Jump to content

Recommended Posts

I've been trying to remove malware in my computer for days now but I can't seem to completely get rid of them I can't even download malwarebytes, I've deleted all the Untrusted Certificates and I've deleted some in the trusted ones too cause I recognized the virus put it's self there. When I try to download malwarebytes I get Runtime error at 351:120 Could not call proc. Please help me i'm considering to dust the whole pc cause I can't get rid of these viruses 

Share this post


Link to post
Share on other sites

Hi PatrickSF :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.

  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens
  • As long as I'm assisting you on Malwarebytes Forums, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against Malwarebytes Forums's rules
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone
    This being said, I have a full time job so sometimes it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread


This being said, it's time to clean-up some malware, so let's get started, shall we? :)

Follow the instructions in the thread below. Make sure to download the MBAR version linked in it. Let me know if you're not able to launch it and run a scan.
 
https://forums.malwarebytes.com/topic/198907-requested-resource-is-in-use-error-unable-to-start-malwarebytes/
 
If you manage to run a scan, delete everything it finds, and then copy/paste the content of the mbar-log-DATE-(TIME).txt log that is located in the MBAR folder here after. 

Share this post


Link to post
Share on other sites

I downloaded it but I can't Update it it says "Failed :Net Exception". I can still scan though, I'm running on safe mode too.

 

Edited by PatrickSF
mistake

Share this post


Link to post
Share on other sites

That's good. Now you should be able to install and run a scan with Malwarebytes.

j1Bynr2.pngMalwarebytes - Clean Mode

  • Download and install the free version of Malwarebytes
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point
  • Once Malwarebytes is installed, launch it and let it update his database. You might have to click on the little arrow by Scan Status in the middle right pane for it to do so
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan
  • Let the scan run, the time required to complete the scan depends of your system and computer specs
  • Once the scan is complete, make sure that the first checkbox at the top is checked (which will automatically check every detected item), then click on the Quarantine Selected button
    • If it asks you to restart your computer to complete the removal, do so
  • Click on Export Summary after the deletion (in the bottom-left corner) and select Copy to Clipboard. Paste the content in your next reply

Share this post


Link to post
Share on other sites

They'll be in the MBAR quarantine folder, that we'll delete at the end of the clean-up. But once they're there, they're harmless.

Share this post


Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/8/17
Scan Time: 1:50 AM
Log File: 0ea4b12e-ab88-11e7-ad23-50465db7400f.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.2969
License: Trial

-System Information-
OS: Windows 10 (Build 14393.1715)
CPU: x64
File System: NTFS
User: DESKTOP-90303TB\Filarmeo PC

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 534890
Threats Detected: 468
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 26 min, 5 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 34
PUP.Optional.SomeFunGames.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\Somefungames, No Action By User, [1161], [438977],1.0.2969
PUP.Optional.MailRu.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bhjhnafpiilpffhglajcaepjbnbjemci, No Action By User, [8371], [402756],1.0.2969
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\epgjfmblhacacphaljkdcjllkomdcjpc, No Action By User, [671], [403166],1.0.2969
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hcadgijmedbfgciegjomfpjcdchlhnif, No Action By User, [671], [403165],1.0.2969
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947, No Action By User, [8829], [436606],1.0.2969
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{c83a59b1}, No Action By User, [22], [260250],1.0.2969
PUP.Optional.ByteFence, HKU\S-1-5-18\SOFTWARE\ByteFence, No Action By User, [626], [388728],1.0.2969
PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\WajIEnhance, No Action By User, [83], [244670],1.0.2969
PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, No Action By User, [83], [-1],0.0.0
PUP.Optional.ChromeHelper, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\GoogleChromeUpService, No Action By User, [8031], [383226],1.0.2969
PUP.Optional.MorePowerfulCleaner, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\mpc.am, No Action By User, [181], [352334],1.0.2969
PUP.Optional.MorePowerfulCleaner, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\search.mpc.am, No Action By User, [181], [352337],1.0.2969
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, No Action By User, [5387], [425124],1.0.2969
PUP.Optional.InstallCore, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\SOFTWARE\csastats, No Action By User, [2], [260986],1.0.2969
PUP.Optional.MorePowerfulCleaner, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\mpc.am, No Action By User, [181], [352340],1.0.2969
PUP.Optional.MorePowerfulCleaner, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\search.mpc.am, No Action By User, [181], [352330],1.0.2969
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, No Action By User, [522], [440037],1.0.2969
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, No Action By User, [522], [440037],1.0.2969
PUP.Optional.SearchManager, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, No Action By User, [522], [440037],1.0.2969
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, No Action By User, [522], [183362],1.0.2969
PUP.Optional.SearchManager, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, No Action By User, [522], [183362],1.0.2969
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASAPI32, No Action By User, [626], [389038],1.0.2969
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947, No Action By User, [8829], [436606],1.0.2969
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASMANCS, No Action By User, [626], [389038],1.0.2969
PUP.Optional.DllKitPRO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DllKitPRO, No Action By User, [600], [324544],1.0.2969
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4E207BE2-3025-4503-94A1-536902099743}, No Action By User, [1708], [341898],1.0.2969
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{53729F17-9E79-4D47-9CE5-BBC0B1DA0662}, No Action By User, [8390], [407189],1.0.2969
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\FastDataX Task, No Action By User, [8390], [407190],1.0.2969
PUP.Optional.DllKitPRO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F7D9A15F-A9C4-4B1D-9C82-34D2BC3E4B44}, No Action By User, [600], [386992],1.0.2969
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\CONSOLE\TASKENG.EXE, No Action By User, [5387], [425125],1.0.2969
PUP.Optional.ProductSetup, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\SOFTWARE\PRODUCTSETUP, No Action By User, [14208], [242047],1.0.2969
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, No Action By User, [83], [170024],1.0.2969
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, No Action By User, [83], [170024],1.0.2969
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, No Action By User, [83], [170024],1.0.2969

Registry Value: 10
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{c83a59b1}|1, No Action By User, [22], [260250],1.0.2969
PUP.Optional.Wajam, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, No Action By User, [83], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, No Action By User, [5387], [425124],1.0.2969
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, No Action By User, [5387], [425126],1.0.2969
PUP.Optional.NotChromeRun, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CHROMIUM, No Action By User, [1404], [391151],1.0.2969
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4E207BE2-3025-4503-94A1-536902099743}|PATH, No Action By User, [1708], [341898],1.0.2969
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{53729F17-9E79-4D47-9CE5-BBC0B1DA0662}|PATH, No Action By User, [8390], [407189],1.0.2969
PUP.Optional.DllKitPRO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F7D9A15F-A9C4-4B1D-9C82-34D2BC3E4B44}|PATH, No Action By User, [600], [386992],1.0.2969
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, No Action By User, [5387], [425125],1.0.2969
PUP.Optional.ProductSetup, HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\SOFTWARE\PRODUCTSETUP|TB, No Action By User, [14208], [242047],1.0.2969

Registry Data: 9
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, No Action By User, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, No Action By User, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{06c5a8d5-f8a9-4aff-ac3b-2e98a783b667}|DhcpNameServer, No Action By User, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{641411f9-8cdc-4d0e-97bd-1b00d1b44d6a}|NameServer, No Action By User, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{641411f9-8cdc-4d0e-97bd-1b00d1b44d6a}|DhcpNameServer, No Action By User, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{7b5e5f20-63f1-4f20-b848-20f670f96e5c}|NameServer, No Action By User, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{db95cc4f-2feb-4e2c-afc5-a6a995d797ec}|NameServer, No Action By User, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{db95cc4f-2feb-4e2c-afc5-a6a995d797ec}|DhcpNameServer, No Action By User, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{feab4c62-b2fd-49e5-8aed-c11a0fd35477}|NameServer, No Action By User, [22], [-1],0.0.0

Data Stream: 0
(No malicious items detected)

Folder: 190
PUP.Optional.UPUpdata, C:\USERS\FILARMEO PC\APPDATA\ROAMING\UPUPDATA, No Action By User, [12280], [182123],1.0.2969
PUP.Optional.Tables, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj\1.1_0\icon, No Action By User, [876], [435151],1.0.2969
PUP.Optional.Tables, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj\1.1_0\js, No Action By User, [876], [435151],1.0.2969
PUP.Optional.Tables, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj\1.1_0, No Action By User, [876], [435151],1.0.2969
PUP.Optional.Tables, C:\USERS\FILARMEO PC\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\EXTENSIONS\EGAFJHHPBIPCMPOIOMEGBCKLJBBBPHOJ, No Action By User, [876], [435151],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\es_419, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\en_US, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\en_GB, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\pt_BR, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\pt_PT, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\zh_CN, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\zh_TW, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\fil, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\be, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\bg, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\bn, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ca, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\cs, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\da, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\de, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\el, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\en, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\es, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\et, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\fa, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\fi, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\fr, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\gu, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\he, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\hr, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\hu, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\id, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\it, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ja, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\kn, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ko, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\lt, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\lv, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\mk, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ml, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\mr, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ms, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\nl, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\no, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\pl, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\pt, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\hi, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ro, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ru, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\sk, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\sl, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\sq, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\sr, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\sv, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\sw, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ta, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\te, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\th, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\tr, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\uk, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\vi, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\am, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ar, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\files, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\PROGRAM FILES (X86)\CKCPTYVYQIE, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\PROGRAM FILES (X86)\AVMVIUOBWTUN, No Action By User, [519], [438913],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\es_419, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\en_US, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\en_GB, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\pt_BR, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\pt_PT, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\zh_CN, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\zh_TW, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\fil, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\be, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\bg, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\bn, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ca, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\cs, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\da, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\de, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\el, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\en, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\es, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\et, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\fa, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\fi, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\fr, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\gu, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\he, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\hr, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\hu, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\id, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\it, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ja, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\kn, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ko, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\lt, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\lv, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\mk, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ml, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\mr, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ms, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\nl, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\no, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\pl, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\pt, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\hi, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ro, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ru, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\sk, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\sl, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\sq, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\sr, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\sv, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\sw, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ta, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\te, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\th, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\tr, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\uk, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\vi, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\am, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ar, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_metadata, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\icons, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\USERS\FILARMEO PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\GDLPHNCGDLAAJDDHDGINOCBKNDMCEAML, No Action By User, [7422], [443170],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\es_419, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\en_US, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\en_GB, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\pt_BR, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\pt_PT, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\zh_CN, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\zh_TW, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\fil, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\be, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\bg, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\bn, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ca, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\cs, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\da, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\de, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\el, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\en, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\es, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\et, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\fa, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\fi, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\fr, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\gu, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\he, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\hr, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\hu, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\id, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\it, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ja, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\kn, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ko, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\lt, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\lv, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\mk, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ml, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\mr, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ms, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\nl, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\no, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\pl, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\pt, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\hi, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ro, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ru, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\sk, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\sl, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\sq, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\sr, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\sv, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\sw, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ta, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\te, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\th, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\tr, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\uk, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\vi, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\am, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ar, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\icons, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\USERS\FILARMEO PC\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\EXTENSIONS\GFFLCPENCNMIDMBDKLFKBMFJMBIEAOPP, No Action By User, [1371], [331824],1.0.2969

File: 219
PUP.Optional.Tables, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj\1.1_0\icon\icon128.png, No Action By User, [876], [435151],1.0.2969
PUP.Optional.Tables, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj\1.1_0\icon\icon16.png, No Action By User, [876], [435151],1.0.2969
PUP.Optional.Tables, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj\1.1_0\icon\icon24.png, No Action By User, [876], [435151],1.0.2969
PUP.Optional.Tables, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj\1.1_0\icon\icon32.png, No Action By User, [876], [435151],1.0.2969
PUP.Optional.Tables, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj\1.1_0\js\background.js, No Action By User, [876], [435151],1.0.2969
PUP.Optional.Tables, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj\1.1_0\index.html, No Action By User, [876], [435151],1.0.2969
PUP.Optional.Tables, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj\1.1_0\manifest.json, No Action By User, [876], [435151],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\files\background.js, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\files\foreground.js, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\files\main.css, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\files\proxy.js, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\hi\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\am\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ar\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\be\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\bg\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\bn\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ca\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\cs\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\da\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\de\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\el\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\en\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\en_GB\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\en_US\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\es\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\es_419\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\et\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\fa\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\fi\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\fil\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\fr\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\gu\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\he\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\hr\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\hu\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\id\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\it\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ja\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\kn\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ko\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\lt\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\lv\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\mk\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ml\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\mr\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ms\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\nl\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\no\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\pl\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\pt\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\pt_BR\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\pt_PT\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ro\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ru\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\sk\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\sl\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\sq\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\sr\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\sv\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\sw\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\ta\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\te\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\th\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\tr\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\uk\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\vi\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\zh_CN\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\_locales\zh_TW\messages.json, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\background.html, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\files\Kernel.js, No Action By User, [519], [438444],1.0.2969
Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE\icon16.ico, No Action By User, [519], [438444],1.0.2969
Generic.Malware/Suspicious, C:\WINDOWS\D396ED7D0664235F20ADD775AC4AB62D.EXE, No Action By User, [0], [392686],1.0.2969
PUP.Optional.WinYahoo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\HOWTOREMOVE.HTML.LNK, No Action By User, [71], [254335],1.0.2969
PUP.Optional.SearchManager, C:\USERS\FILARMEO PC\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, No Action By User, [522], [260989],1.0.2969
PUP.Optional.DllKitPRO, C:\WINDOWS\SYSTEM32\TASKS\DLLKITPRO, No Action By User, [600], [324541],1.0.2969
Adware.NeoBar.ChrPRST, C:\USERS\FILARMEO PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\GDLPHNCGDLAAJDDHDGINOCBKNDMCEAML\1.6.3_0\MANIFEST.JSON, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\icons\icon128.png, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\icons\icon16.png, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\icons\icon48.png, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\hi\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\am\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ar\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\be\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\bg\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\bn\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ca\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\cs\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\da\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\de\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\el\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\en\background.js, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\en\Content.js, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\en\foreground.js, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\en\Kernel.js, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\en\main.css, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\en\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\en_GB\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\en_US\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\es\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\es_419\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\et\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\fa\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\fi\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\fil\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\fr\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\gu\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\he\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\hr\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\hu\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\id\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\it\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ja\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\kn\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ko\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\lt\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\lv\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\mk\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ml\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\mr\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ms\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\nl\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\no\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\pl\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\pt\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\pt_BR\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\pt_PT\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ro\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ru\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\sk\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\sl\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\sq\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\sr\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\sv\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\sw\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\ta\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\te\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\th\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\tr\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\uk\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\vi\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\zh_CN\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_locales\zh_TW\messages.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_metadata\computed_hashes.json, No Action By User, [7422], [443170],1.0.2969
Adware.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlphncgdlaajddhdginocbkndmceaml\1.6.3_0\_metadata\verified_contents.json, No Action By User, [7422], [443170],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\USERS\FILARMEO PC\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\EXTENSIONS\GFFLCPENCNMIDMBDKLFKBMFJMBIEAOPP\2.0.0.347_0\MANIFEST.JSON, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\icons\icon128.png, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\icons\icon16.png, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\icons\icon48.png, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\hi\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\am\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ar\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\be\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\bg\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\bn\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ca\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\cs\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\da\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\de\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\el\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\en\background.js, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\en\Content.js, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\en\foreground.js, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\en\Kernel.js, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\en\main.css, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\en\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\en_GB\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\en_US\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\es\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\es_419\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\et\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\fa\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\fi\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\fil\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\fr\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\gu\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\he\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\hr\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\hu\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\id\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\it\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ja\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\kn\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ko\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\lt\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\lv\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\mk\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ml\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\mr\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ms\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\nl\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\no\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\pl\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\pt\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\pt_BR\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\pt_PT\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ro\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ru\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\sk\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\sl\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\sq\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\sr\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\sv\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\sw\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\ta\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\te\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\th\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\tr\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\uk\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\vi\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\zh_CN\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.NeoBar.ChrPRST, C:\Users\Filarmeo PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfflcpencnmidmbdklfkbmfjmbieaopp\2.0.0.347_0\_locales\zh_TW\messages.json, No Action By User, [1371], [331824],1.0.2969
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.7\STANDALONEPHASE1.DAT, No Action By User, [689], [393793],1.0.2969
Adware.InstallMonster, C:\USERS\FILARMEO PC\DOWNLOADS\AVS-VIDEO-EDITOR-7.5.1_7086532.ZIP, No Action By User, [120], [420515],1.0.2969
PUP.Optional.OpenCandy, C:\USERS\FILARMEO PC\DOWNLOADS\CHEATENGINE67.EXE, No Action By User, [520], [101648],1.0.2969
PUP.Optional.AdvisterMedia, C:\USERS\FILARMEO PC\DOWNLOADS\DLLKIT-SETUP.EXE, No Action By User, [954], [324533],1.0.2969

Physical Sector: 0
(No malicious items detected)


(end)

Share this post


Link to post
Share on other sites

Did you quarantine all the threats Malwarebytes detected?

Share this post


Link to post
Share on other sites

Good :) Now let's do a sweep with AdwCleaner and RogueKiller.

zcMPezJ.pngAdwCleaner - Fix Mode

  • Download AdwCleaner and move it to your Desktop
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all active processes
    V7SD4El.png
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply

RQKuhw1.pngRogueKiller

  • Download the right version of RogueKiller for your Windows version (32 or 64-bit)
  • Once done, move the executable file to your Desktop, right-click on it and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
  • Wait for the scan to complete
  • On completion, the results will be displayed
  • Check every single entry (threat found), and click on the Remove Selected button
  • On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
  • This will open the report in Notepad. Copy/paste its content in your next reply

Your next reply(ies) should therefore contain:

  • Copy/pasted AdwCleaner clean log
  • Copy/pasted RogueKiller clean log

Share this post


Link to post
Share on other sites

Click on "No".

Share this post


Link to post
Share on other sites

# AdwCleaner 7.0.3.1 - Logfile created on Sat Oct 07 19:07:34 2017
# Updated on 2017/29/09 by Malwarebytes 
# Database: 10-04-2017.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

PUP.Optional.Legacy, WebServe
PUP.Adware.Heuristic, b210ceaee3e8b3e38a196c92e80be6ef


***** [ Folders ] *****

PUP.Optional.Legacy, C:\Windows\System32\SSL
PUP.Optional.Legacy, C:\Windows\SysWOW64\SSL
PUP.Optional.Legacy, C:\Windows\GJFix
PUP.Optional.Legacy, C:\Users\Filarmeo PC\AppData\Local\Tencent
PUP.Optional.Legacy, C:\Program Files (x86)\YouKu
PUP.Optional.Legacy, C:\Users\Filarmeo PC\AppData\Roaming\YouKu
PUP.Optional.Mail.Ru, C:\Windows\System32\config\systemprofile\AppData\Local\Mail.Ru
PUP.Optional.Mail.Ru, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Mail.Ru
PUP.Optional.PassWidget, C:\Program Files (x86)\Miped


***** [ Files ] *****

Adware.Elex, C:\Windows\SysNative\drivers\TAOKernelEx64.sys
PUP.Optional.Legacy, C:\Windows\rsrcs.dll
PUP.Optional.Legacy, C:\ProgramData\webad.xml
PUP.Optional.Legacy, C:\ProgramData\Application Data\webad.xml
PUP.Optional.Legacy, C:\Users\All Users\webad.xml


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Adware.Heuristic, b210ceaee3e8b3e38a196c92e80be6ef
PUP.Adware.Heuristic, c685211f57696ebd632a6658a936d2c0


***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ad.mail.ru
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mail.ru
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hao123.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hao123.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.hao123.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.hao123.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hao123.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hao123.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.hao123.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.hao123.com
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {31B91CFC-8C9A-4268-96E4-48E3B4FFE849}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {ED27ECC9-802E-4E24-B9E7-1CC7ED7D1D24}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4CA81A90-F5A7-4665-98DA-9B6DC9236EAD}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {965D4A4B-8726-46FD-8C24-46A0BEB16180}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {746FA228-7F4B-4A9B-9494-DD1B59C4E478}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {66F50ACB-C204-417B-9185-822BED80EEF8}
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\UpgSvr
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\UpgSvr
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\UpgSvr
PUP.Optional.Legacy, [Key] - HKCU\Software\UpgSvr
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\PopWnd
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\PopWnd
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\PopWnd
PUP.Optional.Legacy, [Key] - HKCU\Software\PopWnd
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\SkypeUpdateEx
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\WMPNetworkAcSvc
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B5D5DBD-C857-4377-A755-06E50B4AC2B0}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{639B74F1-0594-432C-97C8-68C8C17A1E1D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{8519F1E4-E25B-42B1-B361-0C643F45CF11}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | baiduAnTray
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | MTView
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | HomePageHelper
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | SearchModule
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | LightGate
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | taskhost
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | gplyra
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\MozillaPlugins\@qq.com\npandroidassistant
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | AndroidServer.exe
PUP.Optional.Amonetize, [Value] - HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | msiql
PUP.Optional.FastDataX, [Key] - HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\FastDataX
PUP.Optional.FastDataX, [Key] - HKCU\Software\FastDataX
PUP.Optional.Jogotempo.ShrtCln, [Key] - HKLM\SOFTWARE\jogotempo
PUP.Optional.Mail.Ru, [Key] - HKU\.DEFAULT\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-18\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.PassWidget, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QWiget 1.0.1
PUP.Optional.PassWidget, [Value] - HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | THIS IS WIIIGET!
PUP.Optional.PCBooster, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | booster
PUP.Optional.ChromeHelper.ChrPRST, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.ChromeHelper.ChrPRST, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

 

 

RogueKiller V12.11.18.0 (x64) [Oct  2 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Safe mode with network support
User : Filarmeo PC [Administrator]
Started from : C:\Users\Filarmeo PC\Desktop\RogueKiller_portable64.exe
Mode : Scan -- Date : 10/08/2017 03:19:54 (Duration : 01:22:33)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 16 ¤¤¤
[Tr.Egguard] (X64) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 | LibraryPath : C:\ProgramData\Windows\System32\Mswapi32.dll [x] -> Found
[Tr.Egguard] (X86) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 | LibraryPath : C:\ProgramData\Windows\System32\Mswapi32.dll [x] -> Found
[PUP.PennyBee] (X64) HKEY_CLASSES_ROOT\CLSID\{314711D6-6B45-4AF7-83D8-DCD8537FD241} (C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\X64\coreplay64.dll) -> Found
[PUP.PennyBee] (X64) HKEY_CLASSES_ROOT\CLSID\{5ed339e2-e6a7-576a-be70-fb9cdbdce50e} (C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\X64\npYoukuAgent_x64.dll) -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\OCS -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\OCS -> Found
[PUP.PennyBee] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   YoukuModShlExt64 | (default) : {314711D6-6B45-4AF7-83D8-DCD8537FD241} (C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\X64\coreplay64.dll) [7] -> Found
[PUP.PennyBee] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | YoukuMediaCenter : "C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\YoukuMediaCenter.exe" iku://|start| --sr=r_hkcu [7] -> Found
[PUP.PennyBee] (X64) HKEY_USERS\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\Microsoft\Windows\CurrentVersion\Run | YoukuMediaCenter : "C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\YoukuMediaCenter.exe" iku://|start| --sr=r_hklm [7] -> Found
[PUP.PennyBee] (X86) HKEY_USERS\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\Microsoft\Windows\CurrentVersion\Run | YoukuMediaCenter : "C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\YoukuMediaCenter.exe" iku://|start| --sr=r_hklm [7] -> Found
[VT.Unknown] (X64) HKEY_USERS\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce | Report : C:\AdwCleaner\AdwCleaner[C0].txt [-] -> Found
[VT.Unknown] (X86) HKEY_USERS\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce | Report : C:\AdwCleaner\AdwCleaner[C0].txt [-] -> Found
[Root.Wajam] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\b210ceaee3e8b3e38a196c92e80be6ef -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gkernel (\??\C:\Users\FILARM~1\AppData\Local\Temp\gkernel.sys) -> Found
[PUP.PennyBee] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5B815D3B-A71A-49C3-B6D9-21C76DEBC23F} : v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Filarmeo PC\AppData\Roaming\youku\..\ytmediacenter\ikuacc.exe|Name=ikuacc| [7] -> Found
[PUP.PennyBee] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B4E8EA0C-92B7-4189-B354-6AE318ED00DC} : v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Filarmeo PC\AppData\Roaming\youku\..\ytmediacenter\ikuacc.exe|Name=ikuacc| [7] -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 3 ¤¤¤
[Root.Wajam][File] C:\Windows\System32\drivers\b9f88766737ed1dce8c2f0e0a57ade4a.sys -> Found
[PUP.PennyBee][Folder] C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter -> Found
[PUP.AdBlocker][Folder] C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59} -> Found

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000035f]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721010CLA630 +++++
--- User ---
[MBR] 1024d765fa4fbd6976b3bd6ad5de9a35
[BSP] 78e5a1b9da6fbc2e296516769c8d139c : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 152580 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 312690688 | Size: 800736 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1952598016 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

 

 

 

 

 

 

 

 

Share this post


Link to post
Share on other sites

Did you delete the threats RogueKiller detected, or not?

Share this post


Link to post
Share on other sites

RogueKiller V12.11.18.0 (x64) [Oct  2 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Safe mode with network support
User : Filarmeo PC [Administrator]
Started from : C:\Users\Filarmeo PC\Desktop\RogueKiller_portable64.exe
Mode : Scan -- Date : 10/08/2017 04:55:39 (Duration : 01:18:30)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 5 ¤¤¤
[Tr.Egguard] (X64) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 | LibraryPath : C:\ProgramData\Windows\System32\Mswapi32.dll [x] -> Found
[Tr.Egguard] (X86) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 | LibraryPath : C:\ProgramData\Windows\System32\Mswapi32.dll [x] -> Found
[PUP.PennyBee] (X64) HKEY_CLASSES_ROOT\CLSID\{509DC5B8-F673-4102-B86E-5BF20BF4EE54} (C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\X64\ykcool64.dll) -> Found
[PUP.PennyBee] (X64) HKEY_CLASSES_ROOT\CLSID\{C7D0BD5D-B11A-47DB-BB14-7F930B3F7705} (C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\X64\report64.dll) -> Found
[PUP.PennyBee] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   Report64 | (default) : {C7D0BD5D-B11A-47DB-BB14-7F930B3F7705} (C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\X64\report64.dll) [x] -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000035f]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721010CLA630 +++++
--- User ---
[MBR] 1024d765fa4fbd6976b3bd6ad5de9a35
[BSP] 78e5a1b9da6fbc2e296516769c8d139c : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 152580 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 312690688 | Size: 800736 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1952598016 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

 

New log

Share this post


Link to post
Share on other sites

Good :) Now let's run a new scan with FRST and see if there's anything left to remove.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.

  • Right-click on the executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds
  • Click on the Scan button
  • On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files
  • Copy and paste the content of both FRST.txt and Addition.txt in your next reply

Share this post


Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-10-2017
Ran by Filarmeo PC (administrator) on DESKTOP-90303TB (09-10-2017 00:43:49)
Running from C:\Users\Filarmeo PC\Desktop
Loaded Profiles: Filarmeo PC (Available Profiles: Filarmeo PC)
Platform: Windows 10 Pro Version 1607 14393.1715.amd64fre.rs1_release_inmarket.170906-1810 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> dwm.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397752 2016-03-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2016-02-10] (Autodesk, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-04] (AVAST Software)
HKLM\...\Run: [SERVICE] => [X]
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-22] (Microsoft Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [161336 2017-08-02] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [48500408 2016-06-16] (Hammer & Chisel, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-08-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [161336 2017-08-02] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Filarmeo PC\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Run: [Discord] => C:\Users\Filarmeo PC\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Run: [MyComGames] => C:\Users\Filarmeo PC\AppData\Local\MyComGames\MyComGames.exe [5663952 2017-10-05] (MY.COM B.V.)
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27742168 2017-06-07] (Skype Technologies S.A.)
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Run: [iKu] => "C:\Program Files (x86)\YouKu\YoukuClient\YoukuDesktop.exe" iku://
reg

HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Run: [TQOS_REPORT] => c:\monster hunter online\bin\client\tools\tqos_reporter.exe [440832 2015-10-27] ()
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Run: [Snip] => C:\Users\Filarmeo PC\AppData\Local\Snip\Snip.exe [1713312 2015-10-19] (Microsoft Corporation)
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2017-08-01] (Adobe Systems Incorporated)
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\RunOnce: [Uninstall C:\Users\Filarmeo PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Filarmeo PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\MountPoints2: F - "F:\setup.exe" 
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\MountPoints2: {63eff284-b683-11e6-b41b-50465db7400f} - "F:\Setup.exe" 
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\MountPoints2: {e5703a58-72d9-11e6-b3f0-50465db7400f} - "F:\Setup.exe" 
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MegaBackup.lnk [2016-08-28]
ShortcutTarget: MegaBackup.lnk -> C:\Program Files\MegaBackup Corp\MegaBackup\Current\App.exe (MegaBackup Corp)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2017-10-01]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Filarmeo PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-09-20]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Filarmeo PC\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\ProgramData\Windows\System32\Mswapi32.dll => No File 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{06c5a8d5-f8a9-4aff-ac3b-2e98a783b667}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{641411f9-8cdc-4d0e-97bd-1b00d1b44d6a}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{641411f9-8cdc-4d0e-97bd-1b00d1b44d6a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7b5e5f20-63f1-4f20-b848-20f670f96e5c}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{95f43d42-8142-11e6-9736-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{db95cc4f-2feb-4e2c-afc5-a6a995d797ec}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{db95cc4f-2feb-4e2c-afc5-a6a995d797ec}: [DhcpNameServer] 203.95.1.2 
Tcpip\..\Interfaces\{feab4c62-b2fd-49e5-8aed-c11a0fd35477}: [NameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131513726414128587&GUID=D9567DB7-698E-4E3B-8629-6881501E6704
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131513726414148923&GUID=D9567DB7-698E-4E3B-8629-6881501E6704
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ph/?ocid=iehp
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131513726414175802&GUID=D9567DB7-698E-4E3B-8629-6881501E6704
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = 
SearchScopes: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-11] (Internet Download Manager, Tonec Inc.)
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-17] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-11] (Internet Download Manager, Tonec Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-16] (Oracle Corporation)
BHO-x32: YoukuEyeOnIE Class -> {7DC4B5B6-C122-44C4-825C-B310513A47CB} -> C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\ykcool.dll => No File
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated)
BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-02-10] (pdfforge GmbH)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-16] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-02-10] (pdfforge GmbH)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated)
DPF: HKLM-x32 {F8160836-0C11-4CA4-AD87-944542C7BCBD} hxxp://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-06-07]
FF HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (No Name) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2017-04-26]
FF HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Filarmeo PC\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Filarmeo PC\AppData\Roaming\IDM\idmmzcc5 [2017-05-11] [not signed]
FF HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1228198.dll [No File]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-16] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: PDF Architect 5 -> C:\Program Files (x86)\PDF Architect 5\np-previewer.dll [2017-02-10] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1670738323-1962821417-3643405003-1001: @my.com/Games -> C:\Users\Filarmeo PC\AppData\Local\MyComGames\NPMyComDetector.dll [2017-02-27] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-1670738323-1962821417-3643405003-1001: @nsroblox.roblox.com/launcher -> C:\Users\Filarmeo PC\AppData\Local\Roblox\Versions\version-8792f1948dc240b5\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1670738323-1962821417-3643405003-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Filarmeo PC\AppData\Local\Roblox\Versions\version-8792f1948dc240b5\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1670738323-1962821417-3643405003-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Filarmeo PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-23] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1670738323-1962821417-3643405003-1001: youku.com/YoukuAgent -> C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\npYoukuAgent.dll [No File]
FF Plugin HKU\S-1-5-21-1670738323-1962821417-3643405003-1001: youku.com/YoukuAgent_x86_64 -> C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\X64\npYoukuAgent_x64.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2010-01-16] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2010-01-16]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2010-01-16]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2010-01-16]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2010-01-16]

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-10-09]
CHR Extension: (Google Slides) - C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-07]
CHR Extension: (Google Docs) - C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-07]
CHR Extension: (Google Sheets) - C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-07]
CHR Extension: (Google Docs Offline) - C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-07]
CHR Profile: C:\Users\Filarmeo PC\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-07]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S2 AiSquared Magnification; C:\Program Files (x86)\ZoomText 11\AiSquared.Magnification.Service.exe [62856 2017-04-10] (Ai Squared)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-08-21] ()
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-08-02] (BlueStack Systems, Inc.)
S2 CrypKey License; C:\WINDOWS\system32\crypserv.exe [126976 2013-04-12] (CrypKey (Canada) Ltd.) [File not signed]
S2 DokanMbMounter; C:\Program Files\MegaBackup Corp\MegaBackup\DokanMb\mounter.exe [36176 2015-07-28] (MegaBackup Corp)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [400656 2017-03-06] (EasyAntiCheat Ltd)
S2 GarenaPlatform; C:\Program Files (x86)\Garena\Garena\2.0.1709.2513\gxxsvc.exe [313168 2017-09-25] (Garena Online )
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [File not signed]
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2017-05-16] (SurfRight B.V.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67224 2014-06-09] (Robert McNeel & Associates)
S2 MEmusvc; D:\Program Files\Microvirt\MEmu\MemuService.exe [269480 2017-05-26] (Microvirt Software Technology Co. Ltd.)
S3 mi-raysat_3dsmax2017_64; C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [86016 2011-09-15] () [File not signed]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7786880 2016-12-25] (INCA Internet Co., Ltd.)
S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-19] (NVIDIA Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-03-24] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-03-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2706824 2017-02-10] (pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1048976 2017-02-10] (pdfforge GmbH)
S2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [856976 2017-02-10] (pdfforge GmbH)
S2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-28] (© pdfforge GmbH.)
S2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-02-21] ()
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-02-21] ()
S2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S2 Remotr Service; C:\Program Files (x86)\Remotr\RemotrService.exe [207480 2017-02-27] (RemoteMyApp sp. z o.o.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-08-08] (Microsoft Corporation)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [838128 2016-12-15] (Tunngle.net GmbH)
S2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-11-05] (VIA Technologies, Inc.)
S2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe [90176 2017-10-01] ()
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-08] (Microsoft Corporation)
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
S3 DMRedirect; C:\WINDOWS\system32\drivers\DMRedirect.sys [52480 2015-12-03] (Billion)
S2 DokanMb; C:\WINDOWS\System32\DRIVERS\dokanMb.sys [57472 2015-07-28] (MegaBackup Corp)
S3 EvolveVirtualAdapter; C:\WINDOWS\System32\drivers\evolve.sys [21656 2017-05-16] (Echobit, LLC)
S3 GGSAFERDriver; D:\Pat\Garena Plus\Room\safedrv.sys [27744 2016-06-29] ()
S3 GunBod; C:\WINDOWS\system32\gunbod64.sys [86352 2016-02-11] ()
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2017-10-07] ()
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49312 2014-11-10] (Visicom Media Inc.)
S2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-10-08] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-10-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-09] (Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [36000 2014-11-10] (Visicom Media Inc.)
S2 memudrv; D:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (Microvirt Corporation)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216 2017-08-31] (SoftEther Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S1 NetworkX; C:\WINDOWS\System32\ckldrv.sys [31416 2013-04-12] ()
S3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_c0f7a2f5b2e4e6e0\nvlddmkm.sys [15668664 2017-08-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-03-24] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-03-22] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5195776 2016-07-16] (Realtek Semiconductor Corporation )
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [51024 2017-08-31] (SoftEther Corporation)
S3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
R3 sthid; C:\WINDOWS\System32\drivers\sthid.sys [21216 2016-10-04] (Splashtop Inc.)
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH)
R3 tap0901_openvpn_accl; C:\WINDOWS\System32\drivers\tap0901_openvpn_accl.sys [37912 2017-02-18] (The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-10-08] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [38368 2017-09-01] (Wellbia.com Co., Ltd.)
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
S1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-08-12] (BigNox Corporation)
S1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-10-07] (Zemana Ltd.)
S3 BstHdDrv_china_gmgr; \??\C:\Program Files (x86)\BluestacksCN\Engine\ProgramFiles\HD-Hypervisor-amd64.sys [X]
S3 BstkDrv_china_gmgr; \??\C:\Program Files (x86)\BluestacksCN\Engine\ProgramFiles\BstkDrv.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-09 00:43 - 2017-10-09 00:45 - 000032173 _____ C:\Users\Filarmeo PC\Desktop\FRST.txt
2017-10-09 00:43 - 2017-10-09 00:43 - 000000000 ____D C:\FRST
2017-10-09 00:42 - 2017-10-09 00:43 - 002401792 _____ (Farbar) C:\Users\Filarmeo PC\Downloads\FRST64 (1).exe
2017-10-09 00:32 - 2017-10-09 00:32 - 002401792 _____ (Farbar) C:\Users\Filarmeo PC\Desktop\FRST64.exe
2017-10-08 22:21 - 2017-10-08 22:21 - 000001416 _____ C:\Users\Filarmeo PC\Desktop\AdwCleaner[S3].txt
2017-10-08 20:03 - 2017-10-09 00:40 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-10-08 18:44 - 2017-10-08 20:02 - 000000000 ____D C:\Users\Filarmeo PC\Desktop\mbar
2017-10-08 18:31 - 2017-10-08 18:39 - 000000000 ____D C:\Users\Filarmeo PC\Desktop\New folder (2)
2017-10-08 17:51 - 2017-10-08 17:51 - 000000000 ____D C:\Users\Filarmeo PC\Desktop\New folder
2017-10-08 16:04 - 2017-10-08 16:04 - 000003484 _____ C:\WINDOWS\System32\Tasks\gxx speed launcher
2017-10-08 14:23 - 2017-10-08 14:23 - 000005038 _____ C:\Users\Filarmeo PC\Desktop\rk_688A.tmp.txt
2017-10-08 04:55 - 2017-10-08 04:56 - 000008947 _____ C:\Users\Filarmeo PC\Downloads\59d9382cd039f_AdwCleanerS0.txt
2017-10-08 03:19 - 2017-10-08 22:24 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-10-08 03:18 - 2017-10-08 03:19 - 000000000 ____D C:\ProgramData\RogueKiller
2017-10-08 03:17 - 2017-10-08 03:17 - 026765896 _____ C:\Users\Filarmeo PC\Desktop\RogueKiller_portable64.exe
2017-10-08 03:05 - 2017-10-08 22:21 - 000000000 ____D C:\AdwCleaner
2017-10-08 03:04 - 2017-10-08 03:04 - 008250832 _____ (Malwarebytes) C:\Users\Filarmeo PC\Desktop\AdwCleaner.exe
2017-10-08 01:50 - 2017-10-09 00:40 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-10-08 01:50 - 2017-10-08 20:12 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-10-08 01:50 - 2017-10-08 20:12 - 000002101 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-08 01:50 - 2017-10-08 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-08 01:50 - 2017-10-08 01:50 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-08 01:50 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-10-08 01:49 - 2017-10-08 01:49 - 071535032 _____ (Malwarebytes ) C:\Users\Filarmeo PC\Downloads\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951 (3).exe
2017-10-08 01:42 - 2017-10-08 01:42 - 000025144 _____ C:\Users\Filarmeo PC\Downloads\Fixlog1.txt
2017-10-08 00:31 - 2017-10-08 00:31 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\4574769D.sys
2017-10-08 00:29 - 2017-10-08 01:35 - 000000000 ____D C:\Users\Filarmeo PC\Desktop\mbar2
2017-10-08 00:29 - 2017-10-08 00:29 - 013290179 _____ C:\Users\Filarmeo PC\Downloads\mbar-1.10.1.1002-nr.exe
2017-10-08 00:22 - 2017-10-08 17:59 - 000000000 ____D C:\Users\Filarmeo PC\Desktop\Desktop October 8, 2017
2017-10-08 00:22 - 2017-10-08 00:57 - 000000000 ____D C:\Users\Filarmeo PC\Desktop\P
2017-10-08 00:12 - 2017-10-08 01:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-08 00:07 - 2017-10-08 00:07 - 000053760 _____ (FS1) C:\Users\Filarmeo PC\Downloads\RCC.exe
2017-10-08 00:05 - 2017-10-08 00:05 - 000863696 _____ (Malwarebytes) C:\Users\Filarmeo PC\Downloads\mb-clean-3.1.0.1031.exe
2017-10-08 00:04 - 2017-10-08 00:04 - 071535032 _____ (Malwarebytes ) C:\Users\Filarmeo PC\Downloads\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951 (2).exe
2017-10-08 00:03 - 2017-10-08 00:03 - 000041478 _____ C:\Users\Filarmeo PC\Downloads\signatures.txt
2017-10-08 00:02 - 2017-10-08 00:02 - 000369824 _____ (Sysinternals - www.sysinternals.com) C:\Users\Filarmeo PC\Downloads\sigcheck.exe
2017-10-08 00:01 - 2017-10-08 00:02 - 000085708 _____ C:\Users\Filarmeo PC\Downloads\hashmyfiles-x64.zip
2017-10-07 23:59 - 2017-10-07 23:59 - 000076441 _____ C:\Users\Filarmeo PC\Downloads\FRST.txt
2017-10-07 23:59 - 2017-10-07 23:59 - 000042283 _____ C:\Users\Filarmeo PC\Downloads\Addition.txt
2017-10-07 23:57 - 2017-10-07 23:57 - 002143392 _____ (Sysinternals - www.sysinternals.com) C:\Users\Filarmeo PC\Downloads\procmon.exe
2017-10-07 23:53 - 2017-10-07 23:54 - 022851472 _____ (Malwarebytes ) C:\Users\Filarmeo PC\Downloads\mbam-setup.exe
2017-10-07 23:52 - 2017-10-07 23:53 - 006705178 _____ C:\Users\Filarmeo PC\Downloads\mbam-chameleon-3.1.33.0.zip
2017-10-07 23:51 - 2017-10-08 20:02 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-10-07 23:49 - 2017-10-07 23:50 - 016563352 _____ (Malwarebytes Corp.) C:\Users\Filarmeo PC\Desktop\mbar-1.09.3.1001.exe
2017-10-07 23:49 - 2017-10-07 23:49 - 000011491 _____ C:\Users\Filarmeo PC\Downloads\MB-CheckResults.txt
2017-10-07 23:47 - 2017-10-07 23:48 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Filarmeo PC\Downloads\rkill (1).exe
2017-10-07 23:43 - 2017-10-07 23:43 - 000538280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-07 23:02 - 2017-10-07 23:43 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2017-10-07 22:31 - 2017-10-07 22:31 - 000388096 _____ C:\Users\Filarmeo PC\Downloads\avcertclean_1.1.2.exe
2017-10-07 22:29 - 2017-10-08 00:01 - 071535032 _____ (Malwarebytes ) C:\Users\Filarmeo PC\Downloads\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951 (1).exe
2017-10-07 02:47 - 2017-10-07 02:48 - 071535032 _____ (Malwarebytes ) C:\Users\Filarmeo PC\Downloads\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951.exe
2017-10-07 02:46 - 2017-10-07 02:46 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\ZAM
2017-10-07 00:47 - 2017-10-08 17:39 - 000072159 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-10-07 00:47 - 2017-10-07 22:38 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-10-07 00:47 - 2017-10-07 03:46 - 000080848 _____ C:\WINDOWS\ZAM.krnl.trace
2017-10-07 00:47 - 2017-10-07 00:47 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-10-07 00:46 - 2017-10-07 00:46 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Zemana
2017-10-07 00:45 - 2017-10-07 00:46 - 006625600 _____ (Zemana Ltd. ) C:\Users\Filarmeo PC\Downloads\Zemana.AntiMalware.Setup.exe
2017-10-07 00:43 - 2017-10-07 00:43 - 001240862 _____ C:\Users\Filarmeo PC\Documents\cc_20171007_004322.reg
2017-10-07 00:20 - 2017-10-07 00:40 - 000000000 ____D C:\ProgramData\{5FF4C119-E85F-76B2-B173-A1AA9E44069D}
2017-10-06 15:09 - 2017-10-06 15:09 - 000118930 _____ C:\Users\Filarmeo PC\Downloads\Rockwell Secondary Market Unit Inventory - As of Sept. 06, 2017 (1).pdf
2017-10-06 15:08 - 2017-10-06 15:08 - 000118930 _____ C:\Users\Filarmeo PC\Downloads\Rockwell Secondary Market Unit Inventory - As of Sept. 06, 2017.pdf
2017-10-06 05:24 - 2017-10-06 05:24 - 004045998 _____ C:\Users\Filarmeo PC\Downloads\ad-print-1.pdf
2017-10-06 04:17 - 2017-10-06 04:17 - 000051622 _____ C:\WINDOWS\uninstaller.dat
2017-10-06 01:23 - 2017-10-06 01:24 - 1246473448 _____ C:\Users\Filarmeo PC\Downloads\The Idolm@ster SP. Missing Moon (English Patched) PSP ISO.zip
2017-10-06 00:42 - 2017-10-06 00:43 - 1224090437 _____ C:\Users\Filarmeo PC\Downloads\The Idolm@ster SP. Wandering Star PSP ISO.zip
2017-10-05 22:44 - 2017-10-05 22:44 - 000004366 _____ C:\WINDOWS\System32\Tasks\ノートン セキュリティスキャン for Filarmeo PC
2017-10-05 22:44 - 2017-10-05 22:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSSx64
2017-10-05 22:44 - 2017-10-05 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2017-10-05 22:44 - 2017-10-05 22:44 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2017-10-05 22:44 - 2017-10-05 22:44 - 000000000 ____D C:\Program Files (x86)\Norton Security Scan
2017-10-05 22:13 - 2017-10-05 22:13 - 000000000 ____D C:\MyGames
2017-10-05 21:12 - 2017-10-05 21:12 - 000000000 ____D C:\ProgramData\TrueKey
2017-10-05 19:48 - 2017-10-05 19:48 - 000279097 _____ C:\Users\Filarmeo PC\Downloads\to print sdp.dwg
2017-10-05 19:43 - 2017-10-05 19:43 - 000497653 _____ C:\Users\Filarmeo PC\Downloads\112449v3202238_northsymbols.zip
2017-10-05 16:55 - 2017-10-05 16:56 - 001953279 _____ C:\Users\Filarmeo PC\Downloads\archive (32).zip
2017-10-05 15:09 - 2017-10-05 21:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-10-04 22:25 - 2017-10-04 22:25 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\Cuphead
2017-10-04 22:15 - 2017-10-04 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cuphead
2017-10-04 21:20 - 2017-10-04 21:20 - 000057814 _____ C:\Users\Filarmeo PC\Downloads\Cuphead-CODEX.torrent
2017-10-04 19:58 - 2017-10-04 19:58 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-10-04 18:27 - 2017-10-04 18:27 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-10-04 15:15 - 2017-10-04 15:16 - 071089112 _____ (Malwarebytes ) C:\Users\Filarmeo PC\Downloads\mb3-setup-consumer-3.2.2.2029-1.0.207-1.0.2899 (2).exe
2017-10-04 15:10 - 2017-10-04 15:10 - 000983168 _____ (Bleeping Computer, LLC) C:\Users\Filarmeo PC\Downloads\rkill64.exe
2017-10-04 15:09 - 2017-10-04 15:10 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Filarmeo PC\Desktop\rkill.exe
2017-10-03 21:58 - 2017-10-07 23:41 - 000000500 _____ C:\WINDOWS\system32\.crusader
2017-10-03 15:29 - 2017-10-04 19:51 - 000000000 ____D C:\NPE
2017-10-03 15:19 - 2017-10-07 23:16 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\NPE
2017-10-03 15:19 - 2017-10-03 15:19 - 000000000 ____D C:\Program Files\NortonInstaller
2017-10-03 14:49 - 2017-10-03 14:49 - 003422944 _____ (Symantec Corporation) C:\Users\Filarmeo PC\Downloads\NPE.exe
2017-10-03 14:47 - 2017-10-05 23:44 - 000000000 ____D C:\ProgramData\NortonInstaller
2017-10-03 14:45 - 2017-10-03 14:47 - 215359920 _____ (Symantec Corporation) C:\Users\Filarmeo PC\Downloads\NS-ESD-Def-22.10.0.85-EN.exe
2017-10-03 14:40 - 2017-10-05 22:44 - 000000000 ____D C:\ProgramData\Norton
2017-10-03 14:40 - 2017-10-03 14:40 - 001112880 _____ (Symantec Corporation) C:\Users\Filarmeo PC\Downloads\NSDeluxeDownloader.exe
2017-10-03 14:40 - 2017-10-03 14:40 - 000000000 ____D C:\Users\Public\Downloads\Norton
2017-10-03 14:32 - 2017-10-03 14:33 - 071089112 _____ (Malwarebytes ) C:\Users\Filarmeo PC\Downloads\mb3-setup-consumer-3.2.2.2029-1.0.207-1.0.2899.exe
2017-10-02 23:26 - 2017-10-02 23:26 - 000036208 _____ C:\Users\Filarmeo PC\Downloads\1 HUM Course Outline.pptx
2017-10-02 23:24 - 2017-10-02 23:24 - 007504317 _____ C:\Users\Filarmeo PC\Downloads\merged.pdf
2017-10-02 23:20 - 2017-10-02 23:20 - 000699213 _____ C:\Users\Filarmeo PC\Downloads\MUSIC LECTURE.pdf
2017-10-02 23:19 - 2017-10-02 23:19 - 004183975 _____ C:\Users\Filarmeo PC\Downloads\PAINTING LECTURE (1).pdf
2017-10-02 23:14 - 2017-10-02 23:14 - 036329430 _____ C:\Users\Filarmeo PC\Downloads\Modern Music (Art App).pptm
2017-10-02 23:13 - 2017-10-02 23:13 - 014341820 _____ C:\Users\Filarmeo PC\Downloads\PAINTING LECTURE (1).pptx
2017-10-02 23:13 - 2017-10-02 23:13 - 001905374 _____ C:\Users\Filarmeo PC\Downloads\MUSIC LECTURE.pptx
2017-10-02 22:04 - 2017-10-02 22:04 - 001085107 _____ C:\Users\Filarmeo PC\Downloads\PP_3_mod_3a.pdf
2017-10-02 22:04 - 2017-10-02 22:04 - 000690960 _____ C:\Users\Filarmeo PC\Downloads\PP_3_mod_3.pdf
2017-10-02 21:54 - 2017-10-02 21:54 - 002346155 _____ C:\Users\Filarmeo PC\Downloads\01 PLN 03 Introduction to URP(1).pdf
2017-10-02 21:54 - 2017-10-02 21:54 - 000898720 _____ C:\Users\Filarmeo PC\Downloads\02 PLN 03 Definitions of Planning(1).pdf
2017-10-02 21:51 - 2017-10-02 21:54 - 001424912 _____ C:\Users\Filarmeo PC\Downloads\5.0 Planning Tools_new2.pdf
2017-10-02 21:51 - 2017-10-02 21:51 - 002201058 _____ C:\Users\Filarmeo PC\Downloads\5.0 Application of Planning Tools3.pdf
2017-10-02 21:51 - 2017-10-02 21:51 - 002101521 _____ C:\Users\Filarmeo PC\Downloads\04 PLN 03 Planning Theories and Issues.pdf
2017-10-02 21:50 - 2017-10-02 21:51 - 003537267 _____ C:\Users\Filarmeo PC\Downloads\03 PLN 03 Historical Overview of Planning.pdf
2017-10-02 16:07 - 2017-10-02 16:08 - 071089112 _____ (Malwarebytes ) C:\Users\Filarmeo PC\Downloads\mb3-setup-consumer-3.2.2.2029-1.0.207-1.0.2899 (1).exe
2017-10-02 16:06 - 2017-10-02 16:08 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\AvgSetupLog
2017-10-02 16:06 - 2017-10-02 16:06 - 003449304 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Filarmeo PC\Downloads\AVG_Protection_Free_1606.exe
2017-10-02 16:06 - 2017-10-02 16:06 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Avg
2017-10-02 16:06 - 2017-10-02 16:06 - 000000000 ____D C:\ProgramData\Avg
2017-10-02 15:53 - 2017-10-02 15:53 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\Mozilla
2017-10-02 15:53 - 2017-10-02 15:53 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Mozilla
2017-10-02 08:35 - 2017-10-02 08:36 - 013915615 _____ C:\Users\Filarmeo PC\Downloads\Vray Tutorial.rar
2017-10-02 07:53 - 2017-10-02 07:53 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\TechSmith
2017-10-02 07:05 - 2017-10-02 07:05 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\TechSmith
2017-10-02 07:04 - 2017-10-02 07:04 - 000000000 ____D C:\Users\Filarmeo PC\Documents\Camtasia Studio
2017-10-02 07:04 - 2017-10-02 07:04 - 000000000 ____D C:\ProgramData\TechSmith
2017-10-02 07:04 - 2017-10-02 07:04 - 000000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2017-10-02 07:04 - 2017-10-02 07:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2017-10-02 07:04 - 2017-10-02 07:04 - 000000000 ____D C:\Program Files (x86)\QuickTime
2017-10-02 07:03 - 2017-10-04 20:01 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\excdir
2017-10-02 07:03 - 2017-10-02 07:03 - 000000000 ____D C:\Program Files (x86)\TechSmith
2017-10-02 07:00 - 2017-10-02 07:00 - 000000258 __RSH C:\Users\Filarmeo PC\ntuser.pol
2017-10-02 06:59 - 2017-10-02 06:59 - 000000000 ____D C:\WINDOWS\system32\tmp
2017-10-02 06:58 - 2017-10-02 07:00 - 000065536 _____ C:\Users\Filarmeo\cert8.db
2017-10-02 06:58 - 2017-10-02 07:00 - 000016384 _____ C:\Users\Filarmeo\key3.db
2017-10-02 06:58 - 2017-10-02 06:58 - 000016384 _____ C:\Users\Filarmeo\secmod.db
2017-10-02 06:57 - 2017-10-04 05:30 - 000000000 ____D C:\ProgramData\stream
2017-10-02 06:57 - 2017-10-02 06:57 - 000000000 ____D C:\ProgramData\Windows
2017-10-02 06:52 - 2017-10-04 05:30 - 000000000 ____D C:\Applications
2017-10-02 06:52 - 2017-10-02 06:52 - 000000000 ____D C:\WinSys
2017-10-02 06:52 - 2017-10-02 06:52 - 000000000 ____D C:\Program Files\Shadowsocks
2017-10-02 06:50 - 2017-10-02 06:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\etc\BACKUP
2017-10-02 06:48 - 2017-10-02 06:49 - 046492708 _____ C:\Users\Filarmeo PC\Downloads\Camtasia+Studio+8.zip
2017-10-02 04:26 - 2017-10-02 04:26 - 000000000 ____D C:\ProgramData\Wondershare
2017-10-02 04:21 - 2017-10-02 04:21 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Wondershare
2017-10-02 04:21 - 2017-10-02 04:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-10-02 04:20 - 2017-03-17 11:43 - 001250304 _____ (CineForm Inc.) C:\WINDOWS\system32\CFDecode64.ax
2017-10-02 04:19 - 2017-10-02 06:55 - 000000000 ____D C:\Users\Filarmeo PC\Documents\Wondershare Filmora
2017-10-02 04:19 - 2017-10-02 04:21 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2017-10-02 04:19 - 2017-10-02 04:19 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
2017-10-02 04:19 - 2017-10-02 04:19 - 000000000 ____D C:\Program Files\Wondershare
2017-10-01 21:42 - 2017-10-01 22:05 - 298747115 _____ C:\Users\Filarmeo PC\Downloads\10225681721244-sketchuptexture-3d-models-212_4.zip
2017-10-01 21:41 - 2017-10-01 21:42 - 068110200 _____ C:\Users\Filarmeo PC\Downloads\1022568172120-sketchuptexture-3d-models-53677_5.rar
2017-10-01 19:52 - 2017-10-01 19:54 - 428896120 _____ C:\Users\Filarmeo PC\Downloads\vray_trial_35002_revit_win_x64.exe
2017-10-01 19:40 - 2017-10-01 19:40 - 029488104 _____ C:\Users\Filarmeo PC\Downloads\WkRuntime.exe
2017-10-01 19:13 - 2017-10-01 19:13 - 423765572 _____ C:\Users\Filarmeo PC\Downloads\vray_trial_35002_revit_win_x64.rar
2017-10-01 18:05 - 2017-10-01 18:06 - 099015709 _____ C:\Users\Filarmeo PC\Downloads\10225681723550-sketchuptexture-3d-models-212_5.zip
2017-10-01 15:36 - 2017-10-01 15:36 - 000255351 _____ C:\Users\Filarmeo PC\Downloads\cadmapper-download (5).zip
2017-10-01 15:35 - 2017-10-01 15:35 - 000221052 _____ C:\Users\Filarmeo PC\Downloads\cadmapper-download (4).zip
2017-10-01 15:30 - 2017-10-01 15:30 - 000268620 _____ C:\Users\Filarmeo PC\Downloads\cadmapper-download (2).zip
2017-10-01 15:29 - 2017-10-01 15:29 - 000258917 _____ C:\Users\Filarmeo PC\Downloads\cadmapper-download (3).zip
2017-10-01 14:40 - 2017-10-01 14:41 - 011510272 _____ C:\Users\Filarmeo PC\Downloads\BARRIERS.ppt
2017-10-01 14:40 - 2017-10-01 14:40 - 000061034 _____ C:\Users\Filarmeo PC\Downloads\OF EMBASSIES AND CONSULATES.pptx
2017-10-01 13:31 - 2017-10-01 13:31 - 000253952 _____ C:\Users\Filarmeo PC\Downloads\36361_Parametric_Glass_Rail_1.rfa
2017-10-01 13:29 - 2017-10-01 13:29 - 000294912 _____ C:\Users\Filarmeo PC\Downloads\64778_Baluster_Panel_-_Glass_w_Brackets-Modesto.rfa
2017-10-01 13:29 - 2017-10-01 13:29 - 000208896 _____ C:\Users\Filarmeo PC\Downloads\64778_Baluster_Panel_-_Glass_w_Brackets-Modesto.0001.rfa
2017-10-01 13:23 - 2017-10-01 13:23 - 000389120 _____ C:\Users\Filarmeo PC\Downloads\Multi_Panel_Railing_16053.rfa
2017-10-01 13:19 - 2017-10-01 13:19 - 001335296 _____ C:\Users\Filarmeo PC\Downloads\Glass_balustrade_-_Frameless_Face_fixed_15817.rvt
2017-10-01 12:58 - 2017-10-01 12:58 - 001540096 _____ C:\Users\Filarmeo PC\Downloads\railing_glass_15753.rvt
2017-10-01 12:54 - 2017-10-01 12:54 - 000266240 _____ C:\Users\Filarmeo PC\Downloads\Glass_panel_railing_as_curtain_wall_16844.rfa
2017-10-01 10:51 - 2017-10-01 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WibuKey
2017-10-01 10:51 - 2017-10-01 10:51 - 000000000 ____D C:\Program Files\WIBU-SYSTEMS
2017-10-01 10:51 - 2017-10-01 10:51 - 000000000 ____D C:\Program Files (x86)\WIBU-SYSTEMS
2017-10-01 10:51 - 2017-10-01 10:51 - 000000000 ____D C:\Program Files (x86)\WIBUKEY
2017-10-01 10:51 - 2016-12-22 06:40 - 000222688 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\system32\WkWin64.dll
2017-10-01 10:51 - 2016-12-22 06:40 - 000192480 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\SysWOW64\WkWin32.dll
2017-10-01 10:51 - 2011-12-16 04:40 - 000471952 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\system32\WibuXpm4J64.dll
2017-10-01 10:51 - 2011-12-16 04:40 - 000375184 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\SysWOW64\WibuXpm4J32.dll
2017-10-01 10:51 - 2011-09-22 05:00 - 000097792 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\system32\Drivers\WibuKey64.sys
2017-10-01 10:51 - 2009-12-03 06:00 - 000430080 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\system32\wibuKJni64.dll
2017-10-01 10:51 - 2009-12-03 06:00 - 000418304 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\system32\WkExt64.dll
2017-10-01 10:51 - 2009-12-03 06:00 - 000344576 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\SysWOW64\wibuKJni.dll
2017-10-01 10:51 - 2009-12-03 06:00 - 000333824 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\SysWOW64\WkExt32.dll
2017-10-01 10:51 - 2009-08-07 08:59 - 000016896 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\system32\Drivers\Wibukey2_64.sys
2017-10-01 10:44 - 2017-10-01 10:44 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\3dmouse
2017-10-01 10:41 - 2017-10-01 15:38 - 000000500 _____ C:\WINDOWS\SysWOW64\Drivers\iexixx_836.set
2017-10-01 10:41 - 2017-10-01 15:38 - 000000500 _____ C:\WINDOWS\SysWOW64\Drivers\dgsqtfk374.dat
2017-10-01 10:41 - 2017-10-01 15:38 - 000000500 _____ C:\WINDOWS\d_mgpmro327.ini
2017-10-01 10:41 - 2017-10-01 10:41 - 000000500 _____ C:\WINDOWS\SysWOW64\Drivers\gexixx_591.set
2017-10-01 10:41 - 2017-10-01 10:41 - 000000500 _____ C:\WINDOWS\SysWOW64\Drivers\fgsqtfk544.dat
2017-10-01 10:41 - 2017-10-01 10:41 - 000000500 _____ C:\WINDOWS\i_mgpmro830.ini
2017-10-01 10:41 - 2017-10-01 10:41 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\McNeel
2017-10-01 10:41 - 2017-10-01 10:41 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\McNeel
2017-10-01 10:40 - 2017-10-01 10:43 - 000000000 ____D C:\ProgramData\McNeel
2017-10-01 10:40 - 2017-10-01 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhinoceros 5
2017-10-01 10:40 - 2017-10-01 10:40 - 000000000 ____D C:\Program Files\Rhinoceros 5 (64-bit)
2017-10-01 10:40 - 2017-10-01 10:40 - 000000000 ____D C:\Program Files (x86)\McNeelUpdate
2017-10-01 06:44 - 2017-10-01 06:44 - 006874963 _____ C:\Users\Filarmeo PC\Downloads\Makati City Comprehensive Land Use Plan.pdf
2017-10-01 00:40 - 2017-10-01 00:49 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\MXM
2017-10-01 00:25 - 2017-10-01 00:25 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayNC
2017-10-01 00:02 - 2017-10-01 00:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NC Launcher
2017-10-01 00:01 - 2017-10-01 00:50 - 000000000 ____D C:\Program Files (x86)\NC Launcher
2017-10-01 00:00 - 2017-10-01 00:01 - 098562208 _____ (NCSOFT Corporation) C:\Users\Filarmeo PC\Downloads\MXMInstaller.exe
2017-09-30 06:05 - 2017-09-30 06:15 - 000000000 ____D C:\Program Files\rempl
2017-09-29 22:07 - 2017-09-29 22:07 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\FortniteGame
2017-09-29 20:29 - 2017-09-29 20:29 - 000000000 ____D C:\Program Files\Epic Games
2017-09-29 20:18 - 2017-09-29 20:18 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\CrashReportClient
2017-09-29 20:12 - 2017-09-29 20:12 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\UnrealEngineLauncher
2017-09-29 20:12 - 2017-09-29 20:12 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\EpicGamesLauncher
2017-09-29 20:07 - 2017-09-29 20:07 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2017-09-29 20:06 - 2017-09-29 20:20 - 000000000 ____D C:\ProgramData\Epic
2017-09-29 20:06 - 2017-09-29 20:06 - 000000000 ____D C:\Program Files (x86)\Epic Games
2017-09-29 20:03 - 2017-09-29 20:03 - 031641600 _____ C:\Users\Filarmeo PC\Downloads\EpicInstaller-6.3.0-fortnite-3bb6db53331c4bd88965ff15a1926fe3.msi
2017-09-28 13:20 - 2017-09-28 13:20 - 000419832 _____ C:\Users\Filarmeo PC\Downloads\Les04 (1).pdf
2017-09-28 13:16 - 2017-09-28 13:16 - 000018856 _____ C:\Users\Filarmeo PC\Documents\bs.xlsx
2017-09-27 12:21 - 2017-09-27 12:21 - 000781185 _____ C:\Users\Filarmeo PC\Documents\Record Store.xps
2017-09-27 11:24 - 2017-09-27 11:24 - 000544768 _____ C:\Users\Filarmeo PC\Downloads\Entertainment_Center_9063.rfa
2017-09-27 11:23 - 2017-09-27 11:23 - 000507904 _____ C:\Users\Filarmeo PC\Downloads\Decorative_Center_Piece_12822.rfa
2017-09-27 10:36 - 2017-09-27 10:36 - 007995392 _____ C:\Users\Filarmeo PC\Downloads\Home_cinema_with_surround_sound_18123.rfa
2017-09-27 10:36 - 2017-09-27 10:36 - 004325376 _____ C:\Users\Filarmeo PC\Downloads\Home_cinema_and_sound_station_18121.rfa
2017-09-27 10:36 - 2017-09-27 10:36 - 000421888 _____ C:\Users\Filarmeo PC\Downloads\Record_Player_16896.rfa
2017-09-27 10:14 - 2017-09-27 10:14 - 001220608 _____ C:\Users\Filarmeo PC\Downloads\Pendant_light_ZAHA_LIGHT_18374.rfa
2017-09-27 08:55 - 2017-09-27 08:55 - 000249856 _____ C:\Users\Filarmeo PC\Downloads\DvD_player_8181.rfa
2017-09-27 08:33 - 2017-09-27 08:33 - 000618496 _____ C:\Users\Filarmeo PC\Downloads\Round_Couch_7078.rfa
2017-09-27 06:56 - 2017-09-27 06:56 - 000348160 _____ C:\Users\Filarmeo PC\Downloads\Modern_Wall_Shelf_17438.rfa
2017-09-27 06:50 - 2017-09-27 06:51 - 000438272 _____ C:\Users\Filarmeo PC\Downloads\DelightFull_Coltrane_Suspended_Light_14348.rfa
2017-09-27 06:50 - 2017-09-27 06:50 - 000278528 _____ C:\Users\Filarmeo PC\Downloads\Decorative_Glass_amp_Iron_Art_12820.rfa
2017-09-27 06:49 - 2017-09-27 06:50 - 003895296 _____ C:\Users\Filarmeo PC\Downloads\Metal_Wall_Art_Hanging_-_Pattern_Cut_Out_12691.rfa
2017-09-27 06:49 - 2017-09-27 06:49 - 000659456 _____ C:\Users\Filarmeo PC\Downloads\sculpture_art_statue_12593.rfa
2017-09-27 06:49 - 2017-09-27 06:49 - 000368640 _____ C:\Users\Filarmeo PC\Downloads\Moz_Weave_Metal_Art_12930.rfa
2017-09-27 06:49 - 2017-09-27 06:49 - 000293629 _____ C:\Users\Filarmeo PC\Downloads\Art-Modern_Wall_Art_17318.dwg
2017-09-26 16:17 - 2017-09-26 16:17 - 005479011 _____ C:\Users\Filarmeo PC\Downloads\EBOOT (2).7z
2017-09-26 16:17 - 2017-09-26 16:17 - 000007195 _____ C:\Users\Filarmeo PC\Downloads\patch.yml.txt
2017-09-26 13:49 - 2017-09-26 13:49 - 019957200 _____ C:\Users\Filarmeo PC\Downloads\rpcs3-v0.0.3-2017-09-24-5a432e57_win64.zip
2017-09-26 10:54 - 2017-09-26 10:54 - 006884828 _____ C:\Users\Filarmeo PC\Downloads\archive (31).zip
2017-09-25 13:23 - 2017-09-25 13:23 - 000919552 _____ C:\Users\Filarmeo PC\Downloads\ITEP 211.1.ppt
2017-09-25 13:23 - 2017-09-25 13:23 - 000812032 _____ C:\Users\Filarmeo PC\Downloads\ITEP 211.2.ppt
2017-09-25 11:56 - 2017-09-25 11:56 - 004491607 _____ C:\Users\Filarmeo PC\Downloads\archive (30).zip
2017-09-25 11:47 - 2017-09-25 11:47 - 000379894 _____ C:\Users\Filarmeo PC\Downloads\QUOTE MGTRINIDAD-PHILSEVEN-02 _170925.pdf
2017-09-25 02:28 - 2017-09-25 02:29 - 001591720 _____ (WiseCleaner.com ) C:\Users\Filarmeo PC\Downloads\WASSetup.exe
2017-09-24 20:04 - 2017-09-24 20:04 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu
2017-09-24 20:03 - 2017-09-28 19:15 - 000000000 ____D C:\Users\Filarmeo PC\.MemuHyperv
2017-09-23 23:02 - 2017-09-23 23:02 - 000001457 _____ C:\Users\Filarmeo PC\Downloads\patch (2).yml
2017-09-23 22:43 - 2017-09-23 22:47 - 019956888 _____ C:\Users\Filarmeo PC\Downloads\rpcs3-v0.0.3-2017-09-23-e73ef441_win64.zip
2017-09-23 22:36 - 2017-09-23 22:39 - 019162828 _____ C:\Users\Filarmeo PC\Downloads\rpcs3-v0.0.3-2017-07-24-c31c7898_win64 (2).zip
2017-09-23 22:32 - 2017-09-26 20:02 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\Notepad++
2017-09-23 22:32 - 2017-09-23 22:32 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Notepad++
2017-09-23 22:32 - 2017-09-23 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-09-23 22:32 - 2017-09-23 22:32 - 000000000 ____D C:\Program Files\Notepad++
2017-09-23 22:31 - 2017-09-23 22:32 - 003078176 _____ C:\Users\Filarmeo PC\Downloads\npp.7.5.1.Installer.x64.exe
2017-09-23 22:31 - 2017-09-23 22:31 - 003078176 _____ C:\Users\Filarmeo PC\Downloads\npp.7.5.1.Installer.x64 (1).exe
2017-09-23 22:30 - 2017-09-23 22:31 - 002885168 _____ C:\Users\Filarmeo PC\Downloads\npp.7.5.1.Installer.exe
2017-09-23 22:14 - 2017-09-23 22:18 - 019162828 _____ C:\Users\Filarmeo PC\Downloads\rpcs3-v0.0.3-2017-07-24-c31c7898_win64 (1).zip
2017-09-23 22:06 - 2017-09-23 22:06 - 000001457 _____ C:\Users\Filarmeo PC\Downloads\patch (1).yml
2017-09-23 22:02 - 2017-09-23 22:06 - 019956943 _____ C:\Users\Filarmeo PC\Downloads\rpcs3-v0.0.3-2017-09-21-c6e6f4af_win64.zip
2017-09-23 22:01 - 2017-09-23 22:06 - 019462503 _____ C:\Users\Filarmeo PC\Downloads\rpcs3-v0.0.3-2017-09-19-3499d089_win64.zip
2017-09-23 07:47 - 2017-09-23 07:47 - 000247950 _____ C:\Users\Filarmeo PC\Downloads\cadmapper-download (1).zip
2017-09-22 18:20 - 2017-09-22 18:20 - 000011630 _____ C:\Users\Filarmeo PC\Documents\share of stocks form.xlsx
2017-09-22 10:25 - 2017-09-22 10:25 - 000120295 _____ C:\Users\Filarmeo PC\Downloads\Rockwell Secondary Market Unit Inventory - As of Sept. 20, 2017.pdf
2017-09-21 18:31 - 2017-09-21 18:31 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-09-21 18:31 - 2017-07-19 06:38 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-09-21 18:31 - 2017-03-11 05:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-09-21 18:31 - 2017-03-11 05:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-09-21 18:31 - 2017-03-11 05:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-09-21 18:31 - 2017-03-11 05:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-09-21 18:28 - 2017-09-21 18:28 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-09-21 18:04 - 2017-09-21 18:04 - 005479011 _____ C:\Users\Filarmeo PC\Downloads\EBOOT (1).7z
2017-09-21 18:03 - 2017-09-21 18:03 - 005479011 _____ C:\Users\Filarmeo PC\Downloads\EBOOT.7z
2017-09-21 17:44 - 2017-09-21 17:44 - 019162828 _____ C:\Users\Filarmeo PC\Downloads\rpcs3-v0.0.3-2017-07-24-c31c7898_win64.zip
2017-09-21 14:58 - 2017-09-21 14:58 - 000710495 _____ C:\Users\Filarmeo PC\Downloads\SAFv13-PRESA V3.pdf
2017-09-20 19:01 - 2017-09-20 19:02 - 006850568 _____ C:\Users\Filarmeo PC\Downloads\archive (29).zip
2017-09-20 18:58 - 2017-09-20 18:59 - 006144512 _____ C:\Users\Filarmeo PC\Downloads\Property 24 Manager Tool Training Deck V3.ppt
2017-09-20 18:51 - 2017-09-20 18:51 - 000449509 _____ C:\Users\Filarmeo PC\Downloads\Lamudi Broker's agreement form For ms. elizabeth_10 listings.pdf
2017-09-20 00:59 - 2017-09-20 00:59 - 000000000 ___RD C:\Users\Filarmeo PC\Documents\MEGA
2017-09-20 00:56 - 2017-09-20 00:56 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Mega Limited
2017-09-20 00:54 - 2017-09-20 00:54 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2017-09-20 00:54 - 2017-09-20 00:54 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\MEGAsync
2017-09-20 00:51 - 2017-09-20 00:51 - 013314392 _____ (MEGA Limited) C:\Users\Filarmeo PC\Downloads\MEGAsyncSetup.exe
2017-09-19 09:02 - 2017-09-19 09:02 - 003362816 _____ C:\Users\Filarmeo PC\Downloads\Bagunas_Flower_8141.rfa
2017-09-19 02:59 - 2017-09-19 02:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ILLUSION
2017-09-19 02:31 - 2017-09-19 02:31 - 000000000 ____D C:\ProgramData\_TheShadow
2017-09-18 10:11 - 2017-09-18 10:11 - 000055405 _____ C:\Users\Filarmeo PC\Downloads\~WRD2729.tmp
2017-09-18 01:19 - 2017-09-18 01:19 - 000027680 _____ C:\Users\Filarmeo PC\Downloads\162f8d5d-7b78-4d73-ad76-270096410edb.tmp
2017-09-17 02:51 - 2017-09-17 02:51 - 000466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2017-09-17 02:51 - 2017-09-17 02:51 - 000444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2017-09-17 02:51 - 2017-09-17 02:51 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2017-09-17 02:51 - 2017-09-17 02:51 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2017-09-17 02:51 - 2017-09-17 02:51 - 000000000 ____D C:\ProgramData\Codemasters
2017-09-17 02:51 - 2017-09-17 02:51 - 000000000 ____D C:\Program Files (x86)\OpenAL
2017-09-16 17:18 - 2017-09-16 17:18 - 007046160 _____ C:\Users\Filarmeo PC\Downloads\123.psd
2017-09-15 12:20 - 2017-04-22 05:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-09-15 12:20 - 2017-04-22 05:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2017-09-15 12:20 - 2017-04-22 05:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-09-15 12:20 - 2017-04-22 05:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-09-14 19:13 - 2017-09-14 19:13 - 000000000 ____D C:\Program Files (x86)\Garena
2017-09-14 17:23 - 2017-09-14 17:23 - 000406799 _____ C:\Users\Filarmeo PC\Downloads\Les05 (1).pdf
2017-09-14 17:13 - 2017-09-14 17:38 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\Dev-Cpp
2017-09-14 17:13 - 2017-09-14 17:13 - 000406799 _____ C:\Users\Filarmeo PC\Downloads\Les05.pdf
2017-09-14 17:12 - 2017-09-14 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2017-09-14 17:11 - 2017-09-14 17:11 - 000000000 ____D C:\Program Files (x86)\Dev-Cpp
2017-09-14 09:58 - 2017-09-14 09:58 - 000883389 _____ C:\Users\Filarmeo PC\Downloads\Davidoff_1965_Advocacy-and-pluralism-in-planning (1).pdf
2017-09-14 09:55 - 2017-09-14 09:55 - 000883389 _____ C:\Users\Filarmeo PC\Downloads\Davidoff_1965_Advocacy-and-pluralism-in-planning.pdf
2017-09-14 09:02 - 2017-09-14 09:02 - 000339968 _____ C:\Users\Filarmeo PC\Downloads\a_cman2_7608.rfa
2017-09-13 14:34 - 2017-09-13 14:34 - 000196608 _____ C:\Users\Filarmeo PC\Downloads\curved_reception_counter_3404.rfa
2017-09-13 13:35 - 2017-09-13 13:35 - 013384571 _____ C:\Users\Filarmeo PC\Downloads\AI GREEK ROMAN RENAISSANCE.pptx
2017-09-13 11:19 - 2017-09-13 11:19 - 000231107 _____ C:\Users\Filarmeo PC\Downloads\cadmapper-download.zip
2017-09-13 10:48 - 2017-09-13 10:48 - 001257472 _____ C:\Users\Filarmeo PC\Downloads\Casement_Window_combined_Arch_Wall_Curve_and_Sash_Trim_Parametric_12476.rfa
2017-09-13 10:48 - 2017-09-13 10:48 - 000253952 _____ C:\Users\Filarmeo PC\Downloads\Residential_Windows_2748.rfa
2017-09-13 09:20 - 2017-09-07 15:07 - 000315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-09-13 09:20 - 2017-09-07 14:59 - 001470816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-09-13 09:20 - 2017-09-07 14:22 - 001504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-09-13 09:20 - 2017-09-07 14:21 - 002265368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-13 09:20 - 2017-09-07 14:21 - 000780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-13 09:20 - 2017-09-07 14:17 - 001557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-09-13 09:20 - 2017-09-07 14:13 - 000546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-13 09:20 - 2017-09-07 14:12 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-09-13 09:20 - 2017-09-07 14:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 09:20 - 2017-09-07 14:01 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-13 09:20 - 2017-09-07 14:00 - 000037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-09-13 09:20 - 2017-09-07 13:57 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-09-13 09:20 - 2017-09-07 13:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-09-13 09:20 - 2017-09-07 13:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-09-13 09:20 - 2017-09-07 13:50 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-09-13 09:20 - 2017-09-07 13:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-09-13 09:20 - 2017-09-07 13:50 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-09-13 09:20 - 2017-09-07 13:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-09-13 09:20 - 2017-09-07 13:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-09-13 09:20 - 2017-09-07 13:48 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-09-13 09:20 - 2017-09-07 13:47 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-09-13 09:20 - 2017-09-07 13:47 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-09-13 09:20 - 2017-09-07 13:44 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-09-13 09:20 - 2017-09-07 13:42 - 001077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-09-13 09:20 - 2017-09-07 13:42 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-09-13 09:20 - 2017-09-07 13:40 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-09-13 09:20 - 2017-09-07 13:40 - 003198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-09-13 09:20 - 2017-09-07 13:39 - 006109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-09-13 09:20 - 2017-09-07 13:36 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-09-13 09:20 - 2017-09-07 13:36 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-09-13 09:20 - 2017-09-07 13:36 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-09-13 09:20 - 2017-09-07 13:35 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-09-13 09:20 - 2017-09-07 13:34 - 003733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-13 09:20 - 2017-09-07 13:34 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-09-13 09:20 - 2017-09-07 13:33 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-13 09:20 - 2017-09-07 13:33 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-13 09:20 - 2017-09-07 13:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-09-13 09:20 - 2017-09-07 13:32 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-13 09:20 - 2017-09-07 13:32 - 001993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-09-13 09:20 - 2017-09-07 13:32 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-09-13 09:20 - 2017-09-07 13:32 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-09-13 09:20 - 2017-09-07 13:31 - 001988608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-09-13 09:20 - 2017-09-07 13:31 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-09-13 09:20 - 2017-09-07 13:31 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-09-13 09:20 - 2017-09-07 13:31 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-09-13 09:20 - 2017-09-07 13:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-09-13 09:20 - 2017-09-07 13:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-09-13 09:20 - 2017-09-07 13:30 - 002740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-09-13 09:20 - 2017-09-07 13:30 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-09-13 09:20 - 2017-09-07 13:30 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-09-13 09:20 - 2017-09-07 13:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-09-13 09:20 - 2017-09-07 13:29 - 002997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-13 09:20 - 2017-09-07 13:29 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-09-13 09:20 - 2017-09-07 13:07 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-13 09:20 - 2017-08-22 12:55 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-09-13 09:20 - 2017-03-04 14:05 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-09-13 09:20 - 2017-03-04 14:01 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-09-13 09:19 - 2017-09-07 14:32 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-13 09:19 - 2017-09-07 14:32 - 001573792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-13 09:19 - 2017-09-07 14:32 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-09-13 09:19 - 2017-09-07 14:29 - 002048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-13 09:19 - 2017-09-07 14:24 - 000869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-09-13 09:19 - 2017-09-07 14:24 - 000263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-09-13 09:19 - 2017-09-07 14:22 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-09-13 09:19 - 2017-09-07 14:21 - 005722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-13 09:19 - 2017-09-07 14:21 - 000975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-09-13 09:19 - 2017-09-07 14:21 - 000861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-09-13 09:19 - 2017-09-07 14:21 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-09-13 09:19 - 2017-09-07 14:20 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-09-13 09:19 - 2017-09-07 14:20 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-13 09:19 - 2017-09-07 14:20 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-13 09:19 - 2017-09-07 14:20 - 000267104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-13 09:19 - 2017-09-07 14:20 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-13 09:19 - 2017-09-07 14:20 - 000037200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-13 09:19 - 2017-09-07 14:19 - 002168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-13 09:19 - 2017-09-07 14:19 - 000846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-09-13 09:19 - 2017-09-07 14:19 - 000606560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-09-13 09:19 - 2017-09-07 14:19 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-09-13 09:19 - 2017-09-07 14:17 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-13 09:19 - 2017-09-07 14:17 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-13 09:19 - 2017-09-07 14:17 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-09-13 09:19 - 2017-09-07 14:17 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-09-13 09:19 - 2017-09-07 14:17 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-09-13 09:19 - 2017-09-07 14:17 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-09-13 09:19 - 2017-09-07 14:16 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-13 09:19 - 2017-09-07 14:16 - 000962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-09-13 09:19 - 2017-09-07 14:13 - 001412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-13 09:19 - 2017-09-07 14:03 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-13 09:19 - 2017-09-07 14:03 - 000998920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-09-13 09:19 - 2017-09-07 14:01 - 002049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-09-13 09:19 - 2017-09-07 14:01 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-13 09:19 - 2017-09-07 13:59 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-13 09:19 - 2017-09-07 13:58 - 000554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-13 09:19 - 2017-09-07 13:58 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-09-13 09:19 - 2017-09-07 13:58 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2017-09-13 09:19 - 2017-09-07 13:57 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll
2017-09-13 09:19 - 2017-09-07 13:57 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-09-13 09:19 - 2017-09-07 13:57 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-09-13 09:19 - 2017-09-07 13:57 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-09-13 09:19 - 2017-09-07 13:57 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-13 09:19 - 2017-09-07 13:56 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-09-13 09:19 - 2017-09-07 13:56 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-09-13 09:19 - 2017-09-07 13:55 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-09-13 09:19 - 2017-09-07 13:55 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-09-13 09:19 - 2017-09-07 13:55 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-09-13 09:19 - 2017-09-07 13:54 - 007220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-13 09:19 - 2017-09-07 13:54 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-09-13 09:19 - 2017-09-07 13:54 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-13 09:19 - 2017-09-07 13:54 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-09-13 09:19 - 2017-09-07 13:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-09-13 09:19 - 2017-09-07 13:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-09-13 09:19 - 2017-09-07 13:54 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-09-13 09:19 - 2017-09-07 13:54 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-09-13 09:19 - 2017-09-07 13:54 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-09-13 09:19 - 2017-09-07 13:54 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-09-13 09:19 - 2017-09-07 13:53 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2017-09-13 09:19 - 2017-09-07 13:53 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-13 09:19 - 2017-09-07 13:53 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-09-13 09:19 - 2017-09-07 13:53 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-09-13 09:19 - 2017-09-07 13:53 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-13 09:19 - 2017-09-07 13:53 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-09-13 09:19 - 2017-09-07 13:53 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-09-13 09:19 - 2017-09-07 13:53 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-09-13 09:19 - 2017-09-07 13:53 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-09-13 09:19 - 2017-09-07 13:53 - 000097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-09-13 09:19 - 2017-09-07 13:52 - 001300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-09-13 09:19 - 2017-09-07 13:52 - 000858464 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-09-13 09:19 - 2017-09-07 13:52 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-09-13 09:19 - 2017-09-07 13:52 - 000265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-09-13 09:19 - 2017-09-07 13:52 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-09-13 09:19 - 2017-09-07 13:52 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-09-13 09:19 - 2017-09-07 13:52 - 000044464 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 001243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-09-13 09:19 - 2017-09-07 13:51 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-09-13 09:19 - 2017-09-07 13:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-13 09:19 - 2017-09-07 13:51 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 022220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 008168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 000244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-09-13 09:19 - 2017-09-07 13:50 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-09-13 09:19 - 2017-09-07 13:49 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-09-13 09:19 - 2017-09-07 13:49 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-09-13 09:19 - 2017-09-07 13:49 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-13 09:19 - 2017-09-07 13:49 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-09-13 09:19 - 2017-09-07 13:49 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-13 09:19 - 2017-09-07 13:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-13 09:19 - 2017-09-07 13:49 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-09-13 09:19 - 2017-09-07 13:48 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-13 09:19 - 2017-09-07 13:48 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-09-13 09:19 - 2017-09-07 13:48 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-13 09:19 - 2017-09-07 13:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-09-13 09:19 - 2017-09-07 13:48 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-13 09:19 - 2017-09-07 13:48 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-09-13 09:19 - 2017-09-07 13:48 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-13 09:19 - 2017-09-07 13:47 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-13 09:19 - 2017-09-07 13:47 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-09-13 09:19 - 2017-09-07 13:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-09-13 09:19 - 2017-09-07 13:47 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-09-13 09:19 - 2017-09-07 13:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-09-13 09:19 - 2017-09-07 13:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-09-13 09:19 - 2017-09-07 13:46 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-13 09:19 - 2017-09-07 13:45 - 013875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-13 09:19 - 2017-09-07 13:45 - 002532704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-13 09:19 - 2017-09-07 13:45 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-13 09:19 - 2017-09-07 13:45 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-09-13 09:19 - 2017-09-07 13:44 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-09-13 09:19 - 2017-09-07 13:44 - 001534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-09-13 09:19 - 2017-09-07 13:44 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-09-13 09:19 - 2017-09-07 13:44 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-09-13 09:19 - 2017-09-07 13:43 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-13 09:19 - 2017-09-07 13:43 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-09-13 09:19 - 2017-09-07 13:42 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-09-13 09:19 - 2017-09-07 13:41 - 019413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-13 09:19 - 2017-09-07 13:41 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-09-13 09:19 - 2017-09-07 13:40 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-09-13 09:19 - 2017-09-07 13:40 - 000746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-09-13 09:19 - 2017-09-07 13:40 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-09-13 09:19 - 2017-09-07 13:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-09-13 09:19 - 2017-09-07 13:39 - 018363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-13 09:19 - 2017-09-07 13:39 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2017-09-13 09:19 - 2017-09-07 13:38 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-13 09:19 - 2017-09-07 13:38 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-09-13 09:19 - 2017-09-07 13:38 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2017-09-13 09:19 - 2017-09-07 13:37 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-09-13 09:19 - 2017-09-07 13:37 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-13 09:19 - 2017-09-07 13:36 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-09-13 09:19 - 2017-09-07 13:36 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-09-13 09:19 - 2017-09-07 13:35 - 007470080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-13 09:19 - 2017-09-07 13:35 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-09-13 09:19 - 2017-09-07 13:35 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-09-13 09:19 - 2017-09-07 13:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-09-13 09:19 - 2017-09-07 13:34 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-09-13 09:19 - 2017-09-07 13:33 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-09-13 09:19 - 2017-09-07 13:33 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-09-13 09:19 - 2017-09-07 13:33 - 001135616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-13 09:19 - 2017-09-07 13:33 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-09-13 09:19 - 2017-09-07 13:32 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-09-13 09:19 - 2017-09-07 13:32 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-13 09:19 - 2017-09-07 13:32 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-09-13 09:19 - 2017-09-07 13:31 - 003663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-13 09:19 - 2017-09-07 13:31 - 002028032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-13 09:19 - 2017-09-07 13:31 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-09-13 09:19 - 2017-09-07 13:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-09-13 09:19 - 2017-09-07 13:30 - 002747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-09-13 09:19 - 2017-09-07 13:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-09-13 09:19 - 2017-09-07 13:30 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-13 09:19 - 2017-09-07 13:30 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-09-13 09:19 - 2017-09-07 13:29 - 001576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-09-13 09:19 - 2017-09-07 13:29 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-09-13 09:19 - 2017-09-07 13:28 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-09-13 09:19 - 2017-09-07 13:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-09-13 09:19 - 2017-09-07 13:28 - 000449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-13 09:19 - 2017-09-07 13:23 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-09-13 09:19 - 2017-09-07 13:22 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-13 09:19 - 2017-09-07 13:22 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-13 09:19 - 2017-09-07 13:21 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-09-13 09:19 - 2017-09-07 13:21 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-09-13 09:19 - 2017-09-07 13:21 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-09-13 09:19 - 2017-09-07 13:21 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-13 09:19 - 2017-09-07 13:20 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-09-13 09:19 - 2017-09-07 13:20 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-09-13 09:19 - 2017-09-07 13:20 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-13 09:19 - 2017-09-07 13:19 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-09-13 09:19 - 2017-09-07 13:19 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-09-13 09:19 - 2017-09-07 13:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-09-13 09:19 - 2017-09-07 13:18 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsecsnp.dll
2017-09-13 09:19 - 2017-09-07 13:18 - 000418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-09-13 09:19 - 2017-09-07 13:18 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-13 09:19 - 2017-09-07 13:18 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-09-13 09:19 - 2017-09-07 13:18 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-09-13 09:19 - 2017-09-07 13:17 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-13 09:19 - 2017-09-07 13:17 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-09-13 09:19 - 2017-09-07 13:17 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-13 09:19 - 2017-09-07 13:17 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-13 09:19 - 2017-09-07 13:16 - 001507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-09-13 09:19 - 2017-09-07 13:16 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-09-13 09:19 - 2017-09-07 13:16 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-13 09:19 - 2017-09-07 13:16 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll
2017-09-13 09:19 - 2017-09-07 13:16 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-13 09:19 - 2017-09-07 13:15 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-09-13 09:19 - 2017-09-07 13:15 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-09-13 09:19 - 2017-09-07 13:15 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-13 09:19 - 2017-09-07 13:15 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-13 09:19 - 2017-09-07 13:15 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-09-13 09:19 - 2017-09-07 13:15 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-09-13 09:19 - 2017-09-07 13:14 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-09-13 09:19 - 2017-09-07 13:14 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-09-13 09:19 - 2017-09-07 13:14 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-09-13 09:19 - 2017-09-07 13:14 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-09-13 09:19 - 2017-09-07 13:14 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-09-13 09:19 - 2017-09-07 13:13 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2017-09-13 09:19 - 2017-09-07 13:13 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-09-13 09:19 - 2017-09-07 13:13 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-09-13 09:19 - 2017-09-07 13:13 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-09-13 09:19 - 2017-09-07 13:12 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-09-13 09:19 - 2017-09-07 13:12 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-09-13 09:19 - 2017-09-07 13:12 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-09-13 09:19 - 2017-09-07 13:11 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-09-13 09:19 - 2017-09-07 13:11 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-13 09:19 - 2017-09-07 13:09 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-13 09:19 - 2017-09-07 13:08 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-09-13 09:19 - 2017-09-07 13:07 - 007655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-09-13 09:19 - 2017-09-07 13:07 - 003778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-09-13 09:19 - 2017-09-07 13:07 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-09-13 09:19 - 2017-09-07 13:07 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-09-13 09:19 - 2017-09-07 13:05 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-09-13 09:19 - 2017-09-07 13:04 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-13 09:19 - 2017-09-07 13:04 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-09-13 09:19 - 2017-09-07 13:03 - 001078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-09-13 09:19 - 2017-09-07 13:03 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2017-09-13 09:19 - 2017-09-07 13:03 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-13 09:19 - 2017-09-07 13:01 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-09-13 09:19 - 2017-09-07 13:01 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-09-13 09:19 - 2017-09-07 13:01 - 002390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-09-13 09:19 - 2017-09-07 13:01 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-09-13 09:19 - 2017-09-07 13:01 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-09-13 09:19 - 2017-09-07 13:01 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-09-13 09:19 - 2017-09-07 13:00 - 008077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-13 09:19 - 2017-09-07 13:00 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-09-13 09:19 - 2017-09-07 12:59 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-13 09:19 - 2017-09-07 12:59 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-09-13 09:19 - 2017-09-07 12:58 - 001700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-13 09:19 - 2017-09-07 12:58 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-09-13 09:19 - 2017-09-07 12:58 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-09-13 09:19 - 2017-09-07 12:57 - 003134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-09-13 09:19 - 2017-09-07 12:57 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-09-13 09:19 - 2017-09-07 12:56 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-09-13 09:19 - 2017-09-07 12:56 - 002539008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-09-13 09:19 - 2017-09-07 12:56 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-09-13 09:19 - 2017-09-07 12:56 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-09-13 09:19 - 2017-09-07 12:55 - 002424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-09-13 09:19 - 2017-09-07 12:55 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-13 09:19 - 2017-09-07 12:55 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-13 09:19 - 2017-09-07 12:55 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-09-13 09:19 - 2017-09-07 12:55 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-13 09:19 - 2017-09-07 12:54 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-09-13 09:19 - 2017-09-07 12:54 - 000834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-13 09:19 - 2017-09-07 12:52 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-09-13 09:19 - 2017-09-07 12:52 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-09-13 09:19 - 2017-09-07 12:52 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-13 09:19 - 2017-09-07 12:50 - 000119808 ____R (Microsoft Corporation) C:\WINDOWS\system32\SecureAssessmentHandlers.dll
2017-09-13 09:19 - 2017-08-22 13:08 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-13 09:19 - 2017-08-22 13:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-13 09:19 - 2017-08-22 13:05 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-09-13 09:19 - 2017-08-22 13:04 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-13 09:19 - 2017-08-22 13:02 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-13 09:19 - 2017-08-22 12:57 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-13 09:19 - 2017-08-22 12:53 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-09-13 09:19 - 2017-08-22 12:50 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-09-13 09:19 - 2017-08-22 12:49 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-09-13 09:19 - 2017-08-22 12:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-13 09:19 - 2017-08-22 12:38 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll
2017-09-13 09:19 - 2017-08-08 14:06 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-13 09:19 - 2017-08-08 14:03 - 000218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-09-13 09:19 - 2017-08-08 14:03 - 000102240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2017-09-13 09:19 - 2017-08-08 13:59 - 000357984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2017-09-13 09:19 - 2017-08-08 13:59 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-09-13 09:19 - 2017-08-08 13:56 - 000054240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-13 09:19 - 2017-08-08 13:53 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-09-13 09:19 - 2017-08-08 13:53 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-09-13 09:19 - 2017-08-08 13:53 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-09-13 09:19 - 2017-08-08 13:45 - 000453544 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-09-13 09:19 - 2017-08-08 13:25 - 000255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2017-09-13 09:19 - 2017-08-08 13:23 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-09-13 09:19 - 2017-08-08 13:21 - 000340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-09-13 09:19 - 2017-08-08 13:18 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-09-13 09:19 - 2017-08-08 13:16 - 000294952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-13 09:19 - 2017-08-08 13:16 - 000086232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2017-09-13 09:19 - 2017-08-08 13:15 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-09-13 09:19 - 2017-08-08 13:14 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-13 09:19 - 2017-08-08 13:12 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-09-13 09:19 - 2017-08-08 13:04 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-09-13 09:19 - 2017-08-08 12:58 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-09-13 09:19 - 2017-08-08 12:56 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-09-13 09:19 - 2017-08-08 12:56 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2017-09-13 09:19 - 2017-08-08 12:54 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-09-13 09:19 - 2017-08-08 12:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-09-13 09:19 - 2017-08-08 12:53 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-13 09:19 - 2017-08-08 12:53 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2017-09-13 09:19 - 2017-08-08 12:50 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-09-13 09:19 - 2017-08-08 12:50 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-09-13 09:19 - 2017-08-08 12:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-09-13 09:19 - 2017-08-08 12:49 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-09-13 09:19 - 2017-08-08 12:48 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-09-13 09:19 - 2017-08-08 12:47 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-13 09:19 - 2017-08-08 12:41 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-09-13 09:19 - 2017-03-04 15:03 - 000160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-09-13 09:19 - 2017-03-04 14:53 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-09-13 09:19 - 2017-03-04 14:39 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-09-13 09:19 - 2017-03-04 14:28 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-09-13 09:19 - 2017-03-04 14:27 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-09-13 09:19 - 2017-03-04 14:24 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-09-13 09:19 - 2017-03-04 14:17 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-09-13 09:19 - 2017-03-04 14:13 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-09-13 09:19 - 2017-03-04 14:08 - 001266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-09-13 09:19 - 2016-12-21 12:43 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-09-13 09:19 - 2016-09-16 00:40 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-09-13 09:19 - 2016-09-16 00:34 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-09-13 09:19 - 2016-09-16 00:30 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-09-13 09:19 - 2016-09-16 00:24 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-09-13 09:18 - 2017-09-07 14:20 - 000367208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-09-13 09:18 - 2017-09-07 14:16 - 000379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-09-13 09:18 - 2017-09-07 14:11 - 000076128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-13 09:18 - 2017-09-07 14:10 - 002170720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 001408352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 001054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 000992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 000825696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-13 09:18 - 2017-09-07 14:10 - 000813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 000779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 000766304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 000704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 000699232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 000603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 000567136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 000513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 000412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-13 09:18 - 2017-09-07 14:10 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-13 09:18 - 2017-09-07 14:10 - 000202592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-13 09:18 - 2017-09-07 14:04 - 000894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-09-13 09:18 - 2017-09-07 14:03 - 007780704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-13 09:18 - 2017-09-07 14:03 - 001887408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-13 09:18 - 2017-09-07 14:02 - 032693432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-09-13 09:18 - 2017-09-07 14:01 - 002681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-13 09:18 - 2017-09-07 14:00 - 000764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-13 09:18 - 2017-09-07 13:58 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-09-13 09:18 - 2017-09-07 13:57 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-13 09:18 - 2017-09-07 13:56 - 001069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-13 09:18 - 2017-09-07 13:56 - 000328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-09-13 09:18 - 2017-09-07 13:54 - 002761248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-13 09:18 - 2017-09-07 13:54 - 002188128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-13 09:18 - 2017-09-07 13:54 - 001739072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-09-13 09:18 - 2017-09-07 13:54 - 001157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-09-13 09:18 - 2017-09-07 13:54 - 000658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-09-13 09:18 - 2017-09-07 13:54 - 000402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-09-13 09:18 - 2017-09-07 13:54 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-09-13 09:18 - 2017-09-07 13:53 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-09-13 09:18 - 2017-09-07 13:53 - 000684896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-13 09:18 - 2017-09-07 13:53 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-09-13 09:18 - 2017-09-07 13:53 - 000431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-09-13 09:18 - 2017-09-07 13:53 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-13 09:18 - 2017-09-07 13:53 - 000296288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-13 09:18 - 2017-09-07 13:53 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-13 09:18 - 2017-09-07 13:52 - 002915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-13 09:18 - 2017-09-07 13:52 - 001267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-09-13 09:18 - 2017-09-07 13:52 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-13 09:18 - 2017-09-07 13:52 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-13 09:18 - 2017-09-07 13:52 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-13 09:18 - 2017-09-07 13:50 - 001694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-09-13 09:18 - 2017-09-07 13:50 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-13 09:18 - 2017-09-07 13:49 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-13 09:18 - 2017-09-07 13:49 - 001277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-09-13 09:18 - 2017-09-07 13:49 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-09-13 09:18 - 2017-09-07 13:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-13 09:18 - 2017-09-07 13:46 - 001566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-13 09:18 - 2017-09-07 13:46 - 000628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-13 09:18 - 2017-09-07 13:45 - 000372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-09-13 09:18 - 2017-09-07 13:37 - 012204544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-13 09:18 - 2017-09-07 13:34 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-13 09:18 - 2017-09-07 13:31 - 001509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-13 09:18 - 2017-09-07 13:30 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-13 09:18 - 2017-09-07 13:24 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-13 09:18 - 2017-09-07 13:23 - 022569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-13 09:18 - 2017-09-07 13:22 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-13 09:18 - 2017-09-07 13:22 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-13 09:18 - 2017-09-07 13:22 - 000045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-09-13 09:18 - 2017-09-07 13:22 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-13 09:18 - 2017-09-07 13:22 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2017-09-13 09:18 - 2017-09-07 13:21 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-09-13 09:18 - 2017-09-07 13:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-09-13 09:18 - 2017-09-07 13:21 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2017-09-13 09:18 - 2017-09-07 13:21 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-09-13 09:18 - 2017-09-07 13:20 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-09-13 09:18 - 2017-09-07 13:20 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-09-13 09:18 - 2017-09-07 13:20 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-09-13 09:18 - 2017-09-07 13:20 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-09-13 09:18 - 2017-09-07 13:19 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-09-13 09:18 - 2017-09-07 13:19 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-09-13 09:18 - 2017-09-07 13:19 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-09-13 09:18 - 2017-09-07 13:19 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-09-13 09:18 - 2017-09-07 13:18 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-09-13 09:18 - 2017-09-07 13:18 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-09-13 09:18 - 2017-09-07 13:18 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-13 09:18 - 2017-09-07 13:18 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-09-13 09:18 - 2017-09-07 13:17 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-09-13 09:18 - 2017-09-07 13:17 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-09-13 09:18 - 2017-09-07 13:17 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-13 09:18 - 2017-09-07 13:17 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-09-13 09:18 - 2017-09-07 13:17 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2017-09-13 09:18 - 2017-09-07 13:17 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-09-13 09:18 - 2017-09-07 13:17 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-09-13 09:18 - 2017-09-07 13:17 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-13 09:18 - 2017-09-07 13:17 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-13 09:18 - 2017-09-07 13:16 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-09-13 09:18 - 2017-09-07 13:16 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-13 09:18 - 2017-09-07 13:16 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-13 09:18 - 2017-09-07 13:16 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-09-13 09:18 - 2017-09-07 13:16 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-09-13 09:18 - 2017-09-07 13:16 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-09-13 09:18 - 2017-09-07 13:16 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-09-13 09:18 - 2017-09-07 13:16 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-09-13 09:18 - 2017-09-07 13:16 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-13 09:18 - 2017-09-07 13:15 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-09-13 09:18 - 2017-09-07 13:15 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-09-13 09:18 - 2017-09-07 13:15 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-13 09:18 - 2017-09-07 13:15 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-09-13 09:18 - 2017-09-07 13:15 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-09-13 09:18 - 2017-09-07 13:15 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-09-13 09:18 - 2017-09-07 13:15 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-09-13 09:18 - 2017-09-07 13:15 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-09-13 09:18 - 2017-09-07 13:15 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-09-13 09:18 - 2017-09-07 13:15 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-09-13 09:18 - 2017-09-07 13:15 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-13 09:18 - 2017-09-07 13:15 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-13 09:18 - 2017-09-07 13:14 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-09-13 09:18 - 2017-09-07 13:14 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-09-13 09:18 - 2017-09-07 13:14 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-13 09:18 - 2017-09-07 13:14 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-13 09:18 - 2017-09-07 13:14 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-09-13 09:18 - 2017-09-07 13:14 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-13 09:18 - 2017-09-07 13:14 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-13 09:18 - 2017-09-07 13:14 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-09-13 09:18 - 2017-09-07 13:14 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-13 09:18 - 2017-09-07 13:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-13 09:18 - 2017-09-07 13:13 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-09-13 09:18 - 2017-09-07 13:13 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-13 09:18 - 2017-09-07 13:13 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-09-13 09:18 - 2017-09-07 13:13 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-09-13 09:18 - 2017-09-07 13:13 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-13 09:18 - 2017-09-07 13:12 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-09-13 09:18 - 2017-09-07 13:12 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-09-13 09:18 - 2017-09-07 13:12 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-09-13 09:18 - 2017-09-07 13:12 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-13 09:18 - 2017-09-07 13:11 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-09-13 09:18 - 2017-09-07 13:11 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-13 09:18 - 2017-09-07 13:11 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-09-13 09:18 - 2017-09-07 13:11 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-13 09:18 - 2017-09-07 13:10 - 017200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-13 09:18 - 2017-09-07 13:10 - 001037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-13 09:18 - 2017-09-07 13:09 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-13 09:18 - 2017-09-07 13:08 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-13 09:18 - 2017-09-07 13:08 - 001639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-09-13 09:18 - 2017-09-07 13:08 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-13 09:18 - 2017-09-07 13:08 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-09-13 09:18 - 2017-09-07 13:08 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2017-09-13 09:18 - 2017-09-07 13:07 - 002104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-13 09:18 - 2017-09-07 13:07 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-09-13 09:18 - 2017-09-07 13:07 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-09-13 09:18 - 2017-09-07 13:05 - 005114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-09-13 09:18 - 2017-09-07 13:05 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-09-13 09:18 - 2017-09-07 13:05 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-09-13 09:18 - 2017-09-07 13:04 - 005850624 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-09-13 09:18 - 2017-09-07 13:04 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-09-13 09:18 - 2017-09-07 13:04 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-09-13 09:18 - 2017-09-07 13:04 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-09-13 09:18 - 2017-09-07 13:04 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-09-13 09:18 - 2017-09-07 13:03 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-09-13 09:18 - 2017-09-07 13:03 - 000942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-09-13 09:18 - 2017-09-07 13:02 - 013107712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-13 09:18 - 2017-09-07 13:02 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-09-13 09:18 - 2017-09-07 13:02 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-09-13 09:18 - 2017-09-07 13:01 - 023675904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-13 09:18 - 2017-09-07 13:01 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-09-13 09:18 - 2017-09-07 13:01 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-13 09:18 - 2017-09-07 13:00 - 008114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-13 09:18 - 2017-09-07 13:00 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-09-13 09:18 - 2017-09-07 13:00 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-09-13 09:18 - 2017-09-07 13:00 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-09-13 09:18 - 2017-09-07 13:00 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-09-13 09:18 - 2017-09-07 12:59 - 004474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-13 09:18 - 2017-09-07 12:59 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-13 09:18 - 2017-09-07 12:59 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-13 09:18 - 2017-09-07 12:59 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-09-13 09:18 - 2017-09-07 12:59 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-13 09:18 - 2017-09-07 12:59 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-09-13 09:18 - 2017-09-07 12:59 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-09-13 09:18 - 2017-09-07 12:59 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-13 09:18 - 2017-09-07 12:59 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-09-13 09:18 - 2017-09-07 12:59 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-09-13 09:18 - 2017-09-07 12:59 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-13 09:18 - 2017-09-07 12:58 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-09-13 09:18 - 2017-09-07 12:58 - 002097152 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-13 09:18 - 2017-09-07 12:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-13 09:18 - 2017-09-07 12:58 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-13 09:18 - 2017-09-07 12:58 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-13 09:18 - 2017-09-07 12:58 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-09-13 09:18 - 2017-09-07 12:58 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-09-13 09:18 - 2017-09-07 12:58 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-09-13 09:18 - 2017-09-07 12:57 - 005611520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-09-13 09:18 - 2017-09-07 12:57 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-09-13 09:18 - 2017-09-07 12:57 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-13 09:18 - 2017-09-07 12:57 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-09-13 09:18 - 2017-09-07 12:57 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-09-13 09:18 - 2017-09-07 12:57 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-13 09:18 - 2017-09-07 12:57 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-09-13 09:18 - 2017-09-07 12:57 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-09-13 09:18 - 2017-09-07 12:56 - 003202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-09-13 09:18 - 2017-09-07 12:56 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-09-13 09:18 - 2017-09-07 12:56 - 002286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-09-13 09:18 - 2017-09-07 12:56 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-09-13 09:18 - 2017-09-07 12:56 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-13 09:18 - 2017-09-07 12:56 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-09-13 09:18 - 2017-09-07 12:55 - 003616256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-13 09:18 - 2017-09-07 12:55 - 002820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-09-13 09:18 - 2017-09-07 12:55 - 002217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-13 09:18 - 2017-09-07 12:55 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-13 09:18 - 2017-09-07 12:55 - 001512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-13 09:18 - 2017-09-07 12:55 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-09-13 09:18 - 2017-09-07 12:54 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-13 09:18 - 2017-09-07 12:54 - 003542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-09-13 09:18 - 2017-09-07 12:54 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-09-13 09:18 - 2017-09-07 12:54 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-09-13 09:18 - 2017-09-07 12:53 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-09-13 09:18 - 2017-09-07 12:53 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-09-13 09:18 - 2017-09-07 12:52 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-13 09:18 - 2017-09-07 12:52 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-09-13 09:18 - 2017-08-22 13:46 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-09-13 09:18 - 2017-08-22 13:43 - 000026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-09-13 09:18 - 2017-08-22 13:09 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-13 09:18 - 2017-08-22 12:57 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-09-13 09:18 - 2017-08-22 12:52 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-09-13 09:18 - 2017-08-22 12:47 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-13 09:18 - 2017-08-22 12:43 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-09-13 09:18 - 2017-08-22 12:41 - 002319872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-13 09:18 - 2017-08-08 14:15 - 000245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-09-13 09:18 - 2017-08-08 14:09 - 000065648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-13 09:18 - 2017-08-08 14:03 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-09-13 09:18 - 2017-08-08 14:01 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-09-13 09:18 - 2017-08-08 13:55 - 000404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-09-13 09:18 - 2017-08-08 13:52 - 000649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-13 09:18 - 2017-08-08 13:52 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-09-13 09:18 - 2017-08-08 13:52 - 000386408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-13 09:18 - 2017-08-08 13:52 - 000101776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2017-09-13 09:18 - 2017-08-08 13:52 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-09-13 09:18 - 2017-08-08 13:45 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-09-13 09:18 - 2017-08-08 13:20 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-09-13 09:18 - 2017-08-08 13:20 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-13 09:18 - 2017-08-08 13:20 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-09-13 09:18 - 2017-08-08 13:20 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2017-09-13 09:18 - 2017-08-08 13:18 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-13 09:18 - 2017-08-08 13:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-09-13 09:18 - 2017-08-08 13:17 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-09-13 09:18 - 2017-08-08 13:17 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-09-13 09:18 - 2017-08-08 13:16 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2017-09-13 09:18 - 2017-08-08 13:16 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-09-13 09:18 - 2017-08-08 13:15 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-09-13 09:18 - 2017-08-08 13:15 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-09-13 09:18 - 2017-08-08 13:14 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-13 09:18 - 2017-08-08 13:13 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-09-13 09:18 - 2017-08-08 13:13 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2017-09-13 09:18 - 2017-08-08 13:10 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-13 09:18 - 2017-08-08 13:04 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-09-13 09:18 - 2017-08-08 12:58 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-09-13 09:18 - 2017-08-08 12:55 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-09-13 09:18 - 2017-08-08 12:54 - 001228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-09-13 09:18 - 2017-08-08 12:51 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-09-13 09:18 - 2017-08-01 13:09 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-09-13 09:18 - 2017-03-04 15:09 - 000178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-09-13 09:18 - 2017-03-04 15:07 - 000947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-09-13 09:18 - 2017-03-04 14:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-09-13 09:18 - 2017-03-04 14:29 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-09-13 09:18 - 2017-03-04 14:28 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-09-13 09:18 - 2017-03-04 14:27 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-09-13 09:18 - 2017-03-04 14:13 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-09-13 09:18 - 2017-03-04 14:10 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-09-13 09:18 - 2016-11-02 18:43 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-12 17:03 - 2017-09-12 17:03 - 007265296 _____ C:\Users\Filarmeo PC\Downloads\asdada.pdf
2017-09-12 14:56 - 2017-09-12 16:57 - 030048809 _____ C:\Users\Filarmeo PC\Documents\FILARMEO, BERNADETTE MAJOR PLATE 1 - MOUNTAIN RESORT.pptx
2017-09-12 09:10 - 2017-09-12 09:10 - 000130042 _____ C:\Users\Filarmeo PC\Downloads\sadsdfghjk (1).pdf
2017-09-12 00:50 - 2017-09-12 00:50 - 000130042 _____ C:\Users\Filarmeo PC\Downloads\sadsdfghjk.pdf
2017-09-12 00:48 - 2017-09-12 00:48 - 000086149 _____ C:\Users\Filarmeo PC\Downloads\SECTION-mAIN-BUILDING.pdf
2017-09-12 00:48 - 2017-09-12 00:48 - 000001029 _____ C:\Users\Filarmeo PC\Downloads\PERS.pdf
2017-09-11 20:06 - 2017-09-11 20:43 - 000011169 _____ C:\Users\Filarmeo PC\Documents\1st year 2nd tearm 2.xlsx
2017-09-11 10:52 - 2017-09-11 10:52 - 011479997 _____ C:\Users\Filarmeo PC\Downloads\archive (28).zip
2017-09-11 10:09 - 2017-09-11 10:09 - 000666868 _____ C:\Users\Filarmeo PC\Downloads\Untitled2.skp
2017-09-10 12:38 - 2017-09-10 12:38 - 000000000 ____D C:\Users\Filarmeo PC\Documents\FeedbackHub
2017-09-09 17:44 - 2017-09-23 07:07 - 000002434 _____ C:\Users\Filarmeo PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-09 07:41 - 2017-09-09 07:41 - 000000819 _____ C:\Users\Filarmeo PC\Downloads\Desktop - Shortcut.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-09 00:40 - 2016-03-12 17:37 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-10-09 00:38 - 2016-07-16 14:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-10-08 23:53 - 2016-09-23 12:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-08 17:39 - 2016-09-23 12:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-08 16:17 - 2016-03-01 20:54 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-10-08 16:16 - 2015-11-05 10:23 - 000000000 ____D C:\Program Files (x86)\Opera
2017-10-08 16:11 - 2016-04-10 20:47 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-10-08 16:11 - 2015-11-05 08:30 - 000000187 _____ C:\WINDOWS\win.ini
2017-10-08 16:10 - 2016-09-23 12:06 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-08 15:48 - 2016-07-16 19:45 - 000000000 ____D C:\WINDOWS\INF
2017-10-08 09:12 - 2015-11-08 10:15 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\vlc
2017-10-08 07:03 - 2016-02-13 08:55 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\CrashDumps
2017-10-08 06:35 - 2017-02-07 10:08 - 000000000 ____D C:\Program Files\Autodesk
2017-10-08 02:24 - 2016-03-13 15:59 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-08 02:22 - 2017-08-31 21:51 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7
2017-10-08 00:24 - 2017-04-02 11:54 - 000000000 ____D C:\Users\Filarmeo PC\Desktop\Patrick
2017-10-08 00:24 - 2016-12-01 10:53 - 000000000 ____D C:\Users\Filarmeo PC\Desktop\Patricia
2017-10-07 23:06 - 2017-08-26 01:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Legend of Heroes Trails of Cold Steel
2017-10-07 23:06 - 2017-08-13 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\迅游_怪物猎人专版
2017-10-07 23:06 - 2017-06-06 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metal Slug X [GOG.com]
2017-10-07 23:06 - 2017-05-01 06:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-10-07 23:06 - 2017-04-12 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hollow Knight [GOG.com]
2017-10-07 23:06 - 2016-12-21 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shantae Half-Genie Hero
2017-10-07 23:06 - 2016-11-19 01:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
2017-10-07 23:06 - 2016-03-05 17:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardew Valley [GOG.com]
2017-10-07 23:06 - 2016-02-12 09:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
2017-10-07 22:21 - 2017-02-24 23:53 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Nox
2017-10-07 07:55 - 2017-03-09 10:12 - 000000185 _____ C:\WINDOWS\ODBCINST.INI
2017-10-07 07:55 - 2017-03-09 10:12 - 000000152 _____ C:\WINDOWS\ODBC.INI
2017-10-07 07:55 - 2015-11-09 03:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-10-07 07:53 - 2015-11-09 03:30 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-10-07 07:50 - 2015-11-09 03:25 - 000000000 ____D C:\ProgramData\Autodesk
2017-10-07 06:19 - 2015-11-27 01:12 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-07 02:42 - 2016-09-23 12:10 - 000000000 ____D C:\Users\Filarmeo PC
2017-10-07 01:10 - 2017-02-24 23:55 - 000000000 ____D C:\Users\Filarmeo PC\vmlogs
2017-10-07 00:59 - 2017-08-31 21:54 - 000001245 _____ C:\Users\Filarmeo PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2017-10-07 00:33 - 2015-11-05 10:21 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\BitTorrent
2017-10-07 00:22 - 2017-08-12 17:04 - 000000000 ____D C:\Users\Filarmeo PC\.BigNox
2017-10-07 00:22 - 2015-12-22 18:35 - 000000000 ____D C:\Users\Filarmeo PC\.android
2017-10-06 11:07 - 2017-03-09 10:38 - 000000000 ____D C:\ProgramData\RevitInterProcess
2017-10-06 11:07 - 2015-11-05 10:22 - 000000000 ____D C:\Program Files (x86)\Steam
2017-10-06 05:15 - 2015-11-06 05:40 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\Skype
2017-10-05 22:15 - 2015-11-06 11:13 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Adobe
2017-10-05 22:14 - 2016-06-07 17:26 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Akamai
2017-10-05 22:13 - 2017-02-27 13:44 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\MyComGames
2017-10-05 22:11 - 2017-05-01 06:55 - 000443512 _____ C:\Users\Filarmeo PC\AppData\Local\SnipUsages.txt
2017-10-05 22:11 - 2017-04-06 07:58 - 000323877 _____ C:\Users\Filarmeo PC\AppData\Local\Snip.txt
2017-10-05 22:04 - 2016-09-23 12:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-10-05 21:45 - 2016-07-16 19:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-10-05 21:45 - 2016-07-16 14:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-10-05 21:20 - 2017-07-09 21:25 - 000001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2017-10-05 21:20 - 2016-09-23 12:31 - 000003970 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1446690332
2017-10-05 20:19 - 2015-11-06 06:26 - 000000000 ___RD C:\Users\Filarmeo PC\Documents\Scanned Documents
2017-10-05 19:57 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-05 18:11 - 2017-07-28 11:18 - 001797120 ___SH C:\Users\Filarmeo PC\Downloads\Thumbs.db
2017-10-04 18:28 - 2017-03-03 20:56 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-10-04 18:27 - 2016-08-28 12:59 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-04 16:59 - 2016-12-07 23:14 - 000000000 ____D C:\Program Files\Common Files\AV
2017-10-04 14:58 - 2016-07-16 19:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-04 14:56 - 2015-11-08 09:32 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\IDM
2017-10-04 14:52 - 2016-10-31 07:47 - 000000000 ____D C:\WINDOWS\Minidump
2017-10-04 10:07 - 2017-07-27 12:58 - 000000000 ____D C:\Program Files (x86)\GarenaLoLPH
2017-10-04 04:29 - 2017-02-18 20:47 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\Auto Clicker
2017-10-04 03:59 - 2017-08-02 00:34 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Auto Clicker
2017-10-04 02:58 - 2016-11-21 20:58 - 000000000 ____D C:\sd
2017-10-04 02:26 - 2016-12-07 23:36 - 000000000 ____D C:\Program Files\McAfee Security Scan
2017-10-04 02:26 - 2016-03-03 17:26 - 000000000 ____D C:\ProgramData\Baidu
2017-10-03 23:03 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-10-03 21:57 - 2016-03-13 11:30 - 000000000 ____D C:\ProgramData\HitmanPro
2017-10-03 20:40 - 2016-07-16 14:04 - 000000000 ____D C:\Program Files\South Scheduler
2017-10-03 16:04 - 2015-11-08 09:32 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-10-02 23:33 - 2015-11-08 09:32 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\DMCache
2017-10-02 15:47 - 2016-06-17 14:53 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\discord
2017-10-02 08:03 - 2017-05-01 06:49 - 000000000 ____D C:\Users\Filarmeo PC\AppData\LocalLow\Mozilla
2017-10-02 06:58 - 2016-08-21 09:00 - 000000000 ____D C:\Users\Filarmeo
2017-10-02 06:54 - 2016-02-03 13:21 - 000003110 __RSH C:\ProgramData\ntuser.pol
2017-10-02 06:53 - 2015-11-05 08:30 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-10-02 06:50 - 2017-03-24 11:05 - 000000000 ____D C:\Users\Filarmeo PC\Documents\优酷影视库
2017-10-01 21:55 - 2017-04-13 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group
2017-10-01 21:55 - 2017-04-13 10:41 - 000000000 ____D C:\Program Files\Chaos Group
2017-10-01 19:56 - 2017-04-13 10:37 - 000000000 ____D C:\Program Files\Common Files\ChaosGroup
2017-10-01 15:38 - 2015-11-06 04:53 - 000000000 ____D C:\ProgramData\ASGVIS
2017-09-29 22:07 - 2017-06-10 20:26 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\UnrealEngine
2017-09-29 22:07 - 2016-03-04 21:08 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Warframe
2017-09-27 16:04 - 2017-05-01 06:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-27 10:54 - 2016-02-05 11:39 - 000000130 _____ C:\Users\Filarmeo PC\Documents\acad.err
2017-09-26 18:58 - 2017-08-31 14:09 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2017-09-26 15:23 - 2015-11-11 06:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-23 23:09 - 2017-06-10 19:15 - 000000000 ____D C:\Games
2017-09-23 07:07 - 2017-07-28 08:05 - 000003390 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1670738323-1962821417-3643405003-1001
2017-09-23 07:07 - 2015-11-05 10:05 - 000000000 ___RD C:\Users\Filarmeo PC\OneDrive
2017-09-21 18:32 - 2016-09-23 12:05 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-09-21 18:32 - 2015-11-06 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-09-20 21:40 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\rescache
2017-09-19 13:55 - 2015-11-08 09:32 - 000000000 ____D C:\Users\Filarmeo PC\Downloads\Compressed
2017-09-19 05:57 - 2017-08-31 14:01 - 000065024 ___SH C:\Users\Filarmeo PC\Documents\Thumbs.db
2017-09-18 22:19 - 2016-03-05 17:10 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\StardewValley
2017-09-18 20:57 - 2017-04-12 22:39 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\.minecraft
2017-09-17 02:51 - 2015-11-06 06:26 - 000000000 ____D C:\Users\Filarmeo PC\Documents\My Games
2017-09-15 12:24 - 2016-07-16 19:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-15 12:08 - 2015-11-05 10:05 - 000006250 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-15 12:03 - 2015-11-05 10:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-15 11:48 - 2016-07-16 22:29 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-09-15 11:48 - 2016-07-16 19:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-15 11:48 - 2016-07-16 19:47 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-15 11:48 - 2016-07-16 19:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-09-15 11:48 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-09-15 11:48 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-09-15 11:48 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-15 11:48 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-09-15 11:48 - 2016-07-16 19:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-15 11:48 - 2016-07-16 19:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-15 11:48 - 2016-07-16 19:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-09-15 11:47 - 2016-07-16 19:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-09-15 09:48 - 2015-11-08 09:32 - 000000000 ____D C:\Users\Filarmeo PC\Downloads\Video
2017-09-14 19:13 - 2016-11-09 22:50 - 000000000 ____D C:\Program Files (x86)\Garena Plus
2017-09-14 19:13 - 2015-11-07 08:10 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\Garena
2017-09-14 19:13 - 2015-11-07 08:10 - 000000000 ____D C:\ProgramData\Garena
2017-09-14 18:52 - 2015-11-07 08:09 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\GarenaPlus
2017-09-14 18:52 - 2015-11-07 08:08 - 000000000 ____D C:\ProgramData\GarenaMessenger
2017-09-14 06:18 - 2015-11-14 00:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-14 06:09 - 2015-11-14 00:51 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-13 08:58 - 2016-07-16 19:42 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-09-13 08:57 - 2016-07-16 19:43 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-09-13 08:56 - 2016-07-16 19:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-09-12 18:42 - 2016-12-07 22:52 - 000004564 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-09-12 18:42 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-12 18:42 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-12 01:04 - 2016-05-03 22:10 - 000000000 ____D C:\Program Files (x86)\Overwatch
2017-09-12 01:02 - 2016-02-05 18:35 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Battle.net
2017-09-12 01:01 - 2017-01-07 10:44 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-09-11 04:42 - 2015-11-09 03:30 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Local\Autodesk
2017-09-11 04:42 - 2015-11-09 03:25 - 000000000 ____D C:\Users\Filarmeo PC\AppData\Roaming\Autodesk

==================== Files in the root of some directories =======

2017-04-13 15:23 - 2017-04-13 15:23 - 000001456 _____ () C:\Users\Filarmeo PC\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-06-08 17:13 - 2017-09-05 15:34 - 000000523 _____ () C:\Users\Filarmeo PC\AppData\Local\Nox_crash.log
2016-05-05 12:59 - 2016-05-05 12:59 - 000000884 _____ () C:\Users\Filarmeo PC\AppData\Local\recently-used.xbel
2017-04-06 07:58 - 2017-10-05 22:11 - 000323877 _____ () C:\Users\Filarmeo PC\AppData\Local\Snip.txt
2017-05-01 06:55 - 2017-10-05 22:11 - 000443512 _____ () C:\Users\Filarmeo PC\AppData\Local\SnipUsages.txt
2017-02-16 20:14 - 2017-02-21 19:01 - 000000570 _____ () C:\Users\Filarmeo PC\AppData\Local\TroubleshooterConfig.json
2017-03-24 16:47 - 2017-08-27 20:49 - 000000279 _____ () C:\ProgramData\DP0004.dat
2016-03-03 17:37 - 2016-03-03 17:37 - 000000081 _____ () C:\ProgramData\xcgui_debug.txt

Files to move or delete:
====================
C:\ProgramData\DP0004.dat


Some files in TEMP:
====================
2015-09-09 18:37 - 2015-09-09 18:37 - 002439280 _____ () C:\Users\Filarmeo PC\AppData\Local\Temp\360InI.dll
2017-10-08 06:35 - 2016-02-25 07:24 - 000066496 _____ (Autodesk, Inc.) C:\Users\Filarmeo PC\AppData\Local\Temp\AcDeltree.exe
2017-10-08 03:18 - 2017-09-07 14:03 - 001887408 _____ (Microsoft Corporation) C:\Users\Filarmeo PC\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-06 12:39

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2017
Ran by Filarmeo PC (09-10-2017 00:47:35)
Running from C:\Users\Filarmeo PC\Desktop
Windows 10 Pro Version 1607 14393.1715.amd64fre.rs1_release_inmarket.170906-1810 (X64) (2016-09-23 04:35:33)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1670738323-1962821417-3643405003-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1670738323-1962821417-3643405003-503 - Limited - Disabled)
Filarmeo PC (S-1-5-21-1670738323-1962821417-3643405003-1001 - Administrator - Enabled) => C:\Users\Filarmeo PC
Guest (S-1-5-21-1670738323-1962821417-3643405003-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1670738323-1962821417-3643405003-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.48.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Ai Squared Visual C++ Runtime (HKLM\...\{35A07D1C-47FD-4159-929F-835135E11336}) (Version: 11.0.0.410 - Ai Squared) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden
Auto Clicker v1.9 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 1.9 - MurGee.com)
AutoCAD 2012 - English (HKLM\...\{5783F2D7-A001-0409-0102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 - English (HKLM\...\AutoCAD 2012 - English) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 Language Pack - English (HKLM\...\{5783F2D7-A001-0409-1102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2017 - English (HKLM\...\{28B89EEF-0001-0409-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - English (HKLM\...\{28B89EEF-0001-0409-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD Architecture 2017 - English (HKLM\...\{28B89EEF-0004-0409-2102-CF3F3A09B77D}) (Version: 7.9.48.0 - Autodesk) Hidden
AutoCAD Architecture 2017 (HKLM\...\{28B89EEF-0004-0000-3102-CF3F3A09B77D}) (Version: 7.9.48.0 - Autodesk) Hidden
AutoCAD Architecture 2017 Core (HKLM\...\{28B89EEF-0004-0000-0102-CF3F3A09B77D}) (Version: 7.9.48.0 - Autodesk) Hidden
AutoCAD Architecture 2017 Language Core - English (HKLM\...\{28B89EEF-0004-0409-1102-CF3F3A09B77D}) (Version: 7.9.48.0 - Autodesk) Hidden
AutoCAD Architecture 2017 Language Shared - English (HKLM\...\{28B89EEF-0004-0409-4102-CF3F3A09B77D}) (Version: 7.9.48.0 - Autodesk) Hidden
AutoCAD Architecture 2017 Shared (HKLM\...\{28B89EEF-0004-0000-4102-CF3F3A09B77D}) (Version: 7.9.48.0 - Autodesk) Hidden
Autodesk 3ds Max 2017 (HKLM\...\{52B37EC7-D836-0410-0664-3C24BCED2010}) (Version: 19.0.1072.0 - Autodesk) Hidden
Autodesk 3ds Max 2017 (HKLM\...\Autodesk 3ds Max 2017) (Version: 19.0.1072.0 - Autodesk)
Autodesk 3ds Max 2017 Populate Data (HKLM\...\{2B07E17E-A072-43BD-9DCC-369B56C16698}) (Version: 19.0.0.0 - Autodesk)
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\{AA384BE4-1700-0010-0000-97E7D7D00B17}) (Version: 17.0.416.0 - Autodesk) Hidden
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\Autodesk A360 Collaboration for Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Architecture 2017 - English (HKLM\...\AutoCAD Architecture 2017 - English) (Version: 7.9.48.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk BIM 360 Revit 2015 Add-in 64 bit (HKLM\...\{37E1C3A1-7DBF-4250-9314-46167B68383D}) (Version: 3.32.3357 - Autodesk)
Autodesk BIM 360 Revit 2016 Add-in 64 bit (HKLM\...\{C5A83116-8654-47A3-A3B1-B76905C8A198}) (Version: 4.35.3969 - Autodesk)
Autodesk BIM 360 Revit 2017 Add-in 64 bit (HKLM\...\{A26EBAD5-9591-407F-9D6C-C7A4F3DFE506}) (Version: 4.37.6853 - Autodesk)
Autodesk Civil View for 3ds Max 2017 64-bit (HKLM\...\{1C4FFAF0-7DBB-4F7A-A386-46747D060826}) (Version: 19.0.0.0 - Autodesk)
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.107.4 - Autodesk)
Autodesk Inventor Fusion 2012 (HKLM\...\{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}) (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 Language Pack (HKLM\...\{FFF7F80F-929E-497F-A112-B070DE816128}) (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}) (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (HKLM\...\{E552C39C-C70E-464F-9733-8311331BDD90}) (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Server Engine for 3ds Max 2017 (HKLM\...\{9167CA34-4E68-49E3-8892-3C439739D2D3}) (Version: 19.0 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\{5F0F7049-0000-1033-0102-73A6DA3D7FA6}) (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Autodesk Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Revit 2017) (Version:  - )
Autodesk Revit Architecture 2015 (HKLM\...\Autodesk Revit Architecture 2015) (Version: 15.0.136.0 - Autodesk)
Autodesk Revit Architecture Content Libraries 2015 (HKLM\...\Autodesk Revit Architecture Content Libraries 2015) (Version: 15.0.136.0 - Autodesk)
Autodesk Revit Content Libraries 2017 (HKLM\...\Autodesk Revit Content Libraries 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit Content Libraries 2017 (HKLM\...\Revit Content Libraries 2017) (Version:  - )
Autodesk Revit Interoperability for 3ds Max 2017 (HKLM\...\{0BB716E0-1700-0610-0000-097DC2F354DF}) (Version: 17.0.411.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2017 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2017) (Version: 17.0.411.0 - Autodesk)
Autodesk Revit MEP Imperial Content v2.0 (HKLM\...\{F2538944-3E07-4E97-B41A-FC48AB53EE9D}) (Version: 2.0 - Autodesk)
Autodesk Revit MEP Metric Content v2.0 (HKLM\...\{DEF775C7-84BF-4730-976A-FE3747F1757C}) (Version: 2.0 - Autodesk)
Autodesk Revit Structure 2016 (HKLM\...\Autodesk Revit Structure 2016) (Version: 16.0.428.0 - Autodesk)
Autodesk Revit Structure Content Libraries 2016 (HKLM\...\Autodesk Revit Structure Content Libraries 2016) (Version: 16.0.428.0 - Autodesk)
Autodesk Workflows 2015 (HKLM\...\{A90DD6F8-60D2-4803-AFF6-796400E73E1B}) (Version: 5.2.11.100 - Autodesk, Inc.)
Autodesk Workflows 2016 (HKLM\...\{535CDED0-D690-4738-83EE-09056A365BAC}) (Version: 6.3.0.18 - Autodesk, Inc.)
Autodesk Workflows 2017 (HKLM\...\{23A13F78-5B67-441A-ABF9-48BE8B5455DB}) (Version: 15.11.13.0 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
BattleBlock Theater (HKLM\...\Steam App 238460) (Version:  - The Behemoth)
BitTorrent (HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blood and Bacon (HKLM\...\Steam App 434570) (Version:  - Big Corporation)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.34.1574 - BlueStack Systems, Inc.)
Camtasia Studio 8 (HKLM-x32\...\{80AE23DF-71A4-4E3F-B931-F93AB5DF0BDD}) (Version: 8.4.2.1768 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CGS17_Setup_x64 (HKLM\...\{83646B67-A878-4E95-BB4B-AF4A6E61F28C}) (Version: 17.1 - Corel Corporation) Hidden
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version:  - Cheat Engine)
Chromium (HKLM-x32\...\{B3AF5B6F-E32F-8AEF-52AF-FA6F822F29EF}) (Version:  - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{3B4AE1A9-C026-4D08-8004-DA9A85A411A4}) (Version: 17.1.572 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (HKLM\...\{2C91CB9D-323D-43E5-A433-229B71CFB773}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (HKLM\...\{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (HKLM\...\{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (HKLM\...\{5162E418-BB43-4C8F-ACD6-069645EF98C3}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (HKLM\...\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (HKLM\...\{3BB8EB77-737B-4B32-BAB9-08C7110C46BD}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (HKLM\...\{D10A5CFA-FE33-4F06-AE37-554604F00A52}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (HKLM\...\{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (HKLM\...\{C922F325-DD52-4E22-B204-431A06E63E51}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (HKLM\...\{1A73168F-5983-46A6-AAAB-FD83BC231E02}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (HKLM\...\{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (HKLM\...\{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (HKLM\...\{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (HKLM\...\{966996DC-D67C-40E3-8BD4-31FA0F093571}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Cuphead (HKLM-x32\...\Cuphead_is1) (Version:  - )
Curse Client (HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version:  - Codemasters Racing Studio)
Discord (HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
DokanSetup (HKLM\...\{E2676CB4-216C-4050-9C45-63A2B3349E0C}) (Version: 0.6.40.0 - MegaBackup Corp) Hidden
DWG TrueView 2016 - English (HKLM\...\{5783F2D7-F028-0409-0100-0060B0CE6BBA}) (Version: 20.1.107.4 - Autodesk) Hidden
Dynamo 0.9.1 (HKLM\...\{85626FB3-CAF9-49C1-AA28-E3C75164BD6F}) (Version: 0.9.1.4062 - Autodesk)
eBIRForms version v6.3 (HKLM-x32\...\eBIRForms_is1) (Version: v6.3 - )
Epic Games Launcher (HKLM-x32\...\{9F55B4DA-23ED-44FA-910E-BDDBD6D942CF}) (Version: 1.1.123.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FormIt 360 Converter For Revit 2017 (HKLM\...\{637211B6-D2E9-474A-BF06-4F61F1254104}) (Version: 1.9.0.0 - Autodesk)
Garena (remove only) (HKLM-x32\...\gxx) (Version: 2.0.1709.2513 - Garena)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
GOD EATER 2 Rage Burst (HKLM\...\Steam App 438490) (Version:  - BANDAI NAMCO Studio)
GOD EATER RESURRECTION (HKLM\...\Steam App 460870) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.4.6 - Hi-Rez Studios)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
IBM SPSS Statistics Subscription (HKLM\...\{02D81DCC-13D1-465C-9292-E46956489CA1}) (Version: 1.0.0.642 - IBM Corp)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security)
join.me (HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\JoinMe) (Version: 3.1.0.4780 - LogMeIn, Inc.)
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
Killing Floor (HKLM\...\Steam App 1250) (Version:  - Tripwire Interactive)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lumion 6.0 (HKLM\...\Lumion 6.0_is1) (Version: 6.0 - Act-3D B.V.)
Magic Duels (HKLM\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
MegaBackup (HKLM\...\{403CC8F3-B54C-4510-8325-813CDFEAD562}) (Version: 1.0.1006.0 - MegaBackup Corp) Hidden
MegaBackup (HKLM-x32\...\{20596505-9f0f-45d6-9a63-fa3fc5c90330}) (Version: 1.0.1.0 - MegaBackup Corp)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
MEmu (HKLM-x32\...\MEmu) (Version: 3.5.0.0 - Microvirt Software Technology Co. Ltd.)
Microsoft OneDrive (HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837B34E3-7C30-493C-8F6A-2B0F04E2912C}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
MXMCLIENT (HKLM-x32\...\MXM) (Version:  - NCSOFT)
My.com Game Center (HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\MyComGames) (Version: 3.195 - My.com B.V.)
NC Launcher (HKLM-x32\...\NCLauncherS_plaync) (Version:  - NCSOFT)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.103 - Symantec Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 5.0.0.1 - Duodian Technology Co. Ltd.)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA mental ray and IRay feature plugins for 3ds Max 2017 (HKLM\...\{6ABEC32F-B90F-4499-B3A3-FF8A00948178}) (Version: 19.0.0.0 - Autodesk)
NVIDIA mental ray and IRay rendering plugins for 3ds Max 2017 (HKLM\...\{4B889650-52DC-49E0-AB9C-F501B91002E3}) (Version: 19.0.0.0 - Autodesk)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 48.0.2685.35 (HKLM-x32\...\Opera 48.0.2685.35) (Version: 48.0.2685.35 - Opera Software)
osu! (HKLM-x32\...\{f0381173-ab8e-4c9e-bb7a-bba0d98325e4}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Architect 5 Create Module (HKLM\...\{7A5C9B23-00FB-479B-9240-8DCBD3CDF7DC}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{422024FF-15CA-4199-8DAF-DD34A8BA85DD}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{AD72FB9B-80C6-461D-B099-9DD76A62115E}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.1 - pdfforge GmbH)
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F31F-4024-A289-92CF4B6FB256}) (Version: 16.0.1109.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1109.0 - Autodesk)
RagnarokOnline (HKLM-x32\...\{CEAD2132-9705-422C-9FAB-FD4360FBB8DA}) (Version: 14.20.0000 - Gravity)
Real Kanojo (HKLM-x32\...\{58ABF83F-C5EA-4C21-A1D8-A0AF1E4D026C}_is1) (Version: 1.0.0.0 - randompirate @ TPB)
Revelation Online (HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\Revelation Online) (Version: 1.36 - My.com B.V.)
Revit 2017 (HKLM\...\{7346B4A0-1700-0510-0000-705C0D862004}) (Version: 17.0.416.0 - Autodesk) Hidden
Revit Architecture 2015 (HKLM\...\{7346B4A0-1500-0110-0000-705C0D862004}) (Version: 15.0.136.0 - Autodesk) Hidden
Revit Architecture 2015 Language Pack - English (HKLM\...\{7346B4A0-1500-0111-0409-705C0D862004}) (Version: 15.0.136.0 - Autodesk) Hidden
Revit Architecture Content Libraries 2015 (HKLM\...\{941030D0-1500-0110-0000-818BB38A95FC}) (Version: 15.0.136.0 - Autodesk) Hidden
Revit Content Libraries 2017 (HKLM\...\{941030D0-1700-0410-0000-818BB38A95FC}) (Version: 17.0.416.0 - Autodesk) Hidden
Revit Structure 2016 (HKLM\...\{7346B4A0-1600-0210-0000-705C0D862004}) (Version: 16.0.428.0 - Autodesk) Hidden
Revit Structure Content Libraries 2016 (HKLM\...\{941030D0-1600-0210-0000-818BB38A95FC}) (Version: 16.0.428.0 - Autodesk) Hidden
Rhinoceros 5 (64-bit) (HKLM\...\{2E56CC75-611E-4278-9DFE-0912997A1E89}) (Version: 5.9.40609.20145 - Robert McNeel & Associates)
ROBLOX Player for Filarmeo PC (HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Shadowsocks version 1.0 (HKLM\...\{C4C088B7-5DDE-4273-AD48-AB47B74A4DB0}_is1) (Version: 1.0 - Shadowsocks Co.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
SketchUp 2015 (HKLM\...\{90A6F70E-96AD-4054-AB8F-42BCFA75F8EC}) (Version: 15.0.9350 - Trimble Navigation Limited)
SketchUp 2017 (HKLM\...\{F1E181BD-01D6-4754-92CC-DB8C259B9B28}) (Version: 17.0.18899 - Trimble, Inc.)
SMITE (HKLM\...\Steam App 386360) (Version:  - Hi-Rez Studios)
Snip (HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\{525d439e-e22a-4221-8fd1-25b845fe0038}) (Version: 0.1.5119.0 - Microsoft Corporation)
Soulworker Patcher (HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\13b90f2efd70d797) (Version: 2.8.1.0 - Miyu)
StarCraft II Legacy of the Void (HKLM\...\U3RhckNyYWZ0SUk=_is1) (Version: 1 - )
TexturePacker (HKLM\...\{FC03AA0D-5731-4388-AC88-652CF526D757}) (Version: 4.3.1 - code-and-web.de)
The Legend of Heroes Trails of Cold Steel (HKLM-x32\...\The Legend of Heroes Trails of Cold Steel_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers)
V-Ray 3.4 for SketchUp (HKLM\...\V-Ray 3.4 for SketchUp) (Version: 3.40.03 - Chaos Software Ltd)
V-Ray for Rhinoceros 5 x64 adv (HKLM-x32\...\V-Ray for Rhinoceros 5 x64 adv 2.00.23938) (Version: 2.00.23938 - Chaos Software, Ltd)
V-Ray Online License Server (HKLM\...\V-Ray Online License Server) (Version: 4.4.1 - Chaos Software Ltd)
V-Ray Swarm (HKLM\...\V-Ray Swarm) (Version: 1.3.5 - Chaos Software Ltd)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00d of 2011-Sep-22 (Build 138) (Setup) - WIBU-SYSTEMS AG)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wondershare Filmora(Build 8.4.0) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
ZoomText 11 (HKLM\...\{A0F86490-3C27-4B97-8EA1-F80EE995965A}) (Version: 11.3.12.410 - AiSquared) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-799A7CB82322}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Filarmeo PC\AppData\Local\Roblox\Versions\version-8792f1948dc240b5\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1670738323-1962821417-3643405003-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Filarmeo PC\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-08] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Filarmeo PC\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-08] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Filarmeo PC\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-08] ()
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [0.IconShell32] -> {94763686-13FB-47B5-A193-A9CD37391BAC} => C:\Program Files\MegaBackup Corp\MegaBackup\Current\OverlayIconShell64.dll [2015-10-22] (MegaBackup Corp)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-04] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-04] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Filarmeo PC\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-08] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Filarmeo PC\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-08] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Filarmeo PC\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-08] ()
ShellIconOverlayIdentifiers-x32-x32: [   Report] -> {32C50D96-7A9E-4F3E-8763-F74D86AFEDC2} => C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\report.dll -> No File
ShellIconOverlayIdentifiers-x32-x32-x32: [   YoukuModShlExt] -> {9071723E-9F41-4A8C-9CC2-EB6F94BA9B9E} => C:\Users\Filarmeo PC\AppData\Roaming\ytmediacenter\coreplay.dll -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-10-07] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-07] (Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-08-29] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-04] (AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Filarmeo PC\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-08] ()
ContextMenuHandlers1: [MegaBackupAppShell32 Class] -> {8706D3C1-8CF7-48C3-95DB-9E13ECB8BC12} => C:\Program Files\MegaBackup Corp\MegaBackup\Current\ShellCtx64.dll [2015-10-22] (MegaBackup Corp)
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-02-10] (pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2011-06-15] (PowerISO Computing, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-03] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-03] (Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Filarmeo PC\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-08] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-04] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Filarmeo PC\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-08] ()
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Filarmeo PC\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-08] ()
ContextMenuHandlers4: [MegaBackupAppShell32 Class] -> {8706D3C1-8CF7-48C3-95DB-9E13ECB8BC12} => C:\Program Files\MegaBackup Corp\MegaBackup\Current\ShellCtx64.dll [2015-10-22] (MegaBackup Corp)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2011-06-15] (PowerISO Computing, Inc.)
ContextMenuHandlers5: [MegaBackupAppShell32 Class] -> {8706D3C1-8CF7-48C3-95DB-9E13ECB8BC12} => C:\Program Files\MegaBackup Corp\MegaBackup\Current\ShellCtx64.dll [2015-10-22] (MegaBackup Corp)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-19] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-10-07] ()
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-04] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [MegaBackupAppShell32 Class] -> {8706D3C1-8CF7-48C3-95DB-9E13ECB8BC12} => C:\Program Files\MegaBackup Corp\MegaBackup\Current\ShellCtx64.dll [2015-10-22] (MegaBackup Corp)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2011-06-15] (PowerISO Computing, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-03] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-03] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {062FB8C3-0573-417A-A1B2-064BA94AC10C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-13] (Google Inc.)
Task: {197A01E3-F719-418B-9B4F-2F11C9874044} - System32\Tasks\Opera scheduled Autoupdate 1446690332 => C:\Program Files (x86)\Opera\launcher.exe [2017-10-02] (Opera Software)
Task: {28ABA4AA-05FE-4DD0-9D3F-99E2E43EC1C6} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {292B655F-4F66-4A56-9A09-54CCB7B50098} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {31455DAC-7D91-4436-B8F3-7D8D2D1C37AD} - System32\Tasks\ノートン セキュリティスキャン for Filarmeo PC => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.103\Nss.exe [2017-06-10] (Symantec Corporation)
Task: {38E427BE-64E9-45A2-8E3A-88B344EB70B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-13] (Google Inc.)
Task: {3924BC16-EB43-42BD-9593-11C2CDB55133} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {4574D722-6F9F-4B4C-8BA7-EB1CB7CAE496} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {4DDFBC59-DE4C-4A3A-866C-108771ECF34A} - \{0C797D47-0A0F-7905-0D11-0E7F0C0D110A} -> No File <==== ATTENTION
Task: {5DB48A4F-5106-44B4-9B57-2C9E7BB62C96} - System32\Tasks\SafeZone scheduled Autoupdate 1478707078 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {954111E7-CE86-4C15-A9C6-4567AC334271} - System32\Tasks\MegaBackupSystemIsIdleChecker => C:\WINDOWS\System32\rundll32.exe "C:\Program Files\MegaBackup Corp\MegaBackup\Current\InstallUtil.dll" ComputerIsIdle
Task: {9E74A876-7BEC-4B6D-8FC4-5AE6C565B11F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {A54A4331-1D32-4338-8C00-FC1E8CD58875} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {AA54EF2D-FE54-495B-8A51-308CF44002CC} - System32\Tasks\gxx speed launcher => C:\Program Files (x86)\Garena\Garena\Garena.exe [2017-09-25] (Garena Online )
Task: {ACCBA803-4315-4E9A-BCDC-EE7A8F2353BC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {BCEE6E28-C46E-4A83-9F18-8AA6CCD153C9} - System32\Tasks\SafeZone scheduled Autoupdate 1472361030 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {BEA1A8A0-02E9-45F6-9938-8C74EBEEFC64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-08] (Microsoft Corporation)
Task: {C13E09DF-B2FF-401A-A94F-4EC7C713E419} - System32\Tasks\MegaBackupUpdater => C:\Program Files\MegaBackup Corp\MegaBackup\Current\Installer.exe [2015-10-09] (MegaBackup Corp)
Task: {CAF29967-BF86-4F7C-B5B9-22F733B8DA20} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-08] (Microsoft Corporation)
Task: {D17720A1-25A6-4F64-9861-D004A1421584} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-14] (Microsoft Corporation)
Task: {DD979B15-DE5D-4977-98F1-E8900C8CBD79} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-04] (AVAST Software)
Task: {DDE2A458-A1C2-4C23-A7A0-A951CE67DE83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-08] (Microsoft Corporation)
Task: {F2D695E2-2C46-43A5-B8EE-CAA66B74DE03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-08] (Microsoft Corporation)
Task: {FB9AB7BA-6967-4262-A249-DD4949CBC6E0} - \South Scheduler -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Filarmeo PC\Desktop\Patrick\TGP\修复LSP.lnk -> C:\Program Files\TGP\LSP_Repare.bat (No File)

==================== Loaded Modules (Whitelisted) ==============

2017-09-13 09:18 - 2017-09-07 14:01 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-08 04:09 - 2017-06-08 04:09 - 000598528 _____ () C:\Users\Filarmeo PC\AppData\Local\MEGAsync\ShellExtX64.dll
2017-05-26 03:18 - 2017-05-26 03:18 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2010-01-10 12:17 - 2010-01-10 12:17 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 17:40 - 2010-01-21 17:40 - 008794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2017-08-29 08:43 - 2017-08-29 08:43 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2017-10-07 00:47 - 2017-10-07 00:47 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2016-09-23 18:33 - 2016-09-07 12:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 05:41 - 2017-03-04 14:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 05:41 - 2017-03-04 14:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 05:41 - 2017-03-04 14:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 05:41 - 2017-03-04 14:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-09-13 09:18 - 2017-09-07 12:53 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-09-13 09:18 - 2017-09-07 12:59 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-09-26 08:46 - 2017-09-21 15:29 - 002692440 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\swiftshader\libglesv2.dll
2017-09-26 08:46 - 2017-09-21 15:29 - 000138584 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\swiftshader\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-11-05 08:30 - 2017-10-07 00:59 - 000000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Filarmeo PC\Desktop\pexels-photo-165818.jpeg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: HitmanProScheduler => 2
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "MegaBackup.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Network Server.lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "pac"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "ZAM"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "cessrs.exe -start"
HKLM\...\StartupApproved\Run32: => " QQPCTray"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "YoukuMediaCenter"
HKLM\...\StartupApproved\Run32: => "NeteaseGacc"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "xunyou"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "SERVICE"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "GarenaPlus"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_1D25A7C5046AEF7812124FFB1339ACA5"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "MurGee.com Auto Clicker"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "MyComGames"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "TQOS_REPORT"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "iKu"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "YoukuMediaCenter"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "Snip"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "ZoomText"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "EvolveClient"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1670738323-1962821417-3643405003-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Filarmeo PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{0A333256-7ABB-4810-8D82-36B6B3E4A345}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{1C927A5F-01F2-427C-A55D-C38F85ADEC55}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{82142CBE-7423-4D46-8324-623A702A4869}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{A3A6705E-1178-4E55-851F-03282D80D02E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{5B424F2F-D52E-45FA-9FF4-0C1FF5720DA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{06FC4EC4-27FF-451E-B092-76CA3D418144}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D47D0A2B-9D6C-4643-BC67-32020BDAE492}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5DC6C998-D0CD-41EC-A135-295A31B9148C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{C006E3EE-FFE0-49B6-A737-4E42C0DAB828}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{45238F30-F819-47F5-9147-AD817A9EA179}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{5C6C98AE-D0E0-410B-B2BC-2E047594ABBB}C:\users\filarmeo pc\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\filarmeo pc\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{96A371DF-459D-47F2-A8F1-9B440CB4C1DE}C:\users\filarmeo pc\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\filarmeo pc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F9273387-B6DE-4E1B-AC59-1C43C8DBBE63}] => (Allow) LPort=8370
FirewallRules: [{F07F21F8-580F-4A05-865A-B189A72315F4}] => (Allow) LPort=8370
FirewallRules: [{5960DD29-0C6B-4E26-9D8B-D9A3B41A4BA3}] => (Allow) LPort=1900
FirewallRules: [{9EBC5D86-0699-402A-80A7-A0858681B972}] => (Allow) LPort=2869
FirewallRules: [{FE8F405B-0555-4C47-A8FB-5B1F4E1DEF14}] => (Allow) LPort=6920
FirewallRules: [{9C6254A2-73D5-4129-B72C-4F2C3106DB99}] => (Allow) LPort=6920
FirewallRules: [{5870D54F-2482-496C-BB5A-89F59972102A}] => (Allow) LPort=6981
FirewallRules: [{DFA0F210-A514-4598-A7D6-3627DFD8AFC7}] => (Allow) LPort=6981
FirewallRules: [{44D09C51-8F35-428C-B0DF-A147D5B09B46}] => (Allow) LPort=8370
FirewallRules: [{B6377BF4-6980-479D-9D7F-8D54A4599AF4}] => (Allow) LPort=8370
FirewallRules: [{FA45E13A-2AE3-4859-8F61-158E55024D03}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{83B94112-C406-4B9C-838F-805D2F1A7261}C:\users\filarmeo pc\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\filarmeo pc\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{709FDBF6-83BA-42D9-AE26-3F7A864A3BB8}C:\users\filarmeo pc\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\filarmeo pc\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{1A38CD99-33AF-4CF7-BB58-591B8650BC1D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{88939E2F-8C41-4217-B8F6-33227069D2BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{485892A3-8BF7-49D0-B5C0-26F43472A5F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{9103EB76-38BF-4938-BF98-907772D56F93}D:\unity\editor\unity.exe] => (Allow) D:\unity\editor\unity.exe
FirewallRules: [UDP Query User{0084922A-D58C-4F2B-A63E-18AD56CB3A5F}D:\unity\editor\unity.exe] => (Allow) D:\unity\editor\unity.exe
FirewallRules: [TCP Query User{14ADD6C5-57E4-4288-8DF8-B19DA5B15232}C:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe
FirewallRules: [UDP Query User{D6EAB566-063F-4B82-AF57-DE2359E2DEE1}C:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe
FirewallRules: [{50445B15-F519-4A5C-BDDD-BAB2AD27E87C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{AA514EC1-18B2-44B8-91EC-1C9EA2E69A87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{F67A3B55-B061-442C-A3AC-2E40DD807C84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9C9EED31-CBEF-4005-AAE6-1359C6D85E40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{999CFC73-A3D9-46A8-9503-9C375EEF3908}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EFC32449-D7B5-4608-8323-D6D86B747A64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{2961C6EF-A53B-411C-8DDF-67EAB64AD6F0}D:\unity\monodevelop\bin\monodevelop.exe] => (Allow) D:\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{66BADF47-B73D-4EFB-9572-4C6B5FC243E2}D:\unity\monodevelop\bin\monodevelop.exe] => (Allow) D:\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [{47FEE07E-C3E5-448D-AC28-2E5B7104CECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{46E35D03-6535-4F0C-93C4-4B16DB3E2A1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CFFE94F1-5AB1-45C8-B7D4-F6A0D464E739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{84F2CBA6-4803-495F-8B66-218D398F236C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1396F002-5D56-437E-BA20-118C15837781}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{46FB0A5B-9729-4FB9-8C66-781C67BA90E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{249B0643-8FCF-4F8D-9872-C151A5C27D18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F0BFE048-DBD5-4CBB-89BD-594FB3EF7DA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{46E09824-0AAA-437E-8523-F426BC36CBD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9EB8956E-C21C-44CE-8A46-CD963B6B8B4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A630C752-744B-4E74-944D-D61E0E53D6F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{480F2910-35CD-4B21-8D87-181D558A56EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1114706C-E581-4173-89ED-0EBC0B81196C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CB855D83-60DA-4FF1-8AEF-68189EC6F974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6EE3535B-3708-4FD0-A762-4F9B39E5207E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0DD377B0-A1B1-49E8-8FC2-4E6941BCBB3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F6C1D473-7F2A-499A-898A-8D01AA58F972}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{649F2D5C-3085-4183-A131-60D80655F7CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{29614103-58CD-44C9-9385-2919044A6F96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9705AAEB-986C-441F-A3B1-5C79767B9C71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01536FC5-F677-4A1D-9F21-199AA6C0AAFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{69267107-CEA9-47BC-8FAB-BC5F7ED0708D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9BCD64B1-FCEC-421B-A47F-819AF076DAA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AD77E607-1F88-4A8F-9BDB-B2F325201F55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{82263BAB-A70F-487F-A4F0-F669282ABB20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4CD13A49-8780-431F-9DA5-28B1DE7F7103}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{E6C06630-5164-42D4-AE7A-7E7A8968FC38}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Allow) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [UDP Query User{54866C77-0F7C-4605-A8B1-F9977F0CD324}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Allow) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [{89EA4F38-BE4C-443D-B366-421870DBC83C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3DD4FF93-BBD6-4712-B0EB-50534031F17A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B2826B39-1D3C-45C0-A58C-AA94477E2A45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{782D68F7-7244-4465-BF7F-9BCD41499A18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7208ACD2-0EFA-4E8F-A03F-A474B32A056F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1B7ACB1E-3A8A-4862-B486-8A3B71551E53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{41C0DFD6-AE81-45A1-8ABE-A1E5698529DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B4936167-F94D-4690-9FB8-F1332E62B8B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{38B05E59-D992-4CF1-AA08-2BC46786F3A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5782ED89-3C37-453C-A7BC-26C48365E3C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A2BEDE8E-95CD-4827-9816-D0668A581FC0}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{2475CABA-6EE2-490B-8F31-7225D7A51FC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{75AB0EEE-3151-45FC-89DB-66DB48491F58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FC3A77CC-3A33-47FA-8852-12AED3AF597C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B8C6FF07-F22A-41A8-9EB0-11606048A91B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6B575D61-0A1A-4B4E-8EE7-182391D7CBFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C5DF8D0D-621E-4923-AB2D-F825A3098E27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3EA5B9AD-8EAE-40D2-8B92-53594E86243E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D2B91724-99A8-4272-9A0D-AE39428E8FFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0A7378B0-CF87-4CB9-AB07-994D4C5FC446}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{37D815B1-97B2-4A48-8367-E1C28779AE44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{115B6BA5-CB8B-412D-8F93-56DCC3339DBB}] => (Allow) LPort=6883
FirewallRules: [{E3A8AB3A-2DCF-4EAD-AA03-34DB34229DBD}] => (Allow) LPort=6883
FirewallRules: [{D0D670F4-E1A9-469F-97F7-F3F7D54CA5E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{30C9CA45-6561-4568-804A-D08F5F8321D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BF0AAD18-5A9B-4140-AB3F-86B3D73EFDAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D38D5E8F-69B3-492D-AC6F-B977CFF8CF97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A79C8324-0A6A-48C6-AD1E-9F4ABAF99D94}] => (Allow) LPort=7707
FirewallRules: [{ADA372CE-1D6C-42A9-96C8-CBC3207C4E39}] => (Allow) LPort=7708
FirewallRules: [{B02AA629-308F-41DF-8495-DCDC8102211E}] => (Allow) LPort=7717
FirewallRules: [{9DFEC892-72B8-483D-8B6D-7FAADDC988DC}] => (Allow) LPort=28852
FirewallRules: [{70B8AC3D-E935-4E95-9B69-501D5690B0D2}] => (Allow) LPort=28852
FirewallRules: [{B6F6A75D-7BD0-442D-98D8-88DF31BB9431}] => (Allow) LPort=8075
FirewallRules: [{1E430169-69B6-4CC9-B6A5-A80A1D62502D}] => (Allow) LPort=20560
FirewallRules: [{E1E8EAD5-1F0F-4751-AC14-E8B51708FC61}] => (Allow) LPort=20560
FirewallRules: [{243066B4-BA0C-4E9E-A6D0-42EEC632621B}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe
FirewallRules: [{43785053-816F-48C4-9893-CC0F4DE9EF2D}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe
FirewallRules: [{16DC4C65-91D3-4C1F-8415-97D50562DC49}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe
FirewallRules: [{8C8881DF-E330-4BF7-A8F0-EDC32094FCAD}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe
FirewallRules: [{9C2B9A02-1E58-4DE4-9FC3-20C07A0F3D00}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{74822C5F-FC19-49DA-A84C-14E18DAD50F7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A9DCB600-4613-4660-B5EC-4DA4BB5CBE3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4CA57910-34B9-4B92-96AD-2D1245FD3AAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FF7FFFF5-454E-4646-92C1-2FD54866AE83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C56A2824-38D0-48D5-889B-D3B75D9D8A9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A1196BD8-ADC2-419C-9ADF-471CC2F4312D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{34775960-CBC4-4080-A015-0E8495168D56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CB5FD4F3-7E5F-46A8-8C66-36822D7D5854}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{805CE28E-AE41-43A1-B8B5-DA64F6D068D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F70F5318-958F-40F0-B680-EF9F777D7470}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{05BC3320-A812-4962-8E7A-5AB2C7C5797C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FA73A660-F247-4B9F-9761-3371622CECFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9A03532A-5B35-4B5D-B383-F06EAC318A71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{93BE74C0-9201-40BA-A3DD-BA7798B1131E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D1D07C28-77E9-4330-9531-1B01BDF5EE21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9F5ABDFF-197C-4887-8FD0-B60CEF545008}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{57F77527-8781-497C-9424-F3DF11461562}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A858EF23-F1D0-47FE-BE91-5989E42D98BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3E750717-7A88-4B98-9921-D0C1D9C9591C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B5432752-0DC1-488D-AF55-4EDF8092A1A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{54B3A073-92D6-48FC-A31D-277C711640DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9453AE35-D483-4569-9B1B-FC67B981CAE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4B21403D-FCAD-49C5-9C3E-4AC039F9CBB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{30DA4801-6CDB-463A-912D-6920B9665370}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6ED27BDA-4D95-42D1-9CE9-C1BC4AF67D30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{99E0CCB0-9971-4770-99EB-4B9FE510F6D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5937BB7D-1717-42F7-90D8-5283A2A4166E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B29B4304-59FE-468B-B9B8-16FA671DA2A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BA4EFEA8-2B03-4732-8579-4BC2E9BC0AF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{849E00E2-FE42-4455-8904-F005BC8A0689}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0CA838CA-A5BA-483C-A85E-BE0DE72F408D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F829EE19-1672-45CB-B5D1-0A468DB1F11D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3CC92819-71DF-4481-9B12-44137C3FE461}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DA89CFC8-234E-47C6-9E18-5BE69043FD0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3EB8D493-B43C-473F-A436-223AAF5AD9E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E74AA176-D17D-43EB-A9CA-4F7AAC2AEFA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{76808285-49B4-4AB1-8CB1-6F7EE807DDCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1BCA7FC6-F7F7-4989-A42C-47D55F979FF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A13B2860-E6BC-49FC-A7B3-405CA1D9DCD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{73974565-E3CC-4486-B7A3-CE96FE202181}C:\users\filarmeo pc\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\filarmeo pc\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{4FA6C4BE-2DBF-4851-AA0D-B2EDA440EC6E}C:\users\filarmeo pc\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\filarmeo pc\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{810DF114-86A8-435C-A127-CFC8F15A4862}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blood and Bacon\BloodandBacon.exe
FirewallRules: [{FF446B03-B679-4067-8D1A-CC60957DF5C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blood and Bacon\BloodandBacon.exe
FirewallRules: [{CD56E35D-73D2-44B2-AAFB-E98A1C9E7EAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{72F6D2FC-8EB8-47FB-9742-1195D44AF146}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C0946721-7868-49A0-9242-85D9092D4012}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5F974075-5304-4A71-B212-E803AEC9BD27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{93436CEF-FF18-4ABC-ACE8-A2EA2CE0EC29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9050519A-E1CC-4A9D-ADA7-3B5B5B5D56ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{898F1378-58C0-4C9D-981D-DC2CD3645F9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{73B9DAD7-5FD3-4615-B77B-4249B232B296}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9F9C1835-DFDB-4DB8-A924-9D61ED6486AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0B103AD4-E077-4EEF-BFB1-C33DA97C2E5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{4685EE22-399F-418B-9132-7869173A51C5}C:\users\filarmeo pc\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\filarmeo pc\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{92FF7CDF-E9EE-4C08-A6F2-2F463B9DF5F6}C:\users\filarmeo pc\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\filarmeo pc\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{E7322D99-F206-4D5D-8257-99738E48B137}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{81BAC09C-3E71-47F3-9C55-2A1C47A76197}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BF7CFCFA-C41B-491D-9C1E-163CA1EEB80B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C30B9CF6-3E55-49F4-885C-F18510C753BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{106F632D-D258-4AE6-B1AC-BC9A52C7438F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{BC067F82-29CF-4F45-9C72-F9DC62BE9D25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [TCP Query User{587040D4-14E6-4272-8114-3BE070E6E4D7}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [UDP Query User{CCF48749-88D0-4DD4-B6C4-282F9181A3CC}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [{1AC4A321-1E4B-4DB9-9276-F8534B06A1E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BC0C6FE6-6837-4119-B7F2-FD13E2938D81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{23AF4F9D-93D6-493D-9273-1C00115462FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8E2F76EC-2856-4859-A35D-BAF405015FBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{18547614-8AE7-42AA-866C-47CECFB3C1B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B85D9AE5-E2EF-43E2-A969-5493BD3B0908}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7EF8E41A-0091-4F71-BE30-60E141053F83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6BB7B03D-832B-4D98-B8C8-3DA2C965700B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{69CB2E0D-A602-4AFF-B7B8-2AEF34B451E2}] => (Allow) LPort=6945
FirewallRules: [{6840F3B4-6A91-4335-8A6A-BEC61C04B5A6}] => (Allow) LPort=6945
FirewallRules: [{EF2A9123-E574-4435-B85F-1FF0CA2884F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6D029192-5795-4C80-AA84-85ABE61169E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FCDE8EF5-652B-4D15-83C4-E415B8F521B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DD6F87C2-1716-4563-863E-B6DB988DCEE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{582A0049-C91E-48C8-86D3-7993F851BB0E}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{17F812D8-33F0-480A-84EA-3B98CC3C03D4}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{0DF234ED-DAD5-49E6-BC3C-98EDA5CCE958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C032ADBF-A482-4BB0-B6EF-638F5188380F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{10027F35-12F5-4ECF-82D3-D2DC91B05FD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{12819EFF-24FF-4CE9-ABDC-B7300749F05E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD01B8BA-1ED5-404F-9C16-8391ED8D90FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C60192BA-AE8E-4791-A6BF-7AC93AF01367}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1D3CAD93-502B-472A-A2BB-B1942A6116D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0A7B0FE3-F587-4700-8751-93E56993843F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{D4A6C2C9-100B-4B84-A629-EA756A81DF3E}C:\program files\sketchup\sketchup 2015\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [UDP Query User{BD9488CB-CC7B-40DA-A414-99EEC11FE4E1}C:\program files\sketchup\sketchup 2015\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [TCP Query User{38F3CC71-B2BD-48E6-BD5D-9A71F42E9D0B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{02C00E1C-5270-4361-85C8-C5C63E45A556}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F52242A0-6E95-41CA-BFD5-A4322CA95ED4}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
FirewallRules: [{66664AB8-840A-4A7F-82B4-DA7116FD6528}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
FirewallRules: [{3EC4BF12-2C0B-4CCB-AA59-4C849D00BC24}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
FirewallRules: [{02D33606-56E1-46E2-91D6-5E5BDFD9EDF3}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
FirewallRules: [{136B8C49-78AD-4785-BA61-1E8019173800}] => (Allow) LPort=20208
FirewallRules: [{2853ED45-6F94-4152-AADD-DC1105450B1B}] => (Allow) LPort=20208
FirewallRules: [{75332E2D-0199-4564-BEA7-DDD04CF43E39}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
FirewallRules: [{31C7D658-4B01-4103-B7BB-E2485D9963E6}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
FirewallRules: [TCP Query User{3AC31679-0B08-4621-B944-69556FA35840}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{44FAA80D-200C-4483-9417-6EBF72F1D5DF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{2AA91A1E-60D3-429D-8450-F4705430224B}] => (Allow) D:\Patrick\NoMan'sSky\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{C9749E31-2149-4F4E-8D85-8A3A07294DF5}] => (Allow) D:\Patrick\NoMan'sSky\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{8D44E45A-9F8E-4A3D-99C8-F491C755AE39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{E63F265C-B31D-4BC6-81FA-99010C6CE0FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{3FAE1172-3BCD-4C4B-A5FA-233AAC12153D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0F550C09-6350-40CF-9E86-0F39292E7762}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A3E9C79E-A37E-4EC9-A67A-A56FDD082F18}C:\users\filarmeo pc\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\filarmeo pc\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{BA006E58-8C7B-4562-8325-A48644F3E53A}C:\users\filarmeo pc\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\filarmeo pc\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{854BBED2-4714-4A96-A9F7-7AC702258EF4}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{F2CC2891-FFE2-4671-A786-BE5958A36964}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{80A90E4F-1ED1-4F64-A36B-52BD9FBBA09C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{D8FE2AE7-4B4C-47F9-BBC3-927859B31B95}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{56258153-BD28-40BF-BEF2-4E80685807E2}D:\patrick\psp\ppssppwindows64.exe] => (Allow) D:\patrick\psp\ppssppwindows64.exe
FirewallRules: [UDP Query User{6F7523D6-9E08-4210-9546-66451A0F3207}D:\patrick\psp\ppssppwindows64.exe] => (Allow) D:\patrick\psp\ppssppwindows64.exe
FirewallRules: [TCP Query User{E915C1F1-8DDF-4377-893E-4EA79B679FBE}D:\unity\editor\unity.exe] => (Block) D:\unity\editor\unity.exe
FirewallRules: [UDP Query User{D549EE9B-B4D4-4235-9A6B-D6B5F9C92B19}D:\unity\editor\unity.exe] => (Block) D:\unity\editor\unity.exe
FirewallRules: [TCP Query User{8AD76C98-7AA7-4908-8067-1CAF15A25E1E}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Allow) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [UDP Query User{1D9CA6FA-0723-4A45-8C58-D01D9F0AA804}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Allow) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [{A1CA383F-5E65-4303-96DD-298E6E92E154}] => (Allow) LPort=8393
FirewallRules: [{940C4F3C-4628-4B5B-BBCC-FFC53931D676}] => (Allow) LPort=8393
FirewallRules: [{C18C658A-FF85-4969-B282-4E9385318C5B}] => (Allow) LPort=8390
FirewallRules: [{FAD25A59-0F78-4155-BFD3-C4E2E03BC9AF}] => (Allow) LPort=8390
FirewallRules: [{90722BA8-3C0A-4FDA-BC15-AA1BCCB85C4B}] => (Allow) LPort=6946
FirewallRules: [{AE9599DB-E8A6-4671-B30B-1F37D0EB4DE8}] => (Allow) LPort=6946
FirewallRules: [TCP Query User{2539C756-9184-4316-9C0A-501CFD10CE7C}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{75C58410-B81D-4F0A-B74D-92CDC69CFF05}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{1B479CBE-18E5-4AD5-BFAB-20195258D87F}C:\nier.automata.day.one.edition.cracked\nierautomata.exe] => (Allow) C:\nier.automata.day.one.edition.cracked\nierautomata.exe
FirewallRules: [UDP Query User{1EE8BB13-7B4D-4365-8E71-21105288E012}C:\nier.automata.day.one.edition.cracked\nierautomata.exe] => (Allow) C:\nier.automata.day.one.edition.cracked\nierautomata.exe
FirewallRules: [TCP Query User{0C4662C1-EE71-4775-A9A7-EAFAD7732F60}C:\program files\ibm\spss\statistics\subscription\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\subscription\stats.exe
FirewallRules: [UDP Query User{99E263F1-1C04-4AEC-B86E-CE7CF6CA9A08}C:\program files\ibm\spss\statistics\subscription\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\subscription\stats.exe
FirewallRules: [{9AB9E093-4310-448D-9443-17F290622328}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CAA139B0-806D-4F0A-B143-F242FE9918A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B6F9874B-F904-4D07-8BA7-FB450131C737}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{41E1C74E-A1C4-4790-B976-90350DBE70BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9763A574-5A19-45DB-8C59-F840FA99400A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CFD706E4-8EE6-4FB7-ACC7-60D5F8F69B36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3831D7AA-DB74-488E-A678-58D134BED234}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe
FirewallRules: [{B5AABDEA-D299-48ED-A4A8-48081A73C0B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8CDB1A5C-26A9-407C-A10E-D2D19549238D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FDF5D025-557C-42AE-8B3B-4FEBFF938861}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E43B6842-4810-4889-896F-FE43A50F1D1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{B1835B3D-CCE7-4489-88CF-6F81E3255BBC}C:\garenadownload\games\lolph\lolinstaller.exe] => (Allow) C:\garenadownload\games\lolph\lolinstaller.exe
FirewallRules: [UDP Query User{B74FCDA8-B98E-4A5C-B157-A2CB28751140}C:\garenadownload\games\lolph\lolinstaller.exe] => (Allow) C:\garenadownload\games\lolph\lolinstaller.exe
FirewallRules: [{34218C64-721D-4E52-90CE-29B91246C5D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B0563082-0521-455C-8074-44688DF8BF77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{47589C24-0EA1-4B4C-96A7-97D75F4EF7CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{661A44F0-4F6A-420E-9BA6-DDFE1C323813}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7ADF7B2E-B490-4EC2-9E5E-9BF63F196C6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6F1AD606-67E9-4D50-ABF4-3A18BACBF9B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{92C77911-9A95-4E43-879A-86D2C6CCD8E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{16669A38-AF57-46D3-8C15-FE9BED768956}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C8B73018-E46A-40D9-AD57-54B406D26A08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4DC152F3-4319-4AD5-94E0-86D2F5943CFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{59C08DA4-293D-44E6-B8C6-E882AB2F2547}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A972256D-1352-409C-B596-ECC6D705082F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5EE52905-E830-4DD4-AE1A-59DF8021036D}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
FirewallRules: [{70CDD07D-4C20-4E0C-8CCC-2232922BAAB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EFD292B7-7641-4FD5-95DE-7BD1C43E79AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{ECE01FDF-9045-42FE-87E6-9FF2A6FF7BBE}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{B1B59A22-2F8A-4066-AB0E-47038669CB90}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{6FB27444-13B4-419B-BD94-3C6973A9997B}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe
FirewallRules: [{1A798A6E-D419-4EFB-8E5C-BDB359867B0C}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{2DA4C82D-63D5-4FBE-A7E6-2AD97DA9001A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{19C4B165-8C6C-4D23-84DB-BEE281BD70AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{A1EBF786-37EC-4866-B318-8B360F85E0FE}C:\monster hunter online\bin\client\bin32\mhoclient.exe] => (Allow) C:\monster hunter online\bin\client\bin32\mhoclient.exe
FirewallRules: [UDP Query User{09FB7B8A-6949-4178-A94A-701C9451036D}C:\monster hunter online\bin\client\bin32\mhoclient.exe] => (Allow) C:\monster hunter online\bin\client\bin32\mhoclient.exe
FirewallRules: [{BFB1F635-52B4-497F-8D13-2F146F835D26}] => (Allow) C:\Monster Hunter Online\Bin\Client\Bin32\Cross\crossproxy.exe
FirewallRules: [{C9D134E1-9296-42E9-982E-A2915557610B}] => (Allow) C:\Monster Hunter Online\Bin\Client\Bin32\Cross\crossproxy.exe
FirewallRules: [{3C3A2071-0120-4C08-85BE-77A96D968727}] => (Allow) C:\Monster Hunter Online\Bin\Client\Bin32\Cross\apps\cqs\qtalk\bin\miniqtalk.exe
FirewallRules: [{C8B05F3B-E700-4F5D-A062-09E9AD50D943}] => (Allow) C:\Monster Hunter Online\Bin\Client\Bin32\Cross\apps\cqs\qtalk\bin\miniqtalk.exe
FirewallRules: [{0E8E3A8F-B7CC-42B7-B902-7F08408F73B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{791F1431-E182-4281-ABA5-15697F11F139}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F3E69C27-9015-453F-A6FD-FC67C6291A9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E9E588D0-7A5E-4608-81DC-D28E1E932DC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{DB792421-E3EB-487E-A2CD-E5B5DDC1A4CF}C:\users\filarmeo pc\desktop\patrick\tgp\tcls\tenio\teniodl\teniodl.exe] => (Allow) C:\users\filarmeo pc\desktop\patrick\tgp\tcls\tenio\teniodl\teniodl.exe
FirewallRules: [UDP Query User{86272BF1-A44C-4A63-A49A-B2A220661F1A}C:\users\filarmeo pc\desktop\patrick\tgp\tcls\tenio\teniodl\teniodl.exe] => (Allow) C:\users\filarmeo pc\desktop\patrick\tgp\tcls\tenio\teniodl\teniodl.exe
FirewallRules: [{0B78C9ED-D74A-4C3D-B59C-6925A90C3A9A}] => (Allow) C:\Users\Filarmeo PC\Desktop\Patrick\TGP\apps\CrossUpdate\CrossUpdate.exe
FirewallRules: [{4CAD358B-D708-4F7E-A887-1CE471DC000C}] => (Allow) C:\Users\Filarmeo PC\Desktop\Patrick\TGP\apps\CrossUpdate\CrossUpdate.exe
FirewallRules: [{34D3D69F-CFF7-4EA2-A1F8-461116626236}] => (Allow) C:\Program Files (x86)\Opera\47.0.2631.71\opera.exe
FirewallRules: [{DC7A656E-9046-4680-A32C-78EE04C57133}] => (Allow) C:\Users\Filarmeo PC\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{445C05B2-7321-41F4-B5EF-AFE1255DDB9B}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{02D15D71-C174-4C5A-ACCB-C9CBA7B11A53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{95AC435D-1AAB-487B-86FD-AEF5CFF91224}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5CD3B586-54CA-4213-844B-521A0BC02B58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{846E184B-06F1-4013-A102-185FA74847C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E0349A71-2F29-40E5-8F55-DEEE337CAD0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0F42E5E1-3598-4E4F-BF52-477414E7DCB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{66807D9C-C44A-45EA-939D-EEDA0000D4B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E70E675D-A812-44E1-8F96-60CC493B4854}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6B831037-997A-4ADF-8A51-CF2A7EEF4346}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1709.0618\gxxsvc.exe
FirewallRules: [{88141989-A6AB-4FE4-8403-D7914BB4FCCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{19571BB0-B018-415F-B4DA-34034682DDF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D919B87E-4CC5-466C-8D0F-A4B84FBF13FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{25430C88-68B0-4B74-A6AD-EA1E2900505A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{26573705-E795-4AC7-BB74-6D97F66CC982}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FBF7839B-CC99-4592-B6A2-AF0A52AF5630}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7758FE0F-4E83-45FB-93EF-8F1F38C9E7AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E2E470EA-5222-41D8-AC59-CD0272A132AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0A408DEB-0B70-470E-8760-B3009061B803}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B8B7ADD1-8826-4935-8F5D-B80D3FE3EEB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F7807945-690E-4CEE-B493-8746A18E7F89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{29471856-B6A5-473D-84DD-BD199574DDF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5467A09A-01C4-4423-A431-8D77616D1084}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{66A65721-41CD-4754-8D31-A50B28CD2A0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{21CC3EF3-A449-4D97-A49F-1DA538E166F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{2A9A5719-E277-4F6E-AADC-69F8407B6628}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AD350B6E-6F49-4E31-A822-567D833D3199}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{FC46EDA3-9D60-484B-B989-426AC0581CBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{288C4E0F-0A72-4FEF-9766-EE9C0ADD3AC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{B184BDC8-C5F4-4F08-B0C1-FACDA72C23E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{949780FB-9947-4AA1-B463-098AABD8F750}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{B93D746C-5A37-4222-B121-19321C458A4B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{29CD040C-E1FA-4FF5-98F1-A2F86AC3C9C7}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{C24F2C5F-2407-47CD-8B3D-25608A4EB28A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{A841C189-E7F7-4AAA-998F-1558480294AA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{0F8A6936-F2E8-40EA-935A-99C6E76CDB2B}C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe] => (Allow) C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe
FirewallRules: [UDP Query User{05D900DA-32AB-4108-B251-87CB4BA0F431}C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe] => (Allow) C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe
FirewallRules: [TCP Query User{7750E13B-0F69-4343-9675-5A1C6C915DDF}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{5745F24B-C89D-4696-8095-35377DBC14A9}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe
FirewallRules: [{ECA68185-DD17-40FE-A2DA-160E0E19CA73}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
FirewallRules: [{7E61A2DA-B6B7-4F53-A48C-39159253BF9A}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
FirewallRules: [{F1411242-5783-40E4-A46C-8871F071BB9B}] => (Allow) LPort=20208
FirewallRules: [{C078DA2A-BA2B-4B66-9D9F-07781A500677}] => (Allow) LPort=20208
FirewallRules: [{7684D150-F35C-4D89-96AA-A933F786E0B6}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
FirewallRules: [{4C5290FA-2E3F-4AA8-8C78-32D0EDABF2E3}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
FirewallRules: [{C6ED1375-A84F-407C-B8A3-4B8F7E093015}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{B40F3FEB-3C7F-43AC-BC9E-CCA7561C3C07}] => (Allow) LPort=8317
FirewallRules: [{03151564-73A8-4484-8978-3E26F296457E}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{B03FE9AF-F7D6-4E03-A89A-50EC01E0F302}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{25D79041-6041-4688-8EDD-E409D0EC3D37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2A622E0F-1898-4224-8BB5-D70A38B83614}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{48D868F2-0D9E-4C2C-A807-233924FD97F2}] => (Allow) C:\Program Files (x86)\Opera\48.0.2685.35\opera.exe
FirewallRules: [{345CD165-3F52-47E2-AF45-DF04E417FA37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2C0A6D70-5FBC-4364-8E40-DDDCFBD93499}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7D6EA78E-7936-4283-ACD3-B2E7B1529639}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1709.2513\gxxsvc.exe

==================== Restore Points =========================

04-10-2017 20:13:51 Windows Update
07-10-2017 07:47:15 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/08/2017 09:41:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.
.

Error: (10/08/2017 08:04:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.
.

Error: (10/08/2017 06:08:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-90303TB)
Description: Activation of app Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe:Microsoft.ZuneVideo.AppX33njnjhzx79sr2vn13w10ca357txr5yn.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (10/09/2017 12:50:03 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/09/2017 12:49:58 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-90303TB)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/09/2017 12:47:37 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-90303TB)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (10/09/2017 12:47:37 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-90303TB)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (10/09/2017 12:47:36 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-90303TB)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (10/09/2017 12:47:36 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-90303TB)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (10/09/2017 12:47:34 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-90303TB)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (10/09/2017 12:47:34 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-90303TB)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (10/09/2017 12:47:34 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-90303TB)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/09/2017 12:45:47 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-90303TB)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}


CodeIntegrity:
===================================
  Date: 2017-10-08 16:52:54.383
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-10-08 00:28:51.643
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Windows\System32\Mswapi64.dll that did not meet the security requirements for Shared Sections.

  Date: 2017-10-08 00:28:51.643
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Windows\System32\Mswapi64.dll that did not meet the security requirements for Shared Sections.

  Date: 2017-10-08 00:27:56.795
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Windows\System32\Mswapi64.dll that did not meet the security requirements for Shared Sections.

  Date: 2017-10-08 00:27:56.795
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Windows\System32\Mswapi64.dll that did not meet the security requirements for Shared Sections.

  Date: 2017-10-08 00:27:18.249
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Windows\System32\Mswapi64.dll that did not meet the security requirements for Shared Sections.

  Date: 2017-10-08 00:27:18.249
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Windows\System32\Mswapi64.dll that did not meet the security requirements for Shared Sections.

  Date: 2017-10-08 00:07:05.445
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Windows\System32\Mswapi64.dll that did not meet the security requirements for Shared Sections.

  Date: 2017-10-08 00:07:05.445
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Windows\System32\Mswapi64.dll that did not meet the security requirements for Shared Sections.

  Date: 2017-10-08 00:02:07.901
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Windows\System32\Mswapi64.dll that did not meet the security requirements for Shared Sections.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 22%
Total physical RAM: 8143.83 MB
Available physical RAM: 6317.78 MB
Total Virtual: 13143.83 MB
Available Virtual: 11554.37 MB

==================== Drives ================================

Drive c: (Data) (Fixed) (Total:781.97 GB) (Free:118.02 GB) NTFS
Drive d: (Windows Seven) (Fixed) (Total:149 GB) (Free:12.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 67F93F89)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=782 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.