000608160 _____ (Microsoft Corporation) C:WINDOWSsystem32devinv.dll 2018-04-10 19:20 - 2018-03-30 01:04 - 000035224 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceCensus.exe 2018-04-10 19:20 - 2018-03-30 01:03 - 001277856 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversndis.sys 2018-04-10 19:20 - 2018-03-30 01:03 - 000664992 _____ (Microsoft Corporation) C:WINDOWSsystem32aeinv.dll 2018-04-10 19:20 - 2018-03-30 01:03 - 000508272 _____ (Microsoft Corporation) C:WINDOWSsystem32systemreset.exe 2018-04-10 19:20 - 2018-03-30 01:03 - 000479920 _____ (Microsoft Corporation) C:WINDOWSsystem32ucrtbase_enclave.dll 2018-04-10 19:20 - 2018-03-30 01:03 - 000460704 _____ (Microsoft Corporation) C:WINDOWSsystem32dcntel.dll 2018-04-10 19:20 - 2018-03-30 01:03 - 000292384 _____ (Microsoft Corporation) C:WINDOWSsystem32wscapi.dll 2018-04-10 19:20 - 2018-03-30 01:03 - 000272288 _____ (Microsoft Corporation) C:WINDOWSsystem32aepic.dll 2018-04-10 19:20 - 2018-03-30 01:03 - 000157696 _____ (Microsoft Corporation) C:WINDOWSsystem32vertdll.dll 2018-04-10 19:20 - 2018-03-30 01:03 - 000139680 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversksecdd.sys 2018-04-10 19:20 - 2018-03-30 01:03 - 000077216 _____ (Microsoft Corporation) C:WINDOWSsystem32hvloader.dll 2018-04-10 19:20 - 2018-03-30 01:02 - 000128416 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstm.sys 2018-04-10 19:20 - 2018-03-30 01:01 - 001209760 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.exe 2018-04-10 19:20 - 2018-03-30 01:01 - 000571288 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversspaceport.sys 2018-04-10 19:20 - 2018-03-30 01:01 - 000034208 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversfs_rec.sys 2018-04-10 19:20 - 2018-03-30 01:00 - 000103320 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmountmgr.sys 2018-04-10 19:20 - 2018-03-30 01:00 - 000094104 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdisk.sys 2018-04-10 19:20 - 2018-03-30 00:59 - 000082840 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvolmgr.sys 2018-04-10 19:20 - 2018-03-30 00:58 - 000898216 _____ (Microsoft Corporation) C:WINDOWSsystem32CoreMessaging.dll 2018-04-10 19:20 - 2018-03-30 00:58 - 000129432 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershvsocket.sys 2018-04-10 19:20 - 2018-03-30 00:58 - 000039328 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorvsc.sys 2018-04-10 19:20 - 2018-03-30 00:57 - 001173576 _____ (Microsoft Corporation) C:WINDOWSsystem32rpcrt4.dll 2018-04-10 19:20 - 2018-03-30 00:57 - 000711944 _____ (Microsoft Corporation) C:WINDOWSsystem32ci.dll 2018-04-10 19:20 - 2018-03-30 00:57 - 000540064 _____ (Microsoft Corporation) C:WINDOWSsystem32pcasvc.dll 2018-04-10 19:20 - 2018-03-30 00:57 - 000121248 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstdx.sys 2018-04-10 19:20 - 2018-03-30 00:57 - 000109976 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvmbus.sys 2018-04-10 19:20 - 2018-03-30 00:57 - 000031640 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswinhv.sys 2018-04-10 19:20 - 2018-03-30 00:56 - 000018680 _____ (Microsoft Corporation) C:WINDOWSsystem32wshhyperv.dll 2018-04-10 19:20 - 2018-03-30 00:55 - 000367344 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Storage.ApplicationData.dll 2018-04-10 19:20 - 2018-03-30 00:54 - 002574240 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgkrnl.sys 2018-04-10 19:20 - 2018-03-30 00:54 - 000670112 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVCatalog.dll 2018-04-10 19:20 - 2018-03-30 00:54 - 000645536 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVPublishing.dll 2018-04-10 19:20 - 2018-03-30 00:53 - 007676304 _____ (Microsoft Corporation) C:WINDOWSsystem32windows.storage.dll 2018-04-10 19:20 - 2018-03-30 00:53 - 002220952 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVEntSubsystems64.dll 2018-04-10 19:20 - 2018-03-30 00:53 - 000831392 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVOrchestration.dll 2018-04-10 19:20 - 2018-03-30 00:53 - 000712600 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvhdmp.sys 2018-04-10 19:20 - 2018-03-30 00:53 - 000549552 _____ (Microsoft Corporation) C:WINDOWSsystem32WWanAPI.dll 2018-04-10 19:20 - 2018-03-30 00:53 - 000495008 _____ (Microsoft Corporation) C:WINDOWSsystem32TransportDSA.dll 2018-04-10 19:20 - 2018-03-30 00:53 - 000246176 _____ (Microsoft Corporation) C:WINDOWSsystem32browserbroker.dll 2018-04-10 19:20 - 2018-03-30 00:53 - 000094080 _____ (Microsoft Corporation) C:WINDOWSsystem32wwapi.dll 2018-04-10 19:20 - 2018-03-30 00:53 - 000040352 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVClientPS.dll 2018-04-10 19:20 - 2018-03-30 00:52 - 021351632 _____ (Microsoft Corporation) C:WINDOWSsystem32shell32.dll 2018-04-10 19:20 - 2018-03-30 00:52 - 002457504 _____ (Microsoft Corporation) C:WINDOWSsystem32UpdateAgent.dll 2018-04-10 19:20 - 2018-03-30 00:52 - 000677280 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverscng.sys 2018-04-10 19:20 - 2018-03-30 00:52 - 000282528 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdyboost.sys 2018-04-10 19:20 - 2018-03-30 00:52 - 000247480 _____ (Microsoft Corporation) C:WINDOWSsystem32logoncli.dll 2018-04-10 19:20 - 2018-03-30 00:52 - 000192416 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversappid.sys 2018-04-10 19:20 - 2018-03-30 00:52 - 000054688 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvdrvroot.sys 2018-04-10 19:20 - 2018-03-30 00:52 - 000047512 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvmstorfl.sys 2018-04-10 19:20 - 2018-03-30 00:52 - 000028520 _____ (Microsoft Corporation) C:WINDOWSsystem32vmbuspipe.dll 2018-04-10 19:20 - 2018-03-30 00:51 - 000125568 _____ (Microsoft Corporation) C:WINDOWSsystem32rmclient.dll 2018-04-10 19:20 - 2018-03-30 00:51 - 000123800 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmup.sys 2018-04-10 19:20 - 2018-03-30 00:51 - 000071208 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversWindowsTrustedRT.sys 2018-04-10 19:20 - 2018-03-30 00:50 - 001336344 _____ (Microsoft Corporation) C:WINDOWSsystem32ole32.dll 2018-04-10 19:20 - 2018-03-30 00:49 - 000204184 _____ (Microsoft Corporation) C:WINDOWSsystem32basecsp.dll 2018-04-10 19:20 - 2018-03-30 00:48 - 001778584 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVEntVirtualization.dll 2018-04-10 19:20 - 2018-03-30 00:48 - 001628064 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVIntegration.dll 2018-04-10 19:20 - 2018-03-30 00:48 - 001420696 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVEntSubsystemController.dll 2018-04-10 19:20 - 2018-03-30 00:48 - 001101728 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershttp.sys 2018-04-10 19:20 - 2018-03-30 00:48 - 000819104 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVClient.exe 2018-04-10 19:20 - 2018-03-30 00:48 - 000813984 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVEntStreamingManager.dll 2018-04-10 19:20 - 2018-03-30 00:48 - 000744856 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVReporting.dll 2018-04-10 19:20 - 2018-03-30 00:48 - 000614304 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversafd.sys 2018-04-10 19:20 - 2018-03-30 00:48 - 000586800 _____ (Microsoft Corporation) C:WINDOWSsystem32msvcp110_win.dll 2018-04-10 19:20 - 2018-03-30 00:48 - 000397720 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVScripting.dll 2018-04-10 19:20 - 2018-03-30 00:48 - 000231328 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVShNotify.exe 2018-04-10 19:20 - 2018-03-30 00:28 - 000777912 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rpcrt4.dll 2018-04-10 19:20 - 2018-03-30 00:24 - 000212896 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aepic.dll 2018-04-10 19:20 - 2018-03-30 00:19 - 006092152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64windows.storage.dll 2018-04-10 19:20 - 2018-03-30 00:18 - 000016600 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wshhyperv.dll 2018-04-10 19:20 - 2018-03-30 00:16 - 000289824 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Storage.ApplicationData.dll 2018-04-10 19:20 - 2018-03-30 00:13 - 000450936 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WWanAPI.dll 2018-04-10 19:20 - 2018-03-30 00:13 - 000073896 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wwapi.dll 2018-04-10 19:20 - 2018-03-30 00:12 - 000186520 _____ (Microsoft Corporation) C:WINDOWSSysWOW64logoncli.dll 2018-04-10 19:20 - 2018-03-30 00:10 - 000099240 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rmclient.dll 2018-04-10 19:20 - 2018-03-30 00:09 - 020286120 _____ (Microsoft Corporation) C:WINDOWSSysWOW64shell32.dll 2018-04-10 19:20 - 2018-03-30 00:06 - 000180632 _____ (Microsoft Corporation) C:WINDOWSSysWOW64basecsp.dll 2018-04-10 19:20 - 2018-03-30 00:05 - 001491360 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppVEntSubsystems32.dll 2018-04-10 19:20 - 2018-03-30 00:04 - 000417368 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msvcp110_win.dll 2018-04-10 19:20 - 2018-03-29 23:55 - 025253888 _____ (Microsoft Corporation) C:WINDOWSsystem32edgehtml.dll 2018-04-10 19:20 - 2018-03-29 23:46 - 000475648 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ieui.dll 2018-04-10 19:20 - 2018-03-29 23:45 - 000058880 _____ (Microsoft Corporation) C:WINDOWSSysWOW64offreg.dll 2018-04-10 19:20 - 2018-03-29 23:44 - 000051712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64PimIndexMaintenanceClient.dll 2018-04-10 19:20 - 2018-03-29 23:44 - 000030208 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wups.dll 2018-04-10 19:20 - 2018-03-29 23:44 - 000002560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tzres.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000233472 _____ (Microsoft Corporation) C:WINDOWSSysWOW64url.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000152064 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iexpress.exe 2018-04-10 19:20 - 2018-03-29 23:43 - 000136192 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wextract.exe 2018-04-10 19:20 - 2018-03-29 23:43 - 000120320 _____ (Microsoft Corporation) C:WINDOWSSysWOW64IEAdvpack.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000106496 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakradiag.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000098304 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iesysprep.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000074240 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tdc.ocx 2018-04-10 19:20 - 2018-03-29 23:43 - 000072704 _____ (Microsoft Corporation) C:WINDOWSSysWOW64JavaScriptCollectionAgent.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000070144 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iesetup.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000067072 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wudriver.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000064000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MshtmlDac.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000057856 _____ (Microsoft Corporation) C:WINDOWSSysWOW64pngfilt.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000052736 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wsnmp32.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000045056 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jsproxy.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000038400 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iernonce.dll 2018-04-10 19:20 - 2018-03-29 23:43 - 000013824 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msfeedssync.exe 2018-04-10 19:20 - 2018-03-29 23:43 - 000013312 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshta.exe 2018-04-10 19:20 - 2018-03-29 23:43 - 000010752 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msrating.dll 2018-04-10 19:20 - 2018-03-29 23:42 - 000253952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64unimdm.tsp 2018-04-10 19:20 - 2018-03-29 23:42 - 000123392 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ieUnatt.exe 2018-04-10 19:20 - 2018-03-29 23:42 - 000099840 _____ (Microsoft Corporation) C:WINDOWSSysWOW64hlink.dll 2018-04-10 19:20 - 2018-03-29 23:42 - 000097280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64inseng.dll 2018-04-10 19:20 - 2018-03-29 23:42 - 000043520 _____ (Microsoft Corporation) C:WINDOWSSysWOW64imgutil.dll 2018-04-10 19:20 - 2018-03-29 23:42 - 000027136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64licmgr10.dll 2018-04-10 19:20 - 2018-03-29 23:41 - 000235520 _____ (Microsoft Corporation) C:WINDOWSSysWOW64scksp.dll 2018-04-10 19:20 - 2018-03-29 23:41 - 000149504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64container.dll 2018-04-10 19:20 - 2018-03-29 23:41 - 000126464 _____ (Microsoft Corporation) C:WINDOWSSysWOW64occache.dll 2018-04-10 19:20 - 2018-03-29 23:40 - 000524800 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SyncController.dll 2018-04-10 19:20 - 2018-03-29 23:40 - 000314880 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dhcpcore.dll 2018-04-10 19:20 - 2018-03-29 23:40 - 000257536 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dhcpcore6.dll 2018-04-10 19:20 - 2018-03-29 23:40 - 000071680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64keyiso.dll 2018-04-10 19:20 - 2018-03-29 23:40 - 000064000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msfeedsbs.dll 2018-04-10 19:20 - 2018-03-29 23:39 - 000776192 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kerberos.dll 2018-04-10 19:20 - 2018-03-29 23:37 - 001298944 _____ (Microsoft Corporation) C:WINDOWSsystem32usocore.dll 2018-04-10 19:20 - 2018-03-29 23:36 - 001474560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ieapfltr.dll 2018-04-10 19:20 - 2018-03-29 23:36 - 000825856 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wuapi.dll 2018-04-10 19:20 - 2018-03-29 23:36 - 000276992 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ncryptprov.dll 2018-04-10 19:20 - 2018-03-29 23:36 - 000098304 _____ C:WINDOWSsystem32runexehelper.exe 2018-04-10 19:20 - 2018-03-29 23:35 - 000858112 _____ (Microsoft Corporation) C:WINDOWSsystem32MusUpdateHandlers.dll 2018-04-10 19:20 - 2018-03-29 23:35 - 000561152 _____ (Microsoft Corporation) C:WINDOWSsystem32ieui.dll 2018-04-10 19:20 - 2018-03-29 23:35 - 000496128 _____ (Microsoft Corporation) C:WINDOWSsystem32updatehandlers.dll 2018-04-10 19:20 - 2018-03-29 23:35 - 000400384 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotification.exe 2018-04-10 19:20 - 2018-03-29 23:35 - 000371200 _____ (Microsoft Corporation) C:WINDOWSSysWOW64taskcomp.dll 2018-04-10 19:20 - 2018-03-29 23:35 - 000249856 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotificationUx.exe 2018-04-10 19:20 - 2018-03-29 23:35 - 000233984 _____ (Microsoft Corporation) C:WINDOWSsystem32psmsrv.dll 2018-04-10 19:20 - 2018-03-29 23:35 - 000232960 _____ (Microsoft Corporation) C:WINDOWSsystem32convertvhd.exe 2018-04-10 19:20 - 2018-03-29 23:35 - 000206848 _____ (Microsoft Corporation) C:WINDOWSsystem32IndexedDbLegacy.dll 2018-04-10 19:20 - 2018-03-29 23:35 - 000079360 _____ (Microsoft Corporation) C:WINDOWSsystem32offreg.dll 2018-04-10 19:20 - 2018-03-29 23:35 - 000062464 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswinhvr.sys 2018-04-10 19:20 - 2018-03-29 23:34 - 000339456 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SessEnv.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 008031744 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Data.Pdf.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000707584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msdtcprx.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000235520 _____ (Microsoft Corporation) C:WINDOWSsystem32url.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000119808 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversirda.sys 2018-04-10 19:20 - 2018-03-29 23:33 - 000117760 _____ (Microsoft Corporation) C:WINDOWSsystem32iesysprep.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000094720 _____ (Microsoft Corporation) C:WINDOWSsystem32JavaScriptCollectionAgent.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000084992 _____ (Microsoft Corporation) C:WINDOWSsystem32tdc.ocx 2018-04-10 19:20 - 2018-03-29 23:33 - 000084480 _____ (Microsoft Corporation) C:WINDOWSsystem32wudriver.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000079872 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorqosflt.sys 2018-04-10 19:20 - 2018-03-29 23:33 - 000072192 _____ (Microsoft Corporation) C:WINDOWSsystem32IcsEntitlementHost.exe 2018-04-10 19:20 - 2018-03-29 23:33 - 000065024 _____ (Microsoft Corporation) C:WINDOWSsystem32wups.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000062976 _____ (Microsoft Corporation) C:WINDOWSsystem32PimIndexMaintenanceClient.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000050688 _____ (Microsoft Corporation) C:WINDOWSsystem32jsproxy.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000050176 _____ (Microsoft Corporation) C:WINDOWSsystem32vmictimeprovider.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000046592 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdmvsc.sys 2018-04-10 19:20 - 2018-03-29 23:33 - 000043520 _____ (Microsoft Corporation) C:WINDOWSsystem32wcimage.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000036352 _____ (Microsoft Corporation) C:WINDOWSsystem32WcnEapPeerProxy.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000034816 _____ (Microsoft Corporation) C:WINDOWSsystem32WcnEapAuthProxy.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000028160 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversHyperVideo.sys 2018-04-10 19:20 - 2018-03-29 23:33 - 000025088 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversVMBusHID.sys 2018-04-10 19:20 - 2018-03-29 23:33 - 000024576 _____ (Microsoft Corporation) C:WINDOWSsystem32sysntfy.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000024576 _____ (Microsoft Corporation) C:WINDOWSsystem32appidtel.exe 2018-04-10 19:20 - 2018-03-29 23:33 - 000018944 _____ (Microsoft Corporation) C:WINDOWSsystem32nrpsrv.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000017920 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrasacd.sys 2018-04-10 19:20 - 2018-03-29 23:33 - 000016896 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershyperkbd.sys 2018-04-10 19:20 - 2018-03-29 23:33 - 000013312 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvmgencounter.sys 2018-04-10 19:20 - 2018-03-29 23:33 - 000012288 _____ (Microsoft Corporation) C:WINDOWSsystem32msrating.dll 2018-04-10 19:20 - 2018-03-29 23:33 - 000010240 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvmgid.sys 2018-04-10 19:20 - 2018-03-29 23:33 - 000009216 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvms3cap.sys 2018-04-10 19:20 - 2018-03-29 23:33 - 000002560 _____ (Microsoft Corporation) C:WINDOWSsystem32tzres.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 023674880 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000225792 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswinnat.sys 2018-04-10 19:20 - 2018-03-29 23:32 - 000212992 _____ (Microsoft Corporation) C:WINDOWSsystem32container.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000198144 _____ (Microsoft Corporation) C:WINDOWSsystem32ScDeviceEnum.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000192512 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversnetvsc.sys 2018-04-10 19:20 - 2018-03-29 23:32 - 000186368 _____ (Microsoft Corporation) C:WINDOWSsystem32ACPBackgroundManagerPolicy.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000167424 _____ (Microsoft Corporation) C:WINDOWSsystem32iexpress.exe 2018-04-10 19:20 - 2018-03-29 23:32 - 000149504 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrmcast.sys 2018-04-10 19:20 - 2018-03-29 23:32 - 000144896 _____ (Microsoft Corporation) C:WINDOWSsystem32wextract.exe 2018-04-10 19:20 - 2018-03-29 23:32 - 000140800 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakradiag.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000125440 _____ (Microsoft Corporation) C:WINDOWSsystem32httpprxm.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000082432 _____ (Microsoft Corporation) C:WINDOWSsystem32MshtmlDac.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000081408 _____ (Microsoft Corporation) C:WINDOWSsystem32efslsaext.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000078336 _____ (Microsoft Corporation) C:WINDOWSsystem32iesetup.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000065024 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversndisuio.sys 2018-04-10 19:20 - 2018-03-29 23:32 - 000065024 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverslltdio.sys 2018-04-10 19:20 - 2018-03-29 23:32 - 000064512 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversSynth3dVsc.sys 2018-04-10 19:20 - 2018-03-29 23:32 - 000062976 _____ (Microsoft Corporation) C:WINDOWSsystem32wsnmp32.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000061440 _____ (Microsoft Corporation) C:WINDOWSsystem32pngfilt.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000057856 _____ (Microsoft Corporation) C:WINDOWSsystem32efssvc.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000048640 _____ (Microsoft Corporation) C:WINDOWSsystem32LicenseManagerSvc.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000048128 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fdPnp.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000046080 _____ (Microsoft Corporation) C:WINDOWSsystem32iernonce.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000044544 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversnsiproxy.sys 2018-04-10 19:20 - 2018-03-29 23:32 - 000043008 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversRfxVmt.sys 2018-04-10 19:20 - 2018-03-29 23:32 - 000032256 _____ (Microsoft Corporation) C:WINDOWSsystem32licmgr10.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000025088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wmiprop.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000025088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fdWNet.dll 2018-04-10 19:20 - 2018-03-29 23:32 - 000021504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64perfhost.exe 2018-04-10 19:20 - 2018-03-29 23:32 - 000014848 _____ (Microsoft Corporation) C:WINDOWSsystem32mshta.exe 2018-04-10 19:20 - 2018-03-29 23:32 - 000014848 _____ (Microsoft Corporation) C:WINDOWSsystem32msfeedssync.exe 2018-04-10 19:20 - 2018-03-29 23:32 - 000008192 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversgpuenergydrv.sys 2018-04-10 19:20 - 2018-03-29 23:31 - 000795136 _____ (Microsoft Corporation) C:WINDOWSsystem32NaturalAuth.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000675328 _____ (Microsoft Corporation) C:WINDOWSsystem32webplatstorageserver.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000416768 _____ (Microsoft Corporation) C:WINDOWSsystem32html.iec 2018-04-10 19:20 - 2018-03-29 23:31 - 000334848 _____ (Microsoft Corporation) C:WINDOWSsystem32dusmsvc.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000306176 _____ (Microsoft Corporation) C:WINDOWSsystem32wc_storage.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000293376 _____ (Microsoft Corporation) C:WINDOWSsystem32unimdm.tsp 2018-04-10 19:20 - 2018-03-29 23:31 - 000286208 _____ (Microsoft Corporation) C:WINDOWSsystem32icsvc.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000175616 _____ (Microsoft Corporation) C:WINDOWSsystem32TimeBrokerServer.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000172544 _____ (Microsoft Corporation) C:WINDOWSsystem32WPTaskScheduler.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000151552 _____ (Microsoft Corporation) C:WINDOWSsystem32dssvc.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000151040 _____ (Microsoft Corporation) C:WINDOWSsystem32ieUnatt.exe 2018-04-10 19:20 - 2018-03-29 23:31 - 000151040 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdfsc.sys 2018-04-10 19:20 - 2018-03-29 23:31 - 000143360 _____ (Microsoft Corporation) C:WINDOWSsystem32IEAdvpack.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000142848 _____ (Microsoft Corporation) C:WINDOWSsystem32iepeers.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000115200 _____ (Microsoft Corporation) C:WINDOWSsystem32inseng.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000099328 _____ (Microsoft Corporation) C:WINDOWSsystem32hlink.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000093696 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtmled.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000090112 _____ (Microsoft Corporation) C:WINDOWSsystem32keyiso.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000087040 _____ (Microsoft Corporation) C:WINDOWSsystem32adhsvc.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000073216 _____ (Microsoft Corporation) C:WINDOWSsystem32msfeedsbs.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000055808 _____ (Microsoft Corporation) C:WINDOWSsystem32imgutil.dll 2018-04-10 19:20 - 2018-03-29 23:31 - 000030720 _____ (Microsoft Corporation) C:WINDOWSsystem32nsisvc.dll 2018-04-10 19:20 - 2018-03-29 23:30 - 012833280 _____ (Microsoft Corporation) C:WINDOWSsystem32ieframe.dll 2018-04-10 19:20 - 2018-03-29 23:30 - 000588800 _____ (Microsoft Corporation) C:WINDOWSsystem32SmsRouterSvc.dll 2018-04-10 19:20 - 2018-03-29 23:30 - 000431616 _____ (Microsoft Corporation) C:WINDOWSsystem32msIso.dll 2018-04-10 19:20 - 2018-03-29 23:30 - 000425984 _____ (Microsoft Corporation) C:WINDOWSsystem32vmrdvcore.dll 2018-04-10 19:20 - 2018-03-29 23:30 - 000369664 _____ (Microsoft Corporation) C:WINDOWSsystem32APHostService.dll 2018-04-10 19:20 - 2018-03-29 23:30 - 000309760 _____ (Microsoft Corporation) C:WINDOWSsystem32icsvcext.dll 2018-04-10 19:20 - 2018-03-29 23:30 - 000284672 _____ (Microsoft Corporation) C:WINDOWSsystem32SystemEventsBrokerServer.dll 2018-04-10 19:20 - 2018-03-29 23:30 - 000262656 _____ (Microsoft Corporation) C:WINDOWSsystem32BrokerLib.dll 2018-04-10 19:20 - 2018-03-29 23:30 - 000256000 _____ (Microsoft Corporation) C:WINDOWSsystem32scksp.dll 2018-04-10 19:20 - 2018-03-29 23:30 - 000188928 _____ (Microsoft Corporation) C:WINDOWSsystem32certprop.dll 2018-04-10 19:20 - 2018-03-29 23:30 - 000144896 _____ (Microsoft Corporation) C:WINDOWSsystem32appinfo.dll 2018-04-10 19:20 - 2018-03-29 23:29 - 001495552 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentExtensions.desktop.dll 2018-04-10 19:20 - 2018-03-29 23:29 - 000791552 _____ (Microsoft Corporation) C:WINDOWSsystem32PhoneService.dll 2018-04-10 19:20 - 2018-03-29 23:29 - 000723968 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversPEAuth.sys 2018-04-10 19:20 - 2018-03-29 23:29 - 000708096 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript9diag.dll 2018-04-10 19:20 - 2018-03-29 23:29 - 000616960 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Internal.Bluetooth.dll 2018-04-10 19:20 - 2018-03-29 23:29 - 000555520 _____ (Microsoft Corporation) C:WINDOWSsystem32SensorService.dll 2018-04-10 19:20 - 2018-03-29 23:29 - 000456704 _____ (Microsoft Corporation) C:WINDOWSsystem32dxtmsft.dll 2018-04-10 19:20 - 2018-03-29 23:29 - 000436224 _____ (Microsoft Corporation) C:WINDOWSsystem32PsmServiceExtHost.dll 2018-04-10 19:20 - 2018-03-29 23:29 - 000423936 _____ (Microsoft Corporation) C:WINDOWSsystem32p2psvc.dll 2018-04-10 19:20 - 2018-03-29 23:29 - 000379392 _____ (Microsoft Corporation) C:WINDOWSsystem32dhcpcore.dll 2018-04-10 19:20 - 2018-03-29 23:29 - 000341504 _____ (Microsoft Corporation) C:WINDOWSsystem32pnrpsvc.dll 2018-04-10 19:20 - 2018-03-29 23:29 - 000298496 _____ (Microsoft Corporation) C:WINDOWSsystem32dhcpcore6.dll 2018-04-10 19:20 - 2018-03-29 23:29 - 000253440 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3svc.dll 2018-04-10 19:20 - 2018-03-29 23:28 - 003121664 _____ (Microsoft Corporation) C:WINDOWSsystem32Microsoft.Bluetooth.Profiles.Gatt.dll 2018-04-10 19:20 - 2018-03-29 23:28 - 001245184 _____ (Microsoft Corporation) C:WINDOWSsystem32Unistore.dll 2018-04-10 19:20 - 2018-03-29 23:28 - 000984064 _____ (Microsoft Corporation) C:WINDOWSsystem32IKEEXT.DLL 2018-04-10 19:20 - 2018-03-29 23:28 - 000970240 _____ (Microsoft Corporation) C:WINDOWSsystem32sysmain.dll 2018-04-10 19:20 - 2018-03-29 23:28 - 000951808 _____ (Microsoft Corporation) C:WINDOWSsystem32usermgr.dll 2018-04-10 19:20 - 2018-03-29 23:28 - 000820224 _____ (Microsoft Corporation) C:WINDOWSsystem32iphlpsvc.dll 2018-04-10 19:20 - 2018-03-29 23:28 - 000721408 _____ (Microsoft Corporation) C:WINDOWSsystem32LogonController.dll 2018-04-10 19:20 - 2018-03-29 23:28 - 000624128 _____ (Microsoft Corporation) C:WINDOWSsystem32SyncController.dll 2018-04-10 19:20 - 2018-03-29 23:28 - 000403968 _____ (Microsoft Corporation) C:WINDOWSsystem32WpAXHolder.dll 2018-04-10 19:20 - 2018-03-29 23:28 - 000366080 _____ (Microsoft Corporation) C:WINDOWSsystem32nlasvc.dll 2018-04-10 19:20 - 2018-03-29 23:28 - 000147968 _____ (Microsoft Corporation) C:WINDOWSsystem32occache.dll 2018-04-10 19:20 - 2018-03-29 23:27 - 008104960 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakra.dll 2018-04-10 19:20 - 2018-03-29 23:27 - 003170816 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentServer.dll 2018-04-10 19:20 - 2018-03-29 23:27 - 001002496 _____ (Microsoft Corporation) C:WINDOWSsystem32modernexecserver.dll 2018-04-10 19:20 - 2018-03-29 23:27 - 000985600 _____ (Microsoft Corporation) C:WINDOWSsystem32inetcomm.dll 2018-04-10 19:20 - 2018-03-29 23:27 - 000947712 _____ (Microsoft Corporation) C:WINDOWSsystem32kerberos.dll 2018-04-10 19:20 - 2018-03-29 23:27 - 000889856 _____ (Microsoft Corporation) C:WINDOWSsystem32wcmsvc.dll 2018-04-10 19:20 - 2018-03-29 23:27 - 000813568 _____ (Microsoft Corporation) C:WINDOWSsystem32bisrv.dll 2018-04-10 19:20 - 2018-03-29 23:27 - 000332288 _____ (Microsoft Corporation) C:WINDOWSsystem32ncryptprov.dll 2018-04-10 19:20 - 2018-03-29 23:27 - 000258560 _____ (Microsoft Corporation) C:WINDOWSsystem32webcheck.dll 2018-04-10 19:20 - 2018-03-29 23:27 - 000228352 _____ (Microsoft Corporation) C:WINDOWSsystem32ssdpsrv.dll 2018-04-10 19:20 - 2018-03-29 23:26 - 003334144 _____ (Microsoft Corporation) C:WINDOWSsystem32wininet.dll 2018-04-10 19:20 - 2018-03-29 23:26 - 002209280 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentExtensions.onecore.dll 2018-04-10 19:20 - 2018-03-29 23:26 - 001955328 _____ (Microsoft Corporation) C:WINDOWSsystem32PeerDistSvc.dll 2018-04-10 19:20 - 2018-03-29 23:26 - 001816576 _____ (Microsoft Corporation) C:WINDOWSsystem32wevtsvc.dll 2018-04-10 19:20 - 2018-03-29 23:26 - 001573376 _____ (Microsoft Corporation) C:WINDOWSsystem32UserDataService.dll 2018-04-10 19:20 - 2018-03-29 23:26 - 001343488 _____ (Microsoft Corporation) C:WINDOWSsystem32wifinetworkmanager.dll 2018-04-10 19:20 - 2018-03-29 23:26 - 000765952 _____ (Microsoft Corporation) C:WINDOWSsystem32spoolsv.exe 2018-04-10 19:20 - 2018-03-29 23:26 - 000716288 _____ (Microsoft Corporation) C:WINDOWSsystem32winlogon.exe 2018-04-10 19:20 - 2018-03-29 23:25 - 002628608 _____ (Microsoft Corporation) C:WINDOWSsystem32diagtrack.dll 2018-04-10 19:20 - 2018-03-29 23:25 - 002528256 _____ (Microsoft Corporation) C:WINDOWSsystem32wlansvc.dll 2018-04-10 19:20 - 2018-03-29 23:25 - 001597952 _____ (Microsoft Corporation) C:WINDOWSsystem32ieapfltr.dll 2018-04-10 19:20 - 2018-03-29 23:25 - 001424896 _____ (Microsoft Corporation) C:WINDOWSsystem32wwansvc.dll 2018-04-10 19:20 - 2018-03-29 23:25 - 001055744 _____ (Microsoft Corporation) C:WINDOWSsystem32wuapi.dll 2018-04-10 19:20 - 2018-03-29 23:25 - 000880640 _____ (Microsoft Corporation) C:WINDOWSsystem32schedsvc.dll 2018-04-10 19:20 - 2018-03-29 23:25 - 000841216 _____ (Microsoft Corporation) C:WINDOWSsystem32BFE.DLL 2018-04-10 19:20 - 2018-03-29 23:25 - 000808448 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript.dll 2018-04-10 19:20 - 2018-03-29 23:25 - 000374272 _____ (Microsoft Corporation) C:WINDOWSsystem32ncbservice.dll 2018-04-10 19:20 - 2018-03-29 23:25 - 000276480 _____ (Microsoft Corporation) C:WINDOWSsystem32wkssvc.dll 2018-04-10 19:20 - 2018-03-29 23:25 - 000270848 _____ (Microsoft Corporation) C:WINDOWSsystem32srvsvc.dll 2018-04-10 19:20 - 2018-03-29 23:24 - 000925184 _____ (Microsoft Corporation) C:WINDOWSsystem32MPSSVC.dll 2018-04-10 19:20 - 2018-03-29 23:24 - 000462336 _____ (Microsoft Corporation) C:WINDOWSsystem32wuuhext.dll 2018-04-10 19:20 - 2018-03-29 23:23 - 000963584 _____ (Microsoft Corporation) C:WINDOWSsystem32StorSvc.dll 2018-04-10 19:20 - 2018-03-29 23:23 - 000387584 _____ (Microsoft Corporation) C:WINDOWSsystem32SessEnv.dll 2018-04-10 19:20 - 2018-03-29 23:23 - 000246784 _____ (Microsoft Corporation) C:WINDOWSsystem32wscsvc.dll 2018-04-10 19:20 - 2018-03-29 23:23 - 000182784 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdpdr.sys 2018-04-10 19:20 - 2018-03-29 23:22 - 000826880 _____ (Microsoft Corporation) C:WINDOWSsystem32msdtcprx.dll 2018-04-10 19:20 - 2018-03-29 23:22 - 000027136 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdpbus.sys 2018-04-10 19:20 - 2018-03-29 23:22 - 000010240 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversbeep.sys 2018-04-10 19:20 - 2018-03-29 23:21 - 002511360 _____ (Microsoft Corporation) C:WINDOWSsystem32ResetEngine.dll 2018-04-10 19:20 - 2018-03-29 23:21 - 001160704 _____ (Microsoft Corporation) C:WINDOWSsystem32reseteng.dll 2018-04-10 19:20 - 2018-03-29 23:20 - 000240640 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversahcache.sys 2018-04-10 19:20 - 2018-03-29 23:20 - 000199168 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversintelppm.sys 2018-04-10 19:20 - 2018-03-29 23:20 - 000180736 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversamdk8.sys 2018-04-10 19:20 - 2018-03-29 23:20 - 000178688 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversamdppm.sys 2018-04-10 19:20 - 2018-03-29 23:20 - 000177664 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversprocessr.sys 2018-04-10 19:20 - 2018-03-29 23:20 - 000101888 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversbowser.sys 2018-04-10 19:20 - 2018-03-29 23:20 - 000058368 _____ (Microsoft Corporation) C:WINDOWSsystem32fdPnp.dll 2018-04-10 19:20 - 2018-03-29 23:20 - 000031232 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmsfs.sys 2018-04-10 19:20 - 2018-03-29 23:20 - 000029184 _____ (Microsoft Corporation) C:WINDOWSsystem32wmiprop.dll 2018-04-10 19:20 - 2018-03-29 23:20 - 000029184 _____ (Microsoft Corporation) C:WINDOWSsystem32fdWNet.dll 2018-04-10 19:20 - 2018-03-29 23:20 - 000007168 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversnull.sys 2018-04-10 19:20 - 2018-03-28 15:54 - 000340480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msexcl40.dll 2018-04-10 19:20 - 2017-11-26 09:32 - 000184984 _____ (Microsoft Corporation) C:WINDOWSsystem32sspicli.dll 2018-04-10 19:20 - 2017-11-26 07:12 - 000123520 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sspicli.dll 2018-04-10 19:09 - 2018-04-10 19:09 - 000004576 _____ C:WINDOWSSystem32TasksAdobe Flash Player NPAPI Notifier 2018-04-06 09:44 - 2018-04-25 21:17 - 000000000 ____D C:WINDOWSsystem32Driverswd 2018-04-06 09:40 - 2018-04-29 05:27 - 000102112 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys 2018-04-06 09:31 - 2018-04-10 21:37 - 000000000 ____D C:WINDOWSsystem32%LOCALAPPDATA% 2018-04-06 09:04 - 2018-04-29 05:25 - 002637892 _____ C:WINDOWSntbtlog.txt 2018-04-05 18:36 - 2018-04-29 05:27 - 000253664 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys 2018-04-05 18:36 - 2018-04-29 05:27 - 000112864 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys 2018-04-05 18:36 - 2018-04-29 05:27 - 000044768 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys 2018-04-05 18:36 - 2018-04-29 03:17 - 000193768 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys 2018-04-05 18:36 - 2018-04-05 18:36 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes 2018-04-05 18:36 - 2018-03-19 12:57 - 000076192 _____ C:WINDOWSsystem32Driversmbae64.sys 2018-04-04 00:21 - 2018-04-04 00:21 - 000000000 ____D C:UsersGinaAppDataRoamingWaffle One Month Modified files and folders (If an entry is included in the fixlist, the file/folder will be moved.) 2018-04-29 05:33 - 2018-01-19 02:43 - 001878302 _____ C:WINDOWSsystem32PerfStringBackup.INI 2018-04-29 05:27 - 2018-01-19 02:41 - 000000006 ____H C:WINDOWSTasksSA.DAT 2018-04-29 05:27 - 2017-11-03 14:19 - 000000000 ____D C:Program Files (x86)TeamViewer 2018-04-29 05:27 - 2016-10-09 18:46 - 000000000 ____D C:ProgramDataNVIDIA 2018-04-29 05:26 - 2017-09-29 04:45 - 000524288 _____ C:WINDOWSsystem32configBBI 2018-04-29 05:20 - 2018-01-19 02:32 - 000000000 ____D C:WINDOWSsystem32SleepStudy 2018-04-29 04:40 - 2017-04-16 18:42 - 000000000 ____D C:UsersGinaAppDataRoaminguTorrent 2018-04-29 03:25 - 2017-10-05 18:39 - 000000214 _____ C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job 2018-04-29 03:17 - 2018-01-19 02:37 - 000000000 ____D C:Usersdefaultuser0 2018-04-29 03:16 - 2018-01-19 02:41 - 000004164 _____ C:WINDOWSSystem32TasksUser_Feed_Synchronization-{BD23A4EC-7B71-4CFD-A071-3D72570E9F63} 2018-04-29 03:16 - 2018-01-19 02:37 - 000000000 ____D C:UsersGina 2018-04-29 03:16 - 2017-08-16 00:25 - 000000000 ____D C:UsersGinaAppDataLocalLowMozilla 2018-04-29 02:56 - 2017-11-17 03:56 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsProcess Hacker 2 2018-04-29 02:52 - 2017-09-29 09:46 - 000000000 ____D C:WINDOWSDeliveryOptimization 2018-04-29 02:40 - 2016-10-04 15:16 - 000000000 ____D C:UsersGinaAppDataLocalCrashDumps 2018-04-28 23:39 - 2017-01-06 02:10 - 000000000 ____D C:UsersGinaAppDataLocalBattle.net 2018-04-28 22:06 - 2017-09-29 09:46 - 000000000 ____D C:WINDOWSAppReadiness 2018-04-27 17:19 - 2016-10-09 18:28 - 000002303 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk 2018-04-27 17:16 - 2017-09-29 09:46 - 000000000 ___HD C:Program FilesWindowsApps 2018-04-26 18:45 - 2017-10-04 18:53 - 000000000 ____D C:UsersGinaAppDataRoamingMicrosoftWindowsStart MenuProgramsRoblox 2018-04-26 13:53 - 2017-01-26 03:40 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAvira 2018-04-26 13:46 - 2017-01-26 03:46 - 000179488 _____ (Avira Operations GmbH & Co. KG) C:WINDOWSsystem32Driversavgntflt.sys 2018-04-26 13:46 - 2017-01-26 03:46 - 000170488 _____ (Avira Operations GmbH & Co. KG) C:WINDOWSsystem32Driversavipbb.sys 2018-04-25 01:38 - 2017-09-29 09:46 - 000000000 ____D C:WINDOWSsystem32NDF 2018-04-24 18:35 - 2017-07-12 17:23 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsBattlestate Games 2018-04-24 13:02 - 2016-10-01 03:17 - 000000000 ____D C:ProgramDataPackage Cache 2018-04-23 18:39 - 2016-10-09 19:24 - 000000000 ____D C:UsersGinaDocumentsThe Witcher 3 2018-04-21 21:39 - 2016-10-09 19:22 - 000000000 ____D C:UsersGinaDocumentsMy Games 2018-04-21 15:46 - 2017-06-14 12:59 - 000000000 ____D C:UsersGinaAppDataRoamingobs-studio 2018-04-17 21:01 - 2016-10-09 19:57 - 000000000 ____D C:UsersGinaAppDataRoamingdiscord 2018-04-17 10:02 - 2018-01-19 02:32 - 000269632 _____ C:WINDOWSsystem32FNTCACHE.DAT 2018-04-17 03:26 - 2016-10-12 00:30 - 000000000 ____D C:UsersGinaAppDataLocalElevatedDiagnostics 2018-04-17 03:23 - 2017-09-29 09:44 - 000000000 ____D C:WINDOWSINF 2018-04-17 03:23 - 2016-10-09 18:24 - 000000000 ____D C:Program Files (x86)Razer 2018-04-14 12:04 - 2017-10-21 00:39 - 000000000 ____D C:ProgramDataGOG.com 2018-04-12 10:34 - 2017-09-29 09:46 - 000000000 ____D C:WINDOWSrescache 2018-04-10 21:44 - 2017-09-29 09:37 - 000000000 ____D C:WINDOWSCbsTemp 2018-04-10 21:40 - 2018-01-19 02:44 - 000000000 ___RD C:UsersGina3D Objects 2018-04-10 21:40 - 2016-10-01 02:45 - 000000000 __RHD C:UsersPublicAccountPictures 2018-04-10 21:37 - 2018-03-25 10:51 - 000000000 ____D C:WINDOWSMinidump 2018-04-10 21:37 - 2017-09-29 09:46 - 000000000 ___SD C:WINDOWSSysWOW64F12 2018-04-10 21:37 - 2017-09-29 09:46 - 000000000 ___SD C:WINDOWSsystem32F12 2018-04-10 21:37 - 2017-09-29 09:46 - 000000000 ____D C:WINDOWSsystem32appraiser 2018-04-10 21:37 - 2017-09-29 09:46 - 000000000 ____D C:WINDOWSShellExperiences 2018-04-10 19:22 - 2017-09-29 09:41 - 000234496 _____ (Microsoft Corporation) C:WINDOWSsystem32cdd.dll 2018-04-10 19:20 - 2016-10-09 18:48 - 000000000 ____D C:WINDOWSsystem32MRT 2018-04-10 19:18 - 2017-10-10 21:30 - 136971704 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT-KB890830.exe 2018-04-10 19:18 - 2016-10-09 18:48 - 136971704 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe 2018-04-10 19:09 - 2018-01-19 02:41 - 000004598 _____ C:WINDOWSSystem32TasksAdobe Flash Player PPAPI Notifier 2018-04-10 19:09 - 2017-09-29 09:46 - 000000000 ____D C:WINDOWSSysWOW64Macromed 2018-04-10 19:09 - 2017-09-29 09:46 - 000000000 ____D C:WINDOWSsystem32Macromed 2018-04-06 12:31 - 2018-01-09 06:29 - 000000000 ____D C:UsersGinaAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam 2018-04-06 10:44 - 2016-12-22 13:20 - 000000000 ____D C:UsersGinaAppDataLocalUbisoft Game Launcher 2018-04-06 09:44 - 2017-09-29 04:45 - 000032768 _____ C:WINDOWSsystem32configELAM 2018-04-06 09:41 - 2017-09-29 09:46 - 000000000 ___RD C:Program FilesWindows Defender 2018-04-03 15:37 - 2017-09-29 09:49 - 000835064 _____ (Adobe Systems Incorporated) C:WINDOWSSysWOW64FlashPlayerApp.exe 2018-04-03 15:37 - 2017-09-29 09:49 - 000179704 _____ (Adobe Systems Incorporated) C:WINDOWSSysWOW64FlashPlayerCPLApp.cpl 2018-04-01 17:23 - 2016-10-04 12:00 - 000000000 ____D C:UsersGinaAppDataRoamingSentinel 2018-03-30 18:28 - 2017-08-16 00:25 - 000000000 ____D C:Program FilesMozilla Firefox 2018-03-30 18:28 - 2017-08-16 00:25 - 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service Files in the root of some directories 2017-03-10 22:29 - 2017-03-25 22:00 - 000000098 _____ () C:UsersGinaAppDataRoamingLauncherSettings_live.cfg 2017-03-25 15:35 - 2017-03-25 15:45 - 000010371 _____ () C:UsersGinaAppDataRoamingTheHunterSettings_live.bin 2017-03-10 22:11 - 2017-03-11 00:03 - 000000043 _____ () C:UsersGinaAppDataRoamingTheHunterSettings_steam_live.cfg 2016-11-05 22:37 - 2017-01-04 21:59 - 000000600 _____ () C:UsersGinaAppDataRoamingwinscp.rnd 2017-12-29 06:47 - 2018-01-04 23:10 - 000006656 _____ () C:UsersGinaAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-03-10 23:45 - 2017-03-10 23:45 - 000000000 _____ () C:UsersGinaAppDataLocalDriver_11ACPresent.flag 2017-03-10 23:45 - 2017-03-10 23:45 - 000000000 _____ () C:UsersGinaAppDataLocalDriver_1535Present.flag 2017-03-10 23:45 - 2017-03-10 23:45 - 000000000 _____ () C:UsersGinaAppDataLocalDriver_LOM_8171Present.flag Bamital & volsnap (There is no automatic fix for files that do not pass verification.) C:WINDOWSsystem32winlogon.exe => File is digitally signed C:WINDOWSsystem32wininit.exe => File is digitally signed C:WINDOWSexplorer.exe => File is digitally signed C:WINDOWSSysWOW64explorer.exe => File is digitally signed C:WINDOWSsystem32svchost.exe => File is digitally signed C:WINDOWSSysWOW64svchost.exe => File is digitally signed C:WINDOWSsystem32services.exe => File is digitally signed C:WINDOWSsystem32User32.dll => File is digitally signed C:WINDOWSSysWOW64User32.dll => File is digitally signed C:WINDOWSsystem32userinit.exe => File is digitally signed C:WINDOWSSysWOW64userinit.exe => File is digitally signed C:WINDOWSsystem32rpcss.dll => File is digitally signed C:WINDOWSsystem32dnsapi.dll => File is digitally signed C:WINDOWSSysWOW64dnsapi.dll => File is digitally signed C:WINDOWSsystem32Driversvolsnap.sys => File is digitally signed LastRegBack: 2018-04-28 22:46 End of FRST.txt The Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.04.2018 Ran by Gina (29-04-2018 05:33:46) Running from D:Desktop Windows 10 Pro Version 1709 16299.371 (X64) (2018-01-19 06:43:46) Boot Mode: Normal Accounts: Administrator (S-1-5-21-3136049691-254176528-2049032503-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3136049691-254176528-2049032503-503 - Limited - Disabled) defaultuser0 (S-1-5-21-3136049691-254176528-2049032503-1001 - Limited - Disabled) => C:Usersdefaultuser0 Gina (S-1-5-21-3136049691-254176528-2049032503-1002 - Administrator - Enabled) => C:UsersGina Guest (S-1-5-21-3136049691-254176528-2049032503-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3136049691-254176528-2049032503-504 - Limited - Disabled) Security Center (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Installed Programs (Only the adware programs with 'Hidden' flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 「Ｍ＆Ｍ」(c)BLUEGALE (HKLM-x32..「Ｍ＆Ｍ」(c)BLUEGALE) (Version: - ) –…‚¢‚¶‚ß (HKLM-x32..–…‚¢‚¶‚ß_is1) (Version: - ) Acon Digital Reverb SOLO (64 bit) 1.0.4 (HKLM..{1A87A26B-D4CE-4827-8109-9CF10ADA821A}_is1) (Version: 1.0.4 - Acon AS) Adobe Acrobat Reader DC - Japanese (HKLM-x32..{AC76BA86-7AD7-1041-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated) Adobe Flash Player 29 NPAPI (HKLM-x32..Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated) Adobe Flash Player 29 PPAPI (HKLM-x32..Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated) Apowersoft Video Converter Studio V4.6.0 (HKLM-x32..{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.6.0 - APOWERSOFT LIMITED) Apple Application Support (32-bit) (HKLM-x32..{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM..{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.) Apple Mobile Device Support (HKLM..{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.) Apple Software Update (HKLM-x32..{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.) Arc (HKLM-x32..{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment) Asmedia USB Host Controller Driver (HKLM-x32..{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology) Audacity 2.1.3 (HKLM-x32..Audacity®_is1) (Version: 2.1.3 - Audacity Team) Audacity 2.2.2 (HKLM-x32..Audacity_is1) (Version: 2.2.2 - Audacity Team) Auto Mouse Click v57.1 (HKLM-x32..{F5E3859D-0720-41F0-BAF5-4CBCDFD8F406}_is1) (Version: 57.1 - MurGee.com) AutoHotkey 1.1.28.00 (HKLM..AutoHotkey) (Version: 1.1.28.00 - Lexikos) Avidemux 2.5 (32-bit) (HKLM-x32..Avidemux 2.5) (Version: 2.5.4.7200 - ) Avidemux 2.7 - 32 bits (32-bit) (HKLM-x32..Avidemux 2.7 - 32 bits) (Version: 2.7.0.170814 - ) Avira (HKLM-x32..{40F72BC9-0C14-4122-8930-4B037EAEAD45}) (Version: 1.2.109.23832 - Avira Operations GmbH & Co. KG) Hidden Avira (HKLM-x32..{4b629f54-1d82-40c9-9979-4485bb58d155}) (Version: 1.2.109.23832 - Avira Operations GmbH & Co. KG) Avira Antivirus (HKLM-x32..Avira Antivirus) (Version: 15.0.36.163 - Avira Operations GmbH & Co. KG) Battle.net (HKLM-x32..Battle.net) (Version: - Blizzard Entertainment) Battlestate Games Launcher 0.5.0.407 (HKLM-x32..{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 0.5.0.407 - Battlestate Games) BattlEye Uninstall (HKLM-x32..BattlEye for A2) (Version: - ) Blade & Soul (HKLM-x32..{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Hidden Blade & Soul (HKLM-x32..InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Bonjour (HKLM..{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Boob Wars: Big Breasts vs Flat Chests (HKLM-x32..BoobWars) (Version: English 1.0 - Mangagamer) Brave (HKUS-1-5-21-3136049691-254176528-2049032503-1002..Brave) (Version: 0.21.24 - Brave Software) Brave (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Brave) (Version: 0.21.24 - Brave Software) Cain & Abel 4.9.56 (HKLM-x32..Cain & Abel 4.9.56) (Version: - ) Cheat Engine 6.6 (HKLM-x32..Cheat Engine 6.6_is1) (Version: - Cheat Engine) CoSMOS version 3.4.1 (HKLM..{0EC35F15-6125-4DE6-980B-F4C8B0BE5820}_is1) (Version: 3.4.1 - Cheat Happens) CrystalDiskInfo 7.6.0 (HKLM-x32..CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World) D3DX10 (HKLM-x32..{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM..DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd) Dauntless (HKLM..{03AFDFA7-7A23-41B1-AAC2-3898591127D3}) (Version: 1.00.0000 - Phoenix Labs) Dauntless (HKLM..{CD7ACB6E-5126-4C88-AB5D-01D0FECEDDF1}) (Version: 1.0.2 - Phoenix Labs) Dead In Vinland (HKLM-x32..Dead In Vinland_is1) (Version: - ) Dell System Detect (HKUS-1-5-21-3136049691-254176528-2049032503-1002..d24084d039586cae) (Version: 8.4.0.5 - Dell) Dell System Detect (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..d24084d039586cae) (Version: 8.4.0.5 - Dell) Destiny 2 (HKLM-x32..Destiny 2) (Version: - Blizzard Entertainment) Diablo III (HKLM-x32..Diablo III) (Version: - Blizzard Entertainment) Discord (HKUS-1-5-21-3136049691-254176528-2049032503-1002..Discord) (Version: 0.0.300 - Discord Inc.) Discord (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Discord) (Version: 0.0.300 - Discord Inc.) DisplayDriverAnalyzer (HKLM..{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.24 - NVIDIA Corporation) Hidden Dogecoin Core (64-bit) (HKUS-1-5-21-3136049691-254176528-2049032503-1002..Dogecoin Core (64-bit)) (Version: 1.10.0 - Dogecoin Core project) Dogecoin Core (64-bit) (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Dogecoin Core (64-bit)) (Version: 1.10.0 - Dogecoin Core project) DRACU-RIOT! (HKUS-1-5-21-3136049691-254176528-2049032503-1002..{464DA996-B6AB-4ADD-B72D-C5B7F82B29EB}) (Version: - ゆずソフト) DRACU-RIOT! (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..{464DA996-B6AB-4ADD-B72D-C5B7F82B29EB}) (Version: - ゆずソフト) DZLauncher version 0.1.5.8 (HKLM-x32..{1E299AE2-74C8-4CD8-6B17-A86E0ED3C4D2}_is1) (Version: 0.1.5.8 - Maca134) Epic Games Launcher (HKLM-x32..{F7118EF5-320C-4340-99F4-25F970B428A3}) (Version: 1.1.125.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM..{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Escape from Tarkov (HKLM-x32..EscapeFromTarkov) (Version: 0.8.1.1213 - Battlestate Games) EVGA PrecisionX OC (HKLM-x32..{029E2469-2EBB-4067-8563-0D5B293D8E63}) (Version: 6.0.5 - EVGA Corporation) Evolve (HKLM..{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC) Exodus (HKUS-1-5-21-3136049691-254176528-2049032503-1002..exodus) (Version: 1.36.1 - Exodus Movement Inc) Exodus (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..exodus) (Version: 1.36.1 - Exodus Movement Inc) Fallout Mod Manager 0.13.21 (HKLM-x32..Generic Mod Manager_is1) (Version: - Q, Timeslip) Fallout: New Vegas (HKLM-x32..1454587428_is1) (Version: 1.4.0.525 - GOG.com) Far Cry 5 (HKLM-x32..{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft) File Folder Shredder v1.1 (HKLM..File Folder Shredder_is1) (Version: 1.1.0.0 - site2unblock.com) FileASSASSIN (HKLM-x32..FileASSASSIN) (Version: 1.06 - Malwarebytes) GameMaker: Player (HKLM-x32..GameMakerPlayer) (Version: 1.4.1416.41504 - YoYo Games Ltd.) GameMaker-Studio 1.4 (HKUS-1-5-21-3136049691-254176528-2049032503-1002..GameMaker-Studio14) (Version: - YoYo Games Ltd.) GameMaker-Studio 1.4 (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..GameMaker-Studio14) (Version: - YoYo Games Ltd.) GlassWire 2.0 (remove only) (HKLM-x32..GlassWire 2.0) (Version: 2.0.105 - SecureMix LLC) GOG Galaxy (HKLM-x32..{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32..Google Chrome) (Version: 66.0.3359.139 - Google Inc.) Google Update Helper (HKLM-x32..{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Guild Wars 2 (HKLM..Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Gyazo 3.3.5 (HKLM-x32..{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) iCloud (HKLM..{694E3E02-E14A-4BB2-A970-CF7F017FD5CC}) (Version: 7.3.0.20 - Apple Inc.) iMazing 2.2.7.0 (HKLM..iMazing_is1) (Version: 2.2.7.0 - DigiDNA) Infestation New Z (HKLM-x32..Infestation New Z) (Version: v26.01.16 Beta - Fredaikis AB) Intel(R) Chipset Device Software (HKLM-x32..{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM..{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1168 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32..{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation) Intel(R) Serial IO (HKLM..{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel® Security Assist (HKLM-x32..{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Ironsight version 1 (HKLM-x32..Ironsight_is1) (Version: 1 - Aeria Games) iTunes (HKLM..{1D7D1271-5258-4F5A-B8C1-7176BF398782}) (Version: 12.7.3.46 - Apple Inc.) Java 8 Update 161 (HKLM-x32..{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Killer Bandwidth Control Filter Driver (HKLM..{72D87E63-2F1C-47E6-86F5-E9C4BD7947C0}) (Version: 1.1.68.1766 - Rivet Networks) Hidden Killer E240x Drivers (HKLM..{98F6F346-DC92-4108-8425-882DEA9853D2}) (Version: 1.1.68.1766 - Rivet Networks) Hidden Killer Network Manager (HKLM..{4977C970-3BC3-4414-9CB0-CAAE58F50C09}) (Version: 1.1.68.1766 - Rivet Networks) Hidden Killer Performance Suite (HKLM-x32..{E0C14D2B-0530-49B5-9FCE-CF07F69F2EDD}) (Version: 1.1.68.1766 - Rivet Networks) Killer Wireless-AC Drivers (HKLM..{729F479E-2C99-4D75-B901-D6C6B7DBE0C1}) (Version: 1.1.68.1766 - Rivet Networks) Hidden Kingdom Come Deliverance (HKLM-x32..Kingdom Come Deliverance_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32..{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech Gaming Software 8.91 (HKLM..Logitech Gaming Software) (Version: 8.91.48 - Logitech Inc.) LOOT version 0.11.0 (HKLM-x32..{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.11.0 - LOOT Team) Malwarebytes version 3.4.5.2467 (HKLM..{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes) MGI - Monster Girl Island Demo 1 (HKLM-x32..{CD8A4EC7-3923-4AC8-8CDC-C0DD77132379}) (Version: 1 - Monster Girl Island) MGI - Monster Girl Island Demo 2 Day 1 (HKLM-x32..{1F5EDA4D-0035-4EA1-A7F2-82E0400127B1}) (Version: 1 - Monster Girl Island) MGI Patreon Showcase Build - Adeline (HKLM-x32..{1BADD3C2-2DC4-4877-A465-DE24307576A9}) (Version: 1 - Monster Girl Island) MGI Patreon Showcase Build - Ara (HKLM-x32..{2BD9B80A-6877-4D82-88E3-8AD0D067066D}) (Version: 1.1 - Monster Girl Island) MGI Patreon Showcase Build - Mako (HKLM-x32..{01C9EA40-7778-4F5E-80A9-AAB43F7059F3}) (Version: 1 - Monster Girl Island) MGI Patreon Showcase Build - Twins (HKLM-x32..{1E4E2CFC-6004-4D49-88B7-420489FD9ACD}) (Version: 1.1 - Monster Girl Island) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32..{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft OneDrive (HKUS-1-5-21-3136049691-254176528-2049032503-1002..OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation) Microsoft OneDrive (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32..{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32..{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32..{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32..{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM..{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM..{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM..{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM..{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32..{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32..{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32..{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM..{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32..{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32..{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32..{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32..{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32..{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32..{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32..{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32..{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32..{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Windows Application Compatibility Database (HKLM..{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - ) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32..{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Monster Girl Island - Halloween (HKLM-x32..{BB541ED4-B8CC-4122-8B25-00C5CD78D7A5}) (Version: 2 - Monster Girl Island) Movie Maker (HKLM-x32..{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32..{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 59.0.2 (x64 en-US) (HKLM..Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla) Mozilla Maintenance Service (HKLM..MozillaMaintenanceService) (Version: 55.0.1 - Mozilla) MSI Afterburner 4.4.2 (HKLM-x32..Afterburner) (Version: 4.4.2 - MSI Co., LTD) Mumble 1.2.19 (HKLM-x32..{F62A874F-2354-49B1-87BE-CAAD7C8FA084}) (Version: 1.2.19 - Thorvald Natvig) My.com Game Center (HKUS-1-5-21-3136049691-254176528-2049032503-1002..MyComGames) (Version: 3.206 - My.com B.V.) My.com Game Center (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..MyComGames) (Version: 3.206 - My.com B.V.) NCSOFT Game Launcher (HKLM-x32..NCLauncher_NCWest) (Version: - NCSOFT) NEKOPARA vol.1 (HKUS-1-5-21-3136049691-254176528-2049032503-1002..{64DC04AF-BD7C-4CF4-9CA4-938953224328}) (Version: - NEKO WORKs) NEKOPARA vol.1 (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..{64DC04AF-BD7C-4CF4-9CA4-938953224328}) (Version: - NEKO WORKs) Nexus Mod Manager (HKLM..6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming) Notepad++ (HKLM..Notepad++) (Version: 7 - Notepad++ Team) NVIDIA 3D Vision Controller Driver 390.41 (HKLM..{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision Driver 391.24 (HKLM..{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.24 - NVIDIA Corporation) NVIDIA GeForce Experience 3.13.1.30 (HKLM..{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation) NVIDIA Graphics Driver 391.24 (HKLM..{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.24 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.36.6 (HKLM..{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM..{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) OBS Studio (HKLM-x32..OBS Studio) (Version: 21.1.0 - OBS Project) OldSchool RuneScape Launcher 1.2.7 (HKLM-x32..{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd) osu! (HKLM-x32..{316be41a-328c-4514-baa1-b7a6618ce60f}) (Version: latest - ppy Pty Ltd) piaip AppLocale (HKLM-x32..{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS) Play withSIX Windows client (HKUS-1-5-21-3136049691-254176528-2049032503-1002..PlaywithSIX) (Version: 1.69.1518.1 - SIX Networks GmbH) Play withSIX Windows client (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..PlaywithSIX) (Version: 1.69.1518.1 - SIX Networks GmbH) Private Internet Access Support Files (HKLM-x32..{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access) Process Hacker 2.39 (r124) (HKLM..Process_Hacker2_is1) (Version: 2.39.0.124 - wj32) Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM..{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.127 - Qualcomm Atheros) RAR Password Unlocker (HKLM-x32..{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version: - RAR Password Unlocker, Inc.) Razer Chroma SDK Core Components (HKLM-x32..Razer Chroma SDK) (Version: 2.8.6 - Razer Inc.) Razer Synapse (HKLM-x32..{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.) Reflector 2 (HKLM..{E3BEB6A1-0519-4024-86CD-D1A77A1ADCEE}) (Version: 2.7.5.0 - Squirrels) Revelation Online (HKUS-1-5-21-3136049691-254176528-2049032503-1002..Revelation Online) (Version: 1.48 - My.com B.V.) Revelation Online (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..Revelation Online) (Version: 1.48 - My.com B.V.) RivaTuner Statistics Server 7.0.2 (HKLM-x32..RTSS) (Version: 7.0.2 - Unwinder) Roblox Player for Gina (HKUS-1-5-21-3136049691-254176528-2049032503-1002..{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation) Roblox Player for Gina (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation) Roblox Studio for Gina (HKUS-1-5-21-3136049691-254176528-2049032503-1002..{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation) Roblox Studio for Gina (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation) Rockstar Games Social Club (HKLM-x32..Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games) RuneScape Launcher 2.2.4 (HKLM..RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd) Sandboxie 5.24 (64-bit) (HKLM..Sandboxie) (Version: 5.24 - Sandboxie Holdings, LLC) Skype™ 7.40 (HKLM-x32..{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.) SlaveWitch April (HKLM-x32..{79F0BF2B-ECD9-40DF-8125-384392A4FFD5}) (Version: 1.00.0000 - NEXTON) Starless Nymphomaniacs' Paradise (HKLM-x32..Starless Nymphomaniacs' Paradise1.0) (Version: 1.0 - JAST USA) Steam (HKLM-x32..Steam) (Version: 2.10.91.91 - Valve Corporation) SuperF4 (HKUS-1-5-21-3136049691-254176528-2049032503-1002..SuperF4) (Version: 1.3 - Stefan Sundin) SuperF4 (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..SuperF4) (Version: 1.3 - Stefan Sundin) Swiff Player 1.7.2 (HKLM-x32..Swiff Player_is1) (Version: 1.7.2 - GlobFX Technologies) SymMover (HKLM-x32..SymMover) (Version: - ) TAP-Windows 9.9.2 (HKLM..TAP-Windows) (Version: 9.9.2 - ) TeamSpeak 3 Client (HKUS-1-5-21-3136049691-254176528-2049032503-1002..TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) TeamViewer 13 (HKLM-x32..TeamViewer) (Version: 13.1.1548 - TeamViewer) The Elder Scrolls IV: Oblivion (HKLM-x32..1458058109_is1) (Version: 1.2.0416 - GOG.com) The Elder Scrolls Online (HKLM-x32..The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios) The Legend of Pirates Online (HKUS-1-5-21-3136049691-254176528-2049032503-1002..The Legend of Pirates Online) (Version: 1.3.0 - The TLOPO Team) The Legend of Pirates Online (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..The Legend of Pirates Online) (Version: 1.3.0 - The TLOPO Team) The Witcher 3 - Wild Hunt (HKLM-x32..1207664643_is1) (Version: 1.31.0.0 - GOG.com) The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32..Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com) The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32..Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com) The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32..Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com) Toontown Rewritten (HKLM-x32..Toontown Rewritten) (Version: 00.00.00.00 - The TTR Team) TradeSkillMaster Application version 1.0 (HKLM-x32..{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster) Turtle Beach (HKLM-x32..{E419774F-EF17-46FD-BC6E-A3D3EE0251FC}) (Version: 7.4.2.0 - Turtle Beach) Twitch (HKUS-1-5-21-3136049691-254176528-2049032503-1002..{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) Twitch (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) Ultimate Boob Wars!! ~Big Breasts vs Flat Chests~ version 1.0 (HKLM-x32..{6F534391-95E7-4291-B9A4-101A400F0995}_is1) (Version: 1.0 - MangaGamer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM..{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation) UpdateAssistant (HKLM-x32..{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden Uplay (HKLM-x32..Uplay) (Version: 26.0 - Ubisoft) USBPcap 1.1.0.0-g794bf26-5 (HKLM..USBPcap) (Version: 1.1.0.0-g794bf26-5 - ) Valkyrie Svia (HKLM-x32..ValkyrieSvia) (Version: English 1.0 - Mangagamer) VBCABLE, The Virtual Audio Cable (HKLM..VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software) Vegas Pro 13.0 (64-bit) (HKLM-x32..Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exｵs ・) Vulkan Run Time Libraries 1.0.65.1 (HKLM..VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Wanko to kurasou version 1.0 (HKLM-x32..{3B7273E2-06CB-4EF8-AD98-2D9BD4E7A2F1}_is1) (Version: 1.0 - INSAINITY) WinDirStat 1.1.2 (HKUS-1-5-21-3136049691-254176528-2049032503-1002..WinDirStat) (Version: - ) WinDirStat 1.1.2 (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..WinDirStat) (Version: - ) Windows 10 Update Assistant (HKLM-x32..{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation) Windows Live Essentials (HKLM-x32..WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinPcap 4.1.3 (HKLM-x32..WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.40 (64-bit) (HKLM..WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Wireshark 2.4.5 32-bit (HKLM-x32..Wireshark) (Version: 2.4.5 - The Wireshark developer community, hxxps://www.wireshark.org) Wizard101 (HKUS-1-5-21-3136049691-254176528-2049032503-1002..{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.) Wizard101 (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.) World of Warcraft (HKLM-x32..World of Warcraft) (Version: - Blizzard Entertainment) XSplit Broadcaster (HKLM-x32..{25C4A41B-3B57-4BA5-90EF-7CB5BC87FFB6}) (Version: 3.0.1705.3124 - SplitmediaLabs) XSplit Gamecaster (HKLM-x32..{4F5E82E0-EAA3-4555-8A0B-7D237119222F}) (Version: 3.1.1708.2941 - SplitmediaLabs) Xtreme Audio DAC (HKLM-x32..{5B5FB4CE-2058-46A3-809F-B5CD521AE89E}) (Version: 1.00.0034 - C-Media Electronics, Inc.) μTorrent (HKUS-1-5-21-3136049691-254176528-2049032503-1002..uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.) μTorrent (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.) 妹いじめ (HKLM-x32..妹いじめ_is1) (Version: - ) 妹ぱらだいす！３ (HKUS-1-5-21-3136049691-254176528-2049032503-1002..{723A1CFF-5AE3-4784-B52E-C7E17BD04031}) (Version: 1.00.0 - ムーンストーン) 妹ぱらだいす！３ (HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..{723A1CFF-5AE3-4784-B52E-C7E17BD04031}) (Version: 1.00.0 - ムーンストーン) 孕ら☆カノ！！ ～あの娘とラブラブ孕ぼて性活～ (HKLM-x32..孕ら☆カノ！！ ～あの娘とラブラブ孕ぼて性活～_is1) (Version: - ) 炉の湯 1.00 (HKLM-x32..炉の湯_is1) (Version: - ) 魔導巧殻 (HKLM-x32..{399534C4-4B96-477C-BD2E-90B46EF7CBF1}) (Version: 1.00.0006 - Eushully) Hidden 魔導巧殻 (HKLM-x32..InstallShield_{399534C4-4B96-477C-BD2E-90B46EF7CBF1}) (Version: 1.00.0006 - Eushully) Custom CLSID (Whitelisted): (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:CProgram FilesNotepad++NppShell_06.dll [2016-09-21] () ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:Program FilesCommon FilesAppleInternet ServicesShellStreams64.dll [2018-01-10] (Apple Inc.) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:Program Files (x86)AviraAntivirusshlext64.dll [2018-04-26] (Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers3-x32: [FAExt] -> {05672D66-9736-42F5-8BEB-FA1DD3CA51C4} => C:Program Files (x86)FileASSASSINFileASSASSINExt.dll [2007-03-30] (Malwarebytes) ContextMenuHandlers3-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2018-03-27] (Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSsystem32nvshext.dll [2018-03-15] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2018-03-27] (Malwarebytes) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:Program Files (x86)AviraAntivirusshlext64.dll [2018-04-26] (Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2016-08-15] (Alexander Roshal) Scheduled Tasks (Whitelisted) (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {09CC4CFF-CCF3-4100-BC32-79671F788FDD} - System32TasksEVGAPrecisionX => C:Program Files (x86)EVGAPrecisionX OCPrecisionX_x64.exe [2016-08-25] (EVGA Corp.) Task: {16BAA134-5331-4C02-BC2A-42EFE582A6E0} - System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation) Task: {213D442A-344D-42C2-BCDC-517A22442CCE} - MicrosoftWindowsUNPRunCampaignManager -> No File < ATTENTION Task: {24C7EB35-25F3-4D2D-A4F8-8F860AA592EE} - System32TasksAdobe Flash Player PPAPI Notifier => C:WINDOWSSysWOW64MacromedFlashFlashUtil32_29_0_0_140_pepper.exe [2018-04-10] (Adobe Systems Incorporated) Task: {2A49B835-5582-42C2-8BDE-3103C70BEADC} - System32TasksNvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [2018-03-14] (NVIDIA Corporation) Task: {4A530624-1216-456D-9EBE-081C205BBAC3} - System32TasksAvira_Antivirus_Systray => C:Program Files (x86)AviraAntivirusavgnt.exe [2018-04-26] (Avira Operations GmbH & Co. KG) Task: {521A2287-83E7-44DA-B23D-2A849995AD19} - System32TasksAdobe Acrobat Update Task => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {57C91293-E951-4B26-8883-ED86147F07C3} - System32TasksOneDrive Standalone Update Task => C:UsersAdministratorAppDataLocalMicrosoftOneDrive17.3.6517.0809OneDriveStandaloneUpdater.exe Task: {59ED451F-75F4-4344-BB73-D02BBF9AE433} - System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows Defenderplatform4.14.17639.18041-0MpCmdRun.exe [2018-04-25] (Microsoft Corporation) Task: {608AC478-EBE7-47EB-8D4D-A7B218D3A132} - System32TasksAppleAppleSoftwareUpdate => C:Program Files (x86)Apple Software UpdateSoftwareUpdate.exe [2017-10-12] (Apple Inc.) Task: {62D9C334-65D2-429E-B989-FBCFF848A738} - System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2016-10-09] (Google Inc.) Task: {748117F1-9D49-4312-99D2-703ED2336A14} - System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation) Task: {78DA1D2F-20AB-4597-B9E6-49926E225620} - System32Tasks{DB3E29DC-22B9-4CEB-B6E3-7A0AA2BA7E0E} => C:Windowssystem32pcalua.exe -a C:WindowsAppPatchAppLoc.exe -d J:SetupData -c 'J:SetupDataSetup.exe' '/L0411' Task: {79CEBA86-B33C-44DA-9AC2-B2BA24D07C5A} - System32TasksSentinel => Sentinel Task: {86B5ED4E-14FD-4106-AE8B-025AF1DB67D9} - System32TasksGyazoUpdateTaskMachine => C:Program Files (x86)GyazoGyazoUpdate.exe [2017-12-21] (Nota Inc.) Task: {8ADD635B-72E5-4FE8-B808-5CA2989B5287} - System32TasksAdobe Flash Player Updater => C:WindowsSysWoW64MacromedFlashFlashPlayerUpdateService.exe [2018-04-10] (Adobe Systems Incorporated) Task: {8CE82870-C4ED-4536-A6A3-6055A570078C} - System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation) Task: {8E5AEDD4-2FAD-4C32-9803-65700E94F16D} - System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows Defenderplatform4.14.17639.18041-0MpCmdRun.exe [2018-04-25] (Microsoft Corporation) Task: {9FE199E7-DF9A-4E7C-A03E-9423A5A88DBA} - System32TasksNvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmMon.exe [2018-03-14] (NVIDIA Corporation) Task: {BA4F065E-89C7-4848-A9A5-9652C96173A2} - System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2016-10-09] (Google Inc.) Task: {C27A5E9A-BC16-480C-AAD8-79BFD7629B4E} - System32TasksPrivate Internet Access Startup => C:Program Filespia_managerpia_manager.exe [2016-10-19] () Task: {C45593BE-4080-4118-BA68-D32C16D8AFE8} - System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvContainernvcontainer.exe [2018-03-14] (NVIDIA Corporation) Task: {D09FCB39-19AD-4341-9DF8-7A031199E804} - System32Tasks{2C8BE966-C10E-41E2-BA05-4130E264062A} => C:Windowssystem32pcalua.exe -a 'D:CProgram FilesSentinelRecover_Sentinel.exe' -d 'D:CProgram FilesSentinel' Task: {DB262D9B-6A6C-4610-B383-63E058FE5B67} - System32TasksGyazoUpdateTaskMachineDaily => C:Program Files (x86)GyazoGyazoUpdate.exe [2017-12-21] (Nota Inc.) Task: {DF9EABD1-C6E5-4C16-9C37-E539F8AC6D1A} - System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows Defenderplatform4.14.17639.18041-0MpCmdRun.exe [2018-04-25] (Microsoft Corporation) Task: {E4159409-975A-4313-A4A6-E01D0968EA66} - System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows Defenderplatform4.14.17639.18041-0MpCmdRun.exe [2018-04-25] (Microsoft Corporation) Task: {E5959DC6-BC4B-4C9A-93F2-8DB54707CD64} - System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [2018-03-14] (NVIDIA Corporation) Task: {F4A881F6-994D-48CE-ACFB-0252431C341B} - System32TasksAdobe Flash Player NPAPI Notifier => C:WINDOWSSysWOW64MacromedFlashFlashUtil32_29_0_0_140_Plugin.exe [2018-04-10] (Adobe Systems Incorporated) Task: {FB78056C-6B98-42DE-9657-92C11ED0B374} - System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe Shortcuts & WMI (The entries could be listed to be restored or removed.) Loaded Modules (Whitelisted) 2017-09-29 09:41 - 2017-09-29 09:41 - 000184432 _____ () C:WINDOWSSYSTEM32inputhost.dll 2018-03-13 11:07 - 2018-03-15 20:57 - 000544384 _____ () C:Program FilesNVIDIA CorporationDisplay.NvContainerpluginsLocalSystemDisplayDriverAnalyzer_DisplayDriverCrashAnalyzer64.dll 2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:Program FilesCommon FilesAppleApple Application Supportzlib1.dll 2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:Program FilesCommon FilesAppleApple Application Supportlibxml2.dll 2016-10-09 19:51 - 2015-05-19 12:11 - 000007680 _____ () C:Program Files (x86)IntelIntel(R) Security AssistisaHelperService.exe 2017-07-19 18:09 - 2017-07-19 18:09 - 000189264 _____ () C:Program Files (x86)RazerRazer ServicesGSSGameScannerService.exe 2018-04-05 18:36 - 2018-03-27 13:47 - 002492704 _____ () C:PROGRAM FILESMALWAREBYTESANTI-MALWAREMwacLib.dll 2018-04-05 18:36 - 2018-03-12 15:09 - 002300192 _____ () C:PROGRAM FILESMALWAREBYTESANTI-MALWARESelfProtectionSdk.dll 2017-10-04 17:50 - 2018-03-14 09:05 - 001267648 _____ () C:Program FilesNVIDIA CorporationNvContainerlibprotobuf.dll 2016-10-04 12:00 - 2016-01-18 11:45 - 000319488 _____ () C:Program FilesSentinelSentinel.EXE 2016-10-19 21:12 - 2016-10-19 21:12 - 007711966 _____ () C:Program Filespia_managerpia_manager.exe 2016-09-21 16:16 - 2016-09-21 16:16 - 000230064 _____ () D:CProgram FilesNotepad++NppShell_06.dll 2018-03-13 21:23 - 2018-02-21 20:26 - 011044864 _____ () C:WindowsSystemAppsMicrosoft.Windows.Cortana_cw5n1h2txyewyCortanaApi.dll 2018-03-13 21:23 - 2018-02-21 20:21 - 001804288 _____ () C:WindowsSystemAppsMicrosoft.Windows.Cortana_cw5n1h2txyewyCortana.Core.dll 2017-06-12 02:12 - 2018-04-08 20:32 - 001845224 _____ () D:CProgram Files (x86)Steamsteamappscommonwallpaper_enginewallpaper64.exe 2018-04-27 17:19 - 2018-04-25 23:14 - 002666328 _____ () C:Program Files (x86)GoogleChromeApplication66.0.3359.139swiftshaderlibglesv2.dll 2018-04-27 17:19 - 2018-04-25 23:14 - 000127320 _____ () C:Program Files (x86)GoogleChromeApplication66.0.3359.139swiftshaderlibegl.dll 2018-04-02 10:04 - 2018-04-02 10:04 - 000180688 _____ () C:Program Files (x86)GlassWireEasyHook32.dll 2017-10-04 17:50 - 2018-03-14 09:05 - 001041344 _____ () C:Program Files (x86)NVIDIA CorporationNvContainerlibprotobuf.dll 2018-03-21 18:16 - 2018-01-10 22:05 - 000784672 _____ () D:CProgram Files (x86)SteamSDL2.dll 2018-04-04 16:01 - 2018-04-02 19:34 - 002631968 _____ () D:CProgram Files (x86)Steamvideo.dll 2018-02-05 17:28 - 2016-08-31 21:02 - 004969248 _____ () D:CProgram Files (x86)Steamv8.dll 2018-03-21 18:16 - 2017-12-19 21:43 - 000351520 _____ () D:CProgram Files (x86)Steamlibavresample-3.dll 2018-03-21 18:16 - 2017-12-19 21:43 - 000695584 _____ () D:CProgram Files (x86)Steamlibavformat-57.dll 2018-03-21 18:16 - 2017-12-19 21:43 - 000847136 _____ () D:CProgram Files (x86)Steamlibavutil-55.dll 2018-03-21 18:16 - 2017-12-19 21:43 - 005137696 _____ () D:CProgram Files (x86)Steamlibavcodec-57.dll 2018-02-05 17:28 - 2016-08-31 21:02 - 001563936 _____ () D:CProgram Files (x86)Steamicui18n.dll 2018-03-21 18:16 - 2017-12-19 21:43 - 000783648 _____ () D:CProgram Files (x86)Steamlibswscale-4.dll 2018-02-05 17:28 - 2016-08-31 21:02 - 001195296 _____ () D:CProgram Files (x86)Steamicuuc.dll 2018-04-04 16:01 - 2018-04-02 19:34 - 000977184 _____ () D:CProgram Files (x86)Steambinchromehtml.DLL 2018-02-05 17:28 - 2016-07-04 18:17 - 000266560 _____ () D:CProgram Files (x86)Steamopenvr_api.dll 2018-03-21 18:16 - 2017-12-13 17:16 - 071471392 _____ () D:CProgram Files (x86)Steambincefcef.win7libcef.dll 2018-02-05 17:28 - 2017-09-06 22:04 - 000678400 _____ () D:CProgram Files (x86)Steambincefcef.win7SDL2.dll 2018-02-05 17:28 - 2015-09-24 19:52 - 000119208 _____ () D:CProgram Files (x86)Steamwinh264.dll 2017-05-22 06:13 - 2017-05-22 06:13 - 000143824 _____ () C:ProgramDataRazerSynapseCrashReporterCrashRpt1402.dll 2018-04-29 05:27 - 2018-04-29 05:27 - 000012800 _____ () C:UsersGinaAppDataLocalTempocr5227.tmplibruby1.9.1i386-mingw32encencdb.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000014848 _____ () C:UsersGinaAppDataLocalTempocr5227.tmplibruby1.9.1i386-mingw32enctranstransdb.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000094208 _____ () C:UsersGinaAppDataLocalTempocr5227.tmpsrcrgloaderrgloader193.mswin.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000009216 _____ () C:UsersGinaAppDataLocalTempocr5227.tmplibruby1.9.1i386-mingw32etc.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000094208 _____ () C:UsersGinaAppDataLocalTempocr5227.tmplibrubysite_ruby1.9.1rgloaderrgloader193.mswin.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000126976 _____ () C:UsersGinaAppDataLocalTempocr5227.tmplibruby1.9.1i386-mingw32win32ole.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000087552 _____ () C:UsersGinaAppDataLocalTempocr5227.tmplibruby1.9.1i386-mingw32dl.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000016384 _____ () C:UsersGinaAppDataLocalTempocr5227.tmplibruby1.9.1i386-mingw32fiddle.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000127316 _____ () C:UsersGinaAppDataLocalTempocr5227.tmpbinlibffi-6.dll 2018-04-29 05:27 - 2018-04-29 05:27 - 000026624 _____ () C:UsersGinaAppDataLocalTempocr5227.tmplibrubygems1.9.1gemswin32-api-1.5.0-universal-mingw32libwin32ruby19win32api.so 2017-10-04 17:50 - 2018-03-14 09:04 - 081563584 _____ () C:Program Files (x86)NVIDIA CorporationNVIDIA GeForce Experiencelibcef.dll 2018-03-20 23:28 - 2018-03-14 09:04 - 002478016 _____ () C:Program Files (x86)NVIDIA CorporationNVIDIA GeForce Experienceswiftshaderlibglesv2.dll 2018-03-20 23:28 - 2018-03-14 09:04 - 000125376 _____ () C:Program Files (x86)NVIDIA CorporationNVIDIA GeForce Experienceswiftshaderlibegl.dll 2018-04-29 05:27 - 2018-04-29 05:27 - 000012800 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32encencdb.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000014848 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32enctranstransdb.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000094208 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmpsrcrgloaderrgloader193.mswin.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000094208 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibrubysite_ruby1.9.1rgloaderrgloader193.mswin.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000118784 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32socket.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000069120 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32zlib.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000083968 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmpbinzlib1.dll 2018-04-29 05:27 - 2018-04-29 05:27 - 000026624 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32stringio.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000275968 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32openssl.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000015360 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32digest.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000008192 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32fcntl.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000009216 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32etc.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000023552 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32jsonextparser.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000008704 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32encutf_16be.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000008704 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32encutf_16le.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000008704 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32encutf_32be.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000008704 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32encutf_32le.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000036352 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32jsonextgenerator.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000126976 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32win32ole.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000087552 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32dl.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000016384 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibruby1.9.1i386-mingw32fiddle.so 2018-04-29 05:27 - 2018-04-29 05:27 - 000127316 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmpbinlibffi-6.dll 2018-04-29 05:27 - 2018-04-29 05:29 - 000026624 _____ () C:UsersGinaAppDataLocalTempocrBBAE.tmplibrubygems1.9.1gemswin32-api-1.5.0-universal-mingw32libwin32ruby19win32api.so 2015-09-12 04:01 - 2015-09-12 04:01 - 001243936 ____N () C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSACE.dll 2016-10-19 21:12 - 2016-10-19 21:12 - 000939520 _____ () C:Program Filespia_managerpia_tray_binnw-winffmpeg.dll 2016-10-19 21:12 - 2016-10-19 21:12 - 003115520 _____ () C:Program Filespia_managerpia_tray_binnw-winnode.dll Alternate Data Streams (Whitelisted) (If an entry is included in the fixlist, only the ADS will be removed.) Safe Mode (Whitelisted) (If an entry is included in the fixlist, it will be removed from the registry. The 'AlternateShell' will be restored.) HKLMSYSTEMCurrentControlSetControlSafeBootMinimal59680352.sys => '='Driver' HKLMSYSTEMCurrentControlSetControlSafeBootMinimalmbamchameleon => '='Driver' HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => '='Service' HKLMSYSTEMCurrentControlSetControlSafeBootNetwork59680352.sys => '='Driver' HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmbamchameleon => '='Driver' HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => '='Service' Association (Whitelisted) (If an entry is included in the fixlist, the registry item will be restored to default or removed.) Internet Explorer trusted/restricted (If an entry is included in the fixlist, it will be removed from the registry.) Hosts content: (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 07:47 - 2016-07-16 07:45 - 000000824 _____ C:WINDOWSsystem32Driversetchosts Other Areas (Currently there is no automatic fix for this section.) HKUS-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751391Control PanelDesktopWallpaper -> C:WindowsWebWallpaperWindowsimg0.jpg HKUS-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751415Control PanelDesktopWallpaper -> C:WindowsWebWallpaperWindowsimg0.jpg HKUS-1-5-21-3136049691-254176528-2049032503-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751448Control PanelDesktopWallpaper -> C:WindowsWebWallpaperWindowsimg0.jpg HKUS-1-5-21-3136049691-254176528-2049032503-1002Control PanelDesktopWallpaper -> C:UsersGinaPicturesKanna.png HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506Control PanelDesktopWallpaper -> C:UsersGinaPicturesKanna.png DNS Servers: 192.168.1.1 HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. MSCONFIG/TASK MANAGER disabled items HKLM..StartupApprovedStartupFolder: => 'Killer Network Manager.lnk' HKLM..StartupApprovedRun: => 'iTunesHelper' HKLM..StartupApprovedRun: => 'MS7966' HKLM..StartupApprovedRun: => 'Launch LCore' HKLM..StartupApprovedRun32: => 'LogMeIn Hamachi Ui' HKLM..StartupApprovedRun32: => 'SunJavaUpdateSched' HKUS-1-5-21-3136049691-254176528-2049032503-1002..StartupApprovedRun: => 'DAEMON Tools Lite Automount' HKUS-1-5-21-3136049691-254176528-2049032503-1002..StartupApprovedRun: => 'iCloudPhotos' HKUS-1-5-21-3136049691-254176528-2049032503-1002..StartupApprovedRun: => 'iCloudDrive' HKUS-1-5-21-3136049691-254176528-2049032503-1002..StartupApprovedRun: => 'iCloudServices' HKUS-1-5-21-3136049691-254176528-2049032503-1002..StartupApprovedRun: => 'MyComGames' HKUS-1-5-21-3136049691-254176528-2049032503-1002..StartupApprovedRun: => 'SandboxieControl' HKUS-1-5-21-3136049691-254176528-2049032503-1002..StartupApprovedRun: => 'Skype' HKUS-1-5-21-3136049691-254176528-2049032503-1002..StartupApprovedRun: => 'GalaxyClient' HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..StartupApprovedRun: => 'DAEMON Tools Lite Automount' HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..StartupApprovedRun: => 'iCloudPhotos' HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..StartupApprovedRun: => 'iCloudDrive' HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..StartupApprovedRun: => 'iCloudServices' HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..StartupApprovedRun: => 'MyComGames' HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..StartupApprovedRun: => 'SandboxieControl' HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..StartupApprovedRun: => 'Skype' HKUS-1-5-21-3136049691-254176528-2049032503-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04292018052751506..StartupApprovedRun: => 'GalaxyClient' FirewallRules (Whitelisted) (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{7F03D353-5872-4B9C-8F3B-67AC51F9D2E3}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonFloraWindows_x64flora.exe FirewallRules: [{9C298BA5-DC95-4D70-9E62-255281DD7A29}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonFloraWindows_x64flora.exe FirewallRules: [{A5A77310-DB1B-43DF-828B-6CB805744179}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin32starbound.exe FirewallRules: [{6ED73324-04F6-4875-996D-BC62C0CFE316}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin32starbound.exe FirewallRules: [{45995BEA-C993-401E-B69E-9E50BC2F8395}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin64mod_uploader.exe FirewallRules: [{FAEF5505-9CBD-4CE7-B14E-5CC9D058C343}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin64mod_uploader.exe FirewallRules: [{C0BD3D77-4067-4051-A3AB-7809EAE6239A}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin64starbound_server.exe FirewallRules: [{EAAFFFFB-9FEB-45EB-B6FA-917F12F024E8}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin64starbound_server.exe FirewallRules: [{18CE25B1-08FF-44B5-976E-AC993036536E}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin64starbound.exe FirewallRules: [{0068A2C1-C0BB-469A-81C8-270745C83CBC}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin64starbound.exe FirewallRules: [{24D7033C-887B-4735-B501-1A5E94EC3F7C}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonVRChatVRChat.exe FirewallRules: [{3D481B32-EE95-432E-AC31-1746A399C6A9}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonVRChatVRChat.exe FirewallRules: [{BF7E6505-5DD4-41CA-8B89-9423BC918828}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonUndertaleUNDERTALE.exe FirewallRules: [{686EB41B-F59E-4CFE-A8D9-4AC6BC0564AE}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonUndertaleUNDERTALE.exe FirewallRules: [{E54D6A7C-E55F-4AD4-BA7D-9EF86FA274D7}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonYlandsYlands.exe FirewallRules: [{9E30E921-251B-4A10-97FA-9D750CA67085}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonYlandsYlands.exe FirewallRules: [{40CFFC02-4087-4542-8879-BA7103532CF4}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSurvive the NightsSurviveTheNights_Win.exe FirewallRules: [{13844E39-1011-4547-BB30-739D236F1903}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSurvive the NightsSurviveTheNights_Win.exe FirewallRules: [{B3D759F6-7C9B-4547-9B7E-71E20AA46A7F}] => (Block) D:cprogram files (x86)steamsteamappscommonarma 3arma3_x64.exe FirewallRules: [{FA4F455E-DF3A-45F7-BF61-AB008746316D}] => (Block) D:cprogram files (x86)steamsteamappscommonarma 3arma3_x64.exe FirewallRules: [UDP Query User{C5FE7C25-C491-4293-9E3B-D8EAE07BEAD5}D:cprogram files (x86)steamsteamappscommonarma 3arma3_x64.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonarma 3arma3_x64.exe FirewallRules: [TCP Query User{F8C2666F-D755-4859-A72C-3A9D2A8790C6}D:cprogram files (x86)steamsteamappscommonarma 3arma3_x64.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonarma 3arma3_x64.exe FirewallRules: [{DF3D16C4-2BC5-4431-9AD7-AE0F8FB77A2A}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonArma 3arma3launcher.exe FirewallRules: [{798B9F66-06B1-45DF-AAF6-C3A6C23907FF}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonArma 3arma3launcher.exe FirewallRules: [{B4998561-FB80-4B51-B61C-7505F49827DE}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonEpistoryEpistory.exe FirewallRules: [{3577E300-523A-4B1F-94F2-E6C02C95F81D}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonEpistoryEpistory.exe FirewallRules: [{7C52EE04-EFA2-4267-A530-8D0DF2F3E3FF}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSoda Dungeondungeon.exe FirewallRules: [{0A864AF8-7CF5-44E3-A166-8785BD80D207}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSoda Dungeondungeon.exe FirewallRules: [{9CAB4745-D7A0-439B-AF0D-A91E259FF5C8}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonVictor VranVictorVranSteam.exe FirewallRules: [{9075A7AA-C89C-422C-9060-C6BEE5319A2D}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonVictor VranVictorVranSteam.exe FirewallRules: [{7A4286F6-95AC-456D-B16E-D5C9124E21A9}] => (Block) D:cprogram files (x86)diablo iiix64diablo iii64.exe FirewallRules: [{35DC50D8-4BF0-4604-A00D-8324578972E5}] => (Block) D:cprogram files (x86)diablo iiix64diablo iii64.exe FirewallRules: [UDP Query User{BC2EC3D6-824D-4B20-974F-12B7834D55CA}D:cprogram files (x86)diablo iiix64diablo iii64.exe] => (Allow) D:cprogram files (x86)diablo iiix64diablo iii64.exe FirewallRules: [TCP Query User{C7880906-34CF-41DA-8C2A-3DD3E7AD78D0}D:cprogram files (x86)diablo iiix64diablo iii64.exe] => (Allow) D:cprogram files (x86)diablo iiix64diablo iii64.exe FirewallRules: [{E43E60C5-C322-439B-8E57-70A3928A5494}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonNecropolisNecropolis.exe FirewallRules: [{DFA71537-B26F-45AF-9608-76473E27BDAA}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonNecropolisNecropolis.exe FirewallRules: [{5DE4E405-9CFD-4843-8793-3B5DA2938252}] => (Allow) D:CProgram Files (x86)BsgLauncherBsgLauncher.exe FirewallRules: [{CC197D39-051A-40B7-9138-60622256C609}] => (Allow) D:CProgram Files (x86)BsgLauncherBsgLauncher.exe FirewallRules: [{4800BE34-DE5F-4B1E-9FC2-FA9302266B11}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDARK SOULS IIIGameDarkSoulsIII.exe FirewallRules: [{190336E7-70DB-410E-9DE6-BE964F3299A3}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDARK SOULS IIIGameDarkSoulsIII.exe FirewallRules: [{0F8E4D81-E053-4567-ABFF-F0A3346E2788}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonGuns of Icarus OnlineworkshopWorkshop.exe FirewallRules: [{80F9C724-61C1-4E3D-8BBD-406B22FE33DA}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonGuns of Icarus OnlineworkshopWorkshop.exe FirewallRules: [{35BD641D-B556-4FC4-B9AA-EAA73CFB9957}] => (Allow) C:Program FilesReflector 2Reflector2.exe FirewallRules: [{39B18321-FDD2-4116-BB52-79264AF8E9E3}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDead Cellsdeadcells_gl.exe FirewallRules: [{0C6306F1-4313-45F3-B97F-9CC3732463F7}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDead Cellsdeadcells_gl.exe FirewallRules: [{316CCDDB-725D-4B83-A9D0-C003E656F0BF}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSakura Swim ClubSakura Swim Club.exe FirewallRules: [{B428A003-2CF2-4C5A-B76B-78A7703150A3}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSakura Swim ClubSakura Swim Club.exe FirewallRules: [{91E2A18D-8A8D-4C64-816E-68EBF50817B5}] => (Allow) C:Program Files (x86)SplitmediaLabsXSplit GamecasterXSplit.cam.exe FirewallRules: [{49232475-B9B7-4FBC-A3B3-3A2A67FB39D4}] => (Allow) C:Program Files (x86)SplitmediaLabsXSplit GamecasterXSplit.cam.exe FirewallRules: [{19E225AC-8A79-4F8C-BA6F-FA54A812441E}] => (Allow) C:Program Files (x86)SplitmediaLabsXSplit GamecasterXSplit.Gamecaster.exe FirewallRules: [{D35EC994-B29B-4814-A3E2-10BBE250D994}] => (Allow) C:Program Files (x86)SplitmediaLabsXSplit GamecasterXSplit.Gamecaster.exe FirewallRules: [UDP Query User{D76A50BB-DA4E-4C1E-9964-6C4D94901ADF}C:program files (x86)lonelyscreenlonelyscreen.exe] => (Allow) C:program files (x86)lonelyscreenlonelyscreen.exe FirewallRules: [TCP Query User{EFDC12F4-B697-4D07-8F13-02BF981DD37A}C:program files (x86)lonelyscreenlonelyscreen.exe] => (Allow) C:program files (x86)lonelyscreenlonelyscreen.exe FirewallRules: [{A0B18AB9-CB8A-4222-BE76-064AC71454A8}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDisco DodgeballDisco Dodgeball.exe FirewallRules: [{43466FB1-02AB-4EF7-ACCB-D88D890BEA04}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDisco DodgeballDisco Dodgeball.exe FirewallRules: [{28E4652B-6ED7-4AF8-BF51-423517AF361F}] => (Allow) D:CProgram Files (x86)LMIGuardianSvc.exe FirewallRules: [{D5E800CE-A223-4617-A56B-FA432C8A7219}] => (Allow) D:CProgram Files (x86)hamachi-2-ui.exe FirewallRules: [{60782E81-5405-49CD-B096-A544E5BDF72B}] => (Allow) D:CProgram Files (x86)hamachi-2-ui.exe FirewallRules: [{BA555CCA-76A1-455D-88BE-31C820F1DDCB}] => (Allow) D:CProgram Files (x86)hamachi-2-ui.exe FirewallRules: [{AC493AEC-4F32-492E-84EB-6206729064B1}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonShop Heroesshopheroes.exe FirewallRules: [{99E95581-477C-402B-86B1-37C6BB9DCA01}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonShop Heroesshopheroes.exe FirewallRules: [{8B144917-25A4-48C4-A68F-7EA144BC52F7}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonGuns of Icarus OnlineworkshopWorkshop.exe FirewallRules: [{3637F8E6-7E9D-4A90-96ED-A278D9060F0F}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonGuns of Icarus OnlineworkshopWorkshop.exe FirewallRules: [UDP Query User{BE1ED5F9-7E25-4BC2-9F9B-C0FDB27AF43C}C:program filessentinelsentinel.exe] => (Allow) C:program filessentinelsentinel.exe FirewallRules: [TCP Query User{C7295DAA-E90E-4950-8077-AB041A2A1ECB}C:program filessentinelsentinel.exe] => (Allow) C:program filessentinelsentinel.exe FirewallRules: [{2F5EAB4C-02A5-4E59-93EC-98CA7ED73A61}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe FirewallRules: [{B1055276-1CBB-41A3-86F7-6EFAC57440EA}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe FirewallRules: [UDP Query User{CE8A0AFB-040A-4C97-A4FB-6B199D816EA6}D:cprogram files (x86)the long darktld.exe] => (Allow) D:cprogram files (x86)the long darktld.exe FirewallRules: [TCP Query User{B3B02ACE-1A09-4641-97D2-B5601ABB4074}D:cprogram files (x86)the long darktld.exe] => (Allow) D:cprogram files (x86)the long darktld.exe FirewallRules: [{9A16A0B0-86A5-475B-A5A7-CADF807B4345}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonIdleChampionsIdleDragons.exe FirewallRules: [{C8CD8FE9-F836-40C7-A374-F3F736425C9D}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonIdleChampionsIdleDragons.exe FirewallRules: [UDP Query User{2AB76711-25CA-4DF3-BE1A-73EA47B7A8CB}D:cprogram files (x86)steamsteamappscommonpubgtslgamebinarieswin64tslgame.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonpubgtslgamebinarieswin64tslgame.exe FirewallRules: [TCP Query User{E40582FE-EBE9-4F9A-B19C-2B366CC32CB0}D:cprogram files (x86)steamsteamappscommonpubgtslgamebinarieswin64tslgame.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonpubgtslgamebinarieswin64tslgame.exe FirewallRules: [{EF7106FE-04A9-4C55-93D4-FF780D3828B0}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonPUBGTslGameBinariesWin64TslGame_BE.exe FirewallRules: [{19F1E104-9A8C-494D-9A6C-CF6841D7B407}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonPUBGTslGameBinariesWin64TslGame_BE.exe FirewallRules: [{207F5D23-3771-469A-9214-7B1C3A3A3877}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWorldsAdriftworldsadrift.exe FirewallRules: [{7B94F87C-547B-41A2-81BA-58FBF78161B1}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWorldsAdriftworldsadrift.exe FirewallRules: [{E34877B0-E6E4-4255-9378-3D0F437FAE70}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonRustangeloRustangelo.exe FirewallRules: [{4F5F3A1A-9008-4AB9-A9A7-DC1A6C987005}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonRustangeloRustangelo.exe FirewallRules: [{60B795DE-BBF1-4275-85E5-5879D25FEE1B}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonRAID World War II Betaraid_win64_d3d9_release.exe FirewallRules: [{283C6174-3752-4FF8-A55F-4865155B48DE}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonRAID World War II Betaraid_win64_d3d9_release.exe FirewallRules: [UDP Query User{86A4FABA-7915-4BB7-9EB4-63811A829519}D:cprogram files (x86)destiny 2destiny2.exe] => (Allow) D:cprogram files (x86)destiny 2destiny2.exe FirewallRules: [TCP Query User{1F2B3226-F0D9-4420-8860-A7960519C814}D:cprogram files (x86)destiny 2destiny2.exe] => (Allow) D:cprogram files (x86)destiny 2destiny2.exe FirewallRules: [{F2C6EDB1-3F8B-41F8-B3F5-26DC3597B03C}] => (Allow) C:Program Files (x86)SplitmediaLabsXSplit BroadcasterXSplit.cam.exe FirewallRules: [{AB2AD31C-EAB1-4F05-925F-6A06CD993BEE}] => (Allow) C:Program Files (x86)SplitmediaLabsXSplit BroadcasterXSplit.Core.exe FirewallRules: [{9303B93B-D17F-49D2-931D-1F065D898788}] => (Allow) C:Program Files (x86)SplitmediaLabsXSplit BroadcasterXSplit.cam.exe FirewallRules: [{84164CF2-C3FF-43A5-AD15-374D5E896139}] => (Allow) C:Program Files (x86)SplitmediaLabsXSplit BroadcasterXSplit.Core.exe FirewallRules: [{D101A855-AB5C-478F-A113-7EA9821C603E}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonThe Escapists 2TheEscapists2.exe FirewallRules: [{43987B62-3072-45DB-AF9C-7820D2229418}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonThe Escapists 2TheEscapists2.exe FirewallRules: [{F2FD2AF3-F7C8-44E6-A805-460886CE57E4}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe FirewallRules: [{B5F5D4E3-752F-41FA-98DD-B8A088203007}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe FirewallRules: [{355EA5CC-29E2-45B7-97AA-79FAD4751EA4}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDeep Space WaifuDeep Space Waifu.exe FirewallRules: [{B0401DFD-EE12-4DBD-87FA-3A5B52DAE413}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDeep Space WaifuDeep Space Waifu.exe FirewallRules: [{2C1281C2-82EC-4131-B3EA-F71030B335BE}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonProjectZomboidProjectZomboid64.exe FirewallRules: [{7F01BAC3-B8D9-4DFC-8CF2-AB117FEB6330}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonProjectZomboidProjectZomboid64.exe FirewallRules: [{66085C0D-98DB-41EB-BE9D-0950F7408F0C}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonTerrariaTerraria.exe FirewallRules: [{095DB395-7FE9-4145-AE2C-8146D5AAD800}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonTerrariaTerraria.exe FirewallRules: [{BE313774-9CB5-4B7D-A14E-3D790235564A}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonRustRust.exe FirewallRules: [{CC0DA505-2DC5-4B9A-9BB7-4E32232A5326}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonRustRust.exe FirewallRules: [{F9ED5BD6-7C09-49DA-9954-B0ECCDF3B647}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSounds of Her LoveSounds of Her Love.exe FirewallRules: [{CA3F3963-C81F-4C6B-B6C8-EE276C041AE7}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSounds of Her LoveSounds of Her Love.exe FirewallRules: [UDP Query User{C882B39C-465F-4D49-A569-7F95F75636AD}D:cprogram files (x86)steamsteamappscommoncitadelcitadelbinarieswin64citadel-win64-shipping.exe] => (Allow) D:cprogram files (x86)steamsteamappscommoncitadelcitadelbinarieswin64citadel-win64-shipping.exe FirewallRules: [TCP Query User{BBEA8D2E-4A1E-4EE4-8C4D-A69AAA1828E9}D:cprogram files (x86)steamsteamappscommoncitadelcitadelbinarieswin64citadel-win64-shipping.exe] => (Allow) D:cprogram files (x86)steamsteamappscommoncitadelcitadelbinarieswin64citadel-win64-shipping.exe FirewallRules: [{BBFA018C-5C70-4B4A-8E79-9C9CA53D5FA2}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonCitadelCitadel.exe FirewallRules: [{2E59D2EE-0771-4A75-9433-76EFE48FA9E7}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonCitadelCitadel.exe FirewallRules: [UDP Query User{8D369363-5B73-46CF-B9CB-9699C93D1945}D:mygamesrevelation onlinegametianyu.exe] => (Allow) D:mygamesrevelation onlinegametianyu.exe FirewallRules: [TCP Query User{A9B0BCA1-EEF7-45DD-B323-18FC3E336F29}D:mygamesrevelation onlinegametianyu.exe] => (Allow) D:mygamesrevelation onlinegametianyu.exe FirewallRules: [{74947438-B766-4B36-B44F-BEA00055F7DB}] => (Allow) C:Program Files (x86)ApowersoftVideo Converter StudioVideo Converter Studio.exe FirewallRules: [{9C8E6008-F265-4C58-A0F5-52C47021C92F}] => (Allow) C:Program Files (x86)ApowersoftVideo Converter StudioVideo Converter Studio.exe FirewallRules: [{121BB63F-CECD-481D-A4AF-0121DB7538DD}] => (Block) C:usersginaappdatalocalmycomgamesmycomgames.exe FirewallRules: [{B3C81D21-E9DF-49D3-8386-3D79AF1D08E8}] => (Block) C:usersginaappdatalocalmycomgamesmycomgames.exe FirewallRules: [UDP Query User{2121AEE4-6F40-4BA0-8BE6-EC9C90B4776B}C:usersginaappdatalocalmycomgamesmycomgames.exe] => (Allow) C:usersginaappdatalocalmycomgamesmycomgames.exe FirewallRules: [TCP Query User{69EDE88A-DDC4-4FDB-8CA7-FCE898D7C1B8}C:usersginaappdatalocalmycomgamesmycomgames.exe] => (Allow) C:usersginaappdatalocalmycomgamesmycomgames.exe FirewallRules: [{3F433B78-0C3C-4FBB-8F83-97C79F55A4A0}] => (Allow) D:Desktopeft_launcher.exe FirewallRules: [{A0E938D1-743C-4F1D-BE6A-08FCF2E38502}] => (Allow) D:Desktopeft_launcher.exe FirewallRules: [{9F459E05-3CA1-4F0F-856D-8EF16DA9D60D}] => (Allow) D:Desktopeft_launcher.exe FirewallRules: [{E6C75231-6304-4346-9C88-ABE2988AAC9E}] => (Allow) D:Desktopeft_launcher.exe FirewallRules: [{CAB82F8E-FD7C-4866-B3F2-DACEBF99FF73}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarframeToolsRemoteCrashSender.exe FirewallRules: [{FC558CB5-5795-4DDF-B156-DBD8718F056B}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarframeToolsLauncher.exe FirewallRules: [{90CA0B60-26F6-4489-8E7B-356181FD93ED}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe FirewallRules: [{D880B421-DE7F-4D92-BAA3-365C0976D078}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarframeWarframe.exe FirewallRules: [{87DD2F5E-9A9B-4A9B-A583-B4927577355A}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe FirewallRules: [{BA19B7DD-CD85-482A-A539-1EADD7664F5F}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarframeWarframe.exe FirewallRules: [{B5A103FD-A070-493C-A1FA-912B385246BD}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarframeToolsRemoteCrashSender.exe FirewallRules: [{25DB326F-1969-45B6-8BA7-7740F2C173D3}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarframeToolsLauncher.exe FirewallRules: [{B708580C-C8FD-4414-8CA2-0F2BCDBE44BA}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe FirewallRules: [{D0E916E0-2FB5-4BFB-9FA0-0E6F3ADC5211}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarframeWarframe.exe FirewallRules: [{0E0DA8CE-1062-4945-A7CB-43C40BC0E488}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe FirewallRules: [{CE0E335D-DB54-4641-9272-78C66C5F86EF}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarframeWarframe.exe FirewallRules: [{0E41857B-05F2-4153-B7F0-A1EDE3750247}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonHollow Knighthollow_knight.exe FirewallRules: [{D199C496-5596-4984-BAD2-E3F1DEB9C81F}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonHollow Knighthollow_knight.exe FirewallRules: [{740B4C0F-5FFF-497D-AD2B-07B9E5D5800A}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonRogue LegacyRogueLegacy.exe FirewallRules: [{0DC69FE1-63A4-4A13-AC3A-3C5DA408F027}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonRogue LegacyRogueLegacy.exe FirewallRules: [{25EA2FEA-AA90-4760-BB27-AB9803E486A7}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDead Cellsdeadcells.exe FirewallRules: [{08409816-757B-4309-A89A-787A28BFB527}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDead Cellsdeadcells.exe FirewallRules: [{AEAC6072-4A14-407A-A3E7-6FD151D9619D}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDark Souls Prepare to Die EditionDATADARKSOULS.exe FirewallRules: [{0C06D809-896C-4B8B-8E51-0B611DE84692}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDark Souls Prepare to Die EditionDATADARKSOULS.exe FirewallRules: [{ED912557-E852-41F3-8F25-BFF647D4B576}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDark Souls II Scholar of the First SinGameDarkSoulsII.exe FirewallRules: [{294C1624-36E4-449D-A006-FD5321E28226}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDark Souls II Scholar of the First SinGameDarkSoulsII.exe FirewallRules: [{C124FB46-21FA-4E6C-9FD0-5ACECE7DB44F}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonColony Survivalcolonyserver.exe FirewallRules: [{B9937146-AED5-401B-B9FB-CE04FFFB43CB}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonColony Survivalcolonyserver.exe FirewallRules: [{D113C0ED-DF78-4371-8A00-D192E23EC037}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonColony Survivalcolonyclient.exe FirewallRules: [{73251C56-BBE1-4DE4-BA46-B9199F89F17A}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonColony Survivalcolonyclient.exe FirewallRules: [UDP Query User{743E8659-C89C-4CC1-8971-A81433A1DAEE}D:cprogram files (x86)arcarcchat.exe] => (Allow) D:cprogram files (x86)arcarcchat.exe FirewallRules: [TCP Query User{3F556E0C-1DD7-42EA-A6C8-A6EE786DD95B}D:cprogram files (x86)arcarcchat.exe] => (Allow) D:cprogram files (x86)arcarcchat.exe FirewallRules: [UDP Query User{DE548A91-001F-4B36-A591-C1154C0DD4ED}D:cprogram files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe] => (Allow) D:cprogram files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe FirewallRules: [TCP Query User{04097805-041D-4C80-9ABB-DF8FD7A06C56}D:cprogram files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe] => (Allow) D:cprogram files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe FirewallRules: [UDP Query User{26D422A9-2BF9-41BC-B0FE-D6C76C6D5C68}D:cprogram files (x86)epic gameslauncherportalbinarieswin32epicgameslauncher.exe] => (Allow) D:cprogram files (x86)epic gameslauncherportalbinarieswin32epicgameslauncher.exe FirewallRules: [TCP Query User{60A468D3-B691-4924-A5D0-5DD34CFC7E54}D:cprogram files (x86)epic gameslauncherportalbinarieswin32epicgameslauncher.exe] => (Allow) D:cprogram files (x86)epic gameslauncherportalbinarieswin32epicgameslauncher.exe FirewallRules: [{DB6D6B40-BCA3-4658-8052-121F73B81333}] => (Allow) D:CProgram Files (x86)Steamsteamappscommonwallpaper_enginelauncher.exe FirewallRules: [{0A0FA414-0690-4697-9977-9D90B6953059}] => (Allow) D:CProgram Files (x86)Steamsteamappscommonwallpaper_enginelauncher.exe FirewallRules: [{BD18CCA0-CDF3-4B80-A3BB-3D4B3D20C0D2}] => (Allow) D:CProgram Files (x86)Malwarebytes Anti-Malwarembam.exe FirewallRules: [{B7563522-BCBA-4144-B065-986C019ED2B0}] => (Allow) D:CProgram Files (x86)Malwarebytes Anti-Malwarembam.exe FirewallRules: [{60179DC0-606F-4BBB-B4B0-CF146DEC9406}] => (Allow) D:CProgram Files (x86)Malwarebytes Anti-Malwarembam.exe FirewallRules: [{CF29E0AA-1082-414B-B428-5FE2DC803BB9}] => (Allow) D:CProgram Files (x86)Malwarebytes Anti-Malwarembam.exe FirewallRules: [{DBC28C02-E197-492B-B519-5E0B6DC327F8}] => (Allow) C:Program FilesMalwarebytesAnti-Malwarembam.exe FirewallRules: [{2C15DA50-15DA-442E-A8F3-3A7368E720E3}] => (Allow) C:Program FilesMalwarebytesAnti-Malwarembam.exe FirewallRules: [{D26FBDDF-F4C4-4202-9DAF-8214FDD44F7E}] => (Allow) C:Program FilesMalwarebytesAnti-Malwarembam.exe FirewallRules: [{5596C3F4-5148-4B60-91E6-928C30B3590A}] => (Allow) C:Program FilesMalwarebytesAnti-Malwarembam.exe FirewallRules: [{D11A071F-9589-45B8-AF38-4E8346A9B280}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonThe EscapistsTheEscapists.exe FirewallRules: [{5820CD6D-F2C1-4A5E-A39F-8A620A6E4307}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonThe EscapistsTheEscapists.exe FirewallRules: [UDP Query User{9A4E1CCB-54CE-4AD9-AAED-4CA4AB59EDB3}D:cprogram files (x86)nekoparanekopara_vol3nekoparavol3.exe] => (Block) D:cprogram files (x86)nekoparanekopara_vol3nekoparavol3.exe FirewallRules: [TCP Query User{35FA3DBA-3DE4-4E93-8731-B639F2C2F481}D:cprogram files (x86)nekoparanekopara_vol3nekoparavol3.exe] => (Block) D:cprogram files (x86)nekoparanekopara_vol3nekoparavol3.exe FirewallRules: [{48D9EB6B-9345-482B-9DEC-E11856F99DD8}] => (Block) D:cprogram files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe FirewallRules: [{89790F2C-BF7D-4406-BF31-7ABF72DE5825}] => (Block) D:cprogram files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe FirewallRules: [UDP Query User{80E8E3E8-D2D8-4BC2-8D15-FD114303AAFF}D:cprogram files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe] => (Allow) D:cprogram files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe FirewallRules: [TCP Query User{4F5C4F6F-C588-4B38-AEE8-CBB859556ABC}D:cprogram files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe] => (Allow) D:cprogram files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe FirewallRules: [{848D8DE2-A7B8-4FAE-B2D4-CEE4DEB634C7}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWorldsAdriftUnityClient@Windows.exe FirewallRules: [{CEB4CA10-84EE-4071-AA62-66AB3AABFE75}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWorldsAdriftUnityClient@Windows.exe FirewallRules: [{BB52CE40-C467-4352-A1D8-7F5D051B77B1}] => (Allow) D:CProgram Files (x86)SteamsteamappscommontheHunterlauncherlauncher.exe FirewallRules: [{DA18BB42-644B-458B-854F-0CF19A82DAF3}] => (Allow) D:CProgram Files (x86)SteamsteamappscommontheHunterlauncherlauncher.exe FirewallRules: [{B7BFA463-9DC2-4644-86DF-06B1623D677C}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonFor The KingFTK.exe FirewallRules: [{715301CE-9726-4782-9268-B56244B52894}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonFor The KingFTK.exe FirewallRules: [{7EA9F065-D9B4-4F0C-BED7-C6A48323B300}] => (Allow) C:Program FilesVuzeAzureus.exe FirewallRules: [{7EECCF72-0274-4F63-81C3-B386B9604685}] => (Allow) C:Program FilesVuzeAzureus.exe FirewallRules: [{07105D4E-D455-4319-A791-BD30CB257F0F}] => (Allow) C:UsersGinaAppDataRoaminguTorrentuTorrent.exe FirewallRules: [{AAE31090-94FA-4CA2-8675-4FF85477D3A1}] => (Allow) C:UsersGinaAppDataRoaminguTorrentuTorrent.exe FirewallRules: [{8A3BE686-BAA0-4874-9539-C50FA15ED2B4}] => (Allow) C:UsersGinaAppDataRoaminguTorrentuTorrent.exe FirewallRules: [{51498389-83FB-40CD-B2F2-E6EA461008DD}] => (Allow) C:UsersGinaAppDataRoaminguTorrentuTorrent.exe FirewallRules: [{ACB1E5B0-29ED-4036-92E1-F3C0C0A82C1B}] => (Allow) C:UsersGinaAppDataRoaminguTorrentuTorrent.exe FirewallRules: [{E3CD7EC2-BE32-422C-A489-2CFEDB5EC949}] => (Allow) C:UsersGinaAppDataRoaminguTorrentuTorrent.exe FirewallRules: [UDP Query User{374C788E-B04F-4D91-B5C6-089B6453D52D}D:cprogram files (x86)steamsteamappscommondayzdayz.exe] => (Allow) D:cprogram files (x86)steamsteamappscommondayzdayz.exe FirewallRules: [TCP Query User{1C64541A-C362-455A-B8E8-1D7694D131E8}D:cprogram files (x86)steamsteamappscommondayzdayz.exe] => (Allow) D:cprogram files (x86)steamsteamappscommondayzdayz.exe FirewallRules: [{20A76855-F98E-4304-A960-1984AE7070C3}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWorlds Adrift AlphaUnityClient@Windows.exe FirewallRules: [{A20BDE59-98E4-4E2E-9A08-B46D77EB9E89}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWorlds Adrift AlphaUnityClient@Windows.exe FirewallRules: [{A82AD927-3D54-4F52-B8B5-5E11F2125D28}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDepthBETABinariesWin32DepthGame.exe FirewallRules: [{7EBB8668-9E37-4FFE-98A7-2E726B033CDA}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDepthBETABinariesWin32DepthGame.exe FirewallRules: [{057FFB65-E536-405F-9888-560E1599CFE7}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDepthBinariesWin32DepthGame.exe FirewallRules: [{8FACD598-B85C-469C-A053-C2DCC03366FC}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDepthBinariesWin32DepthGame.exe FirewallRules: [UDP Query User{2D5A0CD5-EAEE-4CFA-A73B-3F6EF3AE86B1}D:cprogram files (x86)steamsteamappscommondepthbinarieswin64depthgame.exe] => (Allow) D:cprogram files (x86)steamsteamappscommondepthbinarieswin64depthgame.exe FirewallRules: [TCP Query User{B3794911-13EF-4F11-AAA3-22002E3CD8FE}D:cprogram files (x86)steamsteamappscommondepthbinarieswin64depthgame.exe] => (Allow) D:cprogram files (x86)steamsteamappscommondepthbinarieswin64depthgame.exe FirewallRules: [{5F01490D-D1B2-4521-B42F-03DB8EE64ADA}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonAura Kingdomgame.bin FirewallRules: [{CBE9A813-0822-4698-AA4E-BAC2487308D4}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonAura Kingdomgame.bin FirewallRules: [{E0C45EA6-0F22-4137-A2C1-8C69E3553247}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe FirewallRules: [{127E545B-48E8-48D2-B3D6-4274FC05EECD}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe FirewallRules: [{651C062F-2F60-4188-A561-9D5A61244A5B}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamUserAgent.exe FirewallRules: [{410FBAAD-238B-4A7E-9E02-4411AD8E63D1}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe FirewallRules: [{673E7DD8-ADC7-43C0-AAF6-2A520BA67A84}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe FirewallRules: [{A1B4FDEA-DAD3-4066-8947-2BAB1FD25F7C}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStreets of RogueStreetsOfRogue.exe FirewallRules: [{E01B7C92-8A62-438C-B9E9-7C5BF952EDB5}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStreets of RogueStreetsOfRogue.exe FirewallRules: [UDP Query User{67AB1609-9430-491F-A18A-21534978D1D0}D:cprogram files (x86)steamsteamappscommonthehuntergamethehunter.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonthehuntergamethehunter.exe FirewallRules: [TCP Query User{67BFDAEC-DE06-4E25-BF69-2880F3086063}D:cprogram files (x86)steamsteamappscommonthehuntergamethehunter.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonthehuntergamethehunter.exe FirewallRules: [{516D5D95-6778-4B28-ABFC-E7C4A59C4247}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonBlackwakeBlackwake.exe FirewallRules: [{CEAA9A53-D815-4791-ABCC-46D4A818F768}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonBlackwakeBlackwake.exe FirewallRules: [{7560BC1B-C9D8-441C-9456-78A9E806AE8C}] => (Allow) LPort=1900 FirewallRules: [{07239F12-97A5-48DF-898D-1214FCDDD6C5}] => (Allow) LPort=2869 FirewallRules: [{05B2F0C1-EB0E-452A-9A0C-35C8D0C379F4}] => (Allow) C:Program Files (x86)Windows LiveContactswlcomm.exe FirewallRules: [{20D70C48-EC42-4045-AAE8-1337B7DCE1CE}] => (Allow) D:CProgram Files (x86)Streaming Audio RecorderApowersoftVideoHelper.dll FirewallRules: [{D82C36FC-80C8-4C8A-BB00-A97669F3D829}] => (Allow) D:CProgram Files (x86)Streaming Audio RecorderApowersoftVideoHelper.dll FirewallRules: [{9173CCF4-7595-4B9D-BA42-73CCF13B4A84}] => (Allow) D:CProgram Files (x86)Streaming Audio RecorderStreaming Audio Recorder.exe FirewallRules: [{305034B9-731D-4CBC-8C1E-CF86EFAFBBA7}] => (Allow) D:CProgram Files (x86)Streaming Audio RecorderStreaming Audio Recorder.exe FirewallRules: [UDP Query User{4D6450CB-F045-463D-9D72-106DF13F1975}D:desktopcain.exe] => (Allow) D:desktopcain.exe FirewallRules: [TCP Query User{C8F75B30-D89B-4CE7-B627-3CC828CFEBDB}D:desktopcain.exe] => (Allow) D:desktopcain.exe FirewallRules: [UDP Query User{BBC595EE-12F0-41FB-8A9D-590E5B33A6F6}C:usersginadocumentssinusteamspeak 3 clientsinusbot.exe] => (Allow) C:usersginadocumentssinusteamspeak 3 clientsinusbot.exe FirewallRules: [TCP Query User{AB5C2557-D64F-4249-84F5-2DE5D6909C6D}C:usersginadocumentssinusteamspeak 3 clientsinusbot.exe] => (Allow) C:usersginadocumentssinusteamspeak 3 clientsinusbot.exe FirewallRules: [UDP Query User{09E7099B-F98B-4AD0-961B-AF1EC9209C5D}C:program fileslogitech gaming softwarelcore.exe] => (Allow) C:program fileslogitech gaming softwarelcore.exe FirewallRules: [TCP Query User{C6DE3A6A-8175-4452-BC08-C551157D8E5E}C:program fileslogitech gaming softwarelcore.exe] => (Allow) C:program fileslogitech gaming softwarelcore.exe FirewallRules: [{1076AAB1-9969-498F-A609-20EAEA18C71A}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonConan ExilesConanSandboxBinariesWin64ConanSandbox.exe FirewallRules: [{B59B7D36-0CD5-4DD9-8DF5-7827B2FD4AA6}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonConan ExilesConanSandboxBinariesWin64ConanSandbox.exe FirewallRules: [{2B84CC66-AF29-4D75-A160-119F78C7D2D4}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonConan ExilesConanSandboxBinariesWin64ConanSandbox_BE.exe FirewallRules: [{F4AF00DE-9C4E-4398-9058-E5003671FB3C}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonConan ExilesConanSandboxBinariesWin64ConanSandbox_BE.exe FirewallRules: [{CA196AA4-8A30-4CF4-9372-1F3829F9BB0D}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonUnturnedUnturned.exe FirewallRules: [{FD17950F-7213-45D0-9A11-D6178264F4CE}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonUnturnedUnturned.exe FirewallRules: [{FBCD70AC-8CB9-483A-B359-989D18AA205A}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonFeel The SnowFeelTheSnow.exe FirewallRules: [{C1CACF78-37BC-4175-AF4B-D43553ABD2E2}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonFeel The SnowFeelTheSnow.exe FirewallRules: [{7D80291A-3F92-406F-94CB-AE783ECFF74B}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonMiscreatedEasyAntiCheatEasyAntiCheat_x64.dll FirewallRules: [{0A001EA3-6A1D-4836-98EA-3FD2937C3DE7}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonMiscreatedEasyAntiCheatEasyAntiCheat_x64.dll FirewallRules: [{D3297F1B-7004-47A1-9A57-416F4E16E5DE}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonMiscreatedBin64Miscreated.exe FirewallRules: [{337E0514-55DC-46DD-BCC1-12ED57EB3C55}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonMiscreatedBin64Miscreated.exe FirewallRules: [{B5571896-DA9F-451D-B298-F230FFF9AF6F}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonMiscreatedMiscreated.exe FirewallRules: [{34AE297A-EFF3-4F01-B2D0-B9AEFD9C1978}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonMiscreatedMiscreated.exe FirewallRules: [UDP Query User{4D5C1A07-85D5-4E2D-81A3-4EAF980B5795}C:program files (x86)overwatchoverwatch.exe] => (Allow) C:program files (x86)overwatchoverwatch.exe FirewallRules: [TCP Query User{E7FB634D-E46C-4979-8E93-A158B816F287}C:program files (x86)overwatchoverwatch.exe] => (Allow) C:program files (x86)overwatchoverwatch.exe FirewallRules: [UDP Query User{CAEC779E-0485-4068-9388-6E5700AB2B8A}D:cprogram files (x86)steamsteamappscommonastroneer early accessastrobinarieswin64astro-win64-shipping.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonastroneer early accessastrobinarieswin64astro-win64-shipping.exe FirewallRules: [TCP Query User{11F3F703-9328-4FCA-9ED3-D22D858E4DE2}D:cprogram files (x86)steamsteamappscommonastroneer early accessastrobinarieswin64astro-win64-shipping.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonastroneer early accessastrobinarieswin64astro-win64-shipping.exe FirewallRules: [{15CE0D2C-938A-4712-AE70-D05781F30B51}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonASTRONEER Early AccessAstro.exe FirewallRules: [{66CAA324-4192-40BC-8087-12BFB84D475C}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonASTRONEER Early AccessAstro.exe FirewallRules: [UDP Query User{869CE7CC-E29D-4870-905C-272B0772567C}D:cprogram files (x86)steamsteamappscommongrand theft auto vgta5.exe] => (Allow) D:cprogram files (x86)steamsteamappscommongrand theft auto vgta5.exe FirewallRules: [TCP Query User{FA155DCE-7B19-461B-8F03-FABBF4AA195B}D:cprogram files (x86)steamsteamappscommongrand theft auto vgta5.exe] => (Allow) D:cprogram files (x86)steamsteamappscommongrand theft auto vgta5.exe FirewallRules: [{991B29DF-FF69-41DE-9B1F-B9DA183A2996}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonBattleBlock TheaterBattleBlockTheater.exe FirewallRules: [{9FE265FF-7D1D-4F31-AA57-13748159D81C}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonBattleBlock TheaterBattleBlockTheater.exe FirewallRules: [{135B209B-94EF-4EE9-887B-5F16D69C0168}] => (Allow) C:Program FilesEchobitEvolveEvolveClient.exe FirewallRules: [{CB0F82BD-79A8-4FD7-8FF1-6FF329B6FA95}] => (Allow) C:Program FilesEchobitEvolveEvoSvc.exe FirewallRules: [{267821F5-5821-40B9-AA92-34B39993F930}] => (Allow) LPort=11100 FirewallRules: [{834D9CAD-901B-4B9A-A25B-5DDAFF9FF23D}] => (Allow) D:CProgram Files (x86)LMIGuardianSvc.exe FirewallRules: [{2BEC8F2F-FEB5-4972-9D06-988CF08D0CC8}] => (Allow) D:CProgram Files (x86)LMIGuardianSvc.exe FirewallRules: [{48E3C107-53AD-495B-A3A8-9928F7EA2D87}] => (Allow) D:CProgram Files (x86)hamachi-2-ui.exe FirewallRules: [{9BA8F7CF-3F23-47BB-84A4-33A8F4CE9EC8}] => (Allow) D:CProgram Files (x86)hamachi-2-ui.exe FirewallRules: [{917EC75C-8F9D-4D30-A9AB-EBE43DEF78BE}] => (Allow) D:CProgram Files (x86)hamachi-2-ui.exe FirewallRules: [{F16EA011-E6E3-4337-A623-BE5BA3DD46E7}] => (Allow) D:CProgram Files (x86)hamachi-2-ui.exe FirewallRules: [{3F990D77-8643-4D22-AE8D-C530D82AA372}] => (Allow) D:CProgram Files (x86)hamachi-2-ui.exe FirewallRules: [{97FD6482-1FED-4F13-AFF3-4C1068ACC469}] => (Allow) D:CProgram Files (x86)hamachi-2-ui.exe FirewallRules: [{19CB8672-F564-4D8C-80F9-2DC508DF5D3D}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonRisk of RainRisk of Rain.exe FirewallRules: [{D7158FF0-C11C-4991-9608-E1ED5BCE53DD}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonRisk of RainRisk of Rain.exe FirewallRules: [{D993EABC-91ED-4017-868E-21AA6223D647}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonTom Clancy's Rainbow Six SiegeRainbowSixGame.exe FirewallRules: [{C8AD9796-5FC8-431B-B45B-79F29286E457}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonTom Clancy's Rainbow Six SiegeRainbowSixGame.exe FirewallRules: [{01A6ECF3-C44D-40CD-9274-90FCB5D072E5}] => (Allow) C:Program Files (x86)Mumblemumble-g15-helper.exe FirewallRules: [{7937F0C2-5682-4551-B0B2-45FEC4D5BABA}] => (Allow) C:Program Files (x86)Mumblemumble-g15-helper.exe FirewallRules: [{40881FEF-99B0-4C32-B33C-14FB1043752A}] => (Allow) C:Program Files (x86)Mumblemumble-g15-helper.exe FirewallRules: [{F83C472A-CB8E-4D05-8946-BC8CFAF7A399}] => (Allow) C:Program Files (x86)Mumblemumble-g15-helper.exe FirewallRules: [{A49A2677-6516-4CC5-9CC6-8E56FB789F7E}] => (Allow) C:Program Files (x86)Mumblemumble.exe FirewallRules: [{CB0FABDF-90CB-4F16-917B-E76B4248E04E}] => (Allow) C:Program Files (x86)Mumblemumble.exe FirewallRules: [{C454007A-54A9-4F30-BE85-DBE20AC5DB59}] => (Allow) C:Program Files (x86)Mumblemumble.exe FirewallRules: [{24B2168F-F351-4C24-95B1-4A43A8901A30}] => (Allow) C:Program Files (x86)Mumblemumble.exe FirewallRules: [UDP Query User{64696F32-4108-4A3E-BE52-F2D29DB186BD}D:cprogram files (x86)steamsteamappscommonnewzthenewz.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonnewzthenewz.exe FirewallRules: [TCP Query User{7D95004C-7E2B-4C04-93F0-9CFFB06827AA}D:cprogram files (x86)steamsteamappscommonnewzthenewz.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonnewzthenewz.exe FirewallRules: [{A0D80955-60CD-472D-A9FA-9D1CAC0BD1E8}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonBorderlands 2BinariesWin32Borderlands2.exe FirewallRules: [{4F12ED7F-6F21-4451-B2B5-6B8A7A1E9921}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonBorderlands 2BinariesWin32Borderlands2.exe FirewallRules: [{C8DE22B4-4CC4-4224-91D7-669666CDD783}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonBorderlands 2BinariesWin32Launcher.exe FirewallRules: [{CD672CAF-DAE5-4E3B-AAFA-2EDF6205D419}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonBorderlands 2BinariesWin32Launcher.exe FirewallRules: [{80FD377C-F6CA-4DC7-8527-A2570E32563B}] => (Allow) D:CProgram Files (x86)Steamsteamappscommoninsurgency2insurgency.exe FirewallRules: [{D01D6B3F-0B8D-434C-BFD5-9BFA6E4EC72F}] => (Allow) D:CProgram Files (x86)Steamsteamappscommoninsurgency2insurgency.exe FirewallRules: [{2C8D4CAA-9DF5-434F-A5E8-6A9A331DD07B}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonCastleCrasherscastle.exe FirewallRules: [{08C483B0-27FB-481F-8E3C-B068E601A783}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonCastleCrasherscastle.exe FirewallRules: [{4785C56E-D040-49EC-B844-D5549EA5ACED}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonPath of ExilePathOfExile_x64Steam.exe FirewallRules: [{7EC14D24-8C21-429B-A9D2-9E8246F0094A}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonPath of ExilePathOfExile_x64Steam.exe FirewallRules: [{BA05C35E-ED08-4CF3-AD27-84FF9282BF96}] => (Allow) D:CProgram Files (x86)Steambincefcef.win7steamwebhelper.exe FirewallRules: [{278A2C75-344B-456E-B7A3-51549B502B78}] => (Allow) D:CProgram Files (x86)Steambincefcef.win7steamwebhelper.exe FirewallRules: [{381A7231-2991-46AA-B0BC-13CCCBF7D5E7}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonUnturnedUnturned_BE.exe FirewallRules: [{A7D3E33C-FA72-4F99-8195-38F953F7D1B8}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonUnturnedUnturned_BE.exe FirewallRules: [{AD29EA25-1998-48BD-860F-903799193B45}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSlime RancherSlimeRancher.exe FirewallRules: [{6439A3BA-8D29-4DE2-9B31-8C042BC55F13}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSlime RancherSlimeRancher.exe FirewallRules: [{4F5E9E92-6F50-4991-B6C3-B7556D53F4E2}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStardew ValleyStardew Valley.exe FirewallRules: [{4C40F3F0-1F0B-4060-8E64-4FCA947F04D8}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStardew ValleyStardew Valley.exe FirewallRules: [{4D50FEF2-83C8-417B-AC6A-621F35213664}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonPortal Knightsportal_knights_x64.exe FirewallRules: [{53493BD1-7A1C-40AE-9C33-BE1F7C9DE69E}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonPortal Knightsportal_knights_x64.exe FirewallRules: [{89AE3CF1-3BB0-4A55-8AE8-3FD3E67D7D05}] => (Block) C:usersginadocumentssinussinusbot.exe FirewallRules: [{8CED1513-E111-45C5-928F-D2E83D61C6EB}] => (Block) C:usersginadocumentssinussinusbot.exe FirewallRules: [UDP Query User{D07724D9-9EEB-4DFD-B398-95A1CE0505D0}C:usersginadocumentssinussinusbot.exe] => (Allow) C:usersginadocumentssinussinusbot.exe FirewallRules: [TCP Query User{54CA591F-CC92-4BAD-8613-78935922CF6B}C:usersginadocumentssinussinusbot.exe] => (Allow) C:usersginadocumentssinussinusbot.exe FirewallRules: [{A3872B4B-212A-4262-A498-E360A838A89D}] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe FirewallRules: [{0D132B19-5846-4576-85B2-528D227E4CC2}] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe FirewallRules: [{DB3AB05B-EC48-42AB-BBA1-6132A8B870F3}] => (Allow) C:Program FilesBonjourmDNSResponder.exe FirewallRules: [{7E4514A7-5BAD-4253-BC44-2D71AB1DA949}] => (Allow) C:Program FilesBonjourmDNSResponder.exe FirewallRules: [{8F6EC3EB-40DC-4658-9518-ED81BE5105E4}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonTom Clancy's Rainbow Six Siegerainbowsix.exe FirewallRules: [{01C1F724-091C-414A-91E0-FBE02BF5E408}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonTom Clancy's Rainbow Six Siegerainbowsix.exe FirewallRules: [{E1D066CF-10D9-46D8-84DC-7BE26174A24E}] => (Block) D:cprogram files (x86)steamsteamappscommonriders of icarusbin64launcher.exe FirewallRules: [{E4E56B96-DA50-4171-8225-4B7E1A77E126}] => (Block) D:cprogram files (x86)steamsteamappscommonriders of icarusbin64launcher.exe FirewallRules: [UDP Query User{D9F82423-C37B-4206-859A-44FF46AFAF2F}D:cprogram files (x86)steamsteamappscommonriders of icarusbin64launcher.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonriders of icarusbin64launcher.exe FirewallRules: [TCP Query User{24529DAB-FC3F-4243-9550-26182B0AD1BA}D:cprogram files (x86)steamsteamappscommonriders of icarusbin64launcher.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonriders of icarusbin64launcher.exe FirewallRules: [{33A5A1A2-F4EA-4AF2-98EF-5BFFA6B2AB7F}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonARKShooterGameBinariesWin64ShooterGame.exe FirewallRules: [{6B3D8005-258C-4DB9-A4BB-F71492FDA450}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonARKShooterGameBinariesWin64ShooterGame.exe FirewallRules: [{BDCF6132-6809-4808-BDCD-888904CDEFD0}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonARKShooterGameBinariesWin64ShooterGame_BE.exe FirewallRules: [{86757DCF-F4D2-4205-99DF-D23862AD8A0E}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonARKShooterGameBinariesWin64ShooterGame_BE.exe FirewallRules: [{1B1E875E-B5E0-46B8-8DB4-1E18F4DEBEC3}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonShelteredSheltered.exe FirewallRules: [{CA24824C-133F-425F-B5CB-3F74A4D0E1D7}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonShelteredSheltered.exe FirewallRules: [{CCA171BF-C062-45CC-8D99-C9C12B63FC2D}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSubnauticaSubnautica.exe FirewallRules: [{062831D7-55D3-47F2-BB53-E7D6CA6C8D85}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSubnauticaSubnautica.exe FirewallRules: [{685C57B3-4945-4874-90B0-1C3120E4BE6D}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonCreativerseCreativerse.exe FirewallRules: [{87EC8919-49A5-49A8-BAB1-0EB8FE77A876}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonCreativerseCreativerse.exe FirewallRules: [{E331C07D-4133-4F7B-85A6-1DD5960DC1B7}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonHurtworldHurtworldClient.exe FirewallRules: [{17FC8991-0269-435B-B777-90FDA9163F21}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonHurtworldHurtworldClient.exe FirewallRules: [{FCC7CDF7-6184-4566-848E-95CB12AA4A74}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonHurtworldHurtworld.exe FirewallRules: [{4E35994E-F48D-4386-9EEA-93E60A9D1260}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonHurtworldHurtworld.exe FirewallRules: [{ECA8C5CD-7C2C-4D63-9C9B-6229CBD6E726}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonRoguelandsRoguelands.exe FirewallRules: [{073ADCCD-7331-481E-A034-7F301004C036}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonRoguelandsRoguelands.exe FirewallRules: [{A8696A97-00B2-4716-9F2C-0E352351B534}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonThe ForestTheForest.exe FirewallRules: [{2441D3F2-51A0-4355-8962-A9F467624CD4}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonThe ForestTheForest.exe FirewallRules: [{FFCF4342-1E3C-448F-BD84-49A86257FF82}] => (Allow) D:CProgram Files (x86)Steamsteamappscommon7 Days To Die7dLauncher.exe FirewallRules: [{D13B5026-6779-47ED-8F3F-54BE3FE4BB1B}] => (Allow) D:CProgram Files (x86)Steamsteamappscommon7 Days To Die7dLauncher.exe FirewallRules: [{426AD553-D7B4-48D6-B2AE-2C6A69A4C1DF}] => (Allow) D:CProgram Files (x86)Steamsteamappscommon7 Days To Die7DaysToDie.exe FirewallRules: [{9C23DC84-98A5-4AC4-8C8F-44B3927D19F0}] => (Allow) D:CProgram Files (x86)Steamsteamappscommon7 Days To Die7DaysToDie.exe FirewallRules: [{D2ECE5C3-205E-4799-B694-91B71E0D41C5}] => (Allow) D:CProgram Files (x86)Steamsteamappscommon7 Days To Die7DaysToDie_EAC.exe FirewallRules: [{F526E89A-AF18-4CFD-8853-C48D30DA9403}] => (Allow) D:CProgram Files (x86)Steamsteamappscommon7 Days To Die7DaysToDie_EAC.exe FirewallRules: [{F3949858-90A0-4146-B291-1EE713262E56}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonArma 2arma2.exe FirewallRules: [{EDC4D70E-1BAC-489C-AC86-692041DE0001}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonArma 2arma2.exe FirewallRules: [{1489EB37-2CF7-4D30-9D4C-4CD8801BD254}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonClicker HeroesClicker Heroes.exe FirewallRules: [{76DBAD1D-D1E3-46F4-8F91-8162FB244359}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonClicker HeroesClicker Heroes.exe FirewallRules: [{3D3C75B5-3491-41D6-90B0-552F15666865}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDayZDayZ_BE.exe FirewallRules: [{C4F47262-639E-4F6D-9E8D-3EADFC9158D3}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDayZDayZ_BE.exe FirewallRules: [{865262CD-8CBB-4C60-8739-A2A72C0884E9}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonNo Man's SkyBinariesNMS.exe FirewallRules: [{F0318750-BBF9-4F91-A2B5-FBF3EA9BB755}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonNo Man's SkyBinariesNMS.exe FirewallRules: [{9BDEAEA1-3E31-439A-AD5D-8866D13C9538}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonGarrysModhl2.exe FirewallRules: [{65A70FE7-B231-4F45-A2D4-34629EDB4235}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonGarrysModhl2.exe FirewallRules: [{BC70532E-2413-4F42-8AE2-84271DC0AF2A}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonPAYDAY 2payday2_win32_release.exe FirewallRules: [{BA2E147F-6560-4304-80B3-1363132E4174}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonPAYDAY 2payday2_win32_release.exe FirewallRules: [{D440ADAE-FCCB-47E5-BC64-164909781F7E}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSakura ClickerSakura Clicker.exe FirewallRules: [{33FCDB71-EC68-435D-B3C4-C7BCA66677AA}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSakura ClickerSakura Clicker.exe FirewallRules: [{7C9D09E3-F009-406E-A568-6DE1F2D47CC5}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonArma 2 Operation ArrowheadArmA2OA.exe FirewallRules: [{8DAF0D62-5F22-48CB-8F73-183B37D98A44}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonArma 2 Operation ArrowheadArmA2OA.exe FirewallRules: [{58B2452D-C1B3-4346-BFBD-8C9C7752B53A}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonArma 2 Operation ArrowheadArmA2OA_BE.exe FirewallRules: [{6541C00F-24FC-4574-9C5E-54DFA0A6E99C}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonArma 2 Operation ArrowheadArmA2OA_BE.exe FirewallRules: [UDP Query User{69C11C5E-0E6C-41E4-9DF5-93960EE13BB7}D:cprogram filessentinelsentinel.exe] => (Allow) D:cprogram filessentinelsentinel.exe FirewallRules: [TCP Query User{BA4BE7C3-6ACE-41D9-9328-7830407DBC70}D:cprogram filessentinelsentinel.exe] => (Allow) D:cprogram filessentinelsentinel.exe FirewallRules: [UDP Query User{20E9FECE-7313-4022-A0A0-692487F5329C}D:cprogram files (x86)caincain.exe] => (Block) D:cprogram files (x86)caincain.exe FirewallRules: [TCP Query User{F30A62B2-206B-44BC-9EA9-7676D7F841A7}D:cprogram files (x86)caincain.exe] => (Block) D:cprogram files (x86)caincain.exe FirewallRules: [{A9A8C552-2469-43F4-B266-22EC6843AB4A}] => (Allow) D:CProgram Files (x86)Steambinsteamwebhelper.exe FirewallRules: [{97024C1C-D11A-4867-8AF1-DC96737D1DD8}] => (Allow) D:CProgram Files (x86)Steambinsteamwebhelper.exe FirewallRules: [{3EB7F8FF-1AC3-48A2-8048-39184B49AE9C}] => (Allow) D:CProgram Files (x86)SteamSteam.exe FirewallRules: [{48E49408-019D-4815-9D1F-B4D98FD0BDE5}] => (Allow) D:CProgram Files (x86)SteamSteam.exe FirewallRules: [UDP Query User{126D6FCE-4C1E-4D1D-AF9E-5A6E1102DF83}C:program filessentinelsentinel.exe] => (Allow) C:program filessentinelsentinel.exe FirewallRules: [TCP Query User{16EB98DB-F10A-415B-8493-E519A33EE0DB}C:program filessentinelsentinel.exe] => (Allow) C:program filessentinelsentinel.exe FirewallRules: [{D7F88A0B-1AC8-4675-9100-2C3B55920768}] => (Allow) C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe FirewallRules: [{9B2AAF31-55FA-4640-AA1A-09F4D2FBAE75}] => (Allow) C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe FirewallRules: [{27D20777-0BBF-4C63-9891-3394F810CD10}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSlayTheSpireSlayTheSpire.exe FirewallRules: [{F4CCD89B-8679-42D3-B1D1-6FE4DDCF9D98}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSlayTheSpireSlayTheSpire.exe FirewallRules: [TCP Query User{B48CC4D3-9A93-4ED4-981F-9D3FC8A71CA3}D:cprogram files (x86)steamsteamappscommonthe darwin projectdarwinbinarieswin64darwin-win64-shipping.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonthe darwin projectdarwinbinarieswin64darwin-win64-shipping.exe FirewallRules: [UDP Query User{3B3CACDA-AD57-4DC1-AE82-413AD897A606}D:cprogram files (x86)steamsteamappscommonthe darwin projectdarwinbinarieswin64darwin-win64-shipping.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonthe darwin projectdarwinbinarieswin64darwin-win64-shipping.exe FirewallRules: [{05D7295E-B9C8-417F-ABBA-4AF7328024E9}] => (Block) D:cprogram files (x86)steamsteamappscommonthe darwin projectdarwinbinarieswin64darwin-win64-shipping.exe FirewallRules: [{5701649A-9BFF-4EAE-9190-FB26461130A2}] => (Block) D:cprogram files (x86)steamsteamappscommonthe darwin projectdarwinbinarieswin64darwin-win64-shipping.exe FirewallRules: [{9C3C39C7-DA4D-466A-9C54-79D8C3938371}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonTown of SalemTownOfSalem.exe FirewallRules: [{0C55BA26-B1D8-4EC7-94EE-406653B43A65}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonTown of SalemTownOfSalem.exe FirewallRules: [{14C40669-C65A-420F-9B72-D841BB7A6659}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.Client.exe FirewallRules: [{C4C289F7-A32D-4B1A-B3CA-95ED1D1C15DA}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.Client.exe FirewallRules: [{98A8BC11-7CEB-42D6-B816-EF3412749BFB}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.Client.exe FirewallRules: [{2C7BD101-1D21-4BA9-8095-9AEDF8181C37}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.Client.exe FirewallRules: [{F4A489B5-0F1D-4153-8ADA-B2409D368C6D}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.Server.exe FirewallRules: [{890893D2-11AC-4860-8880-7C464961A1E5}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.Server.exe FirewallRules: [{8F6E011A-803B-4339-A3E9-D8F5C974D8FE}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.Server.exe FirewallRules: [{D42B816B-F257-4DF8-84CA-4EA504250925}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.Server.exe FirewallRules: [{F01D5047-4FA0-4B90-ACE2-EFB8A623BDA4}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.Server.NoConsole.exe FirewallRules: [{C5E00EDF-6F93-462A-81BA-116E023DED31}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.Server.NoConsole.exe FirewallRules: [{42801D59-0A30-4EDA-A48A-42702E63EF60}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.Server.NoConsole.exe FirewallRules: [{85105824-0F8F-49FA-8D7E-8D859F15E94E}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.Server.NoConsole.exe FirewallRules: [{6F2CA582-D4B4-4670-A579-21FCDDC73022}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonFloraWindowsflora.exe FirewallRules: [{23D08D1E-B440-4C96-8708-D70EE48D800E}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonFloraWindowsflora.exe FirewallRules: [TCP Query User{E19067D5-956F-48FF-97DB-44BCACEDD8D7}D:cprogram files (x86)steamsteamappscommonarkshootergamebinarieswin64shootergameserver.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonarkshootergamebinarieswin64shootergameserver.exe FirewallRules: [UDP Query User{9A5D03F6-F57F-4F3F-8089-58F1CA1F333A}D:cprogram files (x86)steamsteamappscommonarkshootergamebinarieswin64shootergameserver.exe] => (Allow) D:cprogram files (x86)steamsteamappscommonarkshootergamebinarieswin64shootergameserver.exe FirewallRules: [{C7CADE9C-A00D-4E4E-A3EC-EDA3144DEDB1}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonGrim DawnGrim Dawn.exe FirewallRules: [{70717704-4324-4F87-B564-C7117F5328BE}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonGrim DawnGrim Dawn.exe FirewallRules: [{9ED907DA-2D70-412F-86D4-E5DA99891873}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonTurmoilTurmoil_PC_Full.exe FirewallRules: [{07C0C256-5410-416E-B165-AC8E75E96161}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonTurmoilTurmoil_PC_Full.exe FirewallRules: [{20597419-6B07-44B9-848A-4016A4F4845E}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSquadsquad_launcher.exe FirewallRules: [{A25ED085-C83A-4E8E-AA09-709B9665275E}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSquadsquad_launcher.exe FirewallRules: [{AE3B5BB5-9BBD-4CC8-A185-02701C3C0C01}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSpaceEngineersBin64SpaceEngineers.exe FirewallRules: [{B430BFB4-AD78-4808-8C05-A9BE05531301}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSpaceEngineersBin64SpaceEngineers.exe FirewallRules: [{6EADCFA7-1F3C-4577-B871-9D8295886383}] => (Allow) C:Program Files (x86)SkypePhoneSkype.exe FirewallRules: [{6FF861DA-EA66-481B-85EF-526DA065EFBC}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonCounter-Strike Global Offensivecsgo.exe FirewallRules: [{A51D3445-A149-4096-BF1F-58BE97694255}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonCounter-Strike Global Offensivecsgo.exe FirewallRules: [{D2AEC96B-67E2-4DA6-8C67-0BF93F335424}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonHuman Fall FlatHuman.exe FirewallRules: [{8E107819-653E-4A5C-A817-1FC2767EE73E}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonHuman Fall FlatHuman.exe FirewallRules: [{9B6FF617-33A1-4B6B-9012-340D9C5A0FAB}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarfaceWarfaceMycomSteamLoader.exe FirewallRules: [{CB7525BC-76DC-4A6F-8A8A-9D15A64F7301}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonWarfaceWarfaceMycomSteamLoader.exe FirewallRules: [TCP Query User{1300952A-F52C-4D84-8270-B2366313CE7B}D:cprogram files (x86)kingdom deliverancekingdom come deliverancebinwin64kingdomcome.exe] => (Allow) D:cprogram files (x86)kingdom deliverancekingdom come deliverancebinwin64kingdomcome.exe FirewallRules: [UDP Query User{5352E8F5-57D6-47E9-8CE6-EA5868F5D9BA}D:cprogram files (x86)kingdom deliverancekingdom come deliverancebinwin64kingdomcome.exe] => (Allow) D:cprogram files (x86)kingdom deliverancekingdom come deliverancebinwin64kingdomcome.exe FirewallRules: [{9B2CF277-BFAE-47AD-A712-1A7D69AC0020}] => (Allow) %systemroot%system32alg.exe FirewallRules: [{0B0CF29B-F5BB-4AD0-B4AE-CC695D321ADA}] => (Allow) %systemroot%system32alg.exe FirewallRules: [{17B49D0B-0D28-4DF7-9E6C-BAB1BE4DE2BA}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe FirewallRules: [{B1E5EF8B-9DB8-4390-A9F8-F252BFD76768}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe FirewallRules: [{2DE3CD1C-1996-4FCE-8D6D-ADFE7539A729}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe FirewallRules: [{1ABE6226-F48D-4CCE-AEEC-3BD1DCB291F7}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe FirewallRules: [{6EAC8C9C-7043-42AB-AB78-348F36C691E3}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDeep Space Waifu Flat JusticeDeep Space Waifu Flat Justice.exe FirewallRules: [{CB2B1B98-5577-4B17-8A59-5A27C49198AA}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDeep Space Waifu Flat JusticeDeep Space Waifu Flat Justice.exe FirewallRules: [{0400BFBB-40F3-40CE-A71A-C845F09C2B7F}] => (Allow) C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe FirewallRules: [{63A894D8-7FAB-4736-8EBC-5FE6886EC7E3}] => (Allow) C:Program FilesiTunesiTunes.exe FirewallRules: [{7965238E-7809-417B-AC0F-A516CEC6C326}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe FirewallRules: [{2612A91B-D894-4C5A-B5A2-3048F4A36E16}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe FirewallRules: [{5E5BD431-325E-43DF-BAF2-3E2304D10962}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe FirewallRules: [{DAC940CF-278E-437D-B963-ABA92C784130}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe FirewallRules: [{8F45A769-7643-4DA9-9D11-6563733EE836}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDARK SOULS IIIGameDarkSoulsIII.exe FirewallRules: [{5537E49A-B19E-402B-81FC-BEFDC292ACB8}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonDARK SOULS IIIGameDarkSoulsIII.exe FirewallRules: [{DBB47F53-9647-4132-BD4A-755164F1E1E6}] => (Allow) D:CProgram Files (x86)Steamsteamappscommon100 Orange Juice100orange.exe FirewallRules: [{79C80C01-E821-467C-BEEA-A88CEE197B1E}] => (Allow) D:CProgram Files (x86)Steamsteamappscommon100 Orange Juice100orange.exe FirewallRules: [{F3AE27E6-D121-4B37-B5CA-815B591BAE5C}] => (Allow) C:Program Files (x86)GlassWireGWCtlSrv.exe FirewallRules: [{C9BF7CBD-06D6-4A04-B135-667A832FD629}] => (Allow) C:Program Files (x86)GlassWireGWCtlSrv.exe FirewallRules: [{C079989B-316D-4D96-A1BA-4912A7320CC3}] => (Block) D:CProgram Files (x86)Dead In VinlandDead In Vinland.exe FirewallRules: [{53C0F46E-60B6-4C92-9323-9739FB2E2098}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSpyPartySpyPartyProgramFilesspyparty.exe FirewallRules: [{07EC81B3-D44E-43E5-95BB-7F4A08C39150}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonSpyPartySpyPartyProgramFilesspyparty.exe FirewallRules: [{6AFE4C0F-548F-42E5-91BF-E5E3AA1F3039}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.ServerWizard.exe FirewallRules: [{D254B759-636B-4BF5-BF4D-CB349C3DF004}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.ServerWizard.exe FirewallRules: [{C82E7B3E-10A0-437F-BC40-F5007ECC7185}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.ModManager.exe FirewallRules: [{66D81D83-2C2C-4417-AB38-84EACF71F5AD}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.ModManager.exe FirewallRules: [{488C2EAF-0426-4F81-B091-6DBC628B0568}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.SteamLauncher.exe FirewallRules: [{9BB65014-5CAA-4D98-B801-818E0BA7EC9B}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStaxelbinStaxel.SteamLauncher.exe FirewallRules: [{DBC3DE5C-8930-462E-BAAB-223C76F8649D}] => (Allow) D:CProgram Files (x86)BsgLauncherBsgLauncher.exe FirewallRules: [{936056CB-E2ED-46A8-99B4-D133FF6E9AB9}] => (Allow) D:CProgram Files (x86)BsgLauncherBsgLauncher.exe FirewallRules: [{648CF78B-9924-4368-9370-288932E952CA}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe FirewallRules: [{24396A42-84D6-4941-9F5F-E5A860E4A0B3}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin64starbound.exe FirewallRules: [{FD23C92D-5792-4EB9-9A71-93B07422AA78}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin64starbound.exe FirewallRules: [{594E5FED-9513-4284-9028-62DECE21C675}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin64starbound_server.exe FirewallRules: [{984D5DD8-2C07-453E-8A01-9111866C3254}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin64starbound_server.exe FirewallRules: [{55E4E236-BAD0-428F-81A2-E41366934711}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin64mod_uploader.exe FirewallRules: [{AE70B410-48A1-4158-BC1B-64736F63D449}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin64mod_uploader.exe FirewallRules: [{C455B14F-5773-4150-A6FA-425D54C66007}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin32starbound.exe FirewallRules: [{D3D79BCA-50E2-4797-8AFD-E822C3F2D861}] => (Allow) D:CProgram Files (x86)SteamsteamappscommonStarboundwin32starbound.exe Restore Points ATTENTION: System Restore is disabled Faulty Device Manager Devices Name: Evolve Virtual Ethernet Adapter Description: Evolve Virtual Ethernet Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Echobit LLC Service: EvolveVirtualAdapter Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click 'Update Driver' to update the drivers for this device. On the 'General Properties' tab of the device, click 'Troubleshoot' to start the troubleshooting wizard. Event log errors: Application errors: Error: (04/29/2018 02:40:54 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: imopara3.exe, version: 0.0.0.0, time stamp: 0x5a25a0df Faulting module name: resident.dll, version: 0.0.0.0, time stamp: 0x5a30cc38 Exception code: 0xc0000094 Fault offset: 0x002db761 Faulting process id: 0xbde4 Faulting application start time: 0x01d3df850253c801 Faulting application path: D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３imopara3.exe Faulting module path: D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３resident.dll Report Id: ce5e30ce-cb79-4136-90e1-2e22ce259ad2 Faulting package full name: Faulting package-relative application ID: Error: (04/29/2018 02:40:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: imopara3.exe, version: 0.0.0.0, time stamp: 0x5a25a0df Faulting module name: resident.dll, version: 0.0.0.0, time stamp: 0x5a30cc38 Exception code: 0xc0000094 Fault offset: 0x002db761 Faulting process id: 0x92d0 Faulting application start time: 0x01d3df84e828fcfd Faulting application path: D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３imopara3.exe Faulting module path: D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３resident.dll Report Id: f9dcf709-19b0-4958-94b4-effeb9d5fdb0 Faulting package full name: Faulting package-relative application ID: Error: (04/29/2018 02:39:01 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: imopara3.exe, version: 0.0.0.0, time stamp: 0x5a25a0df Faulting module name: MSVCR80.dll, version: 8.0.50727.9348, time stamp: 0x59a71bf3 Exception code: 0x40000015 Fault offset: 0x000046b4 Faulting process id: 0xc210 Faulting application start time: 0x01d3df84c10034dc Faulting application path: D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３imopara3.exe Faulting module path: C:WINDOWSWinSxSx86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9348_none_d08c1480442bf1e1MSVCR80.dll Report Id: 8670d445-7b32-4ced-8701-c38fb6871e84 Faulting package full name: Faulting package-relative application ID: Error: (04/29/2018 02:38:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: imopara3.exe, version: 0.0.0.0, time stamp: 0x5a25a0df Faulting module name: MSVCR80.dll, version: 8.0.50727.9348, time stamp: 0x59a71bf3 Exception code: 0x40000015 Fault offset: 0x000046b4 Faulting process id: 0xc0f0 Faulting application start time: 0x01d3df84b5023eb7 Faulting application path: D:CProgram Files (x86)Imouto Paradise 3Game妹ぱらだいす！３imopara3.exe Faulting module path: C:WINDOWSWinSxSx86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9348_none_d08c1480442bf1e1MSVCR80.dll Report Id: 885adfd0-1f21-41d2-80e1-58f69b12def9 Faulting package full name: Faulting package-relative application ID: Error: (04/28/2018 11:02:25 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service 'WmiApRpl' in DLL 'C:WINDOWSsystem32wbemwmiaprpl.dll' failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (04/28/2018 11:02:25 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code. Error: (04/28/2018 11:02:25 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (04/28/2018 11:02:25 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service 'MSDTC' in DLL 'C:WINDOWSsystem32msdtcuiu.DLL' failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. System errors: Error: (04/29/2018 05:27:47 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-8CFTPA0) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-8CFTPA0Gina SID (S-1-5-21-3136049691-254176528-2049032503-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/29/2018 05:26:36 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error '1084' attempting to start the service dps with arguments 'Unavailable' in order to run the server: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (04/29/2018 05:26:36 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error '1084' attempting to start the service dps with arguments 'Unavailable' in order to run the server: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (04/29/2018 05:26:31 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8CFTPA0) Description: DCOM got error '1084' attempting to start the service ShellHWDetection with arguments 'Unavailable' in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/29/2018 05:25:48 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8CFTPA0) Description: DCOM got error '1084' attempting to start the service ShellHWDetection with arguments 'Unavailable' in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/29/2018 05:23:21 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8CFTPA0) Description: DCOM got error '1084' attempting to start the service WSearch with arguments 'Unavailable' in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (04/29/2018 05:23:19 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8CFTPA0) Description: DCOM got error '1084' attempting to start the service ShellHWDetection with arguments 'Unavailable' in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/29/2018 05:23:12 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8CFTPA0) Description: DCOM got error '1084' attempting to start the service ShellHWDetection with arguments 'Unavailable' in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Windows Defender: Date: 2018-04-28 06:03:16.701 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {D2579AB5-0F5A-4235-9A4C-528A7B453B0E} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-04-21 22:32:58.016 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {ADFF83E0-0A28-4F70-9886-8D70452B8782} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-04-19 09:53:05.410 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {04799D1F-D66E-41A0-AD2C-7888B2B17D63} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-04-15 21:50:26.171 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {7227E8C8-B17B-4C7D-9194-5244232C3794} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-04-12 10:36:29.303 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {00627F9B-0318-43C4-822D-4528DBC68F28} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-04-29 03:35:46.564 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.267.537.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14800.3 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode Date: 2018-04-29 03:25:45.661 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2018-04-29 03:17:28.121 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2018-04-29 03:03:29.911 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.267.537.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14800.3 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode Date: 2018-04-29 02:53:28.785 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. CodeIntegrity: Date: 2018-04-29 05:32:38.770 Description: Code Integrity determined that a process (DeviceHarddiskVolume6WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume6Program FilesBonjourmdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-04-29 05:32:38.769 Description: Code Integrity determined that a process (DeviceHarddiskVolume6WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume6Program FilesBonjourmdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-04-29 05:32:17.138 Description: Code Integrity determined that a process (DeviceHarddiskVolume6WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume6Program FilesBonjourmdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-04-29 05:32:17.136 Description: Code Integrity determined that a process (DeviceHarddiskVolume6WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume6Program FilesBonjourmdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-04-29 05:32:15.769 Description: Code Integrity determined that a process (DeviceHarddiskVolume6WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume6Program FilesBonjourmdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-04-29 05:32:15.768 Description: Code Integrity determined that a process (DeviceHarddiskVolume6WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume6Program FilesBonjourmdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-04-29 05:29:25.325 Description: Code Integrity determined that a process (DeviceHarddiskVolume6WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume6Program FilesBonjourmdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-04-29 05:29:25.324 Description: Code Integrity determined that a process (DeviceHarddiskVolume6WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume6Program FilesBonjourmdnsNSP.dll that did not meet the Microsoft signing level requirements. Memory info Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz Percentage of memory in use: 15% Total physical RAM: 32729.56 MB Available physical RAM: 27600.27 MB Total Virtual: 65497.56 MB Available Virtual: 59684.73 MB Drives Drive c: (OS) (Fixed) (Total:118.69 GB) (Free:43.74 GB) NTFS Drive d: (Storage) (Fixed) (Total:1862.89 GB) (Free:168.72 GB) NTFS ?Volume{09bdc61b-4b39-429f-815d-b781025a2f3c} () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS ?Volume{d6983639-c17a-459c-bfe6-46abe66daaf3} () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 MBR & Partition Table End of Addition.txt Thanks again.

20. Phished fontdrvhost.exe Infection?

    JJ10157 posted a topic in Resolved Malware Removal Logs

    Hello, Ive somehow found myself infected with some kind of malware I've never seen before. I was gifted a game from a friend which came from a code, the site the code went on was some foreign text filled site, and In retrospect looked less than reputable. I think I got phished and that the code wasn't to a game he purchased for me, but a directory to malware. I've only known this friend for a short period, and we haven't gotten along, so I wouldn't doubt it if he is the source of this problem. Maybe I was just stupid in downloading what seemed like a gifted game.(Edit- I used translator on a .txt file from the folder of the game, and can confirm the game is from a pirating site which was advertised in the .txt. I was unaware of this fact while downloading it, and DO NOT support piracy, I'm very angry at myself for believing a 'gift code' could give me a free game and will not do so again.) The virus from this 'Gift' seems to have rooted itself in my fontdrvhost.exe and can't be deleted. I've isolated what file it is, and deleted the 'game' and all of its files from my computer, with only the undeletable file remaining. For the record, I did go through a installation process for the game, so I think that's how I got infected. The virus, or the file that can't be deleted no matter what I try, is a '.TTE File'. Ive tried to delete it multiple times through different methods like safemode and such to no avail, I would either get 'is in use in a program' or 'you don't have permission'. I only got 'you don't have permission' once after many tries, the rest were Programs in Use. I eventually used windows process explorer to find what process was hooking onto it, and I found the fontdrvhost.exe is what it was seemingly latched onto. I've tried multiple methods since then to try and rid myself of the file, and cannot find a way to do so. I've also tried scanning it with Avira and Malwarebytes Pro and have gotten nowhere, as the programs don't seem to recognize it as a threat. I've definitely learned my lesson on Downloading anything anyone sends me over the internet. Apparently you can't even trust your friends anymore, as I've been unable to contact him since I went through the process, and believe this to be a sort of revenge for recent mishaps in our relationship. Sorry for the off topic mentions, please help me through this foolish problem of mine.