Harmazi
-
Posts
28 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Harmazi
-
-
Yeah that problem started close to the time all the other problems started. I feel like my PC is pretty mint as of now.
-
Uhm I believe everything is working at this point, but I know I used to have issues with spiking disk usage.
-
Yes, it is working.
-
-
-
I can't launch Task Manager, it crashes.
-
FRST has been "fixing" this whole time. I can't close it or end it through task manager. What should I do?
-
Hotspot Shield must've been on here from a while ago, the Keylogger and Chromium were also from me. I'll remove all that.
-
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2017 01
Ran by RNOwe (administrator) on RICKYS-DESKTOP (15-08-2017 19:14:33)
Running from C:\Users\Ricky\Desktop\FRST
Loaded Profiles: RNOwe & Ricky (Available Profiles: RNOwe & Ricky)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Comodo) C:\Users\Ricky\Documents\Comodo Dragon\Comodo\Dragon\dragon_updater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(Malwarebytes) C:\Users\Ricky\Documents\Anti-Malware\MBAMService.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Malwarebytes) C:\Users\Ricky\Documents\Anti-Malware\mbamtray.exe
(Gaijin Entertainment) C:\Users\Ricky\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5750\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.9093\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.9093\Battle.net Helper.exe
(Google Inc.) C:\Users\Ricky\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Battle.net\Battle.net.9093\Battle.net Helper.exe
() C:\Program Files (x86)\Battle.net\Battle.net.9093\Battle.net Helper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MouseDriver] => c:\windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-02-17] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Users\Ricky\Documents\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\USERS\RICKY\DOCUMENTS\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-12-11] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-04-05] (Plays.tv, LLC)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2131856 2016-07-14] (AimerSoft)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\KeepVid\KeepVid Pro\DelayPluginI.exe [1974432 2016-08-08] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-17] (Valve Corporation)
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-05-16] (Nota Inc.)
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\Run: [Razer Comms] => C:\Program Files (x86)\Razer\Comms\RazerComms.exe [6877072 2016-11-08] ()
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [225816 2017-02-21] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [611584 2016-03-09] (NETGEAR Inc.)
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C0].tx
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\Run: [uTorrent] => C:\Users\Ricky\AppData\Roaming\uTorrent\updates\3.5.0_43916.exe [2146496 2017-07-31] (BitTorrent Inc.)
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2016-08-20] ()
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\Run: [Discord] => C:\Users\Ricky\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\Run: [Razer Comms] => C:\Program Files (x86)\Razer\Comms\RazerComms.exe [6877072 2016-11-08] ()
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\Run: [MyComGames] => C:\Users\Ricky\AppData\Local\MyComGames\MyComGames.exe [5572304 2017-08-11] (MY.COM B.V.)
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\Run: [Gaijin.Net Agent] => C:\Users\Ricky\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-28] (Gaijin Entertainment)
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\Run: [svcvmx] => "C:\Users\Ricky\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe" -starup
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-01-01]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tenda Wireless Utility.lnk [2015-10-15]
ShortcutTarget: Tenda Wireless Utility.lnk -> C:\Program Files (x86)\Tenda\Common\RaUI.exe ()
Startup: C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-01-14] ()
Startup: C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-05-06]
ShortcutTarget: Twitch.lnk -> C:\Users\RNOwe\AppData\Roaming\Curse Client\Bin\Twitch.exe (No File)
Startup: C:\Users\RNOwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-10-29]
ShortcutTarget: Curse.lnk -> C:\Users\Ricky\AppData\Roaming\Curse Client\Bin\Curse.exe (Twitch Interactive, Inc.)==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{79c83538-9892-4c46-9698-1fac0cb27002}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{ee75ae4a-11d9-4dde-8b10-58c507b7fd62}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{f71949d0-ec85-40d2-8ebf-5cff71dbd6e9}: [DhcpNameServer] 192.168.10.1
ManualProxies:Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2190132408-2257626196-1181361939-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-24] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-17] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-24] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-17] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-07-24] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-19] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-24] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-19] (Oracle Corporation)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1447711760225
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-24] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-24] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-24] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-24] (Microsoft Corporation)
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No FileFireFox:
========
FF ProfilePath: C:\Users\RNOwe\AppData\Roaming\Mozilla\Firefox\Profiles\E6LWdtcx.default [2017-08-14]
FF Extension: (Avira Browser Safety) - C:\Users\RNOwe\AppData\Roaming\Mozilla\Firefox\Profiles\E6LWdtcx.default\Extensions\abs@avira.com [2015-10-14] [not signed]
FF Extension: (KeepVid Pro) - C:\ProgramData\KeepVid\KeepVid Pro\KVAllmytube@KeepVid.com_xpi\ []
FF HKLM-x32\...\Firefox\Extensions: [KVAllmytube@KeepVid.com] - C:\ProgramData\KeepVid\KeepVid Pro\KVAllmytube@KeepVid.com_xpi
FF Extension: (KeepVid Pro) - C:\ProgramData\KeepVid\KeepVid Pro\KVAllmytube@KeepVid.com_xpi [2017-07-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-14] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-17] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-14] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-07-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-03-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-03-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2190132408-2257626196-1181361939-1001: @nsroblox.roblox.com/launcher -> C:\Users\RNOwe\AppData\Local\Roblox\Versions\version-da823d17eb7346c9\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2190132408-2257626196-1181361939-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\RNOwe\AppData\Local\Roblox\Versions\version-da823d17eb7346c9\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2190132408-2257626196-1181361939-1003: @my.com/Games -> C:\Users\Ricky\AppData\Local\MyComGames\NPMyComDetector.dll [2017-02-20] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-2190132408-2257626196-1181361939-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Ricky\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2190132408-2257626196-1181361939-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Ricky\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)Chrome:
=======
CHR Profile: C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default [2017-08-15]
CHR Extension: (Google Slides) - C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-16]
CHR Extension: (Google Docs) - C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-16]
CHR Extension: (Google Drive) - C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-16]
CHR Extension: (YouTube) - C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-16]
CHR Extension: (Honey) - C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-08-14]
CHR Extension: (Google Search) - C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Google Sheets) - C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-16]
CHR Extension: (Avira Browser Safety) - C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-08]
CHR Extension: (Google Docs Offline) - C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-21]
CHR Extension: (Gmail) - C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-16]
CHR Extension: (Chrome Media Router) - C:\Users\RNOwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
PCW (Start=4 -> Start=0) <==== restored successfully
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-03-15] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [428056 2017-02-21] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [406040 2017-02-21] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [452632 2017-02-21] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-07-03] (Microsoft Corporation)
R2 DragonUpdater; C:\Users\Ricky\Documents\Comodo Dragon\Comodo\Dragon\dragon_updater.exe [2060848 2016-02-05] (Comodo)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-06-20] (EasyAntiCheat Ltd)
S2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-11] (Hi-Rez Studios) [File not signed]
S3 HnGSteamService; C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [722216 2017-07-20] (Reto-Moto ApS)
S4 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [452096 2015-09-16] (Rivet Networks) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Users\Ricky\Documents\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2016-03-09] (NETGEAR)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-25] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-03-16] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-10-25] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project)
S3 Origin Client Service; C:\Users\Ricky\Documents\Origin\OriginClientService.exe [2169696 2017-07-21] (Electronic Arts)
S2 Origin Web Helper Service; C:\Users\Ricky\Documents\Origin\OriginWebHelperService.exe [3149664 2017-07-21] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-04-05] (Plays.tv, LLC)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-09-04] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-09-04] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [185632 2009-12-10] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [212256 2009-12-10] (Ralink Technology, Corp.)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-10-28] (Razer Inc.)
S4 SAudionicSV; C:\WINDOWS\SysWOW64\sysaudionicsvc.exe [1816576 2015-04-07] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889888 2017-08-01] (Microsoft Corporation)
S4 SysEventSVC; C:\WINDOWS\SysWOW64\syseventfiltersvc.exe [2012672 2015-04-07] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757040 2017-04-06] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
S2 WeiseTunnel; C:\Windows\sysconmon\WeiseTunnel.exe [4775424 2015-03-15] (InfoWeise) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [X]
S2 MEmusvc; C:\Program Files\Microvirt\MEmu\MemuService.exe [X]===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [142904 2015-09-16] (Rivet Networks, LLC.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [152672 2017-02-21] (BlueStack Systems)
R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-02-21] (Bluestack System Inc. )
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [543184 2017-02-17] (Intel Corporation)
R3 ElcMouLFlt; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [28648 2015-09-11] (ELECOM)
R3 ElcMouUFlt; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [27624 2015-09-11] (ELECOM)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-08-14] ()
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-11-11] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-02-17] (REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-02] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-02] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-02] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253856 2017-08-15] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-02] (Malwarebytes)
R2 memudrv; C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (Microvirt Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2504192 2016-07-16] (MediaTek Inc.)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2017-05-16] (CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f37f8f12da8b10d7\nvlddmkm.sys [14574640 2017-03-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-10-25] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-03-16] (NVIDIA Corporation)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-12-04] (Wellbia.com Co., Ltd.)==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-15 18:02 - 2017-08-15 18:02 - 000001167 _____ C:\Users\RNOwe\Desktop\JRT.txt
2017-08-15 17:49 - 2017-08-15 17:56 - 001790024 _____ (Malwarebytes) C:\Users\Ricky\Desktop\JRT.exe
2017-08-15 17:46 - 2017-08-15 17:55 - 000000000 ____D C:\AdwCleaner
2017-08-15 17:45 - 2017-08-15 17:45 - 008185288 _____ (Malwarebytes) C:\Users\Ricky\Desktop\AdwCleaner.exe
2017-08-15 09:07 - 2017-08-15 09:07 - 000407277 _____ C:\Users\RNOwe\Desktop\VT_ResidentialPropaneSupplyAgreementFILLABLE1.pdf
2017-08-15 07:06 - 2017-08-15 07:06 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-15 07:06 - 2017-08-15 07:06 - 000002249 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-08-15 07:02 - 2017-08-15 07:02 - 000000000 ____D C:\Users\RNOwe\AppData\Local\ASHelper
2017-08-14 22:38 - 2017-08-14 22:38 - 000000000 _____ C:\autoexec.bat
2017-08-14 20:04 - 2017-08-15 19:06 - 000000000 ____D C:\Users\Ricky\Desktop\FRST
2017-08-14 20:03 - 2017-08-15 19:14 - 000000000 ____D C:\FRST
2017-08-14 15:36 - 2017-08-15 17:51 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-08-14 15:36 - 2017-08-14 19:31 - 000194776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\757D2D9F.sys
2017-08-14 15:22 - 2017-08-14 19:34 - 000000000 ____D C:\Users\Ricky\Desktop\mbar
2017-08-14 14:34 - 2017-08-14 14:34 - 000000000 ____D C:\Users\Ricky\AppData\Local\ASHelper
2017-08-14 14:01 - 2017-08-14 14:01 - 000007299 _____ C:\WINDOWS\CleanMem Uninstall Log.txt
2017-08-14 12:04 - 2017-08-14 12:04 - 000011439 _____ C:\Users\RNOwe\Desktop\CalendarLabs.pdf
2017-08-13 09:49 - 2017-08-15 17:50 - 027262976 _____ C:\WINDOWS\system32\config\SYSTEM
2017-08-13 09:49 - 2017-08-14 20:28 - 026738688 _____ C:\WINDOWS\system32\config\HARDWARE
2017-08-10 20:09 - 2017-08-12 19:38 - 002030536 _____ (Bleeping Computer, LLC) C:\Users\Ricky\Desktop\rkill.exe
2017-08-10 16:01 - 2017-08-01 13:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-10 16:01 - 2017-08-01 13:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-10 16:01 - 2017-08-01 13:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-10 16:01 - 2017-08-01 13:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-10 16:01 - 2017-08-01 12:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-10 16:01 - 2017-08-01 12:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-10 16:01 - 2017-08-01 12:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-10 16:01 - 2017-08-01 12:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-10 16:01 - 2017-08-01 12:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-10 16:01 - 2017-08-01 12:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-10 16:01 - 2017-08-01 12:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-10 16:01 - 2017-08-01 12:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-10 16:01 - 2017-08-01 12:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-10 16:01 - 2017-08-01 12:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-10 16:01 - 2017-08-01 12:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-10 16:01 - 2017-08-01 12:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-10 16:01 - 2017-08-01 12:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-10 16:01 - 2017-08-01 12:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-10 16:01 - 2017-08-01 12:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-10 16:01 - 2017-08-01 12:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-10 16:01 - 2017-07-12 01:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-10 16:01 - 2017-07-12 01:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-10 16:01 - 2017-07-12 01:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-10 16:01 - 2017-07-12 01:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-10 16:01 - 2017-03-04 02:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-10 16:00 - 2017-08-01 15:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-10 16:00 - 2017-08-01 15:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-10 16:00 - 2017-08-01 15:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-10 16:00 - 2017-08-01 15:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-10 16:00 - 2017-08-01 15:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-10 16:00 - 2017-08-01 15:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-10 16:00 - 2017-08-01 15:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-10 16:00 - 2017-08-01 15:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-10 16:00 - 2017-08-01 15:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-10 16:00 - 2017-08-01 15:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-10 16:00 - 2017-08-01 15:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-10 16:00 - 2017-08-01 15:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-10 16:00 - 2017-08-01 15:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-10 16:00 - 2017-08-01 14:58 - 000299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-08-10 16:00 - 2017-08-01 14:57 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-08-10 16:00 - 2017-08-01 14:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-10 16:00 - 2017-08-01 14:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-10 16:00 - 2017-08-01 14:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-10 16:00 - 2017-08-01 14:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-10 16:00 - 2017-08-01 14:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-10 16:00 - 2017-08-01 14:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-10 16:00 - 2017-08-01 14:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-10 16:00 - 2017-08-01 14:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-10 16:00 - 2017-08-01 14:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-10 16:00 - 2017-08-01 14:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-10 16:00 - 2017-08-01 14:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-10 16:00 - 2017-08-01 14:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-10 16:00 - 2017-08-01 14:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-10 16:00 - 2017-08-01 14:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-10 16:00 - 2017-08-01 14:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-10 16:00 - 2017-08-01 14:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-10 16:00 - 2017-08-01 14:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-10 16:00 - 2017-08-01 14:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-10 16:00 - 2017-08-01 14:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-10 16:00 - 2017-08-01 14:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-10 16:00 - 2017-08-01 14:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-10 16:00 - 2017-08-01 14:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-10 16:00 - 2017-08-01 14:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-10 16:00 - 2017-08-01 14:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-10 16:00 - 2017-08-01 14:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-10 16:00 - 2017-08-01 14:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-10 16:00 - 2017-08-01 13:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-10 16:00 - 2017-08-01 13:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-10 16:00 - 2017-08-01 13:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-10 16:00 - 2017-08-01 13:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-10 16:00 - 2017-08-01 13:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-10 16:00 - 2017-08-01 13:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-10 16:00 - 2017-08-01 13:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-10 16:00 - 2017-08-01 13:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-10 16:00 - 2017-08-01 13:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-10 16:00 - 2017-08-01 13:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-10 16:00 - 2017-08-01 13:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-10 16:00 - 2017-08-01 13:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-10 16:00 - 2017-08-01 13:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-10 16:00 - 2017-08-01 13:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-10 16:00 - 2017-08-01 13:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-10 16:00 - 2017-08-01 12:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-10 16:00 - 2017-08-01 12:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-10 16:00 - 2017-08-01 12:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-10 16:00 - 2017-08-01 12:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-10 16:00 - 2017-08-01 12:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-10 16:00 - 2017-08-01 12:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-10 16:00 - 2017-08-01 12:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-10 16:00 - 2017-08-01 12:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-10 16:00 - 2017-08-01 12:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-10 16:00 - 2017-08-01 12:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-10 16:00 - 2017-08-01 12:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-10 16:00 - 2017-08-01 12:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-10 16:00 - 2017-08-01 12:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-10 16:00 - 2017-08-01 12:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-10 16:00 - 2017-08-01 12:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-10 16:00 - 2017-08-01 12:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-10 16:00 - 2017-08-01 12:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-10 16:00 - 2017-08-01 12:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-10 16:00 - 2017-08-01 12:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-10 16:00 - 2017-08-01 12:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-10 16:00 - 2017-08-01 12:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-10 16:00 - 2017-08-01 12:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-10 16:00 - 2017-08-01 12:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-10 16:00 - 2017-08-01 12:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-10 16:00 - 2017-08-01 12:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-10 16:00 - 2017-08-01 12:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-10 16:00 - 2017-08-01 12:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-10 16:00 - 2017-08-01 12:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-10 16:00 - 2017-08-01 12:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-10 16:00 - 2017-08-01 12:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-10 16:00 - 2017-08-01 12:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-10 16:00 - 2017-08-01 12:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-10 16:00 - 2017-08-01 12:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-10 16:00 - 2017-08-01 12:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-10 16:00 - 2017-08-01 12:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-10 16:00 - 2017-08-01 12:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-10 16:00 - 2017-08-01 12:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-10 16:00 - 2017-08-01 12:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-10 16:00 - 2017-08-01 12:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-10 16:00 - 2017-08-01 12:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-10 16:00 - 2017-08-01 12:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-10 16:00 - 2017-08-01 12:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-10 16:00 - 2017-08-01 12:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-10 16:00 - 2017-08-01 12:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-10 16:00 - 2017-08-01 12:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-10 16:00 - 2017-08-01 12:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-10 16:00 - 2017-08-01 10:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-10 16:00 - 2017-07-12 02:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-10 16:00 - 2017-07-12 02:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-10 16:00 - 2017-07-12 02:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-10 16:00 - 2017-07-12 02:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-10 16:00 - 2017-07-12 02:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-10 16:00 - 2017-07-12 02:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-10 16:00 - 2017-07-12 02:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-10 16:00 - 2017-07-12 02:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-10 16:00 - 2017-07-12 01:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-10 16:00 - 2017-07-12 01:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-10 16:00 - 2017-07-12 01:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-10 16:00 - 2017-07-12 01:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-10 16:00 - 2017-07-12 01:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-10 16:00 - 2017-07-12 01:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-10 16:00 - 2017-07-12 01:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-10 16:00 - 2017-07-12 01:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-10 16:00 - 2017-07-12 01:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-10 16:00 - 2017-07-12 01:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-10 16:00 - 2017-07-12 01:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-10 16:00 - 2017-07-12 01:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-10 16:00 - 2017-07-12 01:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-10 16:00 - 2017-07-12 01:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-10 16:00 - 2017-07-12 01:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-10 16:00 - 2017-07-12 01:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-10 16:00 - 2017-07-12 01:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-10 16:00 - 2017-07-12 01:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-10 16:00 - 2017-07-12 01:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-10 16:00 - 2017-07-12 01:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-10 16:00 - 2017-07-12 01:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-10 16:00 - 2017-07-12 01:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-10 16:00 - 2017-07-12 01:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-10 16:00 - 2017-07-12 01:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-10 16:00 - 2017-07-12 01:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-10 16:00 - 2017-07-12 01:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-10 16:00 - 2017-07-12 01:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-10 16:00 - 2017-07-12 01:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-10 16:00 - 2017-07-12 01:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-10 16:00 - 2017-07-12 01:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-10 16:00 - 2017-07-12 01:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-10 16:00 - 2017-07-12 01:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-10 16:00 - 2017-07-12 01:03 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-08-10 16:00 - 2017-07-12 01:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-10 16:00 - 2017-07-12 01:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-10 16:00 - 2017-07-12 00:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-10 16:00 - 2017-07-12 00:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-10 16:00 - 2017-07-11 22:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-10 16:00 - 2016-09-07 01:24 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-08-10 15:59 - 2017-08-01 15:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-10 15:59 - 2017-08-01 15:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-10 15:59 - 2017-08-01 15:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-10 15:59 - 2017-08-01 15:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-10 15:59 - 2017-08-01 15:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-10 15:59 - 2017-08-01 15:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-10 15:59 - 2017-08-01 15:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-10 15:59 - 2017-08-01 15:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-10 15:59 - 2017-08-01 15:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-10 15:59 - 2017-08-01 15:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-10 15:59 - 2017-08-01 15:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-10 15:59 - 2017-08-01 15:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-10 15:59 - 2017-08-01 15:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-10 15:59 - 2017-08-01 15:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-10 15:59 - 2017-08-01 14:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-10 15:59 - 2017-08-01 14:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-10 15:59 - 2017-08-01 14:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-10 15:59 - 2017-08-01 14:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-10 15:59 - 2017-08-01 14:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-10 15:59 - 2017-08-01 14:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-10 15:59 - 2017-08-01 14:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-10 15:59 - 2017-08-01 14:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-10 15:59 - 2017-08-01 14:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-10 15:59 - 2017-08-01 14:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-10 15:59 - 2017-08-01 14:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-10 15:59 - 2017-08-01 14:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-10 15:59 - 2017-08-01 14:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-10 15:59 - 2017-08-01 14:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-10 15:59 - 2017-08-01 14:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-10 15:59 - 2017-08-01 14:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-10 15:59 - 2017-08-01 14:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-10 15:59 - 2017-08-01 14:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-10 15:59 - 2017-08-01 14:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-10 15:59 - 2017-08-01 14:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-10 15:59 - 2017-08-01 14:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-10 15:59 - 2017-08-01 14:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-10 15:59 - 2017-08-01 14:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-10 15:59 - 2017-08-01 14:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-10 15:59 - 2017-08-01 14:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-10 15:59 - 2017-08-01 14:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-10 15:59 - 2017-08-01 14:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-10 15:59 - 2017-08-01 14:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-10 15:59 - 2017-08-01 14:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-10 15:59 - 2017-08-01 14:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-10 15:59 - 2017-08-01 14:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-10 15:59 - 2017-08-01 14:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-10 15:59 - 2017-08-01 14:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-10 15:59 - 2017-08-01 14:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-10 15:59 - 2017-08-01 14:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-10 15:59 - 2017-08-01 14:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-10 15:59 - 2017-08-01 14:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-10 15:59 - 2017-08-01 14:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-10 15:59 - 2017-08-01 14:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-10 15:59 - 2017-08-01 14:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-10 15:59 - 2017-08-01 14:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-10 15:59 - 2017-08-01 14:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-10 15:59 - 2017-08-01 14:26 - 001949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2017-08-10 15:59 - 2017-08-01 14:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-10 15:59 - 2017-08-01 14:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-10 15:59 - 2017-08-01 14:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-10 15:59 - 2017-08-01 14:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-10 15:59 - 2017-08-01 14:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-10 15:59 - 2017-08-01 14:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-10 15:59 - 2017-08-01 14:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-10 15:59 - 2017-08-01 12:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-10 15:59 - 2017-08-01 12:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-10 15:59 - 2017-08-01 12:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-10 15:59 - 2017-08-01 12:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-10 15:59 - 2017-08-01 12:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-10 15:59 - 2017-08-01 12:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-10 15:59 - 2017-08-01 12:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-10 15:59 - 2017-07-12 02:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-10 15:59 - 2017-07-12 02:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-10 15:59 - 2017-07-12 02:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-10 15:59 - 2017-07-12 02:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-10 15:59 - 2017-07-12 02:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-10 15:59 - 2017-07-12 02:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-10 15:59 - 2017-07-12 02:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-10 15:59 - 2017-07-12 02:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-10 15:59 - 2017-07-12 01:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-10 15:59 - 2017-07-12 01:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-10 15:59 - 2017-07-12 01:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-10 15:59 - 2017-07-12 01:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-10 15:59 - 2017-07-12 01:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-10 15:59 - 2017-07-12 01:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-10 15:59 - 2017-07-12 01:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-10 15:59 - 2017-07-12 01:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-10 15:59 - 2017-07-12 01:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-10 15:59 - 2017-07-12 01:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-10 15:59 - 2017-07-12 01:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-10 15:59 - 2017-07-12 01:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-10 15:59 - 2017-07-12 01:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-10 15:59 - 2017-07-12 01:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-10 15:59 - 2017-07-12 01:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-10 15:59 - 2017-07-12 01:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-10 15:59 - 2017-07-12 01:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-10 15:59 - 2017-07-12 01:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-10 15:59 - 2017-07-12 01:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-10 15:59 - 2017-07-12 01:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-10 15:59 - 2017-07-12 01:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-10 15:59 - 2017-07-12 01:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-10 15:59 - 2017-07-12 01:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-10 15:59 - 2017-07-12 01:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-10 15:59 - 2017-07-12 01:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-10 15:59 - 2017-07-12 00:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-10 15:59 - 2017-07-12 00:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-10 15:59 - 2017-07-12 00:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-10 15:59 - 2017-07-12 00:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-10 15:59 - 2017-07-12 00:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-10 15:59 - 2017-03-04 02:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-10 15:59 - 2017-03-04 02:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-10 15:59 - 2017-03-04 02:14 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-08-10 15:59 - 2017-03-04 02:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-10 15:59 - 2017-03-04 02:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-10 15:59 - 2016-08-02 04:13 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-10 15:58 - 2017-08-01 15:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-10 15:58 - 2017-08-01 15:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-10 15:58 - 2017-08-01 15:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-10 15:58 - 2017-08-01 15:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-10 15:58 - 2017-08-01 15:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-10 15:58 - 2017-08-01 15:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-10 15:58 - 2017-08-01 15:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-10 15:58 - 2017-08-01 14:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-10 15:58 - 2017-08-01 14:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-10 15:58 - 2017-08-01 14:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-10 15:58 - 2017-08-01 14:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-10 15:58 - 2017-08-01 14:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-10 15:58 - 2017-08-01 14:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-10 15:58 - 2017-08-01 14:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-10 15:58 - 2017-08-01 14:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-10 15:58 - 2017-08-01 14:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-10 15:58 - 2017-08-01 14:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-10 15:58 - 2017-08-01 14:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-10 15:58 - 2017-08-01 14:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-10 15:58 - 2017-08-01 14:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-10 15:58 - 2017-08-01 14:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-10 15:58 - 2017-08-01 14:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-10 15:58 - 2017-07-12 02:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-10 15:58 - 2017-07-12 01:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-10 15:58 - 2017-07-12 01:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-10 15:58 - 2017-07-12 01:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-10 15:58 - 2017-07-12 01:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-10 15:58 - 2017-07-12 01:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-10 15:58 - 2017-07-12 01:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-10 15:58 - 2017-07-12 01:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-10 15:58 - 2017-07-12 01:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-10 15:58 - 2017-07-12 01:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-10 15:58 - 2017-07-12 01:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-10 15:58 - 2017-07-12 01:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-10 15:58 - 2017-07-12 01:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-10 15:58 - 2017-07-12 01:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-10 15:58 - 2017-07-12 00:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-10 06:54 - 2017-08-10 06:57 - 000172474 _____ C:\Users\RNOwe\Desktop\Amazon1.pdf
2017-08-10 06:23 - 2017-08-10 06:23 - 000062991 _____ C:\Users\RNOwe\Desktop\blueflame.pdf
2017-08-05 22:29 - 2017-08-14 22:33 - 000003312 _____ C:\Users\RNOwe\Desktop\Rkill.txt
2017-08-05 22:21 - 2017-08-05 22:21 - 001806879 _____ C:\Users\RNOwe\Documents\AvgInstallLog.cab
2017-08-05 22:17 - 2017-08-05 22:17 - 000000000 ____D C:\Users\Ricky\AppData\Local\Avg
2017-08-05 22:13 - 2017-08-05 22:40 - 000000000 ____D C:\ProgramData\Avg
2017-08-05 22:13 - 2017-08-05 22:39 - 000000000 ____D C:\Users\RNOwe\AppData\Local\AvgSetupLog
2017-08-05 22:13 - 2017-08-05 22:13 - 000000000 ____D C:\Users\RNOwe\AppData\Local\Avg
2017-08-05 20:34 - 2017-08-05 20:34 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-05 20:06 - 2017-08-05 20:06 - 001192400 _____ C:\WINDOWS\isRS-000.tmp
2017-08-05 20:03 - 2017-08-05 20:06 - 065033984 _____ (Malwarebytes ) C:\Users\Ricky\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-08-05 19:58 - 2017-08-05 19:58 - 000001507 _____ C:\Users\Ricky\Desktop\HWiNFO32.lnk
2017-08-05 18:28 - 2017-08-05 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
2017-08-05 18:28 - 2017-08-05 18:28 - 000000000 ____D C:\Program Files (x86)\HWiNFO32
2017-08-05 18:23 - 2017-08-05 18:23 - 000000000 ____D C:\ProgramData\Intel
2017-08-05 18:00 - 2017-08-05 18:00 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2017-08-05 18:00 - 2017-08-05 18:00 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2017-08-05 18:00 - 2017-08-05 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-08-05 18:00 - 2017-08-05 18:00 - 000000000 ____D C:\Program Files (x86)\Intel
2017-08-05 17:59 - 2017-08-05 17:59 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services
2017-08-05 17:59 - 2017-08-05 17:59 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2017-08-05 17:59 - 2017-08-05 17:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2017-08-05 17:59 - 2017-08-05 17:59 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2017-08-02 23:22 - 2017-08-02 23:22 - 000000222 _____ C:\Users\Ricky\Desktop\Call of Duty Black Ops II - Zombies.url
2017-08-02 17:14 - 2017-08-11 22:15 - 000000222 _____ C:\Users\Ricky\Desktop\Call of Duty Black Ops II - Multiplayer.url
2017-08-02 14:31 - 2017-08-02 14:31 - 000000000 ____D C:\Users\Ricky\AppData\Local\iTunes
2017-08-02 13:51 - 2017-08-02 13:51 - 000002020 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-08-02 13:51 - 2017-08-02 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-08-02 13:50 - 2017-08-02 13:51 - 000000000 ____D C:\Users\Ricky\Documents\iTunes
2017-08-02 13:50 - 2017-08-02 13:50 - 000000000 ____D C:\Program Files\iPod
2017-08-02 13:47 - 2017-08-02 13:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-08-02 13:47 - 2017-08-02 13:47 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2017-08-02 12:17 - 2017-08-02 12:17 - 000000222 _____ C:\Users\Ricky\Desktop\Call of Duty Black Ops II.url
2017-08-01 17:33 - 2017-08-01 17:33 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\EasyAntiCheat
2017-07-31 23:37 - 2017-07-31 23:58 - 064619276 _____ C:\Users\Ricky\Desktop\541541-BO2-U3.rar
2017-07-31 17:34 - 2017-07-31 17:34 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\KeepVid
2017-07-30 22:29 - 2017-08-01 23:59 - 000000000 ____D C:\ProgramData\xml_param
2017-07-30 22:25 - 2017-07-30 22:25 - 000000000 ____D C:\Users\RNOwe\AppData\Roaming\KeepVid
2017-07-30 22:25 - 2017-07-30 22:25 - 000000000 ____D C:\Users\Ricky\AppData\Local\Aimersoft
2017-07-30 22:25 - 2017-07-30 22:25 - 000000000 ____D C:\ProgramData\Aimersoft
2017-07-30 22:23 - 2017-07-30 22:23 - 000001390 _____ C:\Users\Public\Desktop\KeepVid Pro.lnk
2017-07-30 22:23 - 2017-07-30 22:23 - 000000000 ____D C:\Users\RNOwe\AppData\Local\Aimersoft
2017-07-30 22:23 - 2017-07-30 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeepVid
2017-07-30 22:22 - 2017-08-02 14:32 - 000000000 ____D C:\ProgramData\KeepVid Pro
2017-07-30 22:22 - 2017-07-30 22:22 - 000000000 ____D C:\ProgramData\KeepVid Application Common Data
2017-07-30 22:22 - 2017-07-30 22:22 - 000000000 ____D C:\ProgramData\KeepVid
2017-07-30 22:22 - 2017-07-30 22:22 - 000000000 ____D C:\Program Files (x86)\KeepVid
2017-07-30 22:09 - 2017-07-30 22:24 - 036409223 _____ C:\Users\Ricky\Desktop\KeepVID PRO v4.10.1.7z
2017-07-29 08:00 - 2017-07-29 08:00 - 000051625 _____ C:\WINDOWS\uninstaller.dat
2017-07-26 12:48 - 2017-07-26 12:48 - 000000000 ____D C:\Users\RNOwe\AppData\LocalLow\uTorrent
2017-07-26 12:31 - 2017-07-26 12:31 - 000064038 _____ C:\Users\RNOwe\Desktop\daycare contract.pdf
2017-07-20 06:48 - 2017-07-25 07:27 - 000000000 ____D C:\Users\RNOwe\Desktop\Ricky camp
2017-07-20 06:43 - 2017-07-20 06:43 - 000000000 ____D C:\Users\RNOwe\AppData\Local\UNP
2017-07-19 07:34 - 2017-07-19 07:59 - 000000000 ____D C:\Users\RNOwe\Desktop\mad libs
2017-07-19 07:31 - 2017-07-19 07:31 - 000001414 _____ C:\Users\RNOwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update and Privacy Settings.lnk==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-15 19:08 - 2016-01-12 08:10 - 000000000 ____D C:\Users\Ricky\AppData\Local\Battle.net
2017-08-15 18:56 - 2016-01-12 08:08 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-08-15 18:00 - 2017-02-19 22:59 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-15 17:58 - 2015-10-14 23:24 - 004255708 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-15 17:55 - 2017-02-20 18:58 - 000000000 ____D C:\Users\Ricky\AppData\Local\MyComGames
2017-08-15 17:55 - 2016-02-11 21:39 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\Curse Client
2017-08-15 17:52 - 2017-01-02 21:03 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-15 17:52 - 2016-11-13 16:25 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-08-15 17:51 - 2016-08-07 16:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-15 17:50 - 2016-07-16 02:04 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2017-08-15 17:10 - 2015-10-15 15:50 - 000000000 ____D C:\Program Files (x86)\Steam
2017-08-15 17:05 - 2016-11-26 16:24 - 000000000 ____D C:\Users\Ricky\AppData\LocalLow\Mozilla
2017-08-15 16:21 - 2016-08-07 15:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-15 13:04 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-15 11:48 - 2016-07-16 07:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-15 11:46 - 2016-03-13 08:15 - 000000000 ____D C:\Users\Ricky\AppData\Local\CrashDumps
2017-08-15 09:07 - 2016-08-02 16:44 - 000000000 ____D C:\Users\RNOwe\Desktop\Nonni's Songs
2017-08-15 09:04 - 2016-08-17 08:17 - 000000000 ____D C:\Users\RNOwe\Desktop\daycare
2017-08-15 07:06 - 2016-11-08 21:05 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-15 06:59 - 2016-08-07 15:59 - 000000000 ____D C:\Users\RNOwe
2017-08-15 06:59 - 2016-08-07 15:59 - 000000000 ____D C:\Users\Ricky
2017-08-14 21:12 - 2017-01-02 21:03 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-08-14 21:12 - 2017-01-02 21:03 - 000000000 ____D C:\Users\Ricky\Documents\Anti-Malware
2017-08-14 18:29 - 2016-01-12 16:46 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2017-08-14 18:19 - 2017-06-02 22:09 - 000000222 _____ C:\Users\Ricky\Desktop\Rust.url
2017-08-14 13:44 - 2016-03-19 03:20 - 000000000 ____D C:\Users\RNOwe\AppData\Local\CrashDumps
2017-08-14 13:31 - 2015-11-17 21:07 - 000000000 ____D C:\Users\Ricky\AppData\Local\Adobe
2017-08-14 13:30 - 2017-02-17 20:12 - 000004386 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-08-14 13:30 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-14 13:30 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-14 13:27 - 2015-11-18 14:32 - 000000000 ____D C:\Users\RNOwe\AppData\Local\Adobe
2017-08-14 12:43 - 2015-10-14 23:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-14 03:35 - 2016-07-16 07:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-13 17:38 - 2016-08-07 15:52 - 000412760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-13 17:36 - 2016-07-16 10:29 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-08-13 17:36 - 2016-07-16 07:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-13 17:36 - 2016-07-16 07:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-13 17:36 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-13 17:36 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-13 17:36 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-13 17:36 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-08-13 17:36 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-13 17:36 - 2016-07-16 07:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-13 17:36 - 2016-07-16 07:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-13 17:36 - 2016-07-16 07:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-13 17:36 - 2016-07-16 07:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-13 10:55 - 2016-07-16 07:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-13 09:52 - 2015-10-17 21:23 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-08-12 20:20 - 2016-03-19 22:12 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\discord
2017-08-12 07:30 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-08-10 09:59 - 2016-08-09 12:01 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-08-10 06:13 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2017-08-09 19:23 - 2015-10-15 15:47 - 000002473 _____ C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-08 22:46 - 2015-10-15 00:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-08 22:33 - 2015-10-15 00:23 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-06 07:40 - 2015-10-15 19:36 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\Skype
2017-08-05 20:06 - 2017-01-02 21:03 - 000002122 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-08-05 20:06 - 2017-01-02 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-08-05 17:58 - 2015-10-14 23:42 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-03 10:07 - 2016-07-16 07:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-08-03 10:05 - 2016-03-22 13:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-08-02 22:51 - 2017-03-20 06:42 - 000000000 ____D C:\Users\RNOwe\.MemuHyperv
2017-08-02 22:49 - 2017-03-22 17:44 - 000000000 ____D C:\Users\RNOwe\Downloads\MEmu Download
2017-08-02 13:50 - 2016-08-01 20:55 - 000000000 ____D C:\Program Files\Common Files\Apple
2017-08-02 13:47 - 2016-08-01 20:57 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-08-01 17:46 - 2015-10-16 15:47 - 000797224 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-08-01 17:37 - 2015-10-17 07:44 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\uTorrent
2017-08-01 16:24 - 2015-10-15 20:24 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-08-01 13:10 - 2016-08-11 12:40 - 000000000 ____D C:\Users\Ricky\AppData\Local\Discord
2017-07-31 12:51 - 2015-10-15 15:43 - 000000000 ____D C:\Users\Ricky\AppData\Local\Packages
2017-07-31 11:14 - 2017-02-18 04:19 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 11:14 - 2017-02-18 04:19 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-28 23:39 - 2016-12-09 07:14 - 000000000 ____D C:\Users\Ricky\Documents\DayZ
2017-07-28 23:38 - 2016-12-09 07:14 - 000000000 ____D C:\Users\Ricky\AppData\Local\DayZ
2017-07-26 23:56 - 2015-10-26 07:03 - 000000000 ____D C:\Users\RNOwe\AppData\Roaming\uTorrent
2017-07-24 17:56 - 2015-11-24 16:35 - 000000000 ____D C:\Users\Ricky\AppData\Local\ArmA 2 OA
2017-07-24 10:20 - 2016-03-26 05:11 - 000226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-07-24 10:20 - 2016-03-26 05:11 - 000226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2017-07-24 10:13 - 2016-03-25 09:06 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\Origin
2017-07-24 10:09 - 2016-03-24 19:34 - 000000000 ____D C:\ProgramData\Origin
2017-07-24 10:02 - 2017-06-04 00:21 - 000000000 ____D C:\Users\Ricky\Desktop\Wow music
2017-07-21 21:24 - 2016-03-25 09:00 - 000000000 ____D C:\Users\Ricky\Documents\Origin
2017-07-20 22:05 - 2017-03-20 06:43 - 000000000 ____D C:\Users\RNOwe\AppData\Roaming\NVIDIA
2017-07-20 13:09 - 2016-09-09 06:25 - 000000000 ____D C:\Users\Ricky\AppData\Local\Arma 3 Launcher
2017-07-20 07:06 - 2015-10-14 23:34 - 000000000 ____D C:\Users\RNOwe\AppData\Local\Packages
2017-07-17 17:32 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\rescache
2017-07-17 16:29 - 2016-11-25 20:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-17 16:29 - 2016-09-09 14:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service==================== Files in the root of some directories =======
2016-09-12 15:21 - 2016-09-12 15:21 - 305520897 _____ () C:\Users\RNOwe\AppData\Local\ACCCx3_8_0_310.zip.aamdownload
2016-09-12 15:21 - 2016-09-12 15:21 - 000003413 _____ () C:\Users\RNOwe\AppData\Local\ACCCx3_8_0_310.zip.aamdownload.aamd
2016-01-01 02:45 - 2016-01-01 02:45 - 000000000 _____ () C:\Users\RNOwe\AppData\Local\Driver_LOM_8161Present.flag
2016-08-12 04:18 - 2017-03-05 07:13 - 000007600 _____ () C:\Users\RNOwe\AppData\Local\Resmon.ResmonCfg
2017-02-18 04:19 - 2017-02-18 04:19 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-02 20:44 - 2017-02-16 22:42 - 000005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-02 20:44 - 2017-02-16 17:27 - 000000515 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1Some files in TEMP:
====================
2016-12-04 18:26 - 2016-12-04 18:42 - 000000068 _____ () C:\Users\RNOwe\AppData\Local\Temp\ade310c59b2001f825baf3fb617e4f7b.dll
2016-09-12 15:21 - 2015-03-05 09:54 - 002212008 _____ (Adobe Systems Incorporated) C:\Users\RNOwe\AppData\Local\Temp\AdobeApplicationManager.exe
2016-08-08 11:29 - 2016-08-08 11:29 - 000000000 ____D () C:\Users\RNOwe\AppData\Local\Temp\avgnt.exe
2016-12-04 18:26 - 2016-12-04 18:26 - 000000512 _____ () C:\Users\RNOwe\AppData\Local\Temp\f9a1b5d54284183a1d5112742cb85097.dll
2017-07-31 23:20 - 2017-07-31 23:20 - 000745507 _____ (MP3 Players) C:\Users\RNOwe\AppData\Local\Temp\fox.exe
2017-07-11 18:22 - 2017-02-10 10:54 - 000037376 _____ (Microsoft) C:\Users\RNOwe\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
2017-07-11 18:22 - 2017-02-10 10:54 - 000020480 _____ (Microsoft) C:\Users\RNOwe\AppData\Local\Temp\HiRezLauncherControls.dll
2017-07-31 23:33 - 2017-07-31 23:33 - 000102400 _____ (ancient JK) C:\Users\RNOwe\AppData\Local\Temp\max.exe
2017-02-21 03:29 - 2016-12-29 08:43 - 000747464 _____ (NVIDIA Corporation) C:\Users\RNOwe\AppData\Local\Temp\nvSCPAPI.dll
2017-02-21 03:29 - 2016-12-29 08:43 - 000860776 _____ (NVIDIA Corporation) C:\Users\RNOwe\AppData\Local\Temp\nvSCPAPI64.dll
2017-04-06 11:52 - 2016-12-29 08:43 - 000351680 _____ (NVIDIA Corporation) C:\Users\RNOwe\AppData\Local\Temp\nvStInst.exe
2016-09-09 21:32 - 2016-11-17 09:45 - 001135552 _____ (NVIDIA Corporation) C:\Users\RNOwe\AppData\Local\Temp\NvTelemetry.dll
2016-09-09 21:32 - 2016-11-17 09:45 - 000217024 _____ (NVIDIA Corporation) C:\Users\RNOwe\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-09-09 21:32 - 2016-11-17 09:45 - 000268736 _____ (NVIDIA Corporation) C:\Users\RNOwe\AppData\Local\Temp\NvTelemetryAPI64.dll
2017-03-20 06:43 - 2017-08-02 22:51 - 000492544 _____ () C:\Users\RNOwe\AppData\Local\Temp\s3.exe
2017-07-31 23:20 - 2017-07-31 23:20 - 004185841 _____ () C:\Users\RNOwe\AppData\Local\Temp\SetupInstallStart.exe
2016-08-02 22:12 - 2016-08-02 22:12 - 000000000 ____D () C:\Users\Temp\AppData\Local\Temp\avgnt.exe==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2017-07-27 17:31
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2017 01
Ran by RNOwe (15-08-2017 19:15:13)
Running from C:\Users\Ricky\Desktop\FRST
Windows 10 Pro Version 1607 (X64) (2016-08-07 20:34:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================Administrator (S-1-5-21-2190132408-2257626196-1181361939-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2190132408-2257626196-1181361939-503 - Limited - Disabled)
Guest (S-1-5-21-2190132408-2257626196-1181361939-501 - Limited - Disabled)
mrsam (S-1-5-21-2190132408-2257626196-1181361939-1004 - Limited - Enabled)
natey (S-1-5-21-2190132408-2257626196-1181361939-1008 - Limited - Disabled)
Ricky (S-1-5-21-2190132408-2257626196-1181361939-1003 - Limited - Enabled) => C:\Users\Ricky
RNOwe (S-1-5-21-2190132408-2257626196-1181361939-1001 - Administrator - Enabled) => C:\Users\RNOwe==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
7-Zip 15.10 beta (x64) (HKLM\...\7-Zip) (Version: 15.10 - Igor Pavlov)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{AAFD93A0-6522-9FF4-69CF-15B98681681A}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.92 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASTRO Command Center (HKLM-x32\...\{691A89DA-3E44-4F88-9637-4D7B17CC7181}) (Version: 1.0.76 - Astro Gaming)
AutoHotkey 1.1.24.03 (HKLM\...\AutoHotkey) (Version: 1.1.24.03 - Lexikos)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.3.3.860 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle Islands: Commanders (HKLM\...\Steam App 445720) (Version: - DR Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.62791 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BF3 Settings Editor (HKLM\...\{0122EDA0-52FC-4EC2-9A31-A2A757A7D40E}) (Version: 2.3 - Realmware)
Blackwake (HKLM\...\Steam App 420290) (Version: - Mastfire Studios Pty Ltd)
Blender (HKLM\...\{2BBF253B-4DC9-49DA-AE78-5991452AC317}) (Version: 2.78.2 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.6.100.6363 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version: - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM\...\Steam App 202970) (Version: - Treyarch)
Call of Duty: Black Ops III (HKLM\...\Steam App 311210) (Version: - Treyarch)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Chromium (HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\Chromium) (Version: 51.0.2683.0 - Chromium)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 45.9.12.393 - Comodo)
Counter-Strike Nexon: Zombies (HKLM-x32\...\Steam App 273110) (Version: - Nexon)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio)
Dirty Bomb (HKLM\...\Steam App 333930) (Version: - Splash Damage®)
Discord (HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Driver Booster 4.3 (HKLM-x32\...\Driver Booster_is1) (Version: 4.3.0 - IObit)
Emily is Away (HKLM-x32\...\Steam App 417860) (Version: - Kyle Seeley)
Epic Games Launcher (HKLM-x32\...\{56C7F9B4-77A1-48C3-AE0A-E402992F1F9B}) (Version: 1.1.94.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVE Online (HKLM\...\Steam App 8500) (Version: - CCP)
Farming Simulator 17 (HKLM\...\Steam App 447020) (Version: - Giants Software)
FileZilla Client 3.16.0 (HKLM-x32\...\FileZilla Client) (Version: 3.16.0 - Tim Kosse)
Fishing Planet (HKLM\...\Steam App 380600) (Version: - Fishing Planet LLC)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Fraps (HKLM-x32\...\Fraps) (Version: - )
Genital Jousting (HKLM\...\Steam App 469820) (Version: - Free Lives)
Google Chrome (HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\Google Chrome) (Version: 61.0.3163.39 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{09A8EA8A-9C9D-45E4-B20C-3F13C2CCD32C}) (Version: 7.3.0.3830 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GRID 2 (HKLM\...\Steam App 44350) (Version: - Codemasters Racing)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Gyazo 3.3.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.6.4 - Hi-Rez Studios)
Hotspot Shield 4.18.3 (HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\HotspotShield) (Version: 4.18.3 - AnchorFree Inc.)
HWiNFO32 Version 5.22 (HKLM-x32\...\HWiNFO32_is1) (Version: 5.22 - Martin Malík - REALiX)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
InstallShieldHiRezCurrent (HKLM-x32\...\{9433FC1C-7405-433C-A26D-81076293BBCE}) (Version: 3.0.0.0 - Hi-Rez Studios)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intel Extreme Tuning Utility (HKLM-x32\...\{2b6ed4de-d92a-4e61-aa4f-5196a0ecee21}) (Version: 6.3.0.56 - Intel Corporation)
Intel Extreme Tuning Utility (HKLM-x32\...\{AD9EAA1C-2EF5-4243-ACE5-7AB77047291D}) (Version: 6.3.0.56 - Intel Corporation) Hidden
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
KeepVid Pro(Build 4.10.1.0) (HKLM-x32\...\KeepVid Pro_is1) (Version: 4.10.1.0 - KeepVid Studio)
Killer Bandwidth Control Filter Driver (HKLM\...\{24BA7D32-B740-47A3-BE0E-2F4863A05D13}) (Version: 1.1.56.1120 - Rivet Networks) Hidden
Killer E220x Drivers (HKLM\...\{921ABFC0-9681-487D-9379-89C1712EFEBF}) (Version: 1.1.56.1120 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{E21E50A4-4A55-4A7E-B1AA-16F8F9E255C8}) (Version: 1.1.56.1120 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.56.1120 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 5.1.2.2 (HKLM-x32\...\{09AD7191-4F96-442C-B2F4-1491B144DBEB}) (Version: 5.1.2.2 - The Document Foundation)
Line of Sight (HKLM\...\Steam App 436520) (Version: - BlackSpot Entertainment)
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Mad Max (HKLM\...\Steam App 234140) (Version: - Avalanche Studios)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
MEmu (HKLM-x32\...\MEmu) (Version: 2.9.6.1 - Microvirt)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mitos.is: The Game (HKLM\...\Steam App 389570) (Version: - Freakinware Studios)
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
My.com Game Center (HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\MyComGames) (Version: 3.195 - My.com B.V.)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.28.00 - NETGEAR Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.92 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Graphics Driver 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.92 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.23 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenVPN 2.3.6-I001 (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I001 - )
Orcs Must Die! 2 (HKLM\...\Steam App 201790) (Version: - Robot Entertainment)
Orcs Must Die! Unchained (HKLM\...\Steam App 427270) (Version: - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 10.4.14.21968 - Electronic Arts, Inc.)
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Planetary Annihilation (HKLM\...\Steam App 233250) (Version: - Uber Entertainment)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.9.2-r111395-release - Plays.tv, LLC)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.2 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Razer Comms (HKLM-x32\...\Razer Comms) (Version: 5.12 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
ROBLOX Player for Ricky (HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Player for RNOwe (HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Studio for Ricky (HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Robocraft (HKLM\...\Steam App 301520) (Version: - Freejam)
Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spintires (HKLM\...\Steam App 263280) (Version: - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version: - )
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.76421 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Tenda Wireless LAN Card (HKLM-x32\...\{C26CF23B-8EAC-401C-96F8-1064EC7CE039}) (Version: 1.5.6.0 - Tenda)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
theHunter (HKLM\...\Steam App 253710) (Version: - Expansive Worlds)
Time Clickers (HKLM-x32\...\Steam App 385770) (Version: - Proton Studio Inc)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal)
Transcripted (HKLM\...\Steam App 215450) (Version: - Alkemi)
Trimmer Tycoon (HKLM\...\Steam App 505750) (Version: - Improx Games)
Unity (HKLM-x32\...\Unity) (Version: 5.5.2f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Smartly Dressed Games)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Warface (HKLM-x32\...\Steam App 291480) (Version: - Crytek)
Warface My.Com (HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\Warface My.Com) (Version: 1.27 - My.com B.V.)
Warframe TennoGen (HKLM\...\Steam App 396050) (Version: - )
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
World of Tanks (HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1) (Version: - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Worm.is: The Game (HKLM\...\Steam App 466910) (Version: - Freakinware Studios)
ZookaWare (HKLM-x32\...\ZookaWare) (Version: 5.0.1 - ZookaWare)
Аrdamаx Kеylogger 4.4.2 (HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\Аrdamаx Kеylogger 4.4.2) (Version: - )==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2190132408-2257626196-1181361939-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\RNOwe\AppData\Local\Roblox\Versions\version-da823d17eb7346c9\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-2190132408-2257626196-1181361939-1003_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Ricky\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2190132408-2257626196-1181361939-1003_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Ricky\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2190132408-2257626196-1181361939-1003_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Ricky\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2190132408-2257626196-1181361939-1003_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Ricky\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2190132408-2257626196-1181361939-1003_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Ricky\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2190132408-2257626196-1181361939-1003_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Ricky\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2190132408-2257626196-1181361939-1003_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Ricky\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2190132408-2257626196-1181361939-1003_Classes\CLSID\{cd518d10-13b7-487e-b121-e772c4aeada3}\InprocServer32 -> c:\windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2190132408-2257626196-1181361939-1003_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Ricky\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2190132408-2257626196-1181361939-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ricky\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-01] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2015-04-15] ()
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-02-27] (Power Software Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Users\Ricky\Documents\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-01] (Igor Pavlov)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-02-27] (Power Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-03-16] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-01] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Users\Ricky\Documents\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-02-27] (Power Software Ltd)==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E84F185-5BA7-4C63-ABB9-B795ADDB55D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation)
Task: {0F298098-657E-4943-99E3-A5C50C4B7972} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2190132408-2257626196-1181361939-1009Core => C:\Users\Temp\AppData\Local\Google\Update\GoogleUpdate.exe [2016-08-02] (Google Inc.) <==== ATTENTION
Task: {1A5DD9C5-F5A9-443E-91C2-25DD2BFA1318} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-03] (Microsoft Corporation)
Task: {1F306747-FD55-445D-A736-2FDFFB76AB48} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-08] (Google Inc.)
Task: {23FC0D6D-4B41-4FC7-8EEB-5A3CF855291A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {2F137121-08AE-41F6-BA4F-8B2E892F5168} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {36ED4651-8B99-49AB-8348-DDA83008159C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation)
Task: {390113BA-0C5E-453E-812B-51F46552A43C} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-05-16] ()
Task: {45F654AE-5823-41D8-BC24-A8A60676A61A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {507A6059-487B-43D4-ACB0-84B9FD79B708} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {652EF281-F0A4-4EF1-9528-16BDE6415A0C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2190132408-2257626196-1181361939-1009UA => C:\Users\Temp\AppData\Local\Google\Update\GoogleUpdate.exe [2016-08-02] (Google Inc.) <==== ATTENTION
Task: {6B5798D1-1532-4342-AC68-506A1CFDA2DF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-08-03] (Microsoft Corporation)
Task: {6F61B115-0EF7-46E8-B337-4262B877A9A2} - System32\Tasks\Zookaware Scheduled Update Check => C:\Program Files (x86)\ZookaWare\ZookaWare.exe [2017-03-05] (ZookaWare)
Task: {775A8DC6-C222-4416-A995-9FCBBF29622A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2190132408-2257626196-1181361939-1003UA1d257eac5ebce53 => C:\Users\Ricky\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-15] (Google Inc.)
Task: {804CF9AB-72A7-434D-8FCC-3EB063C3CE6C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {9C50F60E-60A7-4889-BE08-4B5EA849D719} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation)
Task: {ABFD2B65-2DA8-465C-B75A-ED20D620BD3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-08] (Google Inc.)
Task: {BE2CBEC8-DC29-4806-AEE7-2CD180C9705D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation)
Task: {C0C62CA9-07B5-46C9-8166-3ACBAFFFDF8D} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-05-16] ()
Task: {C818E9FC-2FE7-4924-BD04-D392E332A4B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-03] (Microsoft Corporation)
Task: {CAE370AB-797F-4163-8B90-6C4ACF4BB76D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2190132408-2257626196-1181361939-1003UA => C:\Users\Ricky\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-15] (Google Inc.)
Task: {D0ED94BF-FA07-40B9-AD16-9340585F9438} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {DB9DD61F-72C9-40FE-8B5B-7FB35DF1436C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {E0D786EF-B7B2-4B34-B18E-D9AE26AA73F2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2190132408-2257626196-1181361939-1003Core => C:\Users\Ricky\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-15] (Google Inc.)
Task: {E3665C04-382E-4BF7-B184-EB24E38BC5AC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {E3FACFDA-D6E7-4EF8-BDD9-2903BE144AD9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2190132408-2257626196-1181361939-1003Core1d257eac59727ba => C:\Users\Ricky\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-15] (Google Inc.)
Task: {F8084281-26F1-4F9D-AD62-1EFD309C4788} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation)
Task: {F8C6A7C7-8A74-46D1-B606-DDFC0297C1C8} - System32\Tasks\ZookaWare registration reminder => C:\Program Files (x86)\ZookaWare\ZookawareUpdater.exe [2017-03-05] ()
Task: {F9BE8308-5E55-4C78-9E81-19956EDCB9D9} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {FF4ADCA3-D486-4406-BD67-8F3C8D9A1143} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-14] (Adobe Systems Incorporated)(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2190132408-2257626196-1181361939-1003Core.job => C:\Users\Ricky\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2190132408-2257626196-1181361939-1003UA.job => C:\Users\Ricky\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2190132408-2257626196-1181361939-1009Core.job => C:\Users\Temp\AppData\Local\Google\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2190132408-2257626196-1181361939-1009UA.job => C:\Users\Temp\AppData\Local\Google\Update\GoogleUpdate.exe <==== ATTENTION==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\RNOwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.4.2\Аrdаmаx Keylogger 4.4.2.lnk -> C:\Users\RNOwe\Documents\CCP\CCP.exe (No File) <==== Cyrillic==================== Loaded Modules (Whitelisted) ==============
2016-07-16 07:42 - 2016-07-16 07:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-12 11:59 - 2017-06-21 03:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-26 07:36 - 2016-09-04 23:02 - 000076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2016-08-07 20:13 - 2016-08-07 20:13 - 000959168 _____ () C:\Users\Ricky\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-07-05 06:43 - 2017-01-29 09:55 - 008930504 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2015-04-15 16:13 - 2015-04-15 16:13 - 000222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-03-14 21:42 - 2017-03-04 02:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 21:42 - 2017-03-04 02:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 21:42 - 2017-03-04 02:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-10 15:59 - 2017-03-04 02:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-10 15:59 - 2017-08-01 14:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-10 15:59 - 2017-08-01 14:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-07-17 17:04 - 2017-07-17 17:06 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-17 17:04 - 2017-07-17 17:06 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-17 17:04 - 2017-07-17 17:06 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-17 17:04 - 2017-07-17 17:06 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-02-19 23:31 - 2016-10-25 16:19 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-19 23:31 - 2016-10-25 16:19 - 004489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-02-19 23:32 - 2016-10-25 16:19 - 000418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-15 16:21 - 2016-09-07 00:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 21:41 - 2017-03-04 02:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-08-09 19:23 - 2017-08-09 01:48 - 004022616 _____ () C:\Users\Ricky\AppData\Local\Google\Chrome\Application\61.0.3163.39\libglesv2.dll
2017-08-09 19:23 - 2017-08-09 01:48 - 000100184 _____ () C:\Users\Ricky\AppData\Local\Google\Chrome\Application\61.0.3163.39\libegl.dll
2017-07-21 19:54 - 2017-07-21 19:54 - 001528296 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9093\Battle.net Helper.exe
2015-11-24 16:48 - 2015-11-24 16:48 - 000028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 16:46 - 2015-11-24 16:46 - 000110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 16:48 - 2015-11-24 16:48 - 000041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 16:48 - 2015-11-24 16:48 - 000096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 16:43 - 2015-11-24 16:43 - 000356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 16:48 - 2015-11-24 16:48 - 000017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 16:48 - 2015-11-24 16:48 - 000019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 16:48 - 2015-11-24 16:48 - 000036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 16:43 - 2015-11-24 16:43 - 000043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 16:43 - 2015-11-24 16:43 - 000805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 16:43 - 2015-11-24 16:43 - 000087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 16:46 - 2015-11-24 16:46 - 000354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 16:48 - 2015-11-24 16:48 - 000167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 16:47 - 2015-11-24 16:47 - 001980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 16:57 - 2015-12-07 16:57 - 000077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 16:47 - 2015-11-24 16:47 - 001862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 16:47 - 2015-11-24 16:47 - 000516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 16:47 - 2015-11-24 16:47 - 004060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 16:43 - 2015-11-24 16:43 - 000010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2017-02-19 23:31 - 2016-10-25 16:19 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-07-21 19:55 - 2017-07-21 19:56 - 055782888 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9093\libcef.dll
2017-07-21 19:56 - 2017-07-21 19:56 - 000540336 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9093\ortp.dll
2017-07-21 19:56 - 2017-07-21 19:56 - 000133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9093\libEGL.dll
2017-07-21 19:56 - 2017-07-21 19:56 - 003384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9093\libGLESv2.dll==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Ricky:Heroes & Generals [38]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\sharepoint.com -> hxxps://livevsc-files.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-09-18 12:50 - 2017-08-14 13:45 - 000000838 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\RNOwe\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Ricky\Desktop\wallpaper.jpg
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: d447ab7d0fb975b032ce5d423855b98e => 2
MSCONFIG\Services: Killer Service V2 => 2
MSCONFIG\Services: SysEventSVC => 2
HKLM\...\StartupApproved\StartupFolder: => "Tenda Wireless Utility.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "TCTray"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\StartupApproved\Run: => "Razer Comms"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1001\...\StartupApproved\Run: => "NETGEARGenie"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\StartupApproved\Run: => "TSMApplication"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\StartupApproved\Run: => "CCP Start"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2190132408-2257626196-1181361939-1003\...\StartupApproved\Run: => "hsscp.EXE"==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4B419972-F12D-4F5F-BEE0-0E5E82CA5B3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WarframeTennoGen\bin\SteamWorkshopUploader.exe
FirewallRules: [{9F695E89-DA5D-4A93-8F51-4BFD29EE3C1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WarframeTennoGen\bin\SteamWorkshopUploader.exe
FirewallRules: [UDP Query User{278EB8EC-2E76-4321-94B7-3B82C33DEA48}C:\users\ricky\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\ricky\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{FFF5A6BB-29D0-474F-8FD4-11421C346DD4}C:\users\ricky\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\ricky\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{1072DCD5-45E1-40C0-B592-E3C0973DF070}] => (Allow) C:\Users\Ricky\Documents\iTunes\iTunes.exe
FirewallRules: [{E6C0CD72-CEBC-45B2-8A24-DF102E1E5C12}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1586B2F1-D3C7-428C-B276-207C90728CE0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2EDE6151-13DA-409D-A9B6-BA02E2822820}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5CE289D3-92C2-4285-85D3-E6F779FB8BD7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BE57651E-D2C5-4300-AD92-AE4EE3AD19F8}] => (Allow) C:\Users\Ricky\Documents\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe
FirewallRules: [{5E1F2BA5-9F6C-4B58-A57B-4BC0384616EA}] => (Allow) C:\Users\Ricky\Documents\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe
FirewallRules: [UDP Query User{DF87889A-0B42-4800-AB7D-B9021C41E1BC}C:\users\ricky\appdata\roaming\utorrent\updates\3.4.7_42330.exe] => (Block) C:\users\ricky\appdata\roaming\utorrent\updates\3.4.7_42330.exe
FirewallRules: [TCP Query User{43AC2DA1-06CB-4501-B26B-09EB6F94EF98}C:\users\ricky\appdata\roaming\utorrent\updates\3.4.7_42330.exe] => (Block) C:\users\ricky\appdata\roaming\utorrent\updates\3.4.7_42330.exe
FirewallRules: [UDP Query User{D24A005E-744E-49A0-99D8-A89DE5FF8399}C:\program files (x86)\steam\steamapps\common\orcsmustdieunchained\binaries\win64\spitfiregame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\orcsmustdieunchained\binaries\win64\spitfiregame.exe
FirewallRules: [TCP Query User{7BC1C8B0-5B8C-495A-9E66-488B515F729D}C:\program files (x86)\steam\steamapps\common\orcsmustdieunchained\binaries\win64\spitfiregame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\orcsmustdieunchained\binaries\win64\spitfiregame.exe
FirewallRules: [UDP Query User{E65C11D2-2FEA-476D-A733-C76AB434D0D0}C:\users\ricky\desktop\internet explorer\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ricky\desktop\internet explorer\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{50295637-82FF-4DED-BC2B-31100A547462}C:\users\ricky\desktop\internet explorer\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ricky\desktop\internet explorer\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{EE2BBC5B-D61A-4024-9CC2-9EEC5B583DEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe
FirewallRules: [{4B22406E-3A9F-4E0A-8867-389962DC6A83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe
FirewallRules: [{21860F47-9D92-4963-968D-48BE49C8FA17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{C651FE7B-308C-49E1-AA36-995F26B8D334}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{402D2688-4EF1-4E7C-AAE5-1151723F4BB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{FF5FAF32-EBE6-4ED0-8904-48878DB7B42C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{6FEA0810-3F62-4AF3-A3CD-2F1027F697EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F3C3C217-627B-473C-BAA2-BDE6EF5F1754}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8828CC3E-615D-4D81-B7BF-853B99754F13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{9DC25832-F5D1-455B-958D-2EFF8DB25534}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{A4706896-9FD2-4B82-9D71-11B7B13159AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{191656F0-27D6-4CBF-96D4-B91A461EB2BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{C8002DA7-5248-4F08-B82A-ECF442468C55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{5338B817-2258-4A37-AED4-F43D7F53CE3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{A2EE1303-CF60-42A3-A413-9DCF9A3B4D69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AVA\NWZLauncher.exe
FirewallRules: [{3B203766-8C28-4EE0-BC70-DB0E88A0AC12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AVA\NWZLauncher.exe
FirewallRules: [{85F1557D-167F-4CCE-97EA-B8154D2826B1}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{FD1C50F3-8F7E-476D-9F76-40771A6D33A1}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{2AA4B4B9-BCD7-4FB5-9B96-B4890B80FBAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{A948DDDF-3D7A-4FDB-8B0C-B0D9F3A4383D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{088B6A6A-078A-4308-A37B-A564148AFD95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\transcripted\Transcripted.exe
FirewallRules: [{A7D622A5-297B-4C3D-9322-AFD7BB0429E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\transcripted\Transcripted.exe
FirewallRules: [UDP Query User{17D773E1-C03D-42EB-9F12-7339CA16656E}C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe] => (Block) C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe
FirewallRules: [TCP Query User{041CFE60-626A-4A61-810D-81B90C3324C9}C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe] => (Block) C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe
FirewallRules: [UDP Query User{CD0A946D-FFC5-4FDA-A057-1ACDADF551C1}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe] => (Block) C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe
FirewallRules: [TCP Query User{96F8ADA0-FB75-45F8-A654-757BD91ADC07}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe] => (Block) C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe
FirewallRules: [{F67F9218-A98F-4CB6-86CD-2EAA0DF5AAE3}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{A9497FD1-7721-41CA-BCE1-2CCE56C05A6B}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{DCDDAC5E-07D2-49DA-8630-AB67888650CB}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{2C85326B-E3AF-4321-968A-AF052F67BB1C}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{F77B9CB5-3C61-4F83-9C85-D1C7F341E193}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{1A211706-EC4E-4C1A-86B8-CF0E8FB76C8F}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [UDP Query User{05AF401E-E547-43DC-A159-A35311964757}C:\users\ricky\documents\world_of_tanks\worldoftanks.exe] => (Block) C:\users\ricky\documents\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{FEBA19C9-670F-4073-AC68-94AA1A638C0F}C:\users\ricky\documents\world_of_tanks\worldoftanks.exe] => (Block) C:\users\ricky\documents\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{FC5614DE-1F94-4EBF-9734-BFD5E51F7282}C:\users\ricky\documents\world_of_tanks\wotlauncher.exe] => (Block) C:\users\ricky\documents\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{ABAE1D11-3CEC-4525-84A9-20B19EAABF5B}C:\users\ricky\documents\world_of_tanks\wotlauncher.exe] => (Block) C:\users\ricky\documents\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{6AB3C81C-E9D8-4018-B056-E351E7237868}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{551E1B94-F141-4619-B7B3-B599CDB05355}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{9DA0435A-428D-4395-B6EE-A5FFEDBD61BE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{7DA74F98-63D2-4E4B-A82D-047EBB7B16F3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{E2FA142B-662E-4F2E-9019-4C0E701F0EEC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{A9BFB056-6B1B-4F7C-A97B-F58C18362FA9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{2D2C4887-5B66-44EC-8846-7FD801D5EBB4}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{80BF560D-E049-4501-8D08-0D6D4D7B4B28}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [UDP Query User{C07A418D-AFF1-4132-9845-D1DF38A98416}C:\users\ricky\documents\call of duty black ops 2\t6mp.exe] => (Block) C:\users\ricky\documents\call of duty black ops 2\t6mp.exe
FirewallRules: [TCP Query User{9E35817D-CEEE-4612-92FB-85DF522CCBDF}C:\users\ricky\documents\call of duty black ops 2\t6mp.exe] => (Block) C:\users\ricky\documents\call of duty black ops 2\t6mp.exe
FirewallRules: [UDP Query User{6A3DC30F-BDD1-4349-BB90-15C6DED7A81C}C:\users\ricky\documents\call of duty black ops 2\t6sp.exe] => (Block) C:\users\ricky\documents\call of duty black ops 2\t6sp.exe
FirewallRules: [TCP Query User{13FD4320-2346-4F20-9B6A-8447105AAA51}C:\users\ricky\documents\call of duty black ops 2\t6sp.exe] => (Block) C:\users\ricky\documents\call of duty black ops 2\t6sp.exe
FirewallRules: [UDP Query User{4AB6FE87-A906-43B7-9A25-5F69BAD1D38E}C:\program files (x86)\call of duty black ops 2\t6sp.exe] => (Block) C:\program files (x86)\call of duty black ops 2\t6sp.exe
FirewallRules: [TCP Query User{65CFD4AD-A237-450E-A7BC-E3A30A1EE699}C:\program files (x86)\call of duty black ops 2\t6sp.exe] => (Block) C:\program files (x86)\call of duty black ops 2\t6sp.exe
FirewallRules: [UDP Query User{283B760E-C9A5-463F-B44A-307AC7777050}C:\program files (x86)\call of duty black ops 2\t6mp.exe] => (Block) C:\program files (x86)\call of duty black ops 2\t6mp.exe
FirewallRules: [TCP Query User{55965F1D-48B9-4429-8525-71485FD767F7}C:\program files (x86)\call of duty black ops 2\t6mp.exe] => (Block) C:\program files (x86)\call of duty black ops 2\t6mp.exe
FirewallRules: [{F50C635E-8DB3-4274-A88C-509FC94E51AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{ACD7B3A1-CDD2-4A0F-8FB7-094394EA9767}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{374F655E-8A50-4B2F-B592-B955D2B4C53B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mitos.is The Game\Mitosis.exe
FirewallRules: [{F794ABF8-0048-462A-AC59-DFE004E40F98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mitos.is The Game\Mitosis.exe
FirewallRules: [{3741D57A-777B-4167-B881-EE9EF05D176F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\server.exe
FirewallRules: [{879B879D-F048-43A9-A2D4-6087C6C4FE9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\server.exe
FirewallRules: [{6018E65D-45D3-4B14-B3F7-E1DAF4ED03C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe
FirewallRules: [{310F5807-81A7-4C89-BB6A-6C61AFD71ADC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe
FirewallRules: [{10BC2B0B-F791-4F7A-9D05-BA14BDC68552}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\crashupload.exe
FirewallRules: [{0A205701-F806-403F-8B39-0ED6C314BEFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\crashupload.exe
FirewallRules: [{5D955816-11F1-4625-BD1C-5E8519B1C1D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe
FirewallRules: [{D436535B-BC94-4F39-91CD-61D5436075D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe
FirewallRules: [{0707370F-ACEE-4056-9A6E-D0F3814A4037}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x86\crashupload.exe
FirewallRules: [{A155A6F2-E751-4287-B6AA-13DF0F02CFE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x86\crashupload.exe
FirewallRules: [{55344891-96CD-4502-A115-B8FE215699F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x86\PA.exe
FirewallRules: [{2749E06B-3C2B-4256-A016-F4FAC7D4AD60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x86\PA.exe
FirewallRules: [{E656AF8D-CACB-48B5-933F-963F75EE310C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [{91B3D9CB-5AA1-4A24-BC12-24A134AD9DE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [UDP Query User{9587A206-06C2-4652-9680-062693CD67DA}C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [TCP Query User{9DD76789-5349-40E9-9D35-EF63F94AB85C}C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [UDP Query User{D90E2E05-0B7A-47F1-A60A-97AFDA75B27D}C:\users\ricky\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ricky\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{639B386B-4015-483B-BC97-46DD4B60B3C6}C:\users\ricky\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ricky\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{85DBC87F-7CC0-4E89-B7B0-BF6F64EA6E6A}C:\users\ricky\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ricky\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{85BCDE2B-DD00-4AE0-9516-B5EC684C0F8F}C:\users\ricky\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ricky\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{89B478E8-9FF3-43BC-9C0C-87AE3EFD56EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{0ACD3AF5-D737-48F3-8EA6-F678483D9A29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{92CC0B09-E453-474C-8D60-D5C385173363}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{8CD8A797-5216-4A6F-9142-CC251A211C18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{93D57CBA-3441-44C7-92B6-68339FBBDDF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{7224ACE9-5936-409F-8246-6BBF9F27BC0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{B9893510-BD90-431D-BBDD-D23561CCAB5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{15F67547-30DF-4715-8E28-92326190DEE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{101EB6B2-CB4C-4519-B536-0565A65EF8C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{048FED05-E9CC-4001-A3C0-1CC54F43BE23}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A615F3BE-222B-4D80-9786-09BDC2F64CE9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3BED3AAE-5DD3-4B3C-8A0C-70BDED49E666}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2A077053-A1C3-4B27-BCB5-B863DE7DD0DC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{669876D6-DC2E-4675-93F7-538C59B328E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{0FD67088-C1E5-4FCC-AFF2-5FA3A877FC3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{B47C3DCA-6E0F-46DD-91F7-F2EF601855AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{17AC0DA6-3C07-42AB-9C99-DA4F585CEF1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{AC70147D-07B4-4C81-8EC1-118792BE899A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{9C539E29-EE45-43EA-A923-B66BD11C2A81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{9417B853-6F80-4DDB-A776-C3FE1175AEAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{4FEE3453-7226-48DA-970E-FE9B36F1B9C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [TCP Query User{BE95F898-FB40-4289-B924-B59A529ECE5D}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{82DD18EE-5FD3-4388-8946-1DB867377907}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{E294AF0C-2BC2-413D-B9F1-FB303E435C65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{47703713-1778-4D49-88EF-E44FA6E5043A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E77016E0-E87F-4014-BF05-90130CC15526}] => (Allow) C:\Users\RNOwe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{20DC8649-3148-41F7-97D0-5918D2BDF698}] => (Allow) C:\Users\RNOwe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FCBD983B-2FF7-439E-A2A7-3A63463E15EA}] => (Allow) C:\Users\RNOwe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E997B90A-9E79-42F1-99ED-C28B27DB1C95}] => (Allow) C:\Users\RNOwe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{93BB59AB-00FC-4662-89C1-2248ADC52221}] => (Allow) C:\Users\RNOwe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2B8F8E70-6AAB-4886-B767-791E08BFF859}] => (Allow) C:\Users\RNOwe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{37E8BC28-08D6-4983-B625-145B7E4CDF7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{3173BC4F-089D-4DA3-A30D-ACF682112AA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [TCP Query User{93E6D3B1-289A-48B3-9179-E1C515A15F1E}C:\users\ricky\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ricky\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6051078A-4F9E-40FD-8C8E-53EB64D9D8EB}C:\users\ricky\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ricky\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{36087D6F-FDE7-4876-973A-68BD25D4C7F0}] => (Allow) C:\Users\Ricky\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B72CD667-AA80-419D-A1CB-D66EE232DF78}] => (Allow) C:\Users\Ricky\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8AAFC0CC-15A1-47A8-A9ED-778A9DA43ACB}] => (Allow) C:\Users\Ricky\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B5441746-2250-40FA-B81C-A858CDBB5DB9}] => (Allow) C:\Users\Ricky\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{910E8D96-5DDE-43B4-B28D-A081A4196DD2}] => (Allow) C:\Users\Ricky\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FD5854CF-851F-4321-A51F-270B3C2878D4}] => (Allow) C:\Users\Ricky\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D7E1A967-6C07-4D9C-A9CE-F0B826CD837D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TimeClickers\TimeClickers.exe
FirewallRules: [{B0D2EF3A-5563-492A-836E-57277E1B81F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TimeClickers\TimeClickers.exe
FirewallRules: [{71E0E33D-5DA5-4B2E-8794-51AC7C5AB853}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{FDEEC283-14F0-45AB-B6DC-081F1BA6A1F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{26522798-9E64-42B0-A581-D71421B35F3A}] => (Allow) C:\Program Files (x86)\PlaysTV\playstv.exe
FirewallRules: [{8AE1C3E8-49C0-4F3E-BA64-EED5BEDA84DC}] => (Allow) C:\Program Files (x86)\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{7A4A1F3D-ABEB-4188-A309-5C05934731CE}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{45E7B6FA-7E27-42CC-9A29-549980AE4FBA}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [{0A6E1069-177D-4327-9CA2-593EAC4D1EC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{99E9663E-7E97-4CC4-86A4-EB83382393AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{4ACCD3FE-C7E1-46EC-975E-82C2D6C1EE0C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{EB07303F-C074-4727-8066-CCF47B5E5307}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6648C707-2FC6-4265-A6C1-57B29D499F53}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9B77B8D5-65F6-421A-99A2-22F08605178B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{AB88B3A4-23D2-4A9A-90A8-AF744C4F5238}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{11B7C296-9F7B-4B0C-862D-14FC1A87803F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{B6A2527D-E685-4620-B6B8-0F4AE7F081F5}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{EE5547BE-4B57-47AB-A70B-847ED890AEEE}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{B2CBBC71-9901-4D36-8F78-FAE7C01FF037}C:\users\ricky\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\ricky\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{548FC9FB-5037-4A2F-84FA-38988A278924}C:\users\ricky\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\ricky\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{3D836342-4D32-41F6-B30D-49D6ACFC7843}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{0EB75063-47E4-4043-A082-FCE3C56B23BE}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{EA0C3C6E-B8B5-4E72-9E5A-EE7093EEFC7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{09E3E236-78B8-4980-87B5-18499AF85252}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{460BB137-B7F7-4852-8902-4010760BFD4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{0134E10E-A22D-41CD-9E6D-20E9963E80C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{669ABE5B-A59D-4B7D-B93C-73929CB928F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{C79A6BEA-36E5-45EE-B433-D53C85DABB37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{4E75AA2C-0FD4-4B91-9080-97BCC8F790CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{90E6D8A3-63B8-4175-B1EF-81F862B4BDD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{7F6648E3-1C0B-434B-9BF5-45F075C11228}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F413EEB9-FB8A-4E93-B242-09753698B603}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{9CA238FA-579C-4F21-987B-F620A1ED5478}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{39546C60-3C78-4097-8E7B-1C7557CFA1E8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D6B0377A-CADB-47AF-BC42-3BFCC02D5BF3}] => (Allow) C:\Program Files (x86)\PlaysTV\playstv.exe
FirewallRules: [{BB276DA7-DF8E-4D7C-AD18-4C8E3021EE56}] => (Allow) C:\Program Files (x86)\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{B1D7B726-5E74-4AC6-A8B9-BF57890023AB}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{200D88AF-8CA8-4E30-828C-59797F0D8D01}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{7C659DA9-43A7-4B8D-9787-C4A9B2B72D10}C:\users\ricky\appdata\roaming\utorrent\updates\3.4.8_42449.exe] => (Allow) C:\users\ricky\appdata\roaming\utorrent\updates\3.4.8_42449.exe
FirewallRules: [UDP Query User{EE69F21E-BFBE-4C6C-B0FE-6EA32B1E25B6}C:\users\ricky\appdata\roaming\utorrent\updates\3.4.8_42449.exe] => (Allow) C:\users\ricky\appdata\roaming\utorrent\updates\3.4.8_42449.exe
FirewallRules: [{23C55921-0614-4EDA-866B-FBF7D97F2A30}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C995ADCB-9C84-43AE-8BF3-044868AEF8BA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4B4AE220-221E-4842-91B0-B32EFFC779E9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{85DB76E3-6D48-4C83-821A-7C3781DC8E5B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F41C55ED-7C7E-47A0-AEBC-1CBDE91F8C7A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{59C745CB-CC48-48A2-922C-07683E152426}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{CF106E5F-469E-448D-B707-1D6B2317559A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AVA\host.exe
FirewallRules: [{21ED950B-F074-48B4-9434-E911EB25177C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AVA\host.exe
FirewallRules: [TCP Query User{7F555961-28DF-4074-ACB4-473F5049BF21}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{7B6A0B57-3B40-4522-AAB9-7A843902492F}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{D323A57A-927A-483A-BA06-7D58A8B0AC80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{56A1A8FF-3FCE-4524-BF54-1F05EFD4A57F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{BDA82224-AC3F-4A47-B259-E8B3368D5BC1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7E83903B-CD15-45BF-B505-D21107B3F2FE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C263E5B4-7A87-4604-AEB1-CEB41CD75120}C:\users\ricky\appdata\roaming\utorrent\updates\3.4.8_42576.exe] => (Block) C:\users\ricky\appdata\roaming\utorrent\updates\3.4.8_42576.exe
FirewallRules: [UDP Query User{64C5EDA0-BBD3-447E-B87A-398D96F7728B}C:\users\ricky\appdata\roaming\utorrent\updates\3.4.8_42576.exe] => (Block) C:\users\ricky\appdata\roaming\utorrent\updates\3.4.8_42576.exe
FirewallRules: [{BA62C80D-5CDC-4358-8123-BBFE1454465C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{A72B78B4-82E5-4FC6-8910-2CEE6FA8464D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{D92557F4-2763-41D7-BD74-53F7FD90EA99}C:\users\ricky\appdata\roaming\utorrent\updates\3.4.8_42576.exe] => (Block) C:\users\ricky\appdata\roaming\utorrent\updates\3.4.8_42576.exe
FirewallRules: [UDP Query User{6825D234-25AE-4711-9F3F-8C75DBC1AE38}C:\users\ricky\appdata\roaming\utorrent\updates\3.4.8_42576.exe] => (Block) C:\users\ricky\appdata\roaming\utorrent\updates\3.4.8_42576.exe
FirewallRules: [TCP Query User{2ACF454E-2C58-41B8-AC3F-367CE809D001}C:\users\ricky\appdata\roaming\hotspot shield\bin\cmw_srv.exe] => (Block) C:\users\ricky\appdata\roaming\hotspot shield\bin\cmw_srv.exe
FirewallRules: [UDP Query User{BFBEB69E-0D41-4A71-9EDB-293F4547C9E6}C:\users\ricky\appdata\roaming\hotspot shield\bin\cmw_srv.exe] => (Block) C:\users\ricky\appdata\roaming\hotspot shield\bin\cmw_srv.exe
FirewallRules: [{10DC5C69-EC6B-4C68-8F0A-9514D3FCB383}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{70D63754-D6D6-436E-B842-3C34D9488E91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{BCE81F83-C941-4304-8B4C-A531D29D26B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{7DBF133D-7058-4FE9-884E-3BFE1F1825EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{816EAD20-ADB1-444B-9757-9F1EDE39E195}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{1FF81B75-4155-4F8C-AA24-F38D9C71339A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{674E2BD3-9452-4D02-B4C9-33FD651780BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{9978CCCC-4857-4810-A982-BA16DCACBF69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{5E38CEEB-814D-468D-8C23-580721521D03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{0A29B430-9C18-4314-A2D0-D9C415773CCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{8DC4D34D-9B2C-4223-B501-876B9D7FB028}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{934E9CD4-AA12-4D75-8042-B378B736A2FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{583E59CF-60C1-4573-9DCE-DEB0FF1E9957}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{6CB4D09D-162A-4BCD-90EA-4EE82654973C}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{DF2C7AEE-C3C1-469C-B0F6-06E58A6D05AA}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{7559ECA3-AFC4-4195-AA88-3C83E1466E77}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E0C6BED7-A5C0-4C1E-8E92-4F1D636A74D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7BC0E86F-6B3D-4A65-ADF9-CAF3DF11A56E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5EBB9C53-1EEA-4BC1-B5A7-CBEEA3E51186}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E7A00AF0-CC41-452D-9897-3C6510D816BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trimmer Tycoon\trimmer.exe
FirewallRules: [{DA6AF55E-BE6E-4037-80E0-5D8652765177}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trimmer Tycoon\trimmer.exe
FirewallRules: [{39490792-72BC-4270-A6FC-6E96732765C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commanders\Commanders.exe
FirewallRules: [{D74C6E4E-5025-4538-930F-1C718E48C6D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commanders\Commanders.exe
FirewallRules: [TCP Query User{E02AD135-EA46-4AA1-9BD2-83692E1F062B}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{DCEDA09A-BDE7-48FE-9A41-B63375E3DB22}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{5AEC32D0-560C-4BD4-8257-F8E183C5C5B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe
FirewallRules: [{F783E0CB-23AE-4940-AE6B-6DC82B1A196F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe
FirewallRules: [TCP Query User{0BE3E017-3E3D-4355-9074-5D64DD7ECB54}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{EE696C5B-CA8E-4093-B495-8148A8CCC8D7}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{C4E8A6BF-F1FF-4E28-8B19-0168774B6F65}C:\program files (x86)\razer\comms\razercomms.exe] => (Allow) C:\program files (x86)\razer\comms\razercomms.exe
FirewallRules: [UDP Query User{363A0237-9DF9-4510-88DA-938DB40EB0B7}C:\program files (x86)\razer\comms\razercomms.exe] => (Allow) C:\program files (x86)\razer\comms\razercomms.exe
FirewallRules: [{21490339-7A3F-4046-AF05-F3BCD4B4F78E}] => (Block) C:\program files (x86)\razer\comms\razercomms.exe
FirewallRules: [{611F0B44-F951-4840-A9AF-BC1ECF5A46F3}] => (Block) C:\program files (x86)\razer\comms\razercomms.exe
FirewallRules: [TCP Query User{317D7753-F449-4D87-8541-A7293E2B3114}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{CCF255F5-CF63-4098-895D-F411A0858454}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{40EA046D-3A66-477F-9F01-426D2DA70158}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{D88FA454-1446-4B30-BF7C-DD56A970CB6B}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{48778793-D2AF-47C6-A043-102C79801E0D}C:\program files\java\jre1.8.0_111\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\java.exe
FirewallRules: [UDP Query User{61C78D30-BCC2-4414-914B-A312244B1856}C:\program files\java\jre1.8.0_111\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\java.exe
FirewallRules: [{C69C5F78-F732-4C94-999E-5062C1A73F6B}] => (Allow) C:\program files\java\jre1.8.0_111\bin\java.exe
FirewallRules: [{1CFDC9CB-1108-496E-B703-700AC15196F9}] => (Allow) C:\program files\java\jre1.8.0_111\bin\java.exe
FirewallRules: [{26E0B7D7-1D2A-44D8-B0B6-514ADB6C108A}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{EB72E1AA-C307-46C6-9F51-E71C8ECD44B1}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{5FDB5149-2B95-49E0-A4AB-555ADC6E6ABC}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{85A7B87A-78CF-4A72-A9A8-2C94AACF2A40}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{E8F11F21-49D2-40E0-AADB-D6766FC6F1F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{B391396C-914F-43FD-96F7-B3E95420FF44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{028CF6AB-51F4-4077-AB4B-71C8DDFAF6A9}C:\users\ricky\appdata\roaming\utorrent\updates\3.4.9_42973.exe] => (Block) C:\users\ricky\appdata\roaming\utorrent\updates\3.4.9_42973.exe
FirewallRules: [UDP Query User{A332F8A1-7581-428B-9F75-DF39EA078F73}C:\users\ricky\appdata\roaming\utorrent\updates\3.4.9_42973.exe] => (Block) C:\users\ricky\appdata\roaming\utorrent\updates\3.4.9_42973.exe
FirewallRules: [{99F2FBBB-A729-4C24-A8F7-C1ECA70C618C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{69D326D2-67A4-46CC-8B86-886362EC6DDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{71AFA64B-B1F9-4739-81F7-0099C899391A}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{70601413-E581-4F38-8624-0FB275995BFB}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{72EC30C4-AA72-49FB-8095-5099FF9F7A42}] => (Block) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{F494C3B2-2E32-4A9C-85C5-B0CB90103AA6}] => (Block) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{AA6DF14F-CFE3-4799-B099-7B0DE5FE6716}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\gflauncher.exe
FirewallRules: [{1123D7DD-8AFD-4CDE-B1BA-41B3C93AA805}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\gflauncher.exe
FirewallRules: [{FC2F2393-4D47-4F12-8AA3-9EFE2DD5EB96}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DAB530D0-67CE-49D4-A87B-1F1509AA2FA9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7D918126-81FF-4FA5-A927-C1FFE0CFDDCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{FC174515-643A-4FD8-920C-FDEDA933E37A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{78A3747A-F7A3-4207-8F17-E553DA11F368}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe
FirewallRules: [{8494703F-08DE-4D5C-815C-3133F238C012}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe
FirewallRules: [{A0144564-2C72-4299-AA16-36617182A8D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worm.is The Game\Wormis.exe
FirewallRules: [{00E1E152-5A8D-442A-9658-ADA11D542235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worm.is The Game\Wormis.exe
FirewallRules: [TCP Query User{CBF0BF59-EA23-42D4-80FC-BEF7EB8B0C95}C:\users\ricky\appdata\roaming\utorrent\updates\3.4.9_43295.exe] => (Allow) C:\users\ricky\appdata\roaming\utorrent\updates\3.4.9_43295.exe
FirewallRules: [UDP Query User{7BB1EEF5-1F44-4F5E-9950-54D796DE8C7A}C:\users\ricky\appdata\roaming\utorrent\updates\3.4.9_43295.exe] => (Allow) C:\users\ricky\appdata\roaming\utorrent\updates\3.4.9_43295.exe
FirewallRules: [{76DFF09B-F906-45D6-A687-A897E25C06E6}] => (Allow) C:\Users\RNOwe\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{680D2499-A966-4F68-9368-5E50388DD919}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{884C3C05-E889-4A1F-AE3A-55AB14E0618A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{D43FB36F-AED1-400D-B322-CF110364FCA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{3F06DF06-4B0D-49E2-859A-9FF3266D76F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{453DB0F0-B696-4039-896F-33496C35425A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DED03CBF-AEE5-4649-923A-A4B5BBA92D43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{42C350F8-BFC6-442A-AD72-0BF9D804951A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{02CEF2A8-27E5-4396-B3D1-196D699B2909}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D1AB49EB-C5F2-448E-BE09-7D2BFAA38EF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B1912D59-2A97-43EF-8B00-6F7C5AAEAB16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe
FirewallRules: [{8C3C4F98-7887-4CA0-8D9F-17510CD1CE8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe
FirewallRules: [{095FB6C4-3633-4456-8258-B076EF2BB548}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{B890EFD1-9B8D-45D2-BB4A-A73994C15106}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{F6EFCA60-2E51-46B0-B968-885581F6FB13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [{15D40A83-B9E0-48A1-B680-A75D1C33B70B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [{A79CAA8E-6328-4902-AFAB-9605B9B3DE57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe
FirewallRules: [{EB54D256-9EA3-4FCD-8F31-A487AAB897CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe
FirewallRules: [{7CADC014-E0A2-4D4E-BA36-E71EBF439B81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{A40EBC13-1184-4167-8B48-68A3A476EDEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{3F826CED-5E0A-41EB-9462-A13EC19311F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{02F7C6BF-1351-428B-AF52-39064DD50453}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{BCD76230-E876-4C47-A817-CB4134FC5191}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{3FB12BB2-A9A5-4611-AAD5-2FDEE0EDBC5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{73ED62E6-735B-4D20-B41E-8EE48A08F162}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{A7FC819B-ADD4-4E84-A1E7-135C3537D829}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{71865962-EAB1-425C-A387-CBD0D634BD24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{C613DDD2-000B-4AB0-833C-ABAABEE5A790}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{BC410475-4BA9-46CF-BAF2-912D5D81A08B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{702F3A43-E855-4AF9-8A0D-793183E9EB7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{D5F50444-FA92-4833-BD1F-796D4B70F576}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WarframeTennoGen\bin\SteamWorkshopUploader.exe
FirewallRules: [{F98E1910-462E-4502-B5BF-28C3A6B80D27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WarframeTennoGen\bin\SteamWorkshopUploader.exe
FirewallRules: [{E1343D41-4CFD-4BA0-AEED-AFDD1A82B34A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GenitalJousting\GenitalJousting.exe
FirewallRules: [{D263AF00-1894-4E54-A96B-9CAC0DAF7CFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GenitalJousting\GenitalJousting.exe
FirewallRules: [{929489A2-DA99-457D-B0F7-EDAAF4C49385}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blackwake\Blackwake.exe
FirewallRules: [{5112993E-74E9-49FB-9B42-DFAA7A0C89D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blackwake\Blackwake.exe
FirewallRules: [{2BA5E15D-67EE-4904-B238-DDB1BB5B955B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{96C43D6B-3213-4632-95E4-4BF96DE65123}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{940B9E40-71EA-477C-80C6-5E40EC92340C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{B697D07E-8D30-47C0-A635-E2F8AABBDC49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{3148406E-D6DE-4C30-B249-682C48FF33F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{050AB918-C34A-42A3-B7FD-38B95FDEF619}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{C774635F-7A1F-4F13-9D45-DE8520C63B4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{932423DB-FA50-4F2D-A997-389B42671517}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{1B847D71-EE3E-4989-B6A1-9251AB425D02}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2476FEEF-6C28-4B07-8740-E8A7F12AE898}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F6184C57-4F99-4EBF-8999-2F8623728FB0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F0C72769-C32A-4495-87C1-A50C15D8C672}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C3B6D401-F39C-47A9-90EA-EF2ED7B85F5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{8018063F-1430-4799-8F8A-AAA57F5C9AC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{D4EB31CA-B8BB-4A9D-981E-B78F441B33F6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{489BA6CD-0A96-4973-9D31-AE2F3969B077}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{52B173FA-152A-4B40-89CD-0A8A4FBEF5C7}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{F1B2694A-621F-4E0A-8EFF-7F794878C201}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{A81990E9-5BDA-4D05-9339-4430ECE087D9}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{4D1F4BB7-92DC-441C-8104-4C938CC3686B}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{76611174-4B42-41A6-915E-9421116719FD}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{C45803D7-3BF6-4C43-9217-5D1B16BE876B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{10131643-984B-4F3E-8443-7F55D7C18BBC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{65DE73CF-E7A3-4E11-B2B2-139B90A9419A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [TCP Query User{B9B0225C-9916-4B11-9F8B-CDA33B7A4E86}C:\users\ricky\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\ricky\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{711B7845-301B-4216-BFAB-75248C2482BF}C:\users\ricky\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\ricky\appdata\local\mycomgames\mycomgames.exe==================== Restore Points =========================
08-08-2017 22:30:31 Windows Update
12-08-2017 09:25:01 Windows Update
15-08-2017 17:57:09 JRT Pre-Junkware Removal==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================Application errors:
==================
Error: (08/15/2017 05:59:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.System Error:
Access is denied.
.Error: (08/15/2017 05:48:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RICKYS-DESKTOP)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147467259 See the Microsoft-Windows-TWinUI/Operational log for additional information.Error: (08/15/2017 12:43:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.Error: (08/15/2017 12:43:30 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.Error: (08/15/2017 12:43:30 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.Error: (08/15/2017 12:43:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.Error: (08/15/2017 12:43:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.Error: (08/15/2017 12:43:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ESENT" in DLL "C:\WINDOWS\system32\esentprf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.Error: (08/15/2017 12:43:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.Error: (08/15/2017 11:45:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Taskmgr.exe, version: 1.0.0.1, time stamp: 0x578999cf
Faulting module name: Taskmgr.exe, version: 1.0.0.1, time stamp: 0x578999cf
Exception code: 0xc0000005
Fault offset: 0x0000000000025076
Faulting process id: 0x3294
Faulting application start time: 0x01d315dd6fee885f
Faulting application path: C:\WINDOWS\System32\Taskmgr.exe
Faulting module path: C:\WINDOWS\System32\Taskmgr.exe
Report Id: 4514770f-2e32-484e-859e-6acb9e3f2ff0
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (08/15/2017 06:00:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.Error: (08/15/2017 05:56:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.Error: (08/15/2017 05:55:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.Error: (08/15/2017 05:52:51 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.Error: (08/15/2017 05:52:45 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.Error: (08/15/2017 05:52:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Hamachi2Svc service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.Error: (08/15/2017 05:52:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Hamachi2Svc service to connect.Error: (08/15/2017 05:52:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BstHdLogRotatorSvc service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.Error: (08/15/2017 05:52:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the BstHdLogRotatorSvc service to connect.Error: (08/15/2017 05:52:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Razer Game Scanner Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
CodeIntegrity:
===================================
Date: 2017-08-15 08:04:49.292
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.Date: 2017-08-15 07:05:14.969
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.Date: 2017-08-14 13:45:53.957
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.Date: 2017-08-14 12:04:19.112
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.Date: 2017-08-10 06:24:24.217
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.Date: 2017-08-10 06:23:22.553
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.Date: 2017-08-05 17:39:32.188
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.Date: 2017-08-02 14:45:11.813
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.Date: 2017-07-31 23:19:43.974
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.Date: 2017-07-31 12:48:54.530
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================Processor: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz
Percentage of memory in use: 50%
Total physical RAM: 8142.92 MB
Available physical RAM: 4000.26 MB
Total Virtual: 11470.92 MB
Available Virtual: 6749.74 MB==================== Drives ================================
Drive c: () (Fixed) (Total:931.02 GB) (Free:40.25 GB) NTFS
Drive d: (NATE'S) (Removable) (Total:3.74 GB) (Free:3.74 GB) FAT32==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1B72A755)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 019801F3)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0B)==================== End of Addition.txt ============================
-
# AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 15 21:48:56 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support***** [ Services ] *****
Deleted: SpyHunter 4 Service
***** [ Folders ] *****Deleted: C:\Program Files\Enigma Software Group
Deleted: C:\Users\RNOwe\AppData\Roaming\Enigma Software Group
Deleted: C:\sh4ldr
Deleted: C:\Users\RNOwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\spyhunter
Deleted: C:\ProgramData\Audyssey Labs
***** [ Files ] *****Deleted: C:\END
Deleted: C:\Windows\SysNative\drivers\EsgScanner.sys
Deleted: C:\Users\RNOwe\Desktop\SpyHunter.lnk
***** [ DLL ] *****No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Driver Booster Scheduler
Deleted: SpyHunter4Startup
***** [ Registry ] *****Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d10lpsik1i8c69.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d10lpsik1i8c69.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d3l3lkinz3f56t.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d3l3lkinz3f56t.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d10lpsik1i8c69.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d10lpsik1i8c69.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d3l3lkinz3f56t.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d3l3lkinz3f56t.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
Deleted: [Key] - HKLM\SOFTWARE\Reimage
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microleaves
Deleted: [Key] - HKLM\SOFTWARE\Soci2Sear Browser Enhancer
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter
Deleted: [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
***** [ Firefox (and derivatives) ] *****No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [7132 B] - [2017/8/15 21:48:9]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x64
Ran by RNOwe (Administrator) on Tue 08/15/2017 at 17:56:46.13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\d447ab7d0fb975b032ce5d423855b98e (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (RNOwe) (Task)Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9B65201-3D7F-48DA-AAB3-57A6FAD648FD} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9B65201-3D7F-48DA-AAB3-57A6FAD648FD} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 08/15/2017 at 18:02:47.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-
Alrighty, I'll send it as soon as it's done. It's a little under half way done as of now.
-
Yes, it's quarantining now. I wasn't sure if that was the only log I could get so I figured I'd go with it. I can send you the log after if there is one for me to.
-
-
It seems to have worked, many things are now able to start up. I appreciate your help. I'm running a scan through Malwarebytes now.
-
Alright I'll try this.
-
Sorry that took so long, took some tinkering.
-
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-08-2017
Ran by RNOwe (14-08-2017 20:05:28) Run:1
Running from C:\Users\Ricky\Desktop\FRST
Loaded Profiles: RNOwe & Ricky (Available Profiles: RNOwe & Ricky)
Boot Mode: Normal
==============================================fixlist content:
*****************
CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes
CMD: bcdedit.exe /set {default} recoveryenabled yes
*****************
========= bcdedit.exe /set {bootmgr} displaybootmenu yes =========The operation completed successfully.
========= End of CMD: =========
========= bcdedit.exe /set {default} recoveryenabled yes =========The operation completed successfully.
========= End of CMD: =========
==== End of Fixlog 20:05:29 ==== -
I can probably get a 8 gig
-
mbar-log-2017-08-14 (19-10-02).txt I still get the error after this scan
-
Doing that now.
-
"The requested resource is in use."
-
-
Well It crashed and i've been waiting this whole time for it to finish a new scan, all three were checked. My bad. I'm running it now.
"The requested resource is in use"
in Resolved Malware Removal Logs
Posted
Nope, thank you for your help!