DBaxter

I recently reinstalled windows on my computer and got malwarebytes back, after a couple of restarts it did the same thing it did before I reinstalled Windows, it disabled Windows Antivirus, how do I reenable Windows Antivirus?

Okay, thank you very much for the help.

Oh, I see. One more question: at first it was just "Error 404", if I got that showing up on the actual "trk.dsllgal.com" website, it didn't redirect me anywhere, could that have downloaded malware onto my computer, or did nothing load?

Yes but I'm wondering why it changed 3 times in what was about 10 minutes, first letting me visit it and then saying "malvertising" and then just "malware" ?

The website is trk.dsllgal.com It's a website I've been getting popups on. At first it actually LET ME open it, and it said "Error 404" and after, a few minutes later it said "blocked for malvertising" and then a few minutes later it said "blocked for malware"

At first malwarebytes blocked a website for "malvertising" and now it's blocking it for just "malware" a few minutes later. Why?

So was the issue Skype? Because I see that in the fixlist if it is Skype I would rather just uninstall it instead of doing that whole long system that requires me to install more programs. ???

So was the issue Skype? Because I see that in the fixlist??

I don't know if it's Skype. I just started up my computer and launched Skype, but no popups started happening... Also I'm pretty sure that on Wednesday when I made this thread, Skype was closed but the popups were happening. Could Skype still be the culprit, though?

It weirdly stopped after I restarted my computer a couple times. I hope you find something in the FarBar scan that I can get rid of/fix though. I don't want this to come back or steal my passwords or credit card information or something crucial like that. Thanks.

@Android8888 FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03 Ran by Darren (administrator) on DESKTOP-0J3GVO7 (06-09-2018 21:00:08) Running from C:\Users\Darren\Downloads Loaded Profiles: Darren & (Available Profiles: Darren) Platform: Windows 10 Pro Version 1803 17134.228 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (McAfee, LLC) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (McAfee, LLC) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPServiceHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_6\mcapexe.exe (McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Privax Limited) C:\Program Files (x86)\HMA! Pro VPN\VpnSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Malwarebytes) C:\Users\Darren\Downloads\adwcleaner_7.2.3.1.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Parsec Cloud, Inc.) C:\Users\Darren\AppData\Roaming\Parsec\electron\parsec.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Discord Inc.) C:\Users\Darren\AppData\Local\Discord\app-0.0.301\Discord.exe (Discord Inc.) C:\Users\Darren\AppData\Local\Discord\app-0.0.301\Discord.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Privax Limited) C:\Program Files (x86)\HMA! Pro VPN\Vpn.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (CAMEO) C:\Program Files (x86)\D-Link\DWA-182\D-Link WPS Utility\wpsutility.exe (Microsoft Corporation) C:\Windows\regedit.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Twitch Interactive, Inc.) C:\Users\Darren\AppData\Roaming\Twitch\Bin\Twitch.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Parsec Cloud, Inc.) C:\Users\Darren\AppData\Roaming\Parsec\electron\parsec.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Discord Inc.) C:\Users\Darren\AppData\Local\Discord\app-0.0.301\Discord.exe (Twitch Interactive, Inc.) C:\Users\Darren\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe (Twitch Interactive, Inc.) C:\Users\Darren\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe (Twitch Interactive, Inc.) C:\Users\Darren\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe (Twitch Interactive, Inc.) C:\Users\Darren\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Discord Inc.) C:\Users\Darren\AppData\Local\Discord\app-0.0.301\Discord.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe (McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Farbar) C:\Users\Darren\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-04-08] (Apple Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-12-14] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18630280 2018-05-07] (Logitech Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation) HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1258960 2017-03-03] (Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26107576 2017-11-01] (Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] () HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2018-05-30] (LogMeIn Inc.) HKLM-x32\...\Run: [wpsutility] => C:\Program Files (x86)\D-Link\DWA-182\D-Link WPS Utility\wpsutility.exe [198912 2015-12-25] (CAMEO) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205433007\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205436444\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation) HKU\S-1-5-21-593542779-3124579855-1873938374-1001\...\Run: [Discord] => C:\Users\Darren\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.) HKU\S-1-5-21-593542779-3124579855-1873938374-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-08-29] (Valve Corporation) HKU\S-1-5-21-593542779-3124579855-1873938374-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27831240 2018-03-13] (Skype Technologies S.A.) HKU\S-1-5-21-593542779-3124579855-1873938374-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-08-02] (Epic Games, Inc.) HKU\S-1-5-21-593542779-3124579855-1873938374-1001\...\Run: [Parsec.App.0] => C:\Users\Darren\AppData\Roaming\Parsec\electron\parsec.exe [80666112 2018-07-27] (Parsec Cloud, Inc.) HKU\S-1-5-21-593542779-3124579855-1873938374-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-08-08] (Nota Inc.) HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\...\Run: [Discord] => C:\Users\Darren\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.) HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-08-29] (Valve Corporation) HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27831240 2018-03-13] (Skype Technologies S.A.) HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-08-02] (Epic Games, Inc.) HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\...\Run: [Parsec.App.0] => C:\Users\Darren\AppData\Roaming\Parsec\electron\parsec.exe [80666112 2018-07-27] (Parsec Cloud, Inc.) HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-08-08] (Nota Inc.) IFEO\CNC3.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe IFEO\CNC3EP1.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe IFEO\generals.exe: [Debugger] IFEO\RA3.exe: [Debugger] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HMA! Pro VPN.lnk [2017-12-28] ShortcutTarget: HMA! Pro VPN.lnk -> C:\Program Files (x86)\HMA! Pro VPN\Vpn.exe (Privax Limited) Startup: C:\Users\Darren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-03-19] ShortcutTarget: Twitch.lnk -> C:\Users\Darren\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.) GroupPolicy: Restriction ? <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.9 Tcpip\..\Interfaces\{1d0a93cf-09e0-4d3d-ba10-cb9a93eed7c5}: [DhcpNameServer] 192.168.1.254 75.153.176.9 Tcpip\..\Interfaces\{245e88b1-3686-43de-9ef9-6820612755fb}: [DhcpNameServer] 192.168.1.254 75.153.176.9 Tcpip\..\Interfaces\{59338507-7870-4563-bcc5-1037858912f0}: [DhcpNameServer] 192.168.1.254 75.153.176.9 Tcpip\..\Interfaces\{76549e61-3c5d-4133-8f0a-0569dbce9b12}: [NameServer] 77.234.40.79 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-593542779-3124579855-1873938374-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-12-14] (Oracle Corporation) BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2018-09-01] (McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-14] (Oracle Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2017-01-03] (Eyeo GmbH) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-14] (Oracle Corporation) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2018-09-01] (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-14] (Oracle Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2018-08-17] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2018-08-17] (McAfee, Inc.) FireFox: ======== FF DefaultProfile: 55ybr65s.default-1516911721639 FF ProfilePath: C:\Users\Darren\AppData\Roaming\Mozilla\Firefox\Profiles\55ybr65s.default-1516911721639 [2018-08-28] FF Extension: (Avira Browser Safety) - C:\Users\Darren\AppData\Roaming\Mozilla\Firefox\Profiles\55ybr65s.default-1516911721639\Extensions\abs@avira.com [2018-08-28] FF Extension: (Avira Password Manager) - C:\Users\Darren\AppData\Roaming\Mozilla\Firefox\Profiles\55ybr65s.default-1516911721639\Extensions\passwordmanager@avira.com [2018-08-28] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2018-09-01] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-14] (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-08-17] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-14] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-14] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-08-17] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-15] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-15] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems) Chrome: ======= CHR Profile: C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Default [2018-09-06] CHR Extension: (Slides) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-14] CHR Extension: (Docs) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-14] CHR Extension: (Google Drive) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-14] CHR Extension: (YouTube) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-14] CHR Extension: (Adblock Plus) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-08-30] CHR Extension: (Sheets) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-14] CHR Extension: (Google Docs Offline) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20] CHR Extension: (Chrome Web Store Payments) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-14] CHR Extension: (Chrome Media Router) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-03] CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated) S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-29] (Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7252656 2018-08-26] () S2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3346856 2018-05-30] (LogMeIn Inc.) R2 HmaProVpn; C:\Program Files (x86)\HMA! Pro VPN\VpnSvc.exe [5864416 2018-07-26] (Privax Limited) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.) S2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-05-07] (Logitech Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [675736 2018-09-01] (McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_6\McApExe.exe [729320 2018-08-12] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe [2159464 2018-06-29] (McAfee, Inc.) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [366968 2018-06-06] (McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [538544 2018-06-06] (McAfee, LLC) R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [490360 2018-06-06] (McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1690976 2018-08-07] (McAfee, Inc.) S2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [132048 2017-02-21] (Micro-Star INT'L CO., LTD.) S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2304696 2017-11-01] (Micro-Star INT'L CO., LTD.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2205504 2018-08-13] (Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3075400 2018-08-13] (Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2308424 2018-08-27] (Overwolf LTD) S2 Parsec; C:\Program Files\Parsec\pservice.exe [190536 2018-07-27] (Parsec) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1316024 2018-07-25] (McAfee, Inc.) S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2018-04-29] () S2 RunSwUSB; C:\Windows\runSW.exe [48856 2015-10-01] () S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-14] (Microsoft Corporation) S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-25] (Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-25] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [43400 2017-03-02] (Advanced Micro Devices, Inc) R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2017-08-29] (Advanced Micro Devices, Inc) S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices, Inc. ) R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31112 2017-10-10] (Advanced Micro Devices) R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices, Inc. ) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77224 2018-06-11] (McAfee, LLC) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-08-31] (Malwarebytes) R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-05-30] (LogMeIn Inc.) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [226984 2018-05-02] (McAfee, Inc.) R3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2017-12-05] (The OpenVPN Project) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193256 2018-08-31] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [117472 2018-09-05] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [52328 2018-09-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [259360 2018-09-05] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [109872 2018-09-06] (Malwarebytes) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [506272 2018-06-11] (McAfee, LLC) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [367528 2018-06-11] (McAfee, LLC) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84976 2018-06-11] (McAfee, LLC) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [533416 2018-06-11] (McAfee, LLC) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [965032 2018-06-11] (McAfee, LLC) R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [555920 2018-06-06] (McAfee LLC.) S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [108944 2018-06-06] (McAfee LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115616 2018-06-11] (McAfee, LLC) R3 mfesapsn; C:\Program Files\McAfee\WebAdvisor\mfesapsn.sys [111976 2018-09-01] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252840 2018-06-11] (McAfee, LLC) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_95d88c9d04436846\nvlddmkm.sys [17526688 2018-03-16] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-11] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-07] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [984032 2017-12-14] (Realtek ) R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [4767488 2015-10-29] (Realtek Semiconductor Corporation ) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation) R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider) R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2018-02-01] (Windows (R) Win 7 DDK provider) R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2018-02-01] (Windows (R) Win 7 DDK provider) R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128 2018-01-19] (Benjamin Höglinger-Stelzer) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46592 2018-06-25] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-06-25] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-25] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-09-06 20:59 - 2018-09-06 21:00 - 002413056 _____ (Farbar) C:\Users\Darren\Downloads\FRST64 (1).exe 2018-09-05 22:07 - 2018-09-05 22:07 - 007571152 _____ (Malwarebytes) C:\Users\Darren\Downloads\adwcleaner_7.2.3.1.exe 2018-09-05 21:18 - 2018-09-05 22:54 - 000087589 _____ C:\Users\Darren\Downloads\Addition.txt 2018-09-05 21:16 - 2018-09-06 21:03 - 000031723 _____ C:\Users\Darren\Downloads\FRST.txt 2018-09-05 21:15 - 2018-09-06 21:00 - 000000000 ____D C:\FRST 2018-09-05 21:13 - 2018-09-05 21:13 - 002413056 _____ (Farbar) C:\Users\Darren\Downloads\FRST64.exe 2018-09-05 07:21 - 2018-09-06 21:03 - 000003606 _____ C:\WINDOWS\System32\Tasks\McAfee DAT Built in test 2018-09-01 03:28 - 2018-09-06 20:54 - 000109872 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2018-09-01 03:28 - 2018-09-05 22:23 - 000117472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2018-09-01 03:28 - 2018-09-05 22:23 - 000052328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2018-09-01 02:37 - 2018-09-01 02:37 - 000002124 _____ C:\Users\Public\Desktop\McAfee® Total Protection.lnk 2018-09-01 02:37 - 2018-09-01 02:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2018-09-01 02:36 - 2018-05-02 05:53 - 000226984 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys 2018-09-01 02:34 - 2018-09-01 02:34 - 000003314 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon 2018-09-01 02:33 - 2018-09-01 02:38 - 000000000 ____D C:\Program Files\McAfee 2018-09-01 02:33 - 2018-09-01 02:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2018-09-01 02:33 - 2018-09-01 02:33 - 000000000 ____D C:\Program Files\McAfee.com 2018-09-01 02:32 - 2018-09-01 02:37 - 000000000 ____D C:\Program Files (x86)\McAfee 2018-09-01 02:32 - 2018-09-01 02:32 - 000003706 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare) 2018-09-01 02:32 - 2018-09-01 02:32 - 000000000 ____D C:\Program Files\Common Files\AV 2018-09-01 02:30 - 2018-09-01 02:47 - 000000000 ____D C:\ProgramData\McAfee 2018-09-01 02:30 - 2018-09-01 02:37 - 000000000 ____D C:\Program Files\Common Files\McAfee 2018-09-01 02:30 - 2018-09-01 02:30 - 037457768 _____ (McAfee, Inc.) C:\Users\Darren\Downloads\McAfee_Installer_serial_Ik_fYSiaabbx7103dD8MCw2_key_affid_0_akey.exe 2018-09-01 02:30 - 2018-06-06 20:17 - 000490360 _____ (McAfee, LLC) C:\WINDOWS\system32\mfevtps.exe 2018-09-01 02:25 - 2018-09-01 02:25 - 000000000 ____D C:\Users\Darren\AppData\Local\mbam 2018-08-31 07:03 - 2018-09-05 22:23 - 000259360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-08-31 07:03 - 2018-08-31 07:03 - 000193256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2018-08-28 23:17 - 2018-08-28 23:17 - 000000000 ____D C:\Users\Darren\AppData\Local\Avira 2018-08-28 20:47 - 2018-08-28 20:47 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf 2018-08-28 20:47 - 2018-08-28 20:47 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions 2018-08-28 20:46 - 2018-08-29 03:20 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avira 2018-08-28 20:46 - 2018-08-28 20:46 - 000000000 ____D C:\Users\Darren\AppData\Local\Avira Operations Gmbh & Co. KG 2018-08-28 20:46 - 2018-08-28 20:46 - 000000000 ____D C:\ProgramData\Avira Operations Gmbh & Co. KG 2018-08-28 20:44 - 2018-08-29 03:41 - 000000000 ____D C:\Program Files (x86)\Avira 2018-08-28 20:44 - 2018-08-29 03:34 - 000000000 ____D C:\ProgramData\Avira 2018-08-28 20:42 - 2018-08-28 20:42 - 000000000 ____D C:\Users\Darren\Desktop\ava 2018-08-28 16:49 - 2018-08-28 16:49 - 000000000 ____D C:\ProgramData\Gyazo 2018-08-28 00:26 - 2018-08-28 00:26 - 000000222 _____ C:\Users\Darren\Desktop\House Party.url 2018-08-27 16:50 - 2018-08-27 16:50 - 000000000 ____D C:\Users\Darren\AppData\Roaming\Gyazo 2018-08-27 16:49 - 2018-08-28 16:49 - 000003548 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily 2018-08-27 16:49 - 2018-08-28 16:49 - 000003412 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine 2018-08-27 16:48 - 2018-08-28 16:49 - 000000000 ____D C:\Program Files (x86)\Gyazo 2018-08-27 16:48 - 2018-08-27 16:48 - 009821776 _____ (Nota Inc. ) C:\Users\Darren\Downloads\Gyazo-3.3.10.exe 2018-08-27 16:48 - 2018-08-27 16:48 - 000001054 _____ C:\Users\Public\Desktop\Gyazo.lnk 2018-08-27 16:48 - 2018-08-27 16:48 - 000001054 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk 2018-08-27 16:48 - 2018-08-27 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo 2018-08-26 13:07 - 2018-08-26 13:07 - 000000222 _____ C:\Users\Darren\Desktop\Cities Skylines.url 2018-08-25 00:56 - 2018-08-25 00:56 - 000000222 _____ C:\Users\Darren\Desktop\Grand Theft Auto V.url 2018-08-23 13:34 - 2018-08-23 13:34 - 000000218 _____ C:\Users\Darren\Desktop\Day of Defeat.url 2018-08-22 08:53 - 2018-08-22 08:53 - 000000000 ____D C:\WINDOWS\pcidevice 2018-08-22 08:53 - 2018-08-22 08:53 - 000000000 ____D C:\Program Files (x86)\D-Link 2018-08-22 08:53 - 2015-10-29 18:57 - 004767488 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlanu.sys 2018-08-22 08:53 - 2015-10-01 15:54 - 000446464 _____ (Realtek) C:\WINDOWS\SwUSB.exe 2018-08-22 08:53 - 2015-10-01 15:54 - 000048856 _____ () C:\WINDOWS\runSW.exe 2018-08-22 08:53 - 2015-10-01 15:54 - 000006864 _____ C:\WINDOWS\PBL.sys 2018-08-22 08:53 - 2015-10-01 15:54 - 000004681 _____ C:\WINDOWS\PBR.sys 2018-08-22 08:52 - 2018-08-22 08:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link 2018-08-22 08:40 - 2018-08-22 08:40 - 000000000 ____D C:\Program Files (x86)\Roblox 2018-08-20 09:31 - 2018-08-20 09:31 - 000000221 _____ C:\Users\Darren\Desktop\Grand Theft Auto San Andreas.url 2018-08-19 13:59 - 2018-08-19 14:06 - 000000000 ____D C:\Program Files (x86)\PCSX2 1.4.0 2018-08-19 13:59 - 2018-08-19 13:59 - 000002011 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk 2018-08-19 13:59 - 2018-08-19 13:59 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2018-08-19 13:59 - 2018-08-19 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2 2018-08-19 13:58 - 2018-08-19 13:58 - 000000000 ____D C:\Users\Darren\Desktop\PS2 Emulator 2018-08-19 13:57 - 2018-08-19 13:58 - 017837152 _____ C:\Users\Darren\Downloads\pcsx2-1.4.0-setup.exe 2018-08-19 06:25 - 2018-08-19 06:25 - 000000219 _____ C:\Users\Darren\Desktop\Half-Life 2 Deathmatch.url 2018-08-18 05:42 - 2018-08-18 05:42 - 000000000 ____D C:\Users\Darren\AppData\Local\Logitech 2018-08-18 05:42 - 2018-08-18 05:42 - 000000000 ____D C:\ProgramData\LogiShrd 2018-08-18 05:40 - 2018-08-18 05:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2018-08-18 05:38 - 2018-08-18 05:41 - 000000000 ____D C:\Program Files\Logitech Gaming Software 2018-08-18 05:34 - 2018-08-18 05:34 - 124322152 _____ (Logitech Inc.) C:\Users\Darren\Downloads\LGS_9.00.42_x64_Logitech.exe 2018-08-18 05:34 - 2018-08-18 05:34 - 000000000 ____D C:\Users\Darren\AppData\Roaming\Logitech 2018-08-18 05:34 - 2018-08-18 05:34 - 000000000 ____D C:\Users\Darren\AppData\Roaming\Logishrd 2018-08-16 11:23 - 2018-08-16 11:23 - 000000000 ____D C:\Users\Darren\Desktop\333 2018-08-16 11:16 - 2018-08-16 11:17 - 000000000 ____D C:\Users\Darren\Desktop\222 2018-08-16 11:16 - 2018-08-16 11:16 - 001316329 _____ C:\Users\Darren\Downloads\ElDewritoUpdater (1).zip 2018-08-16 11:05 - 2018-08-16 11:07 - 007417040 _____ (Malwarebytes) C:\Users\Darren\Downloads\adwcleaner_7.2.2.exe 2018-08-16 10:56 - 2018-08-16 11:23 - 000000000 ____D C:\Users\Darren\Desktop\eldewri 2018-08-16 10:56 - 2018-08-16 10:56 - 001316329 _____ C:\Users\Darren\Downloads\ElDewritoUpdater.zip 2018-08-16 10:56 - 2018-08-16 10:56 - 001316329 _____ C:\Users\Darren\Desktop\ElDewritoUpdater.zip 2018-08-16 05:37 - 2018-08-16 05:40 - 000000000 ____D C:\Users\Darren\Desktop\kyles thing 2018-08-16 05:37 - 2018-08-16 05:37 - 000011456 _____ C:\Users\Darren\Downloads\gettingmein.rar 2018-08-16 01:25 - 2018-08-16 01:25 - 000001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk 2018-08-16 01:25 - 2018-08-16 01:25 - 000001103 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk 2018-08-16 01:21 - 2018-08-16 01:21 - 020686240 _____ (TeamViewer GmbH) C:\Users\Darren\Downloads\TeamViewer_Setup (3).exe 2018-08-16 01:17 - 2018-08-16 01:17 - 046319766 _____ C:\Users\Darren\Downloads\TeamViewer.dmg 2018-08-15 22:07 - 2018-08-15 22:07 - 000000218 _____ C:\Users\Darren\Desktop\Counter-Strike.url 2018-08-15 00:04 - 2018-08-15 00:04 - 000000221 _____ C:\Users\Darren\Desktop\Synergy.url 2018-08-14 22:54 - 2018-08-03 01:39 - 021389368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2018-08-14 22:54 - 2018-08-03 01:39 - 000790304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2018-08-14 22:54 - 2018-08-03 01:22 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2018-08-14 22:54 - 2018-08-03 01:21 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2018-08-14 22:54 - 2018-08-03 01:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2018-08-14 22:54 - 2018-08-03 01:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2018-08-14 22:54 - 2018-08-03 01:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2018-08-14 22:54 - 2018-08-03 01:20 - 004049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2018-08-14 22:54 - 2018-08-03 01:20 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2018-08-14 22:54 - 2018-08-03 01:19 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2018-08-14 22:54 - 2018-08-03 00:45 - 000663128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2018-08-14 22:54 - 2018-08-03 00:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2018-08-14 22:54 - 2018-08-03 00:29 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2018-08-14 22:54 - 2018-08-03 00:29 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2018-08-14 22:54 - 2018-08-03 00:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2018-08-14 22:54 - 2018-08-03 00:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2018-08-14 22:54 - 2018-08-03 00:27 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2018-08-14 22:54 - 2018-08-02 22:41 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2018-08-14 22:54 - 2018-08-02 21:49 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2018-08-14 22:54 - 2018-08-02 20:47 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2018-08-14 22:54 - 2018-08-02 20:47 - 000128920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys 2018-08-14 22:54 - 2018-08-02 20:46 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll 2018-08-14 22:54 - 2018-08-02 20:46 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll 2018-08-14 22:54 - 2018-08-02 20:41 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2018-08-14 22:54 - 2018-08-02 20:41 - 000077608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2018-08-14 22:54 - 2018-08-02 20:41 - 000061736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll 2018-08-14 22:54 - 2018-08-02 20:40 - 001221048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2018-08-14 22:54 - 2018-08-02 20:40 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2018-08-14 22:54 - 2018-08-02 20:40 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2018-08-14 22:54 - 2018-08-02 20:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2018-08-14 22:54 - 2018-08-02 20:40 - 000228136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys 2018-08-14 22:54 - 2018-08-02 20:40 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2018-08-14 22:54 - 2018-08-02 20:40 - 000072800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2018-08-14 22:54 - 2018-08-02 20:39 - 009091480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2018-08-14 22:54 - 2018-08-02 20:39 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2018-08-14 22:54 - 2018-08-02 20:39 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2018-08-14 22:54 - 2018-08-02 20:39 - 002829216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2018-08-14 22:54 - 2018-08-02 20:39 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-08-14 22:54 - 2018-08-02 20:39 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2018-08-14 22:54 - 2018-08-02 20:39 - 000692240 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2018-08-14 22:54 - 2018-08-02 20:39 - 000170936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2018-08-14 22:54 - 2018-08-02 20:38 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2018-08-14 22:54 - 2018-08-02 20:38 - 001945792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2018-08-14 22:54 - 2018-08-02 20:38 - 001285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2018-08-14 22:54 - 2018-08-02 20:38 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-08-14 22:54 - 2018-08-02 20:38 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-08-14 22:54 - 2018-08-02 20:38 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2018-08-14 22:54 - 2018-08-02 20:38 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-08-14 22:54 - 2018-08-02 20:38 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2018-08-14 22:54 - 2018-08-02 20:38 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2018-08-14 22:54 - 2018-08-02 20:38 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2018-08-14 22:54 - 2018-08-02 20:38 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll 2018-08-14 22:54 - 2018-08-02 20:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2018-08-14 22:54 - 2018-08-02 20:26 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2018-08-14 22:54 - 2018-08-02 20:25 - 006568784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-08-14 22:54 - 2018-08-02 20:25 - 002255008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2018-08-14 22:54 - 2018-08-02 20:25 - 001622296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2018-08-14 22:54 - 2018-08-02 20:25 - 001131064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2018-08-14 22:54 - 2018-08-02 20:25 - 000583120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2018-08-14 22:54 - 2018-08-02 20:25 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2018-08-14 22:54 - 2018-08-02 20:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2018-08-14 22:54 - 2018-08-02 20:23 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2018-08-14 22:54 - 2018-08-02 20:18 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-08-14 22:54 - 2018-08-02 20:18 - 022007808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2018-08-14 22:54 - 2018-08-02 20:17 - 004380160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2018-08-14 22:54 - 2018-08-02 20:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2018-08-14 22:54 - 2018-08-02 20:15 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2018-08-14 22:54 - 2018-08-02 20:14 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2018-08-14 22:54 - 2018-08-02 20:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2018-08-14 22:54 - 2018-08-02 20:14 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2018-08-14 22:54 - 2018-08-02 20:13 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2018-08-14 22:54 - 2018-08-02 20:13 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2018-08-14 22:54 - 2018-08-02 20:13 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-08-14 22:54 - 2018-08-02 20:13 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2018-08-14 22:54 - 2018-08-02 20:12 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2018-08-14 22:54 - 2018-08-02 20:12 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2018-08-14 22:54 - 2018-08-02 20:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2018-08-14 22:54 - 2018-08-02 20:12 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2018-08-14 22:54 - 2018-08-02 20:11 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2018-08-14 22:54 - 2018-08-02 20:11 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2018-08-14 22:54 - 2018-08-02 20:11 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2018-08-14 22:54 - 2018-08-02 20:11 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2018-08-14 22:54 - 2018-08-02 20:11 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2018-08-14 22:54 - 2018-08-02 20:11 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2018-08-14 22:54 - 2018-08-02 20:11 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2018-08-14 22:54 - 2018-08-02 20:11 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2018-08-14 22:54 - 2018-08-02 20:10 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2018-08-14 22:54 - 2018-08-02 20:09 - 005776896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2018-08-14 22:54 - 2018-08-02 20:09 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2018-08-14 22:54 - 2018-08-02 20:09 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll 2018-08-14 22:54 - 2018-08-02 20:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2018-08-14 22:54 - 2018-08-02 20:09 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2018-08-14 22:54 - 2018-08-02 20:09 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2018-08-14 22:54 - 2018-08-02 20:09 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2018-08-14 22:54 - 2018-08-02 20:09 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2018-08-14 22:54 - 2018-08-02 20:09 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2018-08-14 22:54 - 2018-08-02 20:08 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2018-08-14 22:54 - 2018-08-02 20:08 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2018-08-14 22:54 - 2018-08-02 20:08 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-08-14 22:54 - 2018-08-02 20:08 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2018-08-14 22:54 - 2018-08-02 20:08 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2018-08-14 22:54 - 2018-08-02 20:08 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2018-08-14 22:54 - 2018-08-02 20:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2018-08-14 22:54 - 2018-08-02 20:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2018-08-14 22:54 - 2018-08-02 20:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2018-08-14 22:54 - 2018-08-02 20:07 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2018-08-14 22:54 - 2018-08-02 20:06 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2018-08-14 22:54 - 2018-08-02 20:06 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2018-08-14 22:54 - 2018-08-02 20:06 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2018-08-14 22:54 - 2018-08-02 20:06 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2018-08-14 22:54 - 2018-08-02 20:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2018-08-14 22:54 - 2018-08-02 20:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2018-08-14 22:54 - 2018-08-02 20:05 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-08-14 22:54 - 2018-08-02 20:05 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2018-08-14 22:54 - 2018-07-14 18:01 - 002266528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2018-08-14 22:54 - 2018-07-14 18:00 - 000183736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mavinject.exe 2018-08-14 22:54 - 2018-07-14 17:58 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2018-08-14 22:54 - 2018-07-14 17:56 - 001523240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2018-08-14 22:54 - 2018-07-14 17:44 - 006587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2018-08-14 22:54 - 2018-07-14 17:44 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2018-08-14 22:54 - 2018-07-14 17:43 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-08-14 22:54 - 2018-07-14 17:42 - 008624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2018-08-14 22:54 - 2018-07-14 17:42 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2018-08-14 22:54 - 2018-07-14 17:41 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll 2018-08-14 22:54 - 2018-07-14 17:39 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2018-08-14 22:54 - 2018-07-14 17:39 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2018-08-14 22:54 - 2018-07-14 17:38 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2018-08-14 22:54 - 2018-07-14 17:38 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2018-08-14 22:54 - 2018-07-14 17:38 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2018-08-14 22:54 - 2018-07-14 17:38 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2018-08-14 22:54 - 2018-07-14 17:38 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe 2018-08-14 22:54 - 2018-07-14 17:37 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe 2018-08-14 22:54 - 2018-07-14 17:36 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2018-08-14 22:54 - 2018-07-14 16:31 - 001538968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2018-08-14 22:54 - 2018-07-14 16:31 - 000148888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mavinject.exe 2018-08-14 22:54 - 2018-07-14 16:28 - 001327424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2018-08-14 22:54 - 2018-07-14 16:18 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2018-08-14 22:54 - 2018-07-14 16:17 - 011901440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2018-08-14 22:54 - 2018-07-14 16:15 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2018-08-14 22:54 - 2018-07-14 16:13 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2018-08-14 22:54 - 2018-07-14 16:13 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2018-08-14 22:54 - 2018-07-14 16:13 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2018-08-14 22:54 - 2018-07-14 16:13 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll 2018-08-14 22:54 - 2018-07-14 16:11 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe 2018-08-14 22:54 - 2018-07-13 23:46 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2018-08-14 22:54 - 2018-07-13 23:42 - 019525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2018-08-14 22:54 - 2018-07-13 21:37 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2018-08-14 22:54 - 2018-07-13 21:23 - 000760888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2018-08-14 22:54 - 2018-07-13 21:22 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2018-08-14 22:54 - 2018-07-13 21:22 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2018-08-14 22:54 - 2018-07-13 21:22 - 000510392 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2018-08-14 22:54 - 2018-07-13 21:22 - 000203560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2018-08-14 22:54 - 2018-07-13 21:21 - 000722824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2018-08-14 22:54 - 2018-07-13 21:20 - 000184472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2018-08-14 22:54 - 2018-07-13 21:19 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2018-08-14 22:54 - 2018-07-13 21:19 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2018-08-14 22:54 - 2018-07-13 21:19 - 000981920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2018-08-14 22:54 - 2018-07-13 21:19 - 000636944 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2018-08-14 22:54 - 2018-07-13 21:19 - 000483024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll 2018-08-14 22:54 - 2018-07-13 21:18 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2018-08-14 22:54 - 2018-07-13 21:18 - 002371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2018-08-14 22:54 - 2018-07-13 21:18 - 001017584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2018-08-14 22:54 - 2018-07-13 21:18 - 000930712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2018-08-14 22:54 - 2018-07-13 21:18 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2018-08-14 22:54 - 2018-07-13 21:18 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2018-08-14 22:54 - 2018-07-13 21:18 - 000376216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2018-08-14 22:54 - 2018-07-13 21:17 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2018-08-14 22:54 - 2018-07-13 21:17 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2018-08-14 22:54 - 2018-07-13 21:17 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2018-08-14 22:54 - 2018-07-13 21:16 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2018-08-14 22:54 - 2018-07-13 21:16 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2018-08-14 22:54 - 2018-07-13 21:16 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2018-08-14 22:54 - 2018-07-13 21:15 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2018-08-14 22:54 - 2018-07-13 21:15 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2018-08-14 22:54 - 2018-07-13 21:15 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2018-08-14 22:54 - 2018-07-13 21:01 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2018-08-14 22:54 - 2018-07-13 20:59 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2018-08-14 22:54 - 2018-07-13 20:59 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2018-08-14 22:54 - 2018-07-13 20:59 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2018-08-14 22:54 - 2018-07-13 20:58 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2018-08-14 22:54 - 2018-07-13 20:57 - 007057920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2018-08-14 22:54 - 2018-07-13 20:57 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2018-08-14 22:54 - 2018-07-13 20:57 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2018-08-14 22:54 - 2018-07-13 20:57 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2018-08-14 22:54 - 2018-07-13 20:56 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2018-08-14 22:54 - 2018-07-13 20:56 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2018-08-14 22:54 - 2018-07-13 20:56 - 002697216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll 2018-08-14 22:54 - 2018-07-13 20:56 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2018-08-14 22:54 - 2018-07-13 20:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll 2018-08-14 22:54 - 2018-07-13 20:56 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2018-08-14 22:54 - 2018-07-13 20:56 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2018-08-14 22:54 - 2018-07-13 20:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2018-08-14 22:54 - 2018-07-13 20:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2018-08-14 22:54 - 2018-07-13 20:55 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll 2018-08-14 22:54 - 2018-07-13 20:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2018-08-14 22:54 - 2018-07-13 20:55 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll 2018-08-14 22:54 - 2018-07-13 20:55 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2018-08-14 22:54 - 2018-07-13 20:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2018-08-14 22:54 - 2018-07-13 20:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll 2018-08-14 22:54 - 2018-07-13 20:55 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2018-08-14 22:54 - 2018-07-13 20:54 - 003319808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2018-08-14 22:54 - 2018-07-13 20:54 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2018-08-14 22:54 - 2018-07-13 20:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2018-08-14 22:54 - 2018-07-13 20:54 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2018-08-14 22:54 - 2018-07-13 20:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2018-08-14 22:54 - 2018-07-13 20:54 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2018-08-14 22:54 - 2018-07-13 20:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2018-08-14 22:54 - 2018-07-13 20:54 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2018-08-14 22:54 - 2018-07-13 20:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2018-08-14 22:54 - 2018-07-13 20:54 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll 2018-08-14 22:54 - 2018-07-13 20:53 - 004770816 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2018-08-14 22:54 - 2018-07-13 20:53 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2018-08-14 22:54 - 2018-07-13 20:53 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2018-08-14 22:54 - 2018-07-13 20:53 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2018-08-14 22:54 - 2018-07-13 20:53 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll 2018-08-14 22:54 - 2018-07-13 20:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll 2018-08-14 22:54 - 2018-07-13 20:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2018-08-14 22:54 - 2018-07-13 20:53 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll 2018-08-14 22:54 - 2018-07-13 20:53 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2018-08-14 22:54 - 2018-07-13 20:53 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2018-08-14 22:54 - 2018-07-13 20:52 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2018-08-14 22:54 - 2018-07-13 20:52 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2018-08-14 22:54 - 2018-07-13 20:52 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll 2018-08-14 22:54 - 2018-07-13 20:52 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2018-08-14 22:54 - 2018-07-13 20:51 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2018-08-14 22:54 - 2018-07-13 20:51 - 002904576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2018-08-14 22:54 - 2018-07-13 20:51 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-08-14 22:54 - 2018-07-13 20:51 - 001747968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2018-08-14 22:54 - 2018-07-13 20:51 - 001304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2018-08-14 22:54 - 2018-07-13 20:51 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll 2018-08-14 22:54 - 2018-07-13 20:51 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2018-08-14 22:54 - 2018-07-13 20:50 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2018-08-14 22:54 - 2018-07-13 20:50 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2018-08-14 22:54 - 2018-07-13 20:50 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll 2018-08-14 22:54 - 2018-07-13 20:50 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2018-08-14 22:54 - 2018-07-13 20:50 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2018-08-14 22:54 - 2018-07-13 20:50 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll 2018-08-14 22:54 - 2018-07-13 20:50 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2018-08-14 22:54 - 2018-07-13 20:50 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2018-08-14 22:54 - 2018-07-13 20:50 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2018-08-14 22:54 - 2018-07-13 20:49 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2018-08-14 22:54 - 2018-07-12 21:30 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2018-08-14 22:53 - 2018-08-03 01:25 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2018-08-14 22:53 - 2018-08-03 01:25 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2018-08-14 22:53 - 2018-08-03 01:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2018-08-14 22:53 - 2018-08-03 01:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe 2018-08-14 22:53 - 2018-08-03 01:24 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2018-08-14 22:53 - 2018-08-03 01:21 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys 2018-08-14 22:53 - 2018-08-03 01:20 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll 2018-08-14 22:53 - 2018-08-03 00:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2018-08-14 22:53 - 2018-08-03 00:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2018-08-14 22:53 - 2018-08-03 00:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe 2018-08-14 22:53 - 2018-08-03 00:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2018-08-14 22:53 - 2018-08-02 20:39 - 000114080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys 2018-08-14 22:53 - 2018-08-02 20:39 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys 2018-08-14 22:53 - 2018-08-02 20:39 - 000031648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys 2018-08-14 22:53 - 2018-08-02 20:38 - 000115640 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2018-08-14 22:53 - 2018-08-02 20:17 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys 2018-08-14 22:53 - 2018-08-02 20:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2018-08-14 22:53 - 2018-08-02 20:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys 2018-08-14 22:53 - 2018-08-02 20:14 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll 2018-08-14 22:53 - 2018-08-02 20:13 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2018-08-14 22:53 - 2018-08-02 20:12 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2018-08-14 22:53 - 2018-08-02 20:12 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2018-08-14 22:53 - 2018-08-02 20:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2018-08-14 22:53 - 2018-08-02 20:08 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2018-08-14 22:53 - 2018-08-02 20:08 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2018-08-14 22:53 - 2018-08-02 20:08 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2018-08-14 22:53 - 2018-08-02 20:08 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2018-08-14 22:53 - 2018-08-02 20:07 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2018-08-14 22:53 - 2018-08-02 20:05 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2018-08-14 22:53 - 2018-08-02 20:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2018-08-14 22:53 - 2018-08-02 18:54 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim 2018-08-14 22:53 - 2018-07-14 17:41 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll 2018-08-14 22:53 - 2018-07-14 16:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll 2018-08-14 22:53 - 2018-07-13 21:37 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2018-08-14 22:53 - 2018-07-13 21:21 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2018-08-14 22:53 - 2018-07-13 20:58 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2018-08-14 22:53 - 2018-07-13 20:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2018-08-14 22:53 - 2018-07-13 20:56 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Controls.dll 2018-08-14 22:53 - 2018-07-13 20:56 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2018-08-14 22:53 - 2018-07-13 20:56 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll 2018-08-14 22:53 - 2018-07-13 20:56 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll 2018-08-14 22:53 - 2018-07-13 20:55 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll 2018-08-14 22:53 - 2018-07-13 20:55 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2018-08-14 22:53 - 2018-07-13 20:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2018-08-14 22:53 - 2018-07-13 20:55 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2018-08-14 22:53 - 2018-07-13 20:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2018-08-14 22:53 - 2018-07-13 20:55 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll 2018-08-14 22:53 - 2018-07-13 20:55 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2018-08-14 22:53 - 2018-07-13 20:55 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2018-08-14 22:53 - 2018-07-13 20:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe 2018-08-14 22:53 - 2018-07-13 20:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2018-08-14 22:53 - 2018-07-13 20:54 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2018-08-14 22:53 - 2018-07-13 20:54 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2018-08-14 22:53 - 2018-07-13 20:54 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2018-08-14 22:53 - 2018-07-13 20:54 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys 2018-08-14 22:53 - 2018-07-13 20:54 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2018-08-14 22:53 - 2018-07-13 20:54 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll 2018-08-14 22:53 - 2018-07-13 20:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll 2018-08-14 22:53 - 2018-07-13 20:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll 2018-08-14 22:53 - 2018-07-13 20:53 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2018-08-14 22:53 - 2018-07-13 20:52 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2018-08-14 22:53 - 2018-07-13 20:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2018-08-14 22:07 - 2018-08-14 22:08 - 035274751 _____ C:\Users\Darren\Downloads\ag.7z 2018-08-14 18:50 - 2018-08-14 18:50 - 000000219 _____ C:\Users\Darren\Desktop\Half-Life 2.url 2018-08-14 16:39 - 2018-09-06 20:52 - 000000000 ____D C:\Users\Darren\AppData\Roaming\Parsec 2018-08-14 16:39 - 2018-08-22 09:13 - 000000000 ____D C:\Users\Darren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Parsec 2018-08-14 16:39 - 2018-08-14 16:39 - 000000000 ____D C:\Program Files\Parsec 2018-08-14 16:35 - 2018-08-14 16:36 - 059844144 _____ C:\Users\Darren\Downloads\parsec-windows.exe 2018-08-13 18:52 - 2018-08-13 18:52 - 063312728 _____ (Electronic Arts) C:\Users\Darren\Downloads\OriginThinSetup (3).exe 2018-08-13 18:51 - 2018-08-13 18:51 - 063312728 _____ (Electronic Arts) C:\Users\Darren\Downloads\OriginThinSetup (2).exe 2018-08-13 00:45 - 2018-08-13 00:45 - 063312728 _____ (Electronic Arts) C:\Users\Darren\Downloads\OriginThinSetup (1).exe 2018-08-12 18:25 - 2018-08-12 18:25 - 000000000 ____D C:\Users\Darren\Documents\Klei 2018-08-12 03:14 - 2018-08-12 03:14 - 000698960 _____ C:\Users\Darren\Downloads\ts3_recording_18_08_12_3_14_28.wav 2018-08-12 03:08 - 2018-08-12 03:08 - 000631760 _____ C:\Users\Darren\Downloads\ts3_recording_18_08_12_3_8_12.wav 2018-08-12 03:08 - 2018-08-12 03:08 - 000005840 _____ C:\Users\Darren\Downloads\ts3_recording_18_08_12_3_8_50.wav 2018-08-12 01:43 - 2018-08-12 01:43 - 000000222 _____ C:\Users\Darren\Desktop\Sven Co-op.url 2018-08-11 22:01 - 2018-08-11 22:36 - 000000000 ____D C:\Program Files (x86)\Call of Duty Black Ops 4 2018-08-10 15:29 - 2018-08-10 15:29 - 000000000 ____D C:\WINDOWS\MSI 2018-08-08 21:16 - 2018-08-08 21:17 - 000000000 ____D C:\Users\Darren\Documents\Starcraft 2018-08-08 21:16 - 2018-08-08 21:16 - 000000842 _____ C:\Users\Public\Desktop\StarCraft.lnk 2018-08-08 21:16 - 2018-08-08 21:16 - 000000000 ____D C:\Users\Darren\AppData\Roaming\Blizzard 2018-08-08 21:16 - 2018-08-08 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft 2018-08-08 20:59 - 2018-08-31 09:01 - 000000000 ____D C:\Program Files (x86)\StarCraft 2018-08-08 18:04 - 2018-08-08 18:04 - 000000000 ____D C:\WINDOWS\Panther 2018-08-08 17:20 - 2018-08-08 17:20 - 000000044 _____ C:\Users\Darren\Desktop\ts3 recovery *****.txt 2018-08-08 15:27 - 2018-08-08 15:30 - 000295908 _____ C:\Users\Darren\Desktop\part_test.bsp 2018-08-08 15:27 - 2018-08-08 15:30 - 000001633 _____ C:\Users\Darren\Desktop\part_test.prt 2018-08-08 15:26 - 2018-08-08 15:26 - 000128570 _____ C:\Users\Darren\Desktop\part_test.vmx 2018-08-08 15:25 - 2018-08-08 15:30 - 000128570 _____ C:\Users\Darren\Desktop\part_test.vmf 2018-08-08 15:25 - 2018-08-08 15:25 - 000007517 _____ C:\Users\Darren\Downloads\part_test.rar 2018-08-08 15:25 - 2018-08-08 15:25 - 000007517 _____ C:\Users\Darren\Downloads\part_test (1).rar 2018-08-07 20:00 - 2018-08-07 20:00 - 020688888 _____ (TeamViewer GmbH) C:\Users\Darren\Downloads\TeamViewer_Setup (2).exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-09-06 21:03 - 2017-12-14 14:50 - 000000000 ____D C:\ProgramData\NVIDIA 2018-09-06 21:01 - 2017-12-14 15:41 - 000000000 ____D C:\Program Files (x86)\Steam 2018-09-06 20:56 - 2018-06-13 00:53 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1BAF045C-C192-459D-B859-8BD1E73D68F5} 2018-09-06 20:56 - 2018-06-13 00:36 - 000000000 ____D C:\Users\Darren\AppData\Local\LogMeIn Hamachi 2018-09-06 20:56 - 2018-03-19 23:51 - 000000000 ____D C:\Users\Darren\AppData\Roaming\Twitch 2018-09-05 23:07 - 2018-04-11 16:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-09-05 22:49 - 2018-04-11 16:36 - 000000000 ____D C:\WINDOWS\INF 2018-09-05 22:23 - 2018-06-13 00:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-09-05 22:23 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-09-05 22:23 - 2017-12-14 15:41 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-09-05 22:22 - 2018-04-11 14:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-09-05 22:21 - 2018-04-11 16:38 - 000000000 ___HD C:\Program Files\WindowsApps 2018-09-05 22:18 - 2018-06-13 00:59 - 000000000 ____D C:\Users\Darren\AppData\Local\D3DSCache 2018-09-05 22:18 - 2017-12-14 15:57 - 000000000 ____D C:\Users\Darren\AppData\Local\CrashDumps 2018-09-05 22:08 - 2018-06-08 16:07 - 000000000 ____D C:\Users\Darren\AppData\Roaming\Skype 2018-09-05 18:54 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-09-05 18:41 - 2017-12-14 21:53 - 000000000 ____D C:\Users\Darren\AppData\Roaming\TS3Client 2018-09-05 18:33 - 2018-06-13 00:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-09-01 03:16 - 2018-06-13 00:47 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-09-01 02:51 - 2018-04-07 01:55 - 000000000 ____D C:\Users\Darren\AppData\Local\Battle.net 2018-09-01 02:41 - 2018-04-11 14:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2018-09-01 02:31 - 2018-04-11 16:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2018-08-31 17:47 - 2018-03-25 18:37 - 000000000 ____D C:\Users\Darren\AppData\Local\Warframe 2018-08-31 07:02 - 2018-06-24 18:34 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-08-30 21:57 - 2018-06-13 09:11 - 000000000 ____D C:\Users\Darren\AppData\Local\ElevatedDiagnostics 2018-08-30 21:02 - 2018-04-07 01:54 - 000000000 ____D C:\Program Files (x86)\Battle.net 2018-08-30 14:18 - 2017-12-25 23:07 - 000000000 ____D C:\Users\Darren\AppData\Roaming\audacity 2018-08-29 22:25 - 2017-12-14 15:39 - 000000000 ____D C:\Users\Darren\AppData\Local\Adobe 2018-08-29 22:10 - 2018-05-04 18:08 - 000000000 ____D C:\Program Files (x86)\Overwolf 2018-08-29 19:17 - 2017-12-17 20:10 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2018-08-29 19:16 - 2017-12-17 20:10 - 000000000 ____D C:\Program Files\Rockstar Games 2018-08-29 03:38 - 2018-06-13 00:30 - 000331584 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-08-29 03:34 - 2017-12-14 15:42 - 000000000 ____D C:\ProgramData\Package Cache 2018-08-28 11:37 - 2018-04-07 01:57 - 000000000 ____D C:\Program Files (x86)\Overwatch 2018-08-22 09:26 - 2017-12-14 15:26 - 000000000 ___HD C:\Users\Darren\MicrosoftEdgeBackups 2018-08-22 09:11 - 2017-12-14 15:26 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-08-22 09:11 - 2017-12-14 15:26 - 000000000 ___RD C:\Users\Darren\3D Objects 2018-08-22 09:08 - 2017-12-14 14:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-08-22 09:06 - 2018-04-12 02:20 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA 2018-08-22 09:06 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ 2018-08-22 09:06 - 2018-04-11 16:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2018-08-22 09:06 - 2018-04-11 16:38 - 000000000 ___SD C:\WINDOWS\system32\UNP 2018-08-22 09:06 - 2018-04-11 16:38 - 000000000 ___SD C:\WINDOWS\system32\F12 2018-08-22 09:06 - 2018-04-11 16:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2018-08-22 09:06 - 2018-04-11 16:38 - 000000000 ___RD C:\WINDOWS\PrintDialog 2018-08-22 09:06 - 2018-04-11 16:38 - 000000000 ___RD C:\Program Files\Windows Defender 2018-08-22 09:06 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\TextInput 2018-08-22 09:06 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2018-08-22 09:06 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\ShellExperiences 2018-08-22 09:06 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2018-08-22 09:06 - 2018-04-11 16:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2018-08-22 08:58 - 2018-01-19 16:09 - 000000000 ____D C:\Grand Theft Multiplayer 2018-08-22 08:53 - 2017-12-14 16:38 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-08-22 08:40 - 2018-03-20 01:17 - 000000000 ____D C:\Users\Darren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games 2018-08-22 08:38 - 2017-12-14 15:25 - 000000000 ____D C:\Users\Darren\AppData\Local\Packages 2018-08-21 19:52 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-08-21 08:08 - 2017-12-18 16:57 - 000000000 ____D C:\HammerAutosave 2018-08-20 10:08 - 2018-05-14 23:19 - 000000000 ____D C:\Users\Darren\Documents\GTA San Andreas User Files 2018-08-20 08:31 - 2017-12-20 16:57 - 000000000 ____D C:\Users\Darren\AppData\Roaming\obs-studio 2018-08-20 07:07 - 2018-04-03 20:43 - 000000000 ___RD C:\Users\Darren\AppData\Roaming\.minecraft 2018-08-19 13:59 - 2017-12-28 17:54 - 000000000 ___HD C:\WINDOWS\msdownld.tmp 2018-08-19 01:44 - 2018-06-13 00:53 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-19 01:44 - 2018-06-13 00:53 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-19 01:44 - 2018-06-13 00:53 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-19 01:44 - 2018-06-13 00:53 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-19 01:44 - 2018-06-13 00:53 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-19 01:44 - 2018-06-13 00:53 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-19 01:44 - 2018-06-13 00:53 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-19 01:44 - 2018-06-13 00:53 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-19 01:44 - 2018-06-13 00:53 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-19 01:44 - 2018-06-13 00:53 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-19 01:44 - 2018-06-13 00:53 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-19 01:44 - 2017-12-14 14:50 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-08-19 01:44 - 2017-12-14 14:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-08-18 08:00 - 2017-12-14 19:18 - 000000000 ____D C:\Users\Darren\AppData\Roaming\discord 2018-08-18 06:12 - 2018-05-04 18:10 - 000000000 ____D C:\Users\Darren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2018-08-18 06:12 - 2018-05-04 18:06 - 000000000 ____D C:\Users\Darren\AppData\Local\Overwolf 2018-08-14 23:04 - 2018-04-11 16:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-08-14 22:53 - 2017-12-14 16:07 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-08-14 22:49 - 2017-12-14 16:06 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-08-13 18:53 - 2018-04-27 03:07 - 000000000 ____D C:\Program Files (x86)\Origin Games 2018-08-13 18:53 - 2018-04-27 03:06 - 000000000 ____D C:\Users\Darren\AppData\Roaming\Origin 2018-08-13 18:53 - 2018-04-27 03:05 - 000000000 ____D C:\ProgramData\Origin 2018-08-13 05:42 - 2018-06-13 00:36 - 000000000 ____D C:\Users\Darren 2018-08-13 00:46 - 2018-04-27 03:06 - 000000000 ____D C:\Program Files (x86)\Origin 2018-08-12 14:03 - 2018-06-13 00:53 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-593542779-3124579855-1873938374-1001 2018-08-12 14:03 - 2018-06-13 00:36 - 000002369 _____ C:\Users\Darren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-08-12 14:03 - 2017-12-14 15:28 - 000000000 ___RD C:\Users\Darren\OneDrive 2018-08-12 03:40 - 2018-01-04 17:23 - 000000045 _____ C:\Users\Darren\jagex_cl_oldschool_LIVE.dat 2018-08-08 21:16 - 2018-04-07 01:55 - 000000000 ____D C:\Users\Darren\AppData\Local\Blizzard Entertainment 2018-08-08 15:15 - 2017-12-14 15:38 - 000002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-08-07 23:57 - 2018-08-03 22:45 - 000000000 ____D C:\Users\Darren\Documents\Command & Conquer 3 Kane's Wrath 2018-08-07 21:24 - 2017-12-20 21:10 - 000000000 ____D C:\Program Files (x86)\Minecraft ==================== Files in the root of some directories ======= 2017-12-29 04:27 - 2017-12-29 04:27 - 000000000 _____ () C:\Users\Darren\AppData\Roaming\main.db 2018-03-02 17:44 - 2018-07-27 17:00 - 000007549 _____ () C:\Users\Darren\AppData\Roaming\SpeedRunnersLog.txt 2018-02-01 20:15 - 2018-04-09 21:17 - 000034223 _____ () C:\Users\Darren\AppData\Roaming\VoiceMeeterDefault.xml 2017-12-16 13:19 - 2017-12-16 13:19 - 000000003 _____ () C:\Users\Darren\AppData\Local\updater.log 2017-12-16 13:19 - 2017-12-16 13:19 - 000000425 _____ () C:\Users\Darren\AppData\Local\UserProducts.xml Some files in TEMP: ==================== 2018-09-04 13:29 - 2018-09-04 13:29 - 062186048 _____ (Skype Technologies S.A.) C:\Users\Darren\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-06-13 00:30 ==================== End of FRST.txt ============================ Addition.txt: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03 Ran by Darren (06-09-2018 21:04:13) Running from C:\Users\Darren\Downloads Windows 10 Pro Version 1803 17134.228 (X64) (2018-06-13 07:54:10) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-593542779-3124579855-1873938374-500 - Administrator - Disabled) Darren (S-1-5-21-593542779-3124579855-1873938374-1001 - Administrator - Enabled) => C:\Users\Darren DefaultAccount (S-1-5-21-593542779-3124579855-1873938374-503 - Limited - Disabled) Guest (S-1-5-21-593542779-3124579855-1873938374-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-593542779-3124579855-1873938374-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{F6FCA281-09CC-4753-990C-937B93A52C94}) (Version: 1.6 - Eyeo GmbH) Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_1) (Version: 15.1.1 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated) Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated) Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1) (Version: 19.1 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{9E005AAA-81A3-478E-8944-532D350952EE}) (Version: 11.3.1.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team) Bandicam (HKLM-x32\...\Bandicam) (Version: 4.1.4.1413 - Bandicam.com) Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlestate Games Launcher 0.4.1.267 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 0.4.1.267 - Battlestate Games) Blender (HKLM\...\{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) C&C:Online (HKLM-x32\...\{1298F091-2180-4779-BDA0-1176247252D0}) (Version: 2.0.7 - Revora) Discord (HKU\S-1-5-21-593542779-3124579855-1873938374-1001\...\Discord) (Version: 0.0.301 - Discord Inc.) Discord (HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\...\Discord) (Version: 0.0.301 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.24 - NVIDIA Corporation) Hidden Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team) Epic Games Launcher (HKLM-x32\...\{57350A74-1CA4-48F2-861F-EDCB971D260C}) (Version: 1.1.137.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.7.3.928 - Battlestate Games) GCFScape 1.8.6 (HKLM\...\GCFScape_is1) (Version: - Ryan Gregg) Google Chrome (HKLM\...\{B98EEA88-7820-3A65-A3AF-99A11D1A9D49}) (Version: 68.0.3440.106 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.) Gyazo 3.3.9 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) HMA! Pro VPN (HKLM\...\{60A560F2-CB75-4C94-9C36-39AD2161DE73}_is1) (Version: 3.7.87 - Privax) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) iTunes (HKLM\...\{3D8C6B05-FE24-4B9C-A57C-B8E1FA39E83D}) (Version: 12.7.4.80 - Apple Inc.) Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LibreOffice 5.4.3.2 (HKLM\...\{5FFD3D4F-8AA0-4C6F-8B3C-AB0D8CD297C9}) (Version: 5.4.3.2 - The Document Foundation) Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains) Logitech Gaming Software 9.00 (HKLM\...\Logitech Gaming Software) (Version: 9.00.42 - Logitech Inc.) LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.) Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.8.13811 - McAfee, Inc.) McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 16.0 R15 - McAfee, Inc.) Microsoft OneDrive (HKU\S-1-5-21-593542779-3124579855-1873938374-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.14.160.1208 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD) MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.23 - MSI) MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.07 - MSI) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team) NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision Driver 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.24 - NVIDIA Corporation) NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation) NVIDIA Graphics Driver 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.24 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.3 - OBS Project) OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd) Origin (HKLM-x32\...\Origin) (Version: 10.5.24.5022 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{6e54cdc3-d855-4064-a4e7-4f69e13b5298}) (Version: latest - ppy Pty Ltd) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.118.1.11 - Overwolf Ltd.) paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADF0}) (Version: 4.0.21 - dotPDN LLC) Parsec (HKLM-x32\...\Parsec) (Version: - Parsec Cloud Inc.) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) PokeMMO (HKLM\...\PokeMMO_is1) (Version: - PokeMMO) Pokemon Showdown (HKLM-x32\...\Pokemon Showdown) (Version: - "Pokemon Showdown") Project64 version 2.3.2.202 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.3.2.202 - ) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.18.526.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8279 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 7.0.2 (HKLM-x32\...\RTSS) (Version: 7.0.2 - Unwinder) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games) Sculptris Alpha 6 (HKLM-x32\...\Sculptris Alpha 6 Alpha 6) (Version: Alpha 6 - Pixologic) Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.) StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.8.7 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.8.7 - General Workings, Inc.) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH) TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer) The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.) Twitch (HKU\S-1-5-21-593542779-3124579855-1873938374-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) Twitch (HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) Unity (HKLM-x32\...\Unity) (Version: 2017.3.1f1 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft) VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software) Visual Studio Community 2017 (HKLM\...\05f7d914) (Version: 15.5.27130.2010 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN) Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software) vs_communitymsi (HKLM-x32\...\{595F5D63-8773-4182-A1E0-EC9ECF4B6EA4}) (Version: 15.0.27102 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{9414C260-D479-49EB-B0BF-01C1F5076EA0}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{A57BD1C0-42AD-42F8-AFEB-FAC7E6ABB005}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{70F69B4F-7950-4841-8139-5D0C7EDD2FE6}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{231C8ADB-BF59-458E-A909-CFA825F46388}) (Version: 15.0.27102 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{9CDD69A2-765A-4970-AB6B-595A740C614F}) (Version: 15.0.27019 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WalkingDead3 (HKLM\...\{B1F7AAFC-001C-443C-9AE2-65D4AC1D4B70}_is1) (Version: 2016.12.16.677 - Telltale Games) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Wireless AC1200 Dual Band USB Adapter (HKLM-x32\...\{5F1C0C6E-0E47-4D60-8971-6EF9FC439B8B}) (Version: 1 - D-Link) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-0F952CA57E2B}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File CustomCLSID: HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) CustomCLSID: HKU\S-1-5-21-593542779-3124579855-1873938374-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-0F952CA57E2B}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File CustomCLSID: HKU\S-1-5-21-593542779-3124579855-1873938374-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] () ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] () ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-18] () ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-08-17] (McAfee, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-15] (NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] () ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-08-17] (McAfee, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0958A913-3EC1-4231-8348-4AD1BEBEDB85} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation) Task: {0D570229-E857-4094-9088-917EF4360263} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-14] (Google Inc.) Task: {0F08E3E7-28D2-41BF-9ADE-9DC8479DBA21} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation) Task: {12F54BEC-BEBB-4F8B-ADFD-16731291B3A6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation) Task: {16528403-7026-4E8E-8FB9-0CBEDFF4B811} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-08-08] (Nota Inc.) Task: {1B275AC0-62C7-47CC-A99D-C407FA1FDCCD} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-07-13] (McAfee, Inc.) Task: {234A3D55-A93B-45A0-B10E-F2EBE5C95C0A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation) Task: {240B0496-0A8F-40DB-B3AF-6C626E9C6E96} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {256F6195-0C14-4D9B-9161-6ED38845E8BE} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation) Task: {29FDC341-10B6-4D5C-86B3-2B9C9301C7CC} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe Task: {2A171B3C-2BA1-4192-A496-05C90E1BA39B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation) Task: {2F4D6E78-0977-424C-95A0-95B137CD0B95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-14] (Google Inc.) Task: {3A0854B7-D2D9-4888-A8CF-C0BD5905B2CE} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-08-17] (McAfee, Inc.) Task: {54FCB188-2A11-4A7B-9BDD-230419121E10} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2018-06-06] (McAfee, Inc.) Task: {630F668D-CF6A-4545-B771-9B56E73A8E8B} - System32\Tasks\HMA! Pro VPN Update => C:\Program Files (x86)\HMA! Pro VPN\VpnUpdate.exe [2018-07-26] (Privax Limited) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] () Task: {69499DF2-442D-486F-9BE1-1CAE4D5A824F} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-0J3GVO7-Darren => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated) Task: {720ACE77-6294-442A-9C28-3031DFF6DCF2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-25] (Adobe Systems Incorporated) Task: {7DF36546-6943-444C-A347-6DE35402C6DE} - System32\Tasks\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.6.319\mcdatrep.exe [2018-09-01] (McAfee, LLC.) Task: {8A223FD3-D555-4364-B1D7-052E24377FB8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation) Task: {92AB9F1D-585A-4341-9FC0-7C22CBA116B9} - System32\Tasks\{FD308F9A-8C42-4A35-A536-D0BDCA1C7BA2} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.41.0.101/en/abandoninstall?page=tsProgressBar Task: {97CD79DA-A21C-4B3E-B04A-68B4A9AE88EA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation) Task: {A67541DC-12AC-4AFF-B885-EA2933774AC0} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-08-08] (Nota Inc.) Task: {B952487B-46E8-4D74-B024-31495BCF801A} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-0J3GVO7-Darren => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated) Task: {C247DFC9-3383-4F83-9ACB-3C52855ADD93} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation) Task: {CFF00A02-1BCF-48B4-B8F5-70771B2BE4CB} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-08-27] (Overwolf LTD) Task: {EFEC3F3B-B549-473A-A6BF-0FEF44004EA2} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {F9F697E8-26B3-4FB8-9D44-7F23EE3BA80B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation) Task: {FE0D760C-AED0-4FF6-995D-00858D625543} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-06-24 18:34 - 2018-08-31 07:02 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-06-24 18:34 - 2018-08-31 07:02 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-06-29 13:34 - 2018-06-29 13:34 - 000896136 _____ () C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPMsgBusDLL.dll 2018-04-11 16:34 - 2018-04-11 16:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-02-05 19:40 - 2018-03-15 17:57 - 000544384 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll 2018-05-25 01:36 - 2018-07-19 13:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-03-16 15:19 - 2018-03-16 15:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-03-16 15:19 - 2018-03-16 15:19 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll 2018-04-11 16:34 - 2018-04-11 16:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-11 16:34 - 2018-04-11 16:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-08-14 22:54 - 2018-08-02 20:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-06-13 03:07 - 2018-06-08 02:31 - 003912608 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll 2018-06-13 03:07 - 2018-06-08 02:31 - 002506680 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll 2018-07-11 02:15 - 2018-07-11 02:15 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll 2018-04-08 08:04 - 2018-04-08 08:04 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll 2018-04-08 08:04 - 2018-04-08 08:04 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll 2015-03-06 17:07 - 2015-03-06 17:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2018-05-07 00:33 - 2018-05-07 00:33 - 001096840 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-06 17:07 - 2015-03-06 17:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2018-05-07 00:33 - 2018-05-07 00:33 - 000241800 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2018-01-15 19:52 - 2018-01-15 19:52 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll 2018-01-15 19:52 - 2018-01-15 19:52 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll 2018-01-15 19:52 - 2018-01-15 19:52 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll 2018-07-03 15:01 - 2018-07-03 15:01 - 001960448 _____ () C:\Users\Darren\AppData\Roaming\Parsec\electron\ffmpeg.dll 2018-07-03 15:01 - 2018-07-03 15:01 - 003429376 _____ () C:\Users\Darren\AppData\Roaming\Parsec\electron\libglesv2.dll 2018-07-03 15:01 - 2018-07-03 15:01 - 000017408 _____ () C:\Users\Darren\AppData\Roaming\Parsec\electron\libegl.dll 2018-08-08 15:15 - 2018-08-07 17:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll 2018-08-08 15:15 - 2018-08-07 17:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll 2018-06-08 16:34 - 2018-06-08 16:34 - 035475912 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe 2018-07-26 03:04 - 2018-07-26 03:04 - 000087512 _____ () C:\Program Files (x86)\HMA! Pro VPN\WinUtils.dll 2018-05-04 19:12 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\Darren\AppData\Local\Discord\app-0.0.301\ffmpeg.dll 2018-05-04 19:12 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\Darren\AppData\Local\Discord\app-0.0.301\libglesv2.dll 2018-05-04 19:12 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\Darren\AppData\Local\Discord\app-0.0.301\libegl.dll 2018-06-27 09:25 - 2018-06-27 09:25 - 068110520 _____ () C:\Program Files (x86)\HMA! Pro VPN\libcef.dll 2018-04-24 07:51 - 2018-04-24 07:51 - 067115992 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2018-03-19 23:51 - 2018-03-19 23:51 - 000393608 _____ () C:\Users\Darren\AppData\Roaming\Twitch\Bin\opus.dll 2018-03-19 23:51 - 2018-09-01 05:18 - 000535872 _____ () C:\Users\Darren\AppData\Roaming\Twitch\Bin\Curse.Presto.Interface.dll 2017-12-14 15:51 - 2018-07-19 13:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-05-04 19:13 - 2018-08-29 15:00 - 011321176 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node 2018-05-04 19:13 - 2018-07-20 12:40 - 001635160 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node 2018-05-04 19:13 - 2018-05-04 19:13 - 001910104 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node 2018-05-04 19:13 - 2018-05-04 19:13 - 000422744 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node 2018-05-04 19:13 - 2018-05-04 19:13 - 000145240 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node 2018-05-04 19:13 - 2018-05-04 19:13 - 000512856 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node 2018-05-04 19:13 - 2018-08-10 21:39 - 001641304 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node 2018-05-04 19:13 - 2018-09-01 03:17 - 001743704 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node 2018-05-04 19:13 - 2018-05-04 19:13 - 002722648 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node 2018-08-10 21:40 - 2018-08-10 21:40 - 001247576 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node 2018-08-10 21:40 - 2018-09-06 20:52 - 022284120 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node 2018-05-04 19:14 - 2018-05-04 19:14 - 002760536 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node 2018-05-04 19:14 - 2018-05-04 19:14 - 001249112 _____ () \\?\C:\Users\Darren\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node 2018-03-19 23:51 - 2018-04-26 09:45 - 001705792 _____ () C:\Users\Darren\AppData\Roaming\Twitch\Bin\Electron\ffmpeg.dll 2018-03-19 23:51 - 2018-04-26 09:45 - 002551104 _____ () C:\Users\Darren\AppData\Roaming\Twitch\Bin\Electron\libglesv2.dll 2018-03-19 23:51 - 2018-04-26 09:45 - 000023360 _____ () C:\Users\Darren\AppData\Roaming\Twitch\Bin\Electron\libegl.dll 2018-03-19 23:51 - 2018-09-01 05:18 - 000400384 _____ () \\?\C:\Users\Darren\AppData\Roaming\Twitch\Bin\Electron\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node 2018-03-19 23:51 - 2018-09-01 05:18 - 000129536 _____ () \\?\C:\Users\Darren\AppData\Roaming\Twitch\Bin\Electron\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node 2018-04-12 21:33 - 2018-04-12 21:33 - 000142376 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\fs-ext\build\Release\fs-ext.node 2018-04-12 21:33 - 2018-04-12 21:33 - 000271400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2018-04-12 21:33 - 2018-04-12 21:33 - 000141864 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ref\build\Release\binding.node 2018-04-12 21:33 - 2018-04-12 21:33 - 000150568 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ffi\build\Release\ffi_bindings.node 2018-04-12 21:33 - 2018-04-12 21:33 - 000097832 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2018-04-12 21:33 - 2018-04-12 21:33 - 000110120 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\idle-gc\build\Release\idle-gc.node 2018-02-12 00:39 - 2018-08-27 12:41 - 000874784 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2018-02-12 00:39 - 2016-08-31 18:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2018-02-12 00:39 - 2018-08-29 14:17 - 002646304 _____ () C:\Program Files (x86)\Steam\video.dll 2018-02-12 00:39 - 2017-12-19 18:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2018-02-12 00:39 - 2017-12-19 18:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2018-02-12 00:39 - 2017-12-19 18:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2018-02-12 00:39 - 2017-12-19 18:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2018-02-12 00:39 - 2016-08-31 18:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2018-02-12 00:39 - 2016-08-31 18:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2018-02-12 00:39 - 2017-12-19 18:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2018-02-12 00:39 - 2018-08-29 14:17 - 001015584 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2018-02-12 00:39 - 2016-07-04 15:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\AppData:CSM [474] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [119] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-12-14 12:27 - 2017-12-14 12:24 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205433007\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205436444\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-593542779-3124579855-1873938374-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Darren\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_0450.jpg HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\Control Panel\Desktop\\Wallpaper -> C:\Users\Darren\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_0450.jpg DNS Servers: 192.168.1.254 - 75.153.176.9 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run32: => "MSIRegister" HKLM\...\StartupApproved\Run32: => "Live Update" HKU\S-1-5-21-593542779-3124579855-1873938374-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-593542779-3124579855-1873938374-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-593542779-3124579855-1873938374-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-593542779-3124579855-1873938374-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09062018205437023\...\StartupApproved\Run: => "Steam" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{4DF73042-7D71-4ABD-97AC-E44C424D86B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\Paradise Lost\System\ParadiseLost.exe FirewallRules: [{1F85741B-3474-4786-8BC3-51E70E2C8E50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\Paradise Lost\System\ParadiseLost.exe FirewallRules: [{3CF65326-CCB1-4999-9644-E9357AAF7E76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe FirewallRules: [{536BBBF6-E9AF-415E-92FF-04B5BCFB1A34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe FirewallRules: [{874FCE77-28BE-4866-96EB-1F9366F9E23E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe FirewallRules: [{7627F27D-C0AE-4456-A348-6A61038CAEED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe FirewallRules: [UDP Query User{57D617FF-3BCA-4D78-9369-00AD7503860A}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe FirewallRules: [TCP Query User{A6787691-E9A8-4199-96A6-DC9A7D20D70F}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe FirewallRules: [{8CFA0FF8-D8F7-496E-9749-79DD939E233E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe FirewallRules: [{7703E316-B4A5-4090-914B-DAEE2CBB50C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe FirewallRules: [{820CEA97-F432-4980-BF6F-691E637F5ECC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gotham City Impostors F2P\Engine.exe FirewallRules: [{F9B3021B-AEAC-4CF0-A946-DCD019B05576}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gotham City Impostors F2P\Engine.exe FirewallRules: [UDP Query User{C51AB8FE-C0C4-4D5F-975B-B4EA24A9F978}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{EDB805AB-F2E0-45E1-8CFC-1C13B4228896}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{EA50C810-A3C1-4AD0-9D01-AF7ED50025FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe FirewallRules: [{220216D9-66D3-41F6-9962-36EB816D75E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe FirewallRules: [{04DF2845-C51F-4741-8D1F-B052E79C1B8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Party Hard\PartyHardGame.exe FirewallRules: [{39ABA3CE-93C7-4605-9537-EBA0A1942390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Party Hard\PartyHardGame.exe FirewallRules: [{86A15881-FF44-4477-98B0-FBBBA2611E0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{0A5591D2-20EA-43FC-9C95-76475C9E2362}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{E76DCACB-F6AA-47ED-919E-686986230B4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F0486B78-5B50-43CB-BA3D-2B6C121903D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{57A3999E-A4EA-420F-BF5A-2A5F80A0724B}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{866EE730-4F33-4CCB-97BB-57207256D007}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{1CBE6F89-9DC9-48C7-808E-D7D71401B209}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E38A84CF-BFE8-480E-8A6A-05384653F7D4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A32229F6-6855-4A7D-9848-1B68B33BE6C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D20CEA3F-F86E-4C7C-95B2-C7C7408D3C20}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [{58F3EFF6-7AB9-4B6B-8C41-4A71B038F865}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kitty Cat Jigsaw Puzzles\KittyCatJigsawPuzzles.exe FirewallRules: [{9FB0E5BF-216C-4A9D-AF1D-48EB38DE366F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kitty Cat Jigsaw Puzzles\KittyCatJigsawPuzzles.exe FirewallRules: [{8B8967D8-E38C-4020-A4FD-68676300B68D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Time To Explain Remastered\NoTimeToExplain.exe FirewallRules: [{D0AB07E8-621C-444A-BDC8-5200D8F7F052}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Time To Explain Remastered\NoTimeToExplain.exe FirewallRules: [{DF1F0663-F5CD-44CF-9B7D-763A4B3543D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe FirewallRules: [{BDDF2570-C287-4CE0-8345-B9E92CE32923}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe FirewallRules: [{D2CB58FD-4C83-41D5-8A29-F1D83694A798}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe FirewallRules: [{E8C7AFA9-B43A-48F9-BFE2-E7BC6CA512AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe FirewallRules: [UDP Query User{1DC4E7EA-9C41-45E3-8677-F8135E346A7E}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe FirewallRules: [TCP Query User{95C993E6-146A-4AF5-A7FE-41B9DF607CA6}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe FirewallRules: [{6F83D521-CE5E-4653-855F-798E15757231}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{951078E2-3966-4AC0-B668-EB265EFE3B92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{6EB5F1D2-84DC-48A5-8C0E-60C0A2D3E7FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe FirewallRules: [{49AAC25A-A51A-4CD6-8A8F-917BA50C6C9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe FirewallRules: [{FECE5867-4904-4954-8576-37CE4A54F1B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe FirewallRules: [{F24FE0A1-119C-400F-8CF1-82C3A453EF91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe FirewallRules: [{73A37B3C-8872-4A55-9700-C919C85C0432}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe FirewallRules: [{37C25049-37AC-452C-ABBE-4FFF03446E33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe FirewallRules: [UDP Query User{FABD0541-A284-4EDD-83FE-ABA821BE7CBA}C:\users\darren\appdata\local\fivem\fivem.exe] => (Allow) C:\users\darren\appdata\local\fivem\fivem.exe FirewallRules: [TCP Query User{C2AE4DE0-048D-4B24-B32A-BE2C8F16173A}C:\users\darren\appdata\local\fivem\fivem.exe] => (Allow) C:\users\darren\appdata\local\fivem\fivem.exe FirewallRules: [{3753DF1B-D198-4B35-981A-448CEC49F8EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe FirewallRules: [{95CF30F0-2E19-4638-A268-0861FCB2E253}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe FirewallRules: [UDP Query User{1FD19D19-7D01-4031-8E4A-F66D1F8C8758}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe FirewallRules: [TCP Query User{33E09188-827E-4F37-8352-9B28C90D3F7F}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe FirewallRules: [UDP Query User{EC4E4C3A-ED7D-4DBA-B484-2C567D5087AF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{2301BB26-3460-4447-9030-DD98A39AB8B7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{A2C9952A-F93C-4095-BC59-8B2DC17CDF17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe FirewallRules: [{91B63CE4-56BD-40F7-990A-EF4B4251362A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe FirewallRules: [{2BD0CA5D-0F0F-4AE1-BAB5-6919E3F8CE69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe FirewallRules: [{7A59F792-FCE8-4DA4-AF9F-E2F611CF4558}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe FirewallRules: [UDP Query User{A50DEBFE-D813-4222-9EC6-3612F2327E0D}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [TCP Query User{EF1C50C1-982F-441D-AEA6-320D2E8DF262}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{CDD1C4D9-B66C-4D5D-B534-77DBFEBA018C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe FirewallRules: [{8AD919C4-7F31-442E-92FB-836439DB9D6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe FirewallRules: [UDP Query User{71DF7BCE-C8EC-491E-934B-617324165330}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{8D927611-0CE7-4B7A-8C7B-146AF1E7E6E0}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{536071BD-0A7A-4DCE-BDD2-65B77B4CA168}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{076CBB9E-9E6C-4115-A669-533B45ADAAC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{4D919B65-633D-420B-8584-C67507926BD5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{BDB927F7-42D7-4398-822C-A47AFA679A58}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{A919CD72-62A6-4721-AE1C-274FD4BE4684}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{B2CCF9C1-6402-47AE-AA27-45895E14FBF3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{0998D8D2-AF8D-4E62-908E-7FB12CD16753}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe FirewallRules: [{8C7229E3-6E06-4DD3-B6A1-83FCF3DD75E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe FirewallRules: [{4B8F2EF8-CD3B-49CE-A1CC-730CC944E892}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe FirewallRules: [{BB049A5C-D802-4F13-AF83-E36F87621103}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe FirewallRules: [{4F37B32A-BA43-4E64-8DAC-BF79B19577AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe FirewallRules: [{E9E1AC55-1470-45F2-8F61-7BE6D19A500D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe FirewallRules: [{033BE0D4-0C47-47D2-9064-4F094A7DEFA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RNR\ShooterGame\Binaries\Win64\RadicalHeights.exe FirewallRules: [{0BBD2ADA-2DCF-4E5D-AB90-126F8219BE6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RNR\ShooterGame\Binaries\Win64\RadicalHeights.exe FirewallRules: [{42950A7E-479D-48C2-BA8A-D33659DD6C51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe FirewallRules: [{825F9CCA-2636-4069-BAB2-B86A37B2657C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe FirewallRules: [{FE1892FA-A814-4723-B8C4-0677E8A92466}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe FirewallRules: [{05B7192C-F5DD-46A5-B14F-4B3B98FB8870}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe FirewallRules: [{670E2948-490E-4AA7-8AC7-05BCAF22C5F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [{BB4130DF-CC41-4B85-AFE5-D5E37ECB17D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [{733A0571-78E3-4F74-8F35-6C3A1D370AE1}] => (Block) C:\users\darren\desktop\csgo server\csgoserver\srcds.exe FirewallRules: [{2B3CD49A-E04B-4240-A27A-6D9637F34C83}] => (Block) C:\users\darren\desktop\csgo server\csgoserver\srcds.exe FirewallRules: [UDP Query User{C0DE1D76-0043-4DBC-A520-42F0F8F76ACE}C:\users\darren\desktop\csgo server\csgoserver\srcds.exe] => (Allow) C:\users\darren\desktop\csgo server\csgoserver\srcds.exe FirewallRules: [TCP Query User{DBB1CFCD-4AA4-4874-BD43-6FA6132A7231}C:\users\darren\desktop\csgo server\csgoserver\srcds.exe] => (Allow) C:\users\darren\desktop\csgo server\csgoserver\srcds.exe FirewallRules: [{7CDBF326-3EFC-4D03-9B3E-8AD8EB646855}] => (Block) C:\users\darren\desktop\csgo server\steamcmd.exe FirewallRules: [{5F716B5D-C989-4D1C-BCAF-64E32C8067D7}] => (Block) C:\users\darren\desktop\csgo server\steamcmd.exe FirewallRules: [UDP Query User{483B0316-207A-4B02-B602-C7A714E2CF3D}C:\users\darren\desktop\csgo server\steamcmd.exe] => (Allow) C:\users\darren\desktop\csgo server\steamcmd.exe FirewallRules: [TCP Query User{FD47F5C1-D769-46A8-A9D2-1FDA441A1B65}C:\users\darren\desktop\csgo server\steamcmd.exe] => (Allow) C:\users\darren\desktop\csgo server\steamcmd.exe FirewallRules: [{233F52ED-16AE-45F9-958F-86E1C299F18C}] => (Block) C:\users\darren\desktop\csgo surf server\steamcmd.exe FirewallRules: [{B83454CC-1BF6-4EBA-8164-A3E90A0BB2BE}] => (Block) C:\users\darren\desktop\csgo surf server\steamcmd.exe FirewallRules: [UDP Query User{D847C706-23E7-4B48-9D77-6A67E9F45E78}C:\users\darren\desktop\csgo surf server\steamcmd.exe] => (Allow) C:\users\darren\desktop\csgo surf server\steamcmd.exe FirewallRules: [TCP Query User{1A85A4FE-1361-4C5B-99DA-CAD226E66CD6}C:\users\darren\desktop\csgo surf server\steamcmd.exe] => (Allow) C:\users\darren\desktop\csgo surf server\steamcmd.exe FirewallRules: [{F6266E31-1FF0-485A-9384-493B45522895}] => (Block) C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe FirewallRules: [{A1C6A7D3-E555-41C8-A516-D1531892C67C}] => (Block) C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe FirewallRules: [UDP Query User{D11ADD09-9883-480D-84C8-FC3F002D195D}C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe FirewallRules: [TCP Query User{528D8D9E-1314-45F6-9BBE-47FF78707069}C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe FirewallRules: [{2DE203CA-E0B3-42B8-A5CF-668D5B6AEDE9}] => (Block) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{C647CAAF-CBA1-4710-9F25-8D41F0A36B6D}] => (Block) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{938F8DB3-B393-44B5-85F8-8E9565AA6B99}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [TCP Query User{85AEFD46-3661-4D83-B274-71DE1623D225}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{8199BE08-D1EA-4C31-8705-4E4A92E4BD80}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) C:\program files\unity\monodevelop\bin\monodevelop.exe FirewallRules: [TCP Query User{13E17C82-3A73-4D65-8B33-CAFDFECAA199}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) C:\program files\unity\monodevelop\bin\monodevelop.exe FirewallRules: [{53B95873-0087-4B06-9A03-11E26DB77131}] => (Block) C:\Program Files\Unity\Editor\Data\Tools\nodejs\node.exe FirewallRules: [{20E42AB4-66AD-4BC5-A16E-18C436CA1EA6}] => (Allow) C:\Program Files\Unity\Editor\Data\Tools\nodejs\node.exe FirewallRules: [{47B86E9D-99B8-4D8E-AC03-FAE5345C9FD4}] => (Block) C:\Program Files\Unity\Editor\Unity.exe FirewallRules: [{D4F263F2-2653-40A8-9DC2-E6286D7E9C97}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe FirewallRules: [{A6050B57-2CD2-4EFE-B0D3-DB8A3721A318}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe FirewallRules: [{5AB7642A-9A4F-4E94-AA0E-90E32F7141D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe FirewallRules: [{A3CC9C98-5470-4769-8F48-6A071AF7A48A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{F3B8442E-E0F6-4628-882E-1DFD85D3C4A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{AA450792-4317-4CCD-9B3B-27F8187C7EF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{7682B5A3-FC5E-41E0-8614-D69BD1AB4A76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{ACA335B1-0759-47CE-8E5D-84C6D0883D9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{D8A44A1B-AB70-4FAC-BD0B-DBE4526DAB54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{DC0CCE21-C200-4C2A-ADA5-E9C91AF7721C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{AF89A518-4408-423C-AC7E-E8AB62F5BF50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{B468244B-D30F-4867-9C4E-AF093E3CA72A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{E585EB46-E9D9-4CA0-9DA1-F66D661977AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{3FFEC7FF-8293-4F9C-A581-2DF47ADB0D58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{3608D8E2-F9FD-4325-B2F7-B20E1171DA6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{E18C625F-EFEC-498F-A1B9-AE3DA11930E8}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe FirewallRules: [{BAA760AA-9481-4F27-A3D3-EA45D6C8396A}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe FirewallRules: [UDP Query User{8257F1BF-F423-4584-B7F8-036FA92E2F21}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe FirewallRules: [TCP Query User{7BF86241-3DD8-486E-BF6A-6CA7A3386049}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe FirewallRules: [UDP Query User{8E569EC4-9C9C-4DE0-A3E1-C393F9F72C6D}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [TCP Query User{363B5A91-9E0D-4822-9466-53C0704DB208}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{2EE461BA-B28C-4E8F-A801-052E2A4D57DC}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [{485978AF-A8F1-43A4-9542-C581096BEF67}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{0554AC9A-73C0-49FE-BE13-64F90FF7084C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{2C9EE356-423B-4FF9-8840-D11CFB897C19}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [{586A21BE-8104-49AB-8B6C-631EB28D4186}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe FirewallRules: [{1492C4EF-5C37-4074-99FC-4322443F4F5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe FirewallRules: [{816EE68B-8E3A-45C1-B008-EF85F54839C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{571AC184-5071-4B8E-A09F-5B92664DBA0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{CBD1318F-8741-4F01-8CEC-619E63D35307}] => (Block) C:\users\darren\desktop\znes 1.36\zsnesw.exe FirewallRules: [{B67C7A44-737B-4B3B-96C3-4A8E3C16B0FC}] => (Block) C:\users\darren\desktop\znes 1.36\zsnesw.exe FirewallRules: [UDP Query User{592007F3-6049-491D-9F66-20D14BAFA4BD}C:\users\darren\desktop\znes 1.36\zsnesw.exe] => (Allow) C:\users\darren\desktop\znes 1.36\zsnesw.exe FirewallRules: [TCP Query User{2E2F8959-EB74-4AD3-89B4-7BCD48677BC3}C:\users\darren\desktop\znes 1.36\zsnesw.exe] => (Allow) C:\users\darren\desktop\znes 1.36\zsnesw.exe FirewallRules: [{DF5EA623-1586-4CE6-917B-43725E6840C8}] => (Block) C:\users\darren\desktop\zsnes\zsnesw.exe FirewallRules: [{B4F580E5-A37E-4196-91C4-00D18FA7F65F}] => (Block) C:\users\darren\desktop\zsnes\zsnesw.exe FirewallRules: [UDP Query User{30768ABC-471D-4F50-9A5C-27D44B5A95B6}C:\users\darren\desktop\zsnes\zsnesw.exe] => (Allow) C:\users\darren\desktop\zsnes\zsnesw.exe FirewallRules: [TCP Query User{7F63D875-FA05-4ADE-AD48-B3A68AEE21EA}C:\users\darren\desktop\zsnes\zsnesw.exe] => (Allow) C:\users\darren\desktop\zsnes\zsnesw.exe FirewallRules: [UDP Query User{796FE4D1-42CD-497A-93D6-4BD77BF84750}C:\users\darren\desktop\snes9x-x64.exe] => (Allow) C:\users\darren\desktop\snes9x-x64.exe FirewallRules: [TCP Query User{D76232DA-077B-4AFE-8EB1-C6A965E0EBAB}C:\users\darren\desktop\snes9x-x64.exe] => (Allow) C:\users\darren\desktop\snes9x-x64.exe FirewallRules: [{CFD8930F-7CD5-4682-9CD5-4478FFBE2B8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe FirewallRules: [{70CFE8D4-9E3F-4682-A998-15393931E54D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe FirewallRules: [UDP Query User{BDBC8933-DB6D-490D-9960-A5B65DC26718}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe FirewallRules: [TCP Query User{3833A85F-90E6-450A-AACA-91FD8B235E94}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe FirewallRules: [UDP Query User{09DF31E0-DF69-4881-A0FD-F1EFEE334EE5}C:\program files (x86)\steam\steamapps\common\hunt showdown (test server)\bin\win_x64\gamelauncher.exe] => (Block) C:\program files (x86)\steam\steamapps\common\hunt showdown (test server)\bin\win_x64\gamelauncher.exe FirewallRules: [TCP Query User{1432112D-99A0-4190-A465-E1ABFD1D24D8}C:\program files (x86)\steam\steamapps\common\hunt showdown (test server)\bin\win_x64\gamelauncher.exe] => (Block) C:\program files (x86)\steam\steamapps\common\hunt showdown (test server)\bin\win_x64\gamelauncher.exe FirewallRules: [{950C0FB7-7A43-4E11-A517-99E50B3A3BD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe FirewallRules: [{5065403F-6A16-4EA4-B7F2-0981897117DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe FirewallRules: [{3E8B9190-7912-4092-A0D5-CFBA5DE1FFD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe FirewallRules: [{EC5EE489-29A3-4366-89DE-8BDADEBCAFAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe FirewallRules: [{4D2CE4EA-CE7B-4EC1-8C18-7BB7D3A9C3CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{0DAA3056-0E7A-4E31-9AFC-C2DFC4C887A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{31C37FD4-1141-40ED-8905-BBCB330394B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe FirewallRules: [{83F50668-E41B-4241-9DBD-F8784E53FA72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe FirewallRules: [{DC60476F-F231-4672-8934-9C356D9853FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{575073C6-5143-4211-8D61-BB25864E5DFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{14C5EEC8-FD14-477B-A654-F5ED1F85451B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{19A96D07-C105-4AB7-AF19-1CA1E964C2DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [UDP Query User{6D5DBD5D-FEBA-482B-BC62-0EA1501567C3}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [TCP Query User{D011831E-E108-431E-8DC8-02D8E24F8001}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [{FC684F60-1DD3-4FD9-BFAB-1F81BD005E28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe FirewallRules: [{E16CE33D-21F2-41A6-B4E5-85CB7A6FABF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe FirewallRules: [UDP Query User{1D639F38-087C-44F5-A307-EFD84463B62D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{7EC45BC3-2FA3-4383-9823-1F909FE3ADAC}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{DF50DF2F-EE89-445F-8949-440C69185EB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe FirewallRules: [{81E71D76-7CD4-4302-81FE-35AB016421B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe FirewallRules: [UDP Query User{05D9F7BB-C965-4671-B27B-F0837740BE5B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{D881FBE2-9C90-480B-8885-6884C2C4B443}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{B35A3CB0-EC22-490A-94CB-4574A4050FDD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{2C4B843D-0A2F-4236-9679-AE399DC29A3A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{5CB098AF-C736-4AF0-AACF-CE007870A84F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{DDAA6827-C7E9-4925-A0CC-AF91B05FB303}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{5A026578-6DFC-4A76-9F0D-4E716B4380F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe FirewallRules: [{08E47E62-CF8A-4EB9-B9F8-C63C5EEDC939}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe FirewallRules: [{FE0DD32C-ABF3-4E83-9462-8B86D8CD4C47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe FirewallRules: [{AFE5BE1C-7711-4522-8244-62890BE1DF2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe FirewallRules: [{0AEBF3DE-CD6B-4703-8F5F-C9E4BE5EDBF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe FirewallRules: [{33827BD3-73B9-4EFE-8FC3-7E78AA72628F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe FirewallRules: [{F4363EE0-9311-460D-8D6A-CECE92C0F722}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderless Gaming\BorderlessGaming.exe FirewallRules: [{34F05EFA-ECFC-466D-B191-624FE9E09610}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderless Gaming\BorderlessGaming.exe FirewallRules: [{E7AF3A13-3164-4E1A-AC0E-5003DB17A205}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Getting Over It\GettingOverIt.exe FirewallRules: [{ED6D2210-1A0A-41DF-94A8-4B3E855AFB4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Getting Over It\GettingOverIt.exe FirewallRules: [TCP Query User{DC8AF864-07D8-4F29-8BB1-9D4C83BDACBA}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe FirewallRules: [UDP Query User{BF5EC098-4789-41FF-9C71-28CDDE7D5ADD}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe FirewallRules: [{F4CD6CEB-B583-4B8B-B818-740661AD0F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{5D397B7E-AB51-4869-8A71-59594D95E73E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{AE554D36-59B1-4753-A965-92ABD9865E70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe FirewallRules: [{EFBEBA51-ED26-4174-9453-7268313E5E0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe FirewallRules: [{BE32299E-B7CA-4856-84B8-F6B8C026981D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{C5446910-8EE1-4B23-8F01-4F6D0C6E364B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{2B507085-F7BB-4259-9735-E557B8A74BE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 Tiberium Wars\CNC3.exe FirewallRules: [{F5DB55EB-04E9-4A55-8665-B61362B0EE13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 Tiberium Wars\CNC3.exe FirewallRules: [{A80C88D0-83FF-45B9-A6F6-88E5A046AE8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 Tiberium Wars\RetailExe\1.9\cnc3game.dat FirewallRules: [{9DF11C25-F1E1-40CA-8A92-A8FDD52A283D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WarframeTennoGen\bin\SteamWorkshopUploader.exe FirewallRules: [{5F34427E-3AA8-423F-8A3D-D90A639B1228}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WarframeTennoGen\bin\SteamWorkshopUploader.exe FirewallRules: [{5B8E9522-DA9C-4FE8-B6FE-D434D008D8B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{48D99AD6-BBFD-45BB-805C-82FDD977F107}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{B14A040A-466C-449A-8F27-B17B774673A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [{A63AD1B5-BFB1-44A6-A626-1852D1CB8C99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [TCP Query User{CBE7B639-5C3C-46CB-86C8-D2F7112BCE48}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [UDP Query User{55155673-18B5-4512-96F6-D28D7AD5C35A}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [{9EF3DDFD-6F06-4819-B704-EA44DDA840B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe FirewallRules: [{E7ED127C-CAC9-4842-8BF6-6C6E2F2592C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe FirewallRules: [{D076D6E6-13EA-47FA-A30F-536F4D0254F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{573D78FF-BC62-4601-A0BB-C5D9474E4A25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{509B51D8-088F-4A6B-90B1-1230EE78C833}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe FirewallRules: [{A9867CDC-95B5-4D93-A174-6013C3EA443E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe FirewallRules: [{D2900C67-E0D4-4DF0-9A2B-CE3653CAFA8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe FirewallRules: [{3A50FDE8-546C-4E53-8BD3-82DCC2097BE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe FirewallRules: [{1038844E-61DB-47E7-9E3F-8114227C8D57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe FirewallRules: [{E9227676-4383-4036-BA9D-68E0944E6458}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe FirewallRules: [{80BD363C-182C-43FD-8025-17C8B2F1BB61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Mesa\bms.exe FirewallRules: [{12D800D6-12FB-48BE-8179-625449D56A55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Mesa\bms.exe FirewallRules: [{A74E10D8-D13C-4FAE-9902-0268F826BEA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\MapEditor.exe FirewallRules: [{C2CCC111-9654-4231-AE89-21A165A80CA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\MapEditor.exe FirewallRules: [{8781075B-A308-41EC-819E-F3B0282E4F42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 - Kane's Wrath\CNC3EP1.exe FirewallRules: [{21CBE6AD-CCDA-4766-8AA5-FBB97F9FADE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 - Kane's Wrath\CNC3EP1.exe FirewallRules: [{1E7C73C5-1A71-441A-9CFA-E1DFFE32A313}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 - Kane's Wrath\RetailExe\1.2\cnc3ep1.dat FirewallRules: [{32DE8DB3-1941-4D79-8260-F9CEFA604A69}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{69127718-1FE5-4D2D-B44C-69AC42652B89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe FirewallRules: [{D1E83A95-E24A-45BF-9F28-92E710DD36EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe FirewallRules: [TCP Query User{21B7850C-A82D-44E1-B405-6FA2392D1648}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe FirewallRules: [UDP Query User{5F5ED3DE-CC5B-42DE-B302-6C4CE7977866}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe FirewallRules: [TCP Query User{A118AFB9-7225-4DFA-B39C-2FB3AB97E9ED}C:\program files (x86)\steam\steamapps\common\command and conquer 3 - kane's wrath\retailexe\1.2\cnc3ep1.dat] => (Block) C:\program files (x86)\steam\steamapps\common\command and conquer 3 - kane's wrath\retailexe\1.2\cnc3ep1.dat FirewallRules: [UDP Query User{59A976BA-6A37-4198-83F0-E657FE43FFEF}C:\program files (x86)\steam\steamapps\common\command and conquer 3 - kane's wrath\retailexe\1.2\cnc3ep1.dat] => (Block) C:\program files (x86)\steam\steamapps\common\command and conquer 3 - kane's wrath\retailexe\1.2\cnc3ep1.dat FirewallRules: [{4994911E-7F11-4FE0-90AD-834E1D85089F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svencoop.exe FirewallRules: [{F76DC3C0-8BD1-4438-B807-36A751564CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svencoop.exe FirewallRules: [{AB5516B6-B342-4C97-8A35-E8A01F3316BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svends.exe FirewallRules: [{DEF622CB-1029-4CD0-99C3-1DC87186A6C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svends.exe FirewallRules: [{4A179B97-D57B-4084-9FF9-483BA0CBC6AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{5B30123B-DC7D-428B-BDBB-F1BA3BEB16C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{8DDB2297-43CC-4BD0-86E6-791BCEAEEFD7}] => (Allow) C:\Program Files\Parsec\parsecd.exe FirewallRules: [{1267F8C1-AEA8-4649-91CB-A6ACD48121FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Synergy\synergy.exe FirewallRules: [{F7541B0D-DB39-45D8-9CAC-5A80A9166511}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Synergy\synergy.exe FirewallRules: [{3E9121DC-8BC7-497A-8EF8-7A27A0C0EC32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{ECE726AA-2435-4CDF-862C-DD6D2D3A46FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{4D854480-2854-4271-BF28-3AF619B99E97}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{5E53630A-6851-45E2-A6F2-2DCF041CAA31}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{F41A35DC-D58E-4F9E-ABE8-2E3FEC5AB70D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WarframeTennoGen\bin\SteamWorkshopUploader.exe FirewallRules: [{833C3792-2B47-4C40-9D93-9756317D6E23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WarframeTennoGen\bin\SteamWorkshopUploader.exe FirewallRules: [TCP Query User{D211E8E4-4A97-4D55-AC1F-499A0D948947}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{927185C6-B4ED-42BE-9D0F-ED6A753025D8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{75A45D07-BC6F-4262-8605-270473E0103F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe FirewallRules: [UDP Query User{544C9091-D4E9-4C84-87E1-977BA4C4A734}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe FirewallRules: [{B28AAA99-A082-4AAC-9710-80D64071B5F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F5D92491-CDA5-461B-B5C5-88D543A07CFA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{27FB4E3B-BFDF-4523-BDDA-A7E57B5C9ABF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C72CCC37-70FA-45A9-B763-ADE94F7EB9EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{023F3CB2-27B0-41AC-9F75-20E463FECD65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe FirewallRules: [{11B81FD7-216D-43F8-90F3-19F2F312CE01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe FirewallRules: [{3477F3B2-9678-432E-849E-BD4EBFDA5FEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe FirewallRules: [{985B093B-0FF3-442F-ACFB-B63FE4260EC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe FirewallRules: [{C87B6B59-324B-45F3-B174-BCE8AF26DC93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe FirewallRules: [{F62A423C-0C08-497B-8F9F-4DEEE24724B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe FirewallRules: [{8A86067A-3694-43AE-AD52-F754EE21983B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{4A5BC5AA-1123-46E6-8A07-AF346D8224F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{C24FA111-7B20-4D07-A952-B8F8C85B9542}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{2A6920F5-2B6B-406E-B06B-60FB3FC76FC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [TCP Query User{680AC547-66EA-4077-8F9B-0D69A503E8E5}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{85E8ABFA-FE9E-4578-89ED-81797377ACDA}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{21964AEF-C973-4E8C-A628-CC69265B22AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Party\HouseParty.exe FirewallRules: [{01739964-A1BB-4F31-BD60-944C5C7155FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Party\HouseParty.exe FirewallRules: [{73793B16-7CBB-4666-9C2B-A6AA7922C932}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{338CBDAE-9C83-4951-AB7A-24473B7CD320}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{B8B282BF-5A5A-4DAA-82E4-6EA638EDE773}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{D9892D44-5F49-4AF6-873A-9AC7A23BB7AC}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{6D21AFEC-7831-4531-9103-C52819B175DC}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{596ED57C-9D3C-4B0B-97B0-7EBB9F81E0BE}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{85DC2EE2-6A08-4C4E-AD36-C81899138848}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{3BD51746-2A73-4AF9-89D9-417A60322592}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{161D41CA-DC20-41ED-AC8B-FB0D5C28040B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe FirewallRules: [{B999CB27-E575-4CDC-A2CC-9ACC075FDF8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe FirewallRules: [{BA23D1B0-0911-4A44-9CA7-3391FD890488}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe FirewallRules: [{AEC3BF45-9D65-4ADE-BE09-AD88838482D1}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe FirewallRules: [{0508BE36-E6AD-4498-9DCC-55A1DD80DED2}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe ==================== Restore Points ========================= 29-08-2018 03:20:14 Removed Avira Software Updater 29-08-2018 03:25:30 Removed Avira Software Updater 01-09-2018 03:00:52 Removed iTunes ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/06/2018 08:54:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.17134.1, time stamp: 0xa38b9ab2 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0x8400000e Fault offset: 0x0000000000000000 Faulting process id: 0x1080 Faulting application start time: 0x01d4465e5a67b76c Faulting application path: C:\WINDOWS\System32\svchost.exe Faulting module path: unknown Report Id: 3add736d-7fd5-454c-9e45-a5d927a41f2e Faulting package full name: Faulting package-relative application ID: Error: (09/05/2018 10:25:53 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_fb4599993062b194.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_42f2d07044deda9a.manifest. Error: (09/05/2018 10:20:25 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 25 3.D.B.0.7.A.1.8.1.D.6.6.3.4.5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR DESKTOP-0J3GVO7-2.local. Error: (09/05/2018 10:20:25 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.75:5353 23 3.D.B.0.7.A.1.8.1.D.6.6.3.4.5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR DESKTOP-0J3GVO7.local. Error: (09/05/2018 10:20:25 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 25 75.1.168.192.in-addr.arpa. PTR DESKTOP-0J3GVO7-2.local. Error: (09/05/2018 10:20:25 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.75:5353 23 75.1.168.192.in-addr.arpa. PTR DESKTOP-0J3GVO7.local. Error: (09/05/2018 10:18:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SearchUI.exe, version: 10.0.17134.228, time stamp: 0x5b63c896 Faulting module name: Windows.UI.Xaml.dll, version: 10.0.17134.81, time stamp: 0x4f4899f8 Exception code: 0xc000027b Fault offset: 0x00000000006a4e02 Faulting process id: 0x2438 Faulting application start time: 0x01d445a089c35916 Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll Report Id: 2735616f-0e04-44db-ba22-0e3bbaa51c11 Faulting package full name: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: CortanaUI Error: (09/05/2018 10:17:04 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_fb4599993062b194.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_42f2d07044deda9a.manifest. System errors: ============= Error: (09/06/2018 09:01:26 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0J3GVO7) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-0J3GVO7\Darren SID (S-1-5-21-593542779-3124579855-1873938374-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (09/06/2018 08:55:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Downloaded Maps Manager service terminated unexpectedly. It has done this 1 time(s). Error: (09/06/2018 08:54:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0J3GVO7) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-0J3GVO7\Darren SID (S-1-5-21-593542779-3124579855-1873938374-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (09/06/2018 08:54:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0J3GVO7) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-0J3GVO7\Darren SID (S-1-5-21-593542779-3124579855-1873938374-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (09/06/2018 08:54:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0J3GVO7) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-0J3GVO7\Darren SID (S-1-5-21-593542779-3124579855-1873938374-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (09/05/2018 11:11:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0J3GVO7) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (09/05/2018 11:11:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0J3GVO7) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (09/05/2018 10:51:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0J3GVO7) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-0J3GVO7\Darren SID (S-1-5-21-593542779-3124579855-1873938374-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Windows Defender: =================================== Date: 2018-07-21 01:51:06.445 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {1DA8D426-E041-437E-91CA-C0E7A3FE63A8} Scan Type: Antimalware Scan Parameters: Quick Scan CodeIntegrity: =================================== Date: 2018-09-05 21:46:14.971 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-09-05 21:45:43.081 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-09-05 21:45:42.529 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-09-05 21:45:41.020 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-09-05 21:45:32.506 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-09-05 21:45:32.379 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-09-03 03:40:55.298 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-09-03 03:40:55.296 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: AMD Ryzen 5 1600X Six-Core Processor Percentage of memory in use: 38% Total physical RAM: 16336.39 MB Available physical RAM: 10021.96 MB Total Virtual: 32672.77 MB Available Virtual: 24275.69 MB ==================== Drives ================================ Drive ? (1TB) (Fixed) (Total:930.56 GB) (Free:42.44 GB) NTFS \\?\Volume{3f494268-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.16 GB) NTFS \\?\Volume{3f494268-0000-0000-0000-70c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 3F494268) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=468 MB) - (Type=27) ==================== End of Addition.txt ============================

Earlier after I ran adwcleaner the first time the majority of my programs closed. Did the virus do this as well? I'm starting to panic PLEASE HELP!

I restarted my computer a couple of times and now the popup stopped, what happened? Is the adware still there?

IT ALSO HAPPENED WHEN CHROME WAS COMPLETELY CLOSED! PLEASE HELP! Another weird thing is that when I turn on my monitors I have to click before the screen actually comes up, is this related?

Here is another screenshot of the webpage: http://prntscr.com/kr5etf It only opens on Chrome, I was tabbed into Microsoft Edge and it didn't open It seems to happen in whatever Chrome tab I was last tabbed in to. Please help!!!