oliwwer Posted November 9, 2018 ID:1280064 Share Posted November 9, 2018 Hi! I recently got a trojan named Trojan:Win32/Skeeyah.A!rfn. I noticed it first when i no longer couldnt search for files, my searchindexing was slower than a sloth. I checked the permissions and a"Unknown user" was created in the permissions tab. So i used malmwarebytes latest edition( updated) Adremoval the one u recommend and junkremoval. It found some adware but nothing else. I then did a scan with FRST and it found some interesting files. So i deleted some programs in the temp folder called timy.exe and watty.exe. And a bunch of other suspect stuff. The permissions account is now gone and doesnt keep reappearing. But my searching is still slow. And when i boot to safemode its fast.(It worked normally yesterday) So my thought is that my explorer.exe is infected, but i dont know. Please help! Oliwer FSRT.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08.11.2018 Ran by MMDATA (administrator) on OLIWER (09-11-2018 01:38:41) Running from C:\Users\MMDATA\Downloads Loaded Profiles: MMDATA (Available Profiles: MMDATA) Platform: Windows 10 Home Version 1709 16299.726 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\WINDOWS\SysWOW64\esif_uf.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe (Intel Corporation) C:\WINDOWS\System32\ibtsiva.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe (M-Audio) C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Intel Corporation) C:\WINDOWS\Temp\DPTF\esif_assist_64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Highresolution Enterprises) D:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (f.lux Software LLC) C:\Users\MMDATA\AppData\Local\FluxSoftware\Flux\flux.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe (Disc Soft Ltd) D:\Program Files\DAEMON Tools Lite\DTAgent.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Disc Soft Ltd) D:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Splice) C:\Users\MMDATA\AppData\Local\splice\app-3.3.89678\Splice.exe (Distributed Creation, Inc.) C:\Users\MMDATA\AppData\Local\splice\app-3.3.89678\Splice.Helper.exe (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Microsoft Corporation) C:\WINDOWS\System32\Taskmgr.exe (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Lenovo) C:\Users\MMDATA\AppData\Local\Apps\2.0\T9KN3783.NA9\337ZWBT4.VLK\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe (Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSPanel.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [XMouseButtonControl] => D:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1487896 2017-02-08] (Highresolution Enterprises) HKLM\...\Run: [M-Audio Taskbar Icon] => C:\Windows\system32\M-AudioTaskBarIcon.exe [798216 2009-09-02] (Avid Technology, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-04-08] (Apple Inc.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-05-31] () HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.) HKLM-x32\...\Run: [SDTray] => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Run: [Steam] => D:\ProgramFiles(x86)\Steam\steam.exe [3131680 2018-11-08] (Valve Corporation) HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Run: [f.lux] => C:\Users\MMDATA\AppData\Local\FluxSoftware\Flux\flux.exe [1820168 2018-10-24] (f.lux Software LLC) HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Run: [DAEMON Tools Lite Automount] => D:\Program Files\DAEMON Tools Lite\DTAgent.exe [4958912 2016-11-17] (Disc Soft Ltd) HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.) HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Run: [Spotify] => C:\Users\MMDATA\AppData\Roaming\Spotify\Spotify.exe [25162472 2018-11-04] (Spotify Ltd) HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Run: [com.squirrel.splice.Splice] => C:\Users\MMDATA\AppData\Local\splice\app-3.3.89678\Splice.exe [49497488 2018-10-28] (Splice) HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [17781736 2018-03-29] (Plex, Inc.) HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7379744 2018-10-04] (Lavasoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-04-19] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS) Startup: C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-01-04] ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\MMDATA\AppData\Local\Facebook\Games\FacebookGameroom.exe (No File) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5e34476d-ef51-4e56-b762-cf5d43fd2748}: [DhcpNameServer] 213.80.98.2 213.80.101.3 Tcpip\..\Interfaces\{c20b0405-1be5-4a15-b7ca-1a39b7727141}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-612756207-1620990525-2055358983-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-10-23] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-11-03] (Microsoft Corporation) BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2018-01-10] (Perfect World Entertainment Inc) BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-03] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-03] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-03] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-03] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-03] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-03] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-03] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-03] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 1yb8honz.default FF ProfilePath: C:\Users\MMDATA\AppData\Roaming\Mozilla\Firefox\Profiles\1yb8honz.default [2018-11-09] FF Homepage: Mozilla\Firefox\Profiles\1yb8honz.default -> hxxp://page-ups.com/all/ FF SearchPlugin: C:\Users\MMDATA\AppData\Roaming\Mozilla\Firefox\Profiles\1yb8honz.default\searchplugins\bing-lavasoft-ff59.xml [2018-10-04] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-10-12] (Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-12] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-10-12] (Microsoft Corporation) FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2018-01-10] (Perfect World Entertainment Inc) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File] FF Plugin HKU\S-1-5-21-612756207-1620990525-2055358983-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MMDATA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS) Chrome: ======= CHR Profile: C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default [2018-11-09] CHR Extension: (Presentationer) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14] CHR Extension: (? Slither Friends - by Creators of Agar.pw) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmckabjkfogakcfhckahnpmbjfncafn [2017-02-28] CHR Extension: (Dokument) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14] CHR Extension: (Google Drive) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-25] CHR Extension: (Dark Skin for Youtube™) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2017-08-31] CHR Extension: (YouTube) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-25] CHR Extension: (Adblock Plus) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-10-31] CHR Extension: (SlitherPlus - Zoom, Skin Creator, Mod, Bots) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbghpalffgmgocmnigfhalghmaemffo [2017-02-18] CHR Extension: (Kalkylark) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14] CHR Extension: (Google Dokument Offline) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-12] CHR Extension: (Betalning via Chrome Web Store) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06] CHR Extension: (Gmail) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-25] CHR Extension: (Chrome Media Router) - C:\Users\MMDATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-29] (Apple Inc.) S4 ArcService; D:\Program Files (x86)\Arc\ArcService.exe [87064 2018-01-10] (Perfect World Entertainment Inc) S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [File not signed] S4 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [313488 2015-06-12] (ASUS) [File not signed] R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2195280 2018-03-22] (Bitdefender) S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7013384 2018-03-20] () R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9667872 2018-10-24] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-10] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-10] (Dropbox, Inc.) S2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.) S4 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] () R3 Disc Soft Lite Bus Service; D:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1473216 2016-11-17] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-20] (EasyAntiCheat Ltd) R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation) S4 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] () R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2017-12-14] (Intel Corporation) R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [135408 2015-07-01] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed] S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-16] (Intel Corporation) S4 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-06] (Intel) S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-04] (Intel Corporation) S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes) S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] () S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7770888 2017-05-09] (INCA Internet Co., Ltd.) S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project) R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2212328 2018-03-29] (Plex, Inc.) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1284032 2018-07-31] (Bitdefender) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2018-03-19] (Razer Inc) S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [76032 2015-08-13] (ASUSTeK COMPUTER INC.) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2018-03-25] (Razer Inc.) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [502144 2018-03-26] (Razer Inc.) R2 SDScannerService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd.) R2 SDUpdateService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd.) R2 SDWSCService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd.) S4 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [157456 2017-03-07] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH) R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [File not signed] R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [239400 2018-05-14] (Bitdefender) R2 USBMIDIAudioDevMon; C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe [1636872 2010-04-13] (M-Audio) S4 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] () R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [239400 2018-05-14] (Bitdefender) R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [239400 2018-09-04] (Bitdefender) S4 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25888 2018-10-04] () S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-23] (Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-23] (Microsoft Corporation) S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-02-23] (Intel(R) Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation) S4 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X] S4 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X] S2 MmEwOTZ; "C:\Program Files\MmEwOTZ\ZWUzODg2ZjkwY2FlNDg.exe" [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" S3 OverwolfUpdater; "C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe" /RunningFrom SCM [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [138744 2015-12-14] (ASUS Corporation) R0 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1292296 2018-06-05] (BitDefender S.R.L. Bucharest, ROMANIA) R0 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [357768 2018-08-22] (Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23032 2018-04-19] (Bitdefender) S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3792904 2016-11-30] (C-MEDIA) R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55816 2015-08-17] (Intel Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-12-12] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-12-12] (Disc Soft Ltd) R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [294000 2018-10-09] (BitDefender S.R.L. Bucharest, ROMANIA) R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation) R3 ffusb2audio; C:\WINDOWS\system32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.) R0 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [359584 2018-10-04] (BitDefender S.R.L. Bucharest, ROMANIA) R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [193184 2018-05-29] (BitDefender LLC) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2018-11-09] () R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [732416 2017-12-14] (Intel Corporation) R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation) S3 MAUSBMIDI; C:\WINDOWS\system32\DRIVERS\MAudioUSBMIDI.sys [200200 2010-04-13] (M-Audio) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-11-09] (Malwarebytes) R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [51904 2015-01-14] (Titan ARC Corp.) S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [7075568 2015-08-23] (Intel Corporation) R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_d5fc647520664d82\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [66608 2017-04-01] (NVIDIA Corporation) S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-07-28] (Realtek ) S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-07] () R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [140208 2017-09-28] (Razer, Inc.) S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] () R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [41824 2016-11-03] (SteelSeries ApS) R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [45928 2017-03-29] (SteelSeries ApS) R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [609576 2018-06-28] (Bitdefender) R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-06] (Windows (R) Win 7 DDK provider) S3 usbaudio2; C:\WINDOWS\system32\DRIVERS\usbaudio2.sys [239616 2017-09-29] (Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-23] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-10-23] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-23] (Microsoft Corporation) S3 xhunter1; C:\Windows\xhunter1.sys [38368 2017-07-18] (Wellbia.com Co., Ltd.) S3 ysusb_w10_64; C:\WINDOWS\system32\drivers\ysusb_w10_64.sys [144432 2017-03-10] (Yamaha Corporation) S3 avckf; system32\DRIVERS\avckf.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-11-09 01:38 - 2018-11-09 01:39 - 000029901 ____C C:\Users\MMDATA\Downloads\FRST.txt 2018-11-09 01:38 - 2018-11-09 01:38 - 000000000 ____D C:\FRST 2018-11-09 01:37 - 2018-11-09 01:37 - 002415616 ____C (Farbar) C:\Users\MMDATA\Downloads\FRST64.exe 2018-11-09 01:25 - 2018-11-09 01:25 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-11-09 01:25 - 2018-11-09 01:25 - 000001918 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-11-09 01:25 - 2018-11-09 01:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-11-09 01:25 - 2018-10-18 08:44 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-11-09 01:23 - 2018-11-09 01:23 - 079503552 ____C (Malwarebytes ) C:\Users\MMDATA\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7749.exe 2018-11-09 01:18 - 2018-11-09 01:18 - 000003312 _____ C:\WINDOWS\System32\Tasks\IORRT 2018-11-09 01:16 - 2018-11-09 01:16 - 000000000 ___HD C:\$SysReset 2018-11-09 01:15 - 2018-11-09 01:15 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2018-11-09 00:55 - 2018-11-09 00:55 - 000000000 ____D C:\ProgramData\bdch 2018-11-09 00:52 - 2018-11-09 00:52 - 011576808 ____C (SurfRight B.V.) C:\Users\MMDATA\Downloads\hitmanpro_x64.exe 2018-11-09 00:52 - 2018-11-09 00:52 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2018-11-09 00:52 - 2018-11-09 00:52 - 000000000 ____D C:\ProgramData\HitmanPro 2018-11-09 00:14 - 2018-11-09 00:14 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2018-11-09 00:13 - 2018-10-20 15:46 - 000450857 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20181109-001311.backup 2018-11-09 00:12 - 2018-11-09 00:12 - 000001123 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2018-11-09 00:12 - 2018-11-09 00:12 - 000001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2018-11-09 00:12 - 2018-11-09 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2018-11-09 00:11 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe 2018-11-09 00:10 - 2018-11-09 00:11 - 069910960 ____C (Safer-Networking Ltd. ) C:\Users\MMDATA\Downloads\spybotsd-2.7.64.0 (1).exe 2018-11-08 23:00 - 2018-11-08 23:00 - 001514865 ____C C:\Users\MMDATA\Desktop\Magic.flp 2018-11-08 21:43 - 2018-11-08 21:44 - 069233588 ____C C:\Users\MMDATA\Downloads\metro boomin no complaints.wav 2018-11-08 15:10 - 2018-11-08 15:10 - 000003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2018-11-08 15:10 - 2018-11-08 15:10 - 000003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2 2018-11-08 06:14 - 2018-11-08 06:14 - 000660705 ____C C:\Users\MMDATA\Desktop\Magic_2.flp 2018-11-08 00:33 - 2018-11-08 00:33 - 007644519 ____C C:\Users\MMDATA\Desktop\vikings.flp 2018-11-07 21:04 - 2018-11-07 21:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2018-11-07 21:01 - 2018-11-07 21:01 - 000336212 ____C C:\Users\MMDATA\Downloads\wolf6.wav 2018-11-06 22:10 - 2018-04-19 21:37 - 000023032 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys 2018-11-06 22:09 - 2018-11-06 22:09 - 000001227 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free.lnk 2018-11-06 22:09 - 2018-11-06 22:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free 2018-11-06 22:09 - 2018-10-09 14:07 - 000294000 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys 2018-11-06 22:09 - 2018-10-04 22:40 - 000359584 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\Gemma.sys 2018-11-06 22:09 - 2018-08-22 11:43 - 000357768 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys 2018-11-06 22:09 - 2018-06-05 03:32 - 001292296 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys 2018-11-06 22:09 - 2018-05-29 04:04 - 000193184 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys 2018-11-06 22:07 - 2018-06-28 13:39 - 000609576 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys 2018-11-06 22:02 - 2018-11-06 22:02 - 000000204 _____ C:\WINDOWS\wininit.ini 2018-11-06 21:53 - 2018-11-06 21:53 - 000034522 _____ C:\ProgramData\agent.update.1541537621.bdinstall.bin 2018-11-06 21:52 - 2018-11-06 21:52 - 000014463 _____ C:\ProgramData\agent.1541537565.13908.bin 2018-11-06 21:51 - 2018-11-09 01:39 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free 2018-11-06 21:49 - 2018-11-06 21:49 - 009986176 ____C C:\Users\MMDATA\Downloads\bitdefender_online.exe 2018-11-06 21:46 - 2018-11-06 21:46 - 011535760 ____C C:\Users\MMDATA\Downloads\bitdefender_tsecurity.exe 2018-11-06 21:34 - 2018-11-06 21:34 - 000000000 ___DC C:\Users\MMDATA\AppData\Local\mbam 2018-11-06 21:33 - 2018-11-06 21:33 - 000000000 ___DC C:\Users\MMDATA\AppData\Local\mbamtray 2018-11-06 21:30 - 2018-11-06 21:30 - 000000000 ___DC C:\Users\MMDATA\AppData\Local\AdvinstAnalytics 2018-11-06 21:26 - 2018-11-06 21:26 - 000013611 ____C C:\Users\MMDATA\Downloads\Ace_Stream_Media_3.1.32.exe.torrent 2018-11-06 19:57 - 2018-11-06 19:57 - 000736387 ____C C:\Users\MMDATA\Desktop\Dags o bli *****ed up.flp 2018-11-06 14:06 - 2018-11-06 14:06 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2018-11-06 14:06 - 2018-11-06 14:06 - 000047768 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2018-11-06 14:06 - 2018-11-06 14:06 - 000047768 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2018-11-06 14:06 - 2018-11-06 14:06 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2018-11-06 10:19 - 2018-11-06 10:19 - 000096395 _____ C:\WINDOWS\uninstaller.dat 2018-11-03 01:03 - 2018-11-03 01:03 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\CC 2018-11-01 01:45 - 2018-11-01 01:45 - 003493149 ____C C:\Users\MMDATA\Desktop\abrakadbra.flp 2018-10-31 23:44 - 2018-10-31 23:44 - 000000000 ___DC C:\Users\MMDATA\Downloads\LennarDigital Sylenth1 v2.21_[topvst.com] 2018-10-31 16:59 - 2018-10-31 23:59 - 000000000 ___HD C:\$WINDOWS.~BT 2018-10-31 16:59 - 2018-10-31 17:13 - 000001908 _____ C:\WINDOWS\diagwrn.xml 2018-10-31 16:39 - 2018-10-31 16:54 - 000000000 ____D C:\Windows10Upgrade 2018-10-30 20:55 - 2018-10-30 20:55 - 034080129 ____C C:\Users\MMDATA\Downloads\Brainless EP (1).rar 2018-10-30 20:36 - 2018-10-30 20:37 - 065049866 ____C C:\Users\MMDATA\Downloads\Kubi & Hubba + Morse - Cellphone [ FREE DOWNLOAD ].wav 2018-10-30 19:42 - 2018-10-30 19:42 - 000771740 ____C C:\Users\MMDATA\Desktop\pitbull.flp 2018-10-28 00:15 - 2018-10-28 00:15 - 000002260 ____C C:\Users\MMDATA\Desktop\Splice.lnk 2018-10-26 21:31 - 2018-10-26 21:31 - 000583727 ____C C:\Users\MMDATA\Downloads\Masko-etal-2014-Software-tools-final.pdf 2018-10-24 22:06 - 2018-10-24 22:06 - 000744440 ____C C:\Users\MMDATA\Downloads\Kiesza - Hideaway (Acapella) by Acapella-Song - Part_1.wav 2018-10-22 23:19 - 2018-10-22 23:19 - 039515027 ____C C:\Users\MMDATA\Desktop\dua lips2.flp 2018-10-22 02:45 - 2018-10-22 02:45 - 000118792 ____C C:\Users\MMDATA\Desktop\untitled.flp 2018-10-22 01:42 - 2018-10-22 01:42 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\LEVELS 2018-10-22 01:05 - 2018-10-22 01:05 - 011569543 ____C C:\Users\MMDATA\Desktop\PSY.flp 2018-10-20 16:26 - 2018-10-20 16:26 - 000000000 ___DC C:\Users\MMDATA\Documents\Audacity 2018-10-20 16:20 - 2018-10-20 16:29 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\audacity 2018-10-20 16:20 - 2018-10-20 16:20 - 026693160 ____C (Audacity Team ) C:\Users\MMDATA\Downloads\audacity-win-2.3.0.exe 2018-10-20 16:20 - 2018-10-20 16:20 - 000000767 _____ C:\Users\Public\Desktop\Audacity.lnk 2018-10-20 16:20 - 2018-10-20 16:20 - 000000767 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2018-10-20 16:20 - 2018-10-20 16:20 - 000000000 ___DC C:\Users\MMDATA\AppData\Local\Audacity 2018-10-20 16:13 - 2018-10-20 16:19 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sidify 2018-10-20 16:13 - 2018-10-20 16:17 - 000000000 ___DC C:\Users\MMDATA\Documents\Sidify Music Converter 2018-10-20 16:13 - 2018-10-20 16:15 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Sidify Music Converter 2018-10-20 16:13 - 2018-10-20 16:13 - 000000000 ___DC C:\Users\MMDATA\AppData\Local\CrashRpt 2018-10-20 16:13 - 2018-10-20 16:13 - 000000000 ____D C:\Program Files (x86)\Sidify 2018-10-20 16:12 - 2018-10-20 16:13 - 025761928 ____C C:\Users\MMDATA\Downloads\sidify-music-converter.exe 2018-10-20 15:57 - 2018-10-31 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REFERENCE 2018-10-20 15:57 - 2018-10-20 15:57 - 000000000 ____D C:\Program Files\REFERENCE 2018-10-20 15:49 - 2018-10-31 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEVELS 2018-10-20 15:49 - 2018-10-20 15:49 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\MasteringTheMix 2018-10-20 15:49 - 2018-10-20 15:49 - 000000000 ____D C:\ProgramData\LEVELS 2018-10-20 15:49 - 2018-10-20 15:49 - 000000000 ____D C:\Program Files\LEVELS 2018-10-20 15:47 - 2018-10-20 17:09 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Kazrog LLC 2018-10-20 15:47 - 2018-10-20 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kazrog 2018-10-20 15:43 - 2018-10-31 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Masterng The Mix 2018-10-20 15:43 - 2018-10-20 15:57 - 000000000 ____D C:\ProgramData\MasteringTheMix 2018-10-20 15:43 - 2017-04-12 05:29 - 001339648 _____ (Intel Corporation) C:\WINDOWS\system32\libiomp5md.dll 2018-10-19 14:58 - 2018-10-19 14:58 - 029614816 ____C C:\Users\MMDATA\Desktop\Dolly o Azi vocals.flp 2018-10-19 13:49 - 2018-10-19 13:49 - 007209934 ____C C:\Users\MMDATA\Desktop\Dolly o Azi vocals.wav 2018-10-19 04:00 - 2018-10-19 04:00 - 000346659 ____C C:\Users\MMDATA\Desktop\beat1.flp 2018-10-19 03:57 - 2018-10-19 03:57 - 000914914 ____C C:\Users\MMDATA\Desktop\beat2.flp 2018-10-18 02:56 - 2018-10-18 02:56 - 002817035 ____C C:\Users\MMDATA\Desktop\magnikuk.flp 2018-10-17 19:46 - 2018-09-05 00:43 - 001471288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2018-10-16 01:52 - 2018-10-16 01:52 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-612756207-1620990525-2055358983-1005 2018-10-16 01:52 - 2018-10-16 01:52 - 000002406 ____C C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-10-16 01:52 - 2018-10-16 01:52 - 000000000 ___HD C:\OneDriveTemp 2018-10-15 03:18 - 2018-10-15 03:18 - 002953358 ____C C:\Users\MMDATA\Desktop\mood.flp 2018-10-13 16:08 - 2018-10-13 16:08 - 038963156 ____C C:\Users\MMDATA\Desktop\dua lips.flp 2018-10-12 18:06 - 2018-10-12 18:06 - 036699230 ____C C:\Users\MMDATA\Downloads\15 New Rules Almost Studio Acapella.wav 2018-10-12 18:06 - 2018-10-12 18:06 - 002952307 ____C C:\Users\MMDATA\Desktop\rave for days.flp 2018-10-12 01:41 - 2018-10-12 01:41 - 000002243 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-10-12 01:41 - 2018-10-12 01:41 - 000002243 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-10-12 01:41 - 2018-10-12 01:41 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2018-10-12 01:41 - 2018-10-02 20:57 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2018-10-12 01:41 - 2018-10-02 20:57 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-10-12 01:35 - 2018-10-12 01:35 - 008962560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL 2018-10-12 01:35 - 2018-10-12 01:35 - 008962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL 2018-10-12 01:33 - 2018-09-25 06:35 - 002868736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2018-10-12 01:33 - 2018-09-25 06:35 - 001638528 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2018-10-12 01:33 - 2018-09-25 06:31 - 008619024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2018-10-12 01:33 - 2018-09-25 06:30 - 002395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2018-10-12 01:33 - 2018-09-25 06:28 - 002568232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2018-10-12 01:33 - 2018-09-25 06:27 - 000749584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2018-10-12 01:33 - 2018-09-25 06:27 - 000409104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2018-10-12 01:33 - 2018-09-25 06:26 - 002413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2018-10-12 01:33 - 2018-09-25 06:26 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2018-10-12 01:33 - 2018-09-25 06:23 - 002774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2018-10-12 01:33 - 2018-09-25 06:23 - 000284744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll 2018-10-12 01:33 - 2018-09-25 05:32 - 001433264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2018-10-12 01:33 - 2018-09-25 05:28 - 025267200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2018-10-12 01:33 - 2018-09-25 05:16 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe 2018-10-12 01:33 - 2018-09-25 05:15 - 003661824 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2018-10-12 01:33 - 2018-09-25 05:15 - 001991280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2018-10-12 01:33 - 2018-09-25 05:14 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll 2018-10-12 01:33 - 2018-09-25 05:14 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll 2018-10-12 01:33 - 2018-09-25 05:13 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2018-10-12 01:33 - 2018-09-25 05:12 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2018-10-12 01:33 - 2018-09-25 05:11 - 000251200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll 2018-10-12 01:33 - 2018-09-25 05:10 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-10-12 01:33 - 2018-09-25 05:10 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2018-10-12 01:33 - 2018-09-25 05:08 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2018-10-12 01:33 - 2018-09-25 05:05 - 002873856 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll 2018-10-12 01:33 - 2018-09-25 05:04 - 000984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2018-10-12 01:33 - 2018-09-25 05:03 - 013713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2018-10-12 01:33 - 2018-09-25 05:03 - 008065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2018-10-12 01:33 - 2018-09-25 05:03 - 004508160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2018-10-12 01:33 - 2018-09-25 05:01 - 002637312 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2018-10-12 01:33 - 2018-09-25 05:01 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2018-10-12 01:33 - 2018-09-25 05:00 - 001808384 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-10-12 01:33 - 2018-09-25 04:57 - 002901504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2018-10-12 01:33 - 2018-09-25 04:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll 2018-10-12 01:33 - 2018-09-25 04:54 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2018-10-12 01:33 - 2018-09-25 04:54 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2018-10-12 01:33 - 2018-09-25 04:52 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2018-10-12 01:33 - 2018-09-25 04:51 - 019359744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2018-10-12 01:33 - 2018-09-25 04:51 - 018946048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2018-10-12 01:33 - 2018-09-25 04:49 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2018-10-12 01:33 - 2018-09-25 04:49 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2018-10-12 01:33 - 2018-09-25 04:47 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2018-10-12 01:33 - 2018-09-25 04:46 - 006015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2018-10-12 01:33 - 2018-09-25 04:45 - 004044800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2018-10-12 01:33 - 2018-09-25 04:45 - 002815488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll 2018-10-12 01:33 - 2018-09-25 04:45 - 001565696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2018-10-12 01:33 - 2018-09-23 06:21 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2018-10-12 01:33 - 2018-09-23 06:21 - 000248328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2018-10-12 01:33 - 2018-09-23 06:17 - 000616888 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2018-10-12 01:33 - 2018-09-23 05:37 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2018-10-12 01:33 - 2018-09-23 05:13 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2018-10-12 01:33 - 2018-09-23 05:12 - 013704192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2018-10-12 01:33 - 2018-09-23 05:09 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2018-10-12 01:33 - 2018-09-23 05:08 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2018-10-12 01:33 - 2018-09-23 05:07 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2018-10-12 01:33 - 2018-09-23 05:04 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2018-10-12 01:33 - 2018-09-23 05:03 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2018-10-12 01:33 - 2018-09-23 04:58 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2018-10-12 01:33 - 2018-09-23 04:56 - 002785280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2018-10-12 01:33 - 2018-09-23 04:56 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2018-10-12 01:33 - 2018-09-23 04:55 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2018-10-12 01:33 - 2018-08-31 02:15 - 001254184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2018-10-12 01:33 - 2018-08-31 02:14 - 001069032 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2018-10-12 01:33 - 2018-08-31 02:14 - 000600872 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2018-10-12 01:33 - 2018-08-31 02:14 - 000077096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2018-10-12 01:33 - 2018-08-31 02:13 - 001463424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2018-10-12 01:33 - 2018-08-31 02:13 - 000078304 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2018-10-12 01:33 - 2018-08-31 02:09 - 003077272 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2018-10-12 01:33 - 2018-08-31 02:09 - 000898288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2018-10-12 01:33 - 2018-08-31 02:05 - 000980448 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2018-10-12 01:33 - 2018-08-31 02:03 - 007385176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2018-10-12 01:33 - 2018-08-31 02:02 - 001055704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2018-10-12 01:33 - 2018-08-31 02:02 - 000712200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2018-10-12 01:33 - 2018-08-31 01:31 - 001323408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2018-10-12 01:33 - 2018-08-31 01:30 - 000566736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2018-10-12 01:33 - 2018-08-31 01:18 - 002316440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2018-10-12 01:33 - 2018-08-31 01:15 - 000749864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2018-10-12 01:33 - 2018-08-31 01:12 - 006482264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-10-12 01:33 - 2018-08-31 01:12 - 001059248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2018-10-12 01:33 - 2018-08-31 00:54 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2018-10-12 01:33 - 2018-08-31 00:51 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll 2018-10-12 01:33 - 2018-08-31 00:50 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2018-10-12 01:33 - 2018-08-31 00:50 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2018-10-12 01:33 - 2018-08-31 00:47 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2018-10-12 01:33 - 2018-08-31 00:47 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2018-10-12 01:33 - 2018-08-31 00:47 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2018-10-12 01:33 - 2018-08-31 00:47 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2018-10-12 01:33 - 2018-08-31 00:47 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll 2018-10-12 01:33 - 2018-08-31 00:46 - 006588416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2018-10-12 01:33 - 2018-08-31 00:46 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2018-10-12 01:33 - 2018-08-31 00:45 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll 2018-10-12 01:33 - 2018-08-31 00:44 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2018-10-12 01:33 - 2018-08-31 00:43 - 005388800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2018-10-12 01:33 - 2018-08-31 00:43 - 001113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2018-10-12 01:33 - 2018-08-31 00:42 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2018-10-12 01:33 - 2018-08-31 00:42 - 000602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2018-10-12 01:33 - 2018-08-31 00:42 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2018-10-12 01:33 - 2018-08-31 00:41 - 005500928 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2018-10-12 01:33 - 2018-08-31 00:41 - 000945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2018-10-12 01:33 - 2018-08-31 00:41 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2018-10-12 01:33 - 2018-08-31 00:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll 2018-10-12 01:33 - 2018-08-31 00:41 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2018-10-12 01:33 - 2018-08-31 00:40 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2018-10-12 01:33 - 2018-08-31 00:39 - 008042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2018-10-12 01:33 - 2018-08-31 00:39 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2018-10-12 01:33 - 2018-08-31 00:39 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2018-10-12 01:33 - 2018-08-31 00:38 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2018-10-12 01:33 - 2018-08-31 00:37 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2018-10-12 01:33 - 2018-08-28 06:43 - 007673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2018-10-12 01:33 - 2018-08-28 05:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2018-10-12 01:33 - 2018-08-28 05:33 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2018-10-12 01:33 - 2018-08-28 05:31 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2018-10-12 01:33 - 2018-08-28 05:31 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2018-10-12 01:33 - 2018-08-28 05:29 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys 2018-10-12 01:33 - 2018-08-28 05:28 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys 2018-10-12 01:33 - 2018-08-28 05:26 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2018-10-12 01:33 - 2018-08-28 05:24 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2018-10-12 01:33 - 2018-08-28 05:19 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2018-10-12 01:33 - 2018-08-28 05:18 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2018-10-12 01:33 - 2018-08-28 05:16 - 000725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2018-10-12 01:33 - 2018-08-28 05:13 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys 2018-10-12 01:33 - 2018-08-09 06:57 - 005891640 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2018-10-12 01:33 - 2018-08-09 06:50 - 003904304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2018-10-12 01:33 - 2018-08-09 06:49 - 002737464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2018-10-12 01:33 - 2018-08-09 06:48 - 000362936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2018-10-12 01:33 - 2018-08-09 06:48 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2018-10-12 01:33 - 2018-08-09 06:48 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2018-10-12 01:33 - 2018-08-09 06:47 - 004507096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2018-10-12 01:33 - 2018-08-09 06:47 - 001203552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2018-10-12 01:33 - 2018-08-09 06:47 - 000260904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2018-10-12 01:33 - 2018-08-09 06:45 - 001102120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2018-10-12 01:33 - 2018-08-09 06:01 - 003484848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2018-10-12 01:33 - 2018-08-09 06:00 - 002216392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2018-10-12 01:33 - 2018-08-09 05:59 - 000185896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2018-10-12 01:33 - 2018-08-09 05:58 - 004668176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2018-10-12 01:33 - 2018-08-09 05:58 - 001132088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2018-10-12 01:33 - 2018-08-09 05:58 - 000130608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2018-10-12 01:33 - 2018-08-09 05:37 - 002398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2018-10-12 01:33 - 2018-08-09 05:37 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2018-10-12 01:33 - 2018-08-09 05:35 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll 2018-10-12 01:33 - 2018-08-09 05:34 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2018-10-12 01:33 - 2018-08-09 05:34 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2018-10-12 01:33 - 2018-08-09 05:34 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll 2018-10-12 01:33 - 2018-08-09 05:34 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2018-10-12 01:33 - 2018-08-09 05:32 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2018-10-12 01:33 - 2018-08-09 05:32 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2018-10-12 01:33 - 2018-08-09 05:31 - 011925504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2018-10-12 01:33 - 2018-08-09 05:30 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2018-10-12 01:33 - 2018-08-09 05:30 - 003418112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2018-10-12 01:33 - 2018-08-09 05:30 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2018-10-12 01:33 - 2018-08-09 05:30 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2018-10-12 01:33 - 2018-08-09 05:30 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2018-10-12 01:33 - 2018-08-09 05:29 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2018-10-12 01:33 - 2018-08-09 05:29 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2018-10-12 01:33 - 2018-08-09 05:28 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2018-10-12 01:33 - 2018-08-09 05:28 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2018-10-12 01:33 - 2018-08-09 05:27 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2018-10-12 01:33 - 2018-08-09 05:27 - 001475072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2018-10-12 01:33 - 2018-08-09 05:27 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2018-10-12 01:33 - 2018-08-09 05:27 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2018-10-12 01:33 - 2018-08-09 05:27 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2018-10-12 01:33 - 2018-08-09 05:27 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2018-10-12 01:33 - 2018-08-09 05:27 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2018-10-12 01:33 - 2018-08-09 05:27 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2018-10-12 01:33 - 2018-08-09 05:26 - 012832768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-10-12 01:33 - 2018-08-09 05:26 - 004496896 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2018-10-12 01:33 - 2018-08-09 05:26 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2018-10-12 01:33 - 2018-08-09 05:26 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2018-10-12 01:33 - 2018-08-09 05:26 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2018-10-12 01:33 - 2018-08-09 05:26 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2018-10-12 01:33 - 2018-08-09 05:25 - 002083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2018-10-12 01:33 - 2018-08-09 05:24 - 001055744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2018-10-12 01:33 - 2018-08-09 05:23 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2018-10-12 01:32 - 2018-09-25 06:35 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2018-10-12 01:32 - 2018-09-25 06:35 - 000792568 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2018-10-12 01:32 - 2018-09-25 06:35 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2018-10-12 01:32 - 2018-09-25 06:35 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2018-10-12 01:32 - 2018-09-25 06:35 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2018-10-12 01:32 - 2018-09-25 06:35 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2018-10-12 01:32 - 2018-09-25 06:35 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2018-10-12 01:32 - 2018-09-25 06:35 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2018-10-12 01:32 - 2018-09-25 06:35 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2018-10-12 01:32 - 2018-09-25 06:35 - 000070136 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2018-10-12 01:32 - 2018-09-25 06:35 - 000035368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2018-10-12 01:32 - 2018-09-25 06:29 - 000542736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2018-10-12 01:32 - 2018-09-25 06:27 - 001757824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2018-10-12 01:32 - 2018-09-25 05:32 - 000380936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2018-10-12 01:32 - 2018-09-25 05:17 - 001503504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2018-10-12 01:32 - 2018-09-25 05:14 - 000858624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2018-10-12 01:32 - 2018-09-25 05:14 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2018-10-12 01:32 - 2018-09-25 05:12 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2018-10-12 01:32 - 2018-09-25 05:12 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2018-10-12 01:32 - 2018-09-25 05:10 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll 2018-10-12 01:32 - 2018-09-25 05:07 - 001574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2018-10-12 01:32 - 2018-09-25 05:05 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll 2018-10-12 01:32 - 2018-09-25 04:56 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll 2018-10-12 01:32 - 2018-09-25 04:56 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2018-10-12 01:32 - 2018-09-25 04:56 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll 2018-10-12 01:32 - 2018-09-25 04:53 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll 2018-10-12 01:32 - 2018-09-25 04:50 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll 2018-10-12 01:32 - 2018-09-25 01:56 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2018-10-12 01:32 - 2018-09-23 06:26 - 000925064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-10-12 01:32 - 2018-09-23 06:25 - 001416776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-10-12 01:32 - 2018-09-23 06:25 - 001210688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-10-12 01:32 - 2018-09-23 06:25 - 001092640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-10-12 01:32 - 2018-09-23 05:11 - 001329664 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2018-10-12 01:32 - 2018-09-23 05:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe 2018-10-12 01:32 - 2018-09-23 05:07 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2018-10-12 01:32 - 2018-09-23 05:01 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2018-10-12 01:32 - 2018-09-23 05:01 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2018-10-12 01:32 - 2018-09-23 04:59 - 002212352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2018-10-12 01:32 - 2018-09-23 04:57 - 003182080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-10-12 01:32 - 2018-09-23 04:53 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2018-10-12 01:32 - 2018-09-15 05:09 - 021356936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2018-10-12 01:32 - 2018-09-15 04:25 - 020290152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2018-10-12 01:32 - 2018-08-31 02:10 - 000649376 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2018-10-12 01:32 - 2018-08-31 02:10 - 000465512 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2018-10-12 01:32 - 2018-08-31 02:08 - 000371496 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll 2018-10-12 01:32 - 2018-08-31 02:07 - 001044976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2018-10-12 01:32 - 2018-08-31 02:04 - 000677368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2018-10-12 01:32 - 2018-08-31 02:01 - 000204264 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll 2018-10-12 01:32 - 2018-08-31 01:19 - 000481552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2018-10-12 01:32 - 2018-08-31 01:17 - 000268536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll 2018-10-12 01:32 - 2018-08-31 01:14 - 000353936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2018-10-12 01:32 - 2018-08-31 01:11 - 000180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll 2018-10-12 01:32 - 2018-08-31 00:53 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2018-10-12 01:32 - 2018-08-31 00:53 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UiaManager.dll 2018-10-12 01:32 - 2018-08-31 00:51 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll 2018-10-12 01:32 - 2018-08-31 00:50 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UiaManager.dll 2018-10-12 01:32 - 2018-08-31 00:50 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2018-10-12 01:32 - 2018-08-31 00:50 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2018-10-12 01:32 - 2018-08-31 00:49 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll 2018-10-12 01:32 - 2018-08-31 00:49 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll 2018-10-12 01:32 - 2018-08-31 00:48 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll 2018-10-12 01:32 - 2018-08-31 00:47 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll 2018-10-12 01:32 - 2018-08-31 00:47 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2018-10-12 01:32 - 2018-08-31 00:47 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll 2018-10-12 01:32 - 2018-08-31 00:45 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2018-10-12 01:32 - 2018-08-31 00:44 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll 2018-10-12 01:32 - 2018-08-31 00:44 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll 2018-10-12 01:32 - 2018-08-31 00:43 - 000592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2018-10-12 01:32 - 2018-08-31 00:43 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2018-10-12 01:32 - 2018-08-31 00:31 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2018-10-12 01:32 - 2018-08-28 06:46 - 001954128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2018-10-12 01:32 - 2018-08-28 06:44 - 000712528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2018-10-12 01:32 - 2018-08-28 06:43 - 000155440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2018-10-12 01:32 - 2018-08-28 06:19 - 001614664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2018-10-12 01:32 - 2018-08-28 06:19 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2018-10-12 01:32 - 2018-08-28 06:03 - 006087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2018-10-12 01:32 - 2018-08-28 05:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2018-10-12 01:32 - 2018-08-28 05:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2018-10-12 01:32 - 2018-08-28 05:39 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll 2018-10-12 01:32 - 2018-08-28 05:31 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2018-10-12 01:32 - 2018-08-28 05:31 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2018-10-12 01:32 - 2018-08-28 05:29 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll 2018-10-12 01:32 - 2018-08-28 02:38 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2018-10-12 01:32 - 2018-08-28 02:38 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2018-10-12 01:32 - 2018-08-09 06:49 - 002472352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2018-10-12 01:32 - 2018-08-09 06:46 - 000858920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll 2018-10-12 01:32 - 2018-08-09 06:46 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2018-10-12 01:32 - 2018-08-09 06:46 - 000406312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2018-10-12 01:32 - 2018-08-09 06:46 - 000100136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll 2018-10-12 01:32 - 2018-08-09 05:58 - 000662216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll 2018-10-12 01:32 - 2018-08-09 05:57 - 000727848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll 2018-10-12 01:32 - 2018-08-09 05:35 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2018-10-12 01:32 - 2018-08-09 05:35 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll 2018-10-12 01:32 - 2018-08-09 05:34 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2018-10-12 01:32 - 2018-08-09 05:34 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll 2018-10-12 01:32 - 2018-08-09 05:33 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll 2018-10-12 01:32 - 2018-08-09 05:33 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll 2018-10-12 01:32 - 2018-08-09 05:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2018-10-12 01:32 - 2018-08-09 05:32 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2018-10-12 01:32 - 2018-08-09 05:32 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll 2018-10-12 01:32 - 2018-08-09 05:31 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2018-10-12 01:32 - 2018-08-09 05:31 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2018-10-12 01:32 - 2018-08-09 05:31 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll 2018-10-12 01:32 - 2018-08-09 05:31 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll 2018-10-12 01:32 - 2018-08-09 05:30 - 001240064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2018-10-12 01:32 - 2018-08-09 05:30 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll 2018-10-12 01:32 - 2018-08-09 05:30 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll 2018-10-12 01:32 - 2018-08-09 05:30 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2018-10-12 01:32 - 2018-08-09 05:29 - 001925120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2018-10-12 01:32 - 2018-08-09 05:29 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll 2018-10-12 01:32 - 2018-08-09 05:29 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll 2018-10-12 01:32 - 2018-08-09 05:28 - 001580032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2018-10-12 01:32 - 2018-08-09 05:28 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2018-10-12 01:32 - 2018-08-09 05:27 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2018-10-12 01:32 - 2018-08-09 05:27 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2018-10-12 01:32 - 2018-08-09 05:27 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2018-10-12 01:32 - 2018-08-09 05:26 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2018-10-12 01:32 - 2018-08-09 05:26 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2018-10-12 01:32 - 2018-08-09 05:26 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2018-10-12 01:32 - 2018-08-09 05:26 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2018-10-12 01:32 - 2018-08-09 05:26 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2018-10-12 01:32 - 2018-08-09 05:24 - 001238016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2018-10-12 01:32 - 2018-08-09 05:23 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2018-10-12 01:32 - 2018-08-09 05:22 - 000325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2018-10-12 01:32 - 2018-08-09 05:22 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2018-10-12 01:32 - 2018-08-09 05:22 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2018-10-12 01:32 - 2018-08-09 03:49 - 000804216 _____ C:\WINDOWS\SysWOW64\locale.nls 2018-10-12 01:32 - 2018-08-09 03:49 - 000804216 _____ C:\WINDOWS\system32\locale.nls 2018-10-12 01:20 - 2018-09-27 14:06 - 000025440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Luadgmgt.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-11-09 01:39 - 2016-11-26 00:23 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Skype 2018-11-09 01:25 - 2018-05-03 00:25 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-11-09 01:25 - 2018-05-03 00:25 - 000000000 ____D C:\Program Files\Malwarebytes 2018-11-09 01:24 - 2016-06-03 12:41 - 000000000 _RDCL C:\Users\MMDATA\OneDrive 2018-11-09 01:23 - 2017-09-30 15:10 - 004178620 _____ C:\WINDOWS\system32\perfh01D.dat 2018-11-09 01:23 - 2017-09-30 15:10 - 001177624 _____ C:\WINDOWS\system32\perfc01D.dat 2018-11-09 01:23 - 2015-08-18 03:01 - 008659126 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-11-09 01:18 - 2017-12-28 12:07 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Splice 2018-11-09 01:18 - 2016-06-03 12:40 - 000000165 ____C C:\Users\MMDATA\AppData\Roaming\sp_data.sys 2018-11-09 01:17 - 2018-07-25 16:27 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2018-11-09 01:17 - 2017-12-15 06:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-11-09 01:17 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2018-11-09 01:17 - 2017-04-10 01:55 - 000000000 ____D C:\ProgramData\NVIDIA 2018-11-09 01:17 - 2016-12-16 19:21 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-11-09 01:15 - 2018-10-04 08:25 - 000000000 ____D C:\WINDOWS\Panther 2018-11-09 00:11 - 2018-05-14 09:53 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2018-11-09 00:08 - 2017-09-29 09:45 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2018-11-09 00:08 - 2016-11-25 20:55 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Spotify 2018-11-09 00:08 - 2016-11-25 20:55 - 000000000 ___DC C:\Users\MMDATA\AppData\Local\Spotify 2018-11-08 17:48 - 2017-12-15 05:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-11-07 23:34 - 2017-07-17 02:31 - 000000000 ____D C:\ProgramData\ValhallaRoom 2018-11-07 21:05 - 2015-08-18 03:10 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-11-07 01:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-11-06 23:02 - 2018-10-04 22:57 - 000000000 ___DC C:\Users\MMDATA\AppData\LocalLow\uTorrent 2018-11-06 23:02 - 2016-11-26 00:29 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\uTorrent 2018-11-06 22:02 - 2016-12-21 01:15 - 000002201 ____C C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk 2018-11-06 21:53 - 2016-11-26 00:36 - 000000000 ____D C:\Program Files\Bitdefender Agent 2018-11-06 21:38 - 2017-12-15 05:56 - 000000000 ___DC C:\Users\MMDATA 2018-11-05 16:20 - 2016-06-03 12:40 - 000000000 ___DC C:\Users\MMDATA\AppData\Local\Packages 2018-11-04 19:49 - 2017-01-18 13:31 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\vlc 2018-11-04 18:06 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-11-04 18:06 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-11-03 00:46 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-11-03 00:46 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-11-03 00:45 - 2017-02-21 15:36 - 000000000 ____D C:\Program Files\Microsoft Office 2018-10-31 23:59 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF 2018-10-31 23:57 - 2018-10-09 04:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plugin Boutique 2018-10-31 23:57 - 2018-09-12 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infected Mushroom 2018-10-31 23:57 - 2018-08-19 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2018-10-31 23:57 - 2018-08-18 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flux 2018-10-31 23:57 - 2018-08-18 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-verktyg 2018-10-31 23:57 - 2018-06-29 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 2018-10-31 23:57 - 2018-06-06 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor 2018-10-31 23:57 - 2018-06-06 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Path of Building 2018-10-31 23:57 - 2018-05-15 19:37 - 000000000 ____D C:\WINDOWS\ShellNew 2018-10-31 23:57 - 2018-05-15 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey 2018-10-31 23:57 - 2018-05-11 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youlean Loudness Meter 2018-10-31 23:57 - 2018-04-28 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2018-10-31 23:57 - 2018-04-19 19:10 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2018-10-31 23:57 - 2018-04-14 23:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server 2018-10-31 23:57 - 2018-03-05 01:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack 2018-10-31 23:57 - 2018-03-03 04:26 - 000000000 ____D C:\WINDOWS\system32\tmp00004100 2018-10-31 23:57 - 2018-02-27 18:31 - 000000000 ____D C:\WINDOWS\system32\tmp00003489 2018-10-31 23:57 - 2018-02-27 14:37 - 000000000 ____D C:\WINDOWS\system32\tmp000075d7 2018-10-31 23:57 - 2018-02-27 04:20 - 000000000 ____D C:\WINDOWS\system32\tmp000073b4 2018-10-31 23:57 - 2018-02-25 20:48 - 000000000 ____D C:\WINDOWS\system32\tmp000046e6 2018-10-31 23:57 - 2018-02-25 16:09 - 000000000 ____D C:\WINDOWS\system32\tmp00002b20 2018-10-31 23:57 - 2018-02-24 05:18 - 000000000 ____D C:\WINDOWS\system32\tmp000049eb 2018-10-31 23:57 - 2018-02-19 20:12 - 000000000 ____D C:\WINDOWS\system32\tmp00007600 2018-10-31 23:57 - 2018-02-19 05:22 - 000000000 ____D C:\WINDOWS\system32\tmp00006ca5 2018-10-31 23:57 - 2018-01-16 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2018-10-31 23:57 - 2017-12-27 20:30 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Splice 2018-10-31 23:57 - 2017-12-14 23:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Ebook Reader 2018-10-31 23:57 - 2017-11-16 20:03 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ 2018-10-31 23:57 - 2017-10-07 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darksiders II 2018-10-31 23:57 - 2017-09-29 14:46 - 000000000 __RSD C:\WINDOWS\media 2018-10-31 23:57 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2018-10-31 23:57 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool 2018-10-31 23:57 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-10-31 23:57 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2018-10-31 23:57 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help 2018-10-31 23:57 - 2017-08-31 18:09 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn-Time 2018-10-31 23:57 - 2017-08-31 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2018-10-31 23:57 - 2017-08-07 23:29 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation 2018-10-31 23:57 - 2017-07-01 02:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl 2018-10-31 23:57 - 2017-06-23 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi 2018-10-31 23:57 - 2017-06-17 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\SoundToys 2018-10-31 23:57 - 2017-04-26 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Desert Online 2018-10-31 23:57 - 2017-04-22 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Antares 2018-10-31 23:57 - 2017-04-13 03:33 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2018-10-31 23:57 - 2017-04-13 02:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility 2018-10-31 23:57 - 2017-04-11 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves 2018-10-31 23:57 - 2017-04-10 03:08 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2018-10-31 23:57 - 2017-03-20 04:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2018-10-31 23:57 - 2017-03-20 04:33 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vmpk 2018-10-31 23:57 - 2017-03-20 04:29 - 000000000 ____D C:\WINDOWS\SysWOW64\MIDIMapper 2018-10-31 23:57 - 2017-03-20 04:29 - 000000000 ____D C:\WINDOWS\system32\MIDIMapper 2018-10-31 23:57 - 2017-03-20 04:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MIDIMapper 2018-10-31 23:57 - 2017-03-20 04:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirtualMIDISynth 2018-10-31 23:57 - 2017-03-20 04:16 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 2018-10-31 23:57 - 2017-02-21 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2018-10-31 23:57 - 2017-02-20 04:06 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software 2018-10-31 23:57 - 2017-02-20 02:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2018-10-31 23:57 - 2017-02-10 22:18 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2018-10-31 23:57 - 2017-02-06 01:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2018-10-31 23:57 - 2017-01-28 15:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2018-10-31 23:57 - 2017-01-18 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2018-10-31 23:57 - 2017-01-13 13:54 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ShellExView 2018-10-31 23:57 - 2016-12-12 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 – verktyg 2018-10-31 23:57 - 2016-12-12 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2018-10-31 23:57 - 2016-12-06 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin 2018-10-31 23:57 - 2016-12-03 09:59 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi 2018-10-31 23:57 - 2016-12-01 00:39 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-10-31 23:57 - 2016-12-01 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-10-31 23:57 - 2016-11-30 15:00 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2018-10-31 23:57 - 2016-11-30 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line 2018-10-31 23:57 - 2016-11-26 01:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameFirst IV 2018-10-31 23:57 - 2016-11-26 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2018-10-31 23:57 - 2016-06-03 12:40 - 000000000 ___DC C:\Users\MMDATA\AppData\Local\TileDataLayer 2018-10-31 23:57 - 2015-11-19 04:17 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles 2018-10-31 23:57 - 2015-11-19 04:04 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-10-31 23:57 - 2015-11-19 04:00 - 000000000 ____D C:\Program Files (x86)\Intel 2018-10-31 23:57 - 2015-11-19 03:59 - 000000000 ____D C:\Program Files\Intel 2018-10-31 23:57 - 2015-11-19 03:56 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-10-31 23:57 - 2015-08-18 03:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2018-10-31 23:57 - 2015-08-18 03:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office 2018-10-31 23:57 - 2015-08-18 03:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2018-10-31 22:35 - 2018-07-10 18:56 - 000000000 ____D C:\ProgramData\Packages 2018-10-31 22:20 - 2018-06-26 18:33 - 000001417 ____C C:\Users\MMDATA\Desktop\Microsoft Edge.lnk 2018-10-31 22:18 - 2017-12-15 14:15 - 000000000 __RDC C:\Users\MMDATA\3D Objects 2018-10-31 22:18 - 2016-06-03 12:40 - 000000000 _SHDC C:\Users\MMDATA\IntelGraphicsProfiles 2018-10-31 21:58 - 2018-05-02 23:35 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-10-31 21:58 - 2016-11-25 20:53 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-10-31 21:57 - 2017-12-15 06:00 - 000023004 _____ C:\WINDOWS\system32\emptyregdb.dat 2018-10-31 21:53 - 2017-12-15 05:54 - 001701376 _____ (TODO: <Company name>) C:\WINDOWS\SysWOW64\RebootPrompt.exe 2018-10-31 17:13 - 2017-12-15 06:01 - 000001908 _____ C:\WINDOWS\diagerr.xml 2018-10-31 17:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration 2018-10-31 16:59 - 2017-12-14 23:06 - 000000036 _____ C:\WINDOWS\progress.ini 2018-10-31 16:54 - 2017-10-04 12:09 - 000000000 ___HD C:\$GetCurrent 2018-10-30 23:01 - 2018-03-29 01:31 - 000000000 ___DC C:\Users\MMDATA\Documents\MIDI Daniels Antonio 2018-10-28 00:15 - 2017-12-27 20:30 - 000000000 ___DC C:\Users\MMDATA\AppData\Local\SpliceSettings 2018-10-28 00:15 - 2017-12-27 20:30 - 000000000 ___DC C:\Users\MMDATA\AppData\Local\splice 2018-10-23 14:25 - 2018-06-10 01:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2018-10-23 02:34 - 2017-02-21 15:37 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2018-10-22 23:17 - 2018-10-09 04:49 - 000000000 ___DC C:\Users\MMDATA\AppData\Roaming\Scaler 2018-10-20 16:10 - 2016-11-25 20:55 - 000001843 ____C C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2018-10-20 15:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2018-10-20 15:46 - 2017-04-12 01:11 - 000000000 ____D C:\WINDOWS\pss 2018-10-20 15:46 - 2015-08-18 10:34 - 000000000 ____D C:\WINDOWS\Log 2018-10-20 14:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache 2018-10-18 15:17 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-10-17 19:40 - 2017-12-15 05:53 - 000603512 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-10-17 19:39 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2018-10-17 19:39 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12 2018-10-17 19:39 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\PrintDialog 2018-10-17 19:39 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2018-10-17 19:39 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput 2018-10-17 19:39 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe 2018-10-17 19:39 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser 2018-10-17 19:39 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences 2018-10-17 19:39 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\bcastdvr 2018-10-17 19:39 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2018-10-17 19:39 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2018-10-16 14:36 - 2016-11-25 21:10 - 000559880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2018-10-13 05:13 - 2017-09-20 17:40 - 000000000 ____D C:\Program Files\rempl 2018-10-12 01:41 - 2016-01-17 20:30 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-10-12 01:37 - 2016-01-17 20:30 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-10-12 01:26 - 2016-06-03 12:40 - 000000000 ___DC C:\Users\MMDATA\AppData\Local\Publishers ==================== Files in the root of some directories ======= 2017-01-18 13:31 - 2017-01-18 13:31 - 000000027 _____ () C:\Program Files\plugins.dat 2017-04-22 22:02 - 2017-04-22 22:02 - 002722286 _____ () C:\Program Files (x86)\Auto-Tune 8 Manual.pdf 2017-04-22 22:02 - 2017-04-22 22:02 - 000056051 _____ () C:\Program Files (x86)\VST PC Read Me.pdf 2017-11-07 15:06 - 2017-11-07 15:06 - 000000444 ____C () C:\Users\MMDATA\AppData\Roaming\CSharpAnalytics-MeasurementSession 2016-06-03 12:40 - 2018-11-09 01:18 - 000000165 ____C () C:\Users\MMDATA\AppData\Roaming\sp_data.sys Some files in TEMP: ==================== 2018-11-06 21:28 - 2018-11-06 21:28 - 001819297 ____C () C:\Users\MMDATA\AppData\Local\Temp\timy.exe 2018-11-06 21:28 - 2018-11-06 21:28 - 001844512 ____C () C:\Users\MMDATA\AppData\Local\Temp\wat.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-11-05 16:37 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08.11.2018 Ran by MMDATA (09-11-2018 01:39:51) Running from C:\Users\MMDATA\Downloads Windows 10 Home Version 1709 16299.726 (X64) (2017-12-15 05:03:40) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administratör (S-1-5-21-612756207-1620990525-2055358983-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-612756207-1620990525-2055358983-503 - Limited - Disabled) Gäst (S-1-5-21-612756207-1620990525-2055358983-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-612756207-1620990525-2055358983-1009 - Limited - Enabled) MMDATA (S-1-5-21-612756207-1620990525-2055358983-1005 - Administrator - Enabled) => C:\Users\MMDATA WDAGUtilityAccount (S-1-5-21-612756207-1620990525-2055358983-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) . . (HKLM\...\{12B07FF1-29CB-45AC-B493-1DB88BE717BD}) (Version: 7.1 - Intel) Hidden . . . (HKLM-x32\...\{C01175B6-6575-4526-A55B-2BC2F10BA083}) (Version: 2.7.2.4 - Intel) Hidden µTorrent (HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.65 - NVIDIA Corporation) Hidden Apple Mobile Device Support (HKLM\...\{9E005AAA-81A3-478E-8944-532D350952EE}) (Version: 11.3.1.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) Apple-programstöd (32-bitar) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.) Apple-programstöd (64-bitar) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.) Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach) ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.) ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.5 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS) Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.101 - ICEpower a/s) AutoHotkey 1.1.28.02 (HKLM-x32\...\AutoHotkey) (Version: 1.1.28.02 - Lexikos) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Betternet for Windows 3.10.0 (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF7C104999}) (Version: 3.10.0 - Betternet Technologies Inc.) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender) Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.13.65 - Bitdefender) Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.6 - Kakao Games Europe B.V.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.34.58 - Conexant) CoolSoft MIDIMapper 0.9.0-beta2 (HKLM-x32\...\CoolSoft MIDIMapper) (Version: 0.9.0.2 - CoolSoft) CoolSoft VirtualMIDISynth 2.0.0-rc2 (HKLM\...\CoolSoft VirtualMIDISynth) (Version: 1.999.999.202 - CoolSoft) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0220 - Disc Soft Ltd) Darksiders II (HKLM-x32\...\{80E34226-8D94-482F-B4BC-36F39CBFD267}_is1) (Version: - ) Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.) Discord (HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Discord) (Version: 0.0.301 - Discord Inc.) Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team) Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.) Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden DUNE 2 (HKLM-x32\...\DUNE 2_is1) (Version: - Synapse Audio Software) Epic Games Launcher (HKLM-x32\...\{8FEB5B5F-0777-4E9D-8705-06F0A2295544}) (Version: 1.1.143.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden EXPOSE version 1.0 (HKLM\...\{17940B10-B999-4B4D-AC62-FA8891F93151}_is1) (Version: 1.0 - 29 Palms Ltd) f.lux (HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Flux) (Version: - f.lux Software LLC) Facebook Gameroom 1.11.6549.23876 (HKLM-x32\...\{628CC5F4-CCF3-4093-9B96-008667D11498}) (Version: 1.11.6549.23876 - Facebook) FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - ) FluxCenter-64-bit (HKLM\...\{1F88CFC8-1A39-4252-9A84-B52634C00491}) (Version: 1.2.15.47859 - Flux:: sound and picture development) GameFirst IV (HKLM-x32\...\{2B5BE4E7-3E40-4BC4-A534-5342E3078F89}) (Version: 1.5.12 - ASUS) Hidden GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.12) (Version: 1.5.12 - ASUS) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz) Icecream Ebook Reader version 5.07 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.07 - Icecream Apps) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line) Infected Mushroom - Wider version 1.0 (HKLM\...\{A7684FCF-245F-4C90-87EE-472DC3EC3868}_is1) (Version: 1.0 - Polyverse Music, Inc.) Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{7858618B-FA45-4797-988D-4E8B793C3B88}) (Version: 17.0.109 - Intel Corporation) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{A7D3C4B3-2CA8-46F3-9C34-63205AC018FF}) (Version: 17.0.109 - Intel Corporation) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1167 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation) Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{588DA478-D4FF-48E3-8290-49F8C4B21283}) (Version: 18.1.1527.1551 - Intel Corporation) Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden Intel® Driver Update Utility (HKLM-x32\...\{954190cd-c66c-4650-bd15-f3dd85f2ae15}) (Version: 2.7.2.4 - Intel) Intel® PROSet/Trådlös WiFi programvara (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) iTunes (HKLM\...\{731C8491-D21B-418A-AFC8-61199CCA10DA}) (Version: 12.7.4.80 - Apple Inc.) iZotope Ozone 7 Advanced (HKLM-x32\...\iZotope Ozone 7 Advanced 7.01) (Version: 7.01 - iZotope, Inc.) Kazrog KClip3 (HKLM\...\KClip3_is1) (Version: 3.0.2 - Kazrog) Kodi (HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Kodi) (Version: - XBMC-Foundation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\{2F5D7825-7460-43B1-B467-7F9737557108}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) LEVELS version 1.0 (HKLM\...\{07939B10-B999-4B4D-AC62-FA8891F93151}_is1) (Version: 1.0 - 29 Palms Ltd) Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) M-Audio KeyStudio49i Driver 6.0.1 (x64) (HKLM\...\{74BAEC6B-6FE3-455D-894D-94C488613823}) (Version: 6.0.1 - M-Audio) M-Audio Legacy Keyboard Driver 5.0.0 (x64) (HKLM\...\{2CA9F96F-AFFC-4D41-B781-47EBD2378DB8}) (Version: 5.0.0 - M-Audio) M-Audio USB MIDI Series Driver 5.0.1 (x64) (HKLM\...\{32ED2629-C9B1-4C29-A32A-F3E04A5EE303}) (Version: 5.0.1 - M-Audio) Microsoft Office 365 ProPlus - sv-se (HKLM\...\O365ProPlusRetail - sv-se) (Version: 16.0.11001.20074 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation) Mozilla Firefox 51.0.1 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 sv-SE)) (Version: 51.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla) MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD) Mullvad (HKLM-x32\...\Product) (Version: - ) Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments) Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments) Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version: - Native Instruments) Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments) Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.0.409 - Native Instruments) Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments) Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version: - Native Instruments) Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments) Nicky Romero Kickstart 1.0.9 (HKLM\...\Kickstart_is1) (Version: 1.0.9 - Nicky Romero) NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version: - ) NVIDIA PhysX systemprogramvara 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation) NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-041D-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - ) Path of Building version 1.4.89 (HKLM-x32\...\{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.4.89 - Openarl) Pioneer DJ DDJ_SB2 Driver (HKLM-x32\...\Pioneer DJ DDJ_SB2 ASIO) (Version: 1.100.000.002 - Pioneer DJ Corporation.) Pioneer MIX 64bit Driver (HKLM\...\Pioneer MIX) (Version: 5.0.2.0007 - Pioneer DJ Corporation.) Plex Media Server (HKLM-x32\...\{7FF4B7DE-1868-4FC7-85D1-71AB4A9854AA}) (Version: 1.12.2929 - Plex, Inc.) Hidden Plex Media Server (HKLM-x32\...\{a5994029-1812-4589-9a98-d383ef836659}) (Version: 1.12.2.4929 - Plex, Inc.) Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.6.1.0 - Popcorn Time) <==== ATTENTION Popcorn-Time (HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.6.4.593 - Razer Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek) REFERENCE version 1.0 (HKLM\...\{07930B10-B999-4B4D-AC62-FA8891F93151}_is1) (Version: 1.0 - 29 Palms Ltd) rekordbox 5.0.2 64bit (HKLM\...\Pioneer rekordbox 5.0.2) (Version: 5.0.2.0007 - Pioneer DJ) Reveal Sound Spire (HKLM-x32\...\Reveal Sound Spire) (Version: 1.1.4 - Reveal Sound) ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.1 - ASUS) Scaler (HKLM\...\Scaler_is1) (Version: 1.2.0 - Plugin Boutique & Team V.R) Sennheiser AMBEO Orbit version 1.0.0 (HKLM\...\{B1A8F54F-C339-4D9E-A80A-E0A8B4325F46}_is1) (Version: 1.0.0 - Sennheiser) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.) SoundToys Little AlterBoy 64 bit (HKLM\...\Little AlterBoy 64 bit_is1) (Version: - SoundToys Inc) Splice (HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\splice) (Version: 3.3.89678 - Distributed Creation, Inc.) Spotify (HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\Spotify) (Version: 1.0.92.390.g2ce5ec7d - Spotify AB) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.) SteelSeries Engine 3.9.13 (HKLM\...\SteelSeries Engine 3) (Version: 3.9.13 - SteelSeries ApS) Stopping Plex (HKLM-x32\...\{21805CDC-99F9-4FC3-9862-E9A23217F9B2}) (Version: 1.12.2929 - Plex, Inc.) Hidden Support- och återställningsassistenten för Microsoft Office 365 (HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\4415f693b586d348) (Version: 16.0.1850.10 - Microsoft Corporation) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH) TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer) Togu Audio Line TAL-U-NO-LX (HKLM\...\TAL-U-NO-LX_is1) (Version: 3.1.0 - Togu Audio Line) Unity Web Player (HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS) univcredist (HKLM-x32\...\{2d9d4a60-1d22-46c1-84bb-1de04b4715d7}) (Version: 1.0.0.0 - Motiga) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{91684B6D-153D-4C12-B6B1-59F7496BE44A}) (Version: 2.50.0.0 - Microsoft Corporation) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden Uppdateringsassistenten för Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation) ValhallaRoom version 1.1.1 (HKLM-x32\...\{375980F3-1584-496E-888B-BD3D81EF0C1D}_is1) (Version: 1.1.1 - Valhalla DSP, LLC) ValhallaVintageVerb version 1.5.0 (HKLM-x32\...\{86164718-6457-42DE-8DB6-EA05F7045F2C}_is1) (Version: 1.5.0 - Valhalla DSP, LLC) Waves Complete (HKLM\...\Complete_is1) (Version: 2016.08.31 - Waves) Web Companion (HKLM-x32\...\{d9eea3f3-e0e7-448d-8436-51ec7c88a358}) (Version: 4.3.1934.3766 - Lavasoft) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) Windows-drivrutinspaket - ASUS (AsusSGDrv) Mouse (10/21/2015 8.0.0.19) (HKLM\...\DE393C6A9AB085F9E19765D003555C3D360497DB) (Version: 10/21/2015 8.0.0.19 - ASUS) Windows-drivrutinspaket - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS) WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Virtual MIDI Piano Keyboard (HKLM-x32\...\Virtual MIDI Piano Keyboard) (Version: 0.6.2 - VMPK) VirtualDJ 8 (HKLM-x32\...\{0ABFBCE8-8786-4A37-A16C-218F82C22697}) (Version: 8.2.3967.0 - Atomix Productions) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) X-Mouse Button Control 2.15 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.15 - Highresolution Enterprises) XSplit Gamecaster (HKLM-x32\...\{0E12BEC0-F2EE-43FA-AEA0-24B5E9F80167}) (Version: 2.5.1507.3011 - SplitmediaLabs) Yamaha Steinberg USB Driver (HKLM\...\{BEA06A39-583D-486E-A3EB-2A434ED45940}) (Version: 1.9.10 - Yamaha Corporation) Hidden Yamaha Steinberg USB Driver (HKLM-x32\...\yUninstall_{2938B185-2D57-47B0-9FC8-C90A67BA9277}) (Version: 1.9.10 - Yamaha Corporation) Youlean Loudness Meter version 1.0.5 (HKLM\...\Youlean Loudness Meter_is1) (Version: 1.0.5 - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.) ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\system32\mscoree.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2017-10-04] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-04-01] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.) ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {02A0B543-737E-499F-9B54-FF90DC382BFA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-04-01] (NVIDIA Corporation) Task: {03B9C302-6D89-42B5-B1D3-0631B4B74A34} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [2015-08-13] (ASUSTek Computer Inc.) Task: {06F87272-DAF0-465A-9D5C-CEE6F3CB0AB0} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {0E948104-8758-4CD3-BB03-67C540A03CF5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-01] (NVIDIA Corporation) Task: {114E06A7-51A2-4A12-9592-FB1B1DDD77F3} - System32\Tasks\{2C932742-413C-4B70-82C9-252094ED4C3C} Task: {125A03BA-51E1-4953-B305-315D01D2902C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-11-03] (Microsoft Corporation) Task: {1FDF80AE-BB5D-4334-B0D4-2A72DE3E15EE} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe Task: {2109C50A-6222-4CB3-BBFD-379B6908F5EE} - System32\Tasks\Hybrid => C:\IORRT\IORRT.bat [2017-04-12] () Task: {25ABE59D-0652-4A56-8981-2EA9BA24B1D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-25] (Google Inc.) Task: {2EDACB38-6BFC-40C6-891B-3479DD08ECDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-25] (Google Inc.) Task: {3965661C-9852-4773-AA7D-789B24B972C6} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-01] (NVIDIA Corporation) Task: {3FDE8063-833D-4056-8FEC-FE377FC7C929} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2018-04-20] (Safer-Networking Ltd.) Task: {486E5BC0-C108-438B-AFF3-49472999F9D4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-03] (Microsoft Corporation) Task: {4B09617F-66DE-4F77-9C13-7EB6F702DFFE} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs" Task: {52336E1C-EE29-4F85-98DA-D46AA5511E58} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-01] (NVIDIA Corporation) Task: {58C6D709-4904-47A3-8CCA-03AF1E1F90D6} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.) Task: {655F2C42-2FD0-491E-A36B-B72570C973B8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-03] (Microsoft Corporation) Task: {66C2C5C5-998A-4E97-93D9-414A2B170951} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {6A10631D-CD32-477D-8008-8235787E144A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {7727212F-9DA2-47EC-9D61-F2C11B35597B} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-16] (Intel Corporation) Task: {817025A9-D649-4020-A3AD-AA8CF0484787} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {826199B8-B465-42C1-AB7B-BE7CED6DD368} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-03] (Microsoft Corporation) Task: {8399C50B-E115-4DE6-9512-07A6EF7A268C} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.) Task: {95D3E994-2F91-4B1C-B403-D15861C2774D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {99F20095-3286-40A5-911B-71D03641778C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-10] (Dropbox, Inc.) Task: {9B52F175-0B35-4BB7-B554-68911622B25B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-03] (Microsoft Corporation) Task: {A164002C-F52E-43D7-942E-1F05D1564792} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS) Task: {BABEEDFA-E35B-4224-8A45-282ACD516CD3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-03] (Microsoft Corporation) Task: {BB7F7DC9-8C64-4413-85CF-CEA4E202DFD2} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek) Task: {BC7A45E5-C02C-463C-856D-7A5204159B46} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-16] (Intel Corporation) Task: {BE0BA6B2-4F09-4032-B357-1C5746169FB2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.) Task: {C80B3619-1F19-4759-A4C1-B619D27E57F1} - System32\Tasks\IORRT => C:\IORRT\IORRT.bat [2017-04-12] () Task: {C9483736-1B7E-47CF-96B2-76CBBDB7B1D7} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {D09CB807-8482-4296-BA75-857988439845} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-10] (Dropbox, Inc.) Task: {D23E2DEB-BAD5-4E8D-9AF9-898DDEBD3DE1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation) Task: {D4853034-4A65-4099-A0D8-17BF5451FEA7} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {D8F8CB82-69A1-4829-90F3-0542AFE04067} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-612756207-1620990525-2055358983-1005 => "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms Task: {D9FE1A78-ED3D-4214-81CA-3F480AABFE37} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.) Task: {DE2157D8-BC05-4027-AF13-3E8867BC60BD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-01] (NVIDIA Corporation) Task: {DF560CD6-CD02-49C7-9D31-24C36272EEEF} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] () Task: {E056802D-5CFF-437E-AEC3-54922AA8D2B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-03] (Microsoft Corporation) Task: {E3F2B00B-449C-4295-A849-40D2C0024D08} - System32\Tasks\{ECB17B16-24AF-41E2-864C-34FE5427FF37} Task: {E5728F91-1E6C-4A69-913E-186E4986E8CC} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-07-31] (Bitdefender) Task: {E7C0E258-918A-40CC-9B91-9289B12B3523} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation) Task: {F73802F0-63C8-4F30-93DB-6A3B2A243AE5} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.) Task: {F8880D9B-248F-44A5-8ED4-735E1A77C238} - System32\Tasks\{66C2C36E-A363-434C-8E61-E488F0B116F7} (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com Shortcut: C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\DоtaРlus.lnk -> C:\Users\MMDATA\AppData\Roaming\Browsers\exe.rehcnualflowrevo.bat (No File) <==== Cyrillic Shortcut: C:\Users\MMDATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Оvеrwolf.lnk -> C:\Users\MMDATA\AppData\Roaming\Browsers\exe.rehcnualflowrevo.bat (No File) <==== Cyrillic ShortcutWithArgument: C:\Users\MMDATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk -> D:\Users\MMDATA\AppData\Local\Popcorn-Time\Popcorn-Time.exe (The NWJS Community) -> --user-data-dir="C:\Users\MMDATA\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj ==================== Loaded Modules (Whitelisted) ============== 2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-03-16 14:19 - 2018-03-16 14:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-03-16 14:19 - 2018-03-16 14:19 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2018-11-06 22:09 - 2017-11-21 12:29 - 000278280 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll 2018-11-06 22:09 - 2018-09-24 12:15 - 000994752 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpbr.mdl 2018-11-06 22:09 - 2018-09-24 12:15 - 000544880 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpdsp.mdl 2018-11-06 22:09 - 2018-09-24 12:15 - 003240080 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpph.mdl 2018-11-06 22:09 - 2018-09-24 12:15 - 001530368 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttprbl.mdl 2018-10-12 01:32 - 2018-08-31 00:38 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2018-10-12 01:33 - 2018-08-31 00:35 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-04-08 07:04 - 2018-04-08 07:04 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll 2018-04-08 07:04 - 2018-04-08 07:04 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll 2018-10-31 00:47 - 2018-10-23 22:24 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll 2018-10-31 00:47 - 2018-10-23 22:24 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll 2018-11-09 01:25 - 2018-10-18 08:44 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 000083432 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 000203240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll 2015-08-25 10:40 - 2015-08-25 10:40 - 000027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2015-08-25 10:40 - 2015-08-25 10:40 - 000124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll 2018-10-28 00:15 - 2018-10-28 00:15 - 001709968 ____C () C:\Users\MMDATA\AppData\Local\splice\app-3.3.89678\ffmpeg.dll 2018-11-09 01:18 - 2018-11-09 01:18 - 001585664 ____C () \\?\C:\Users\MMDATA\AppData\Local\Temp\ffcb520a-270e-465b-96ed-81caff0c7fae.tmp.node 2018-10-28 00:15 - 2018-10-28 00:15 - 000012176 ____C () C:\Users\MMDATA\AppData\Local\splice\app-3.3.89678\Splice.Helper.Core.x86.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 001083368 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 000115688 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 000059880 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 000772072 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 001741288 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc2411.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 001962984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core2411.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 000025576 _____ () C:\Program Files (x86)\Plex\Plex Media Server\lyric_lite.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 001549104 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libstdc++-6.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 000127136 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libgcc_s_dw2-1.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 000064488 _____ () C:\Program Files (x86)\Plex\Plex Media Server\TeVii.dll 2015-09-04 21:34 - 2015-09-04 21:34 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2018-03-29 09:49 - 2018-03-29 09:49 - 000050152 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd 2018-03-29 09:49 - 2018-03-29 09:49 - 000071656 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd 2018-03-29 09:49 - 2018-03-29 09:49 - 000024552 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd 2018-03-29 09:49 - 2018-03-29 09:49 - 000041448 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd 2018-03-29 09:49 - 2018-03-29 09:49 - 000930280 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd 2018-03-29 09:48 - 2018-03-29 09:48 - 000074728 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll 2018-03-29 09:48 - 2018-03-29 09:48 - 000190952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll 2018-03-29 09:49 - 2018-03-29 09:49 - 000218088 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd 2018-03-29 09:48 - 2018-03-29 09:48 - 000018920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd 2018-03-29 09:49 - 2018-03-29 09:49 - 000095720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd 2018-03-29 09:48 - 2018-03-29 09:48 - 000143336 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd 2018-03-29 09:48 - 2018-03-29 09:48 - 000694248 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\MMDATA\Downloads\6.08-nvidia-system-tools.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\ASIO4ALL_2_13_English.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\BlackDesertOnlineSetup_20170116_1007.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\CoolSoft_VirtualMIDISynth_2.0.0-rc2.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\DiscordSetup.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\dolphin-x64-5.0.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\dro_setup.edde1a3120a0ad2a031b6c8bfe2f43f1.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\DTLiteInstaller.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\Firefox Setup Stub 51.0.1.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\flux-setup.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\focusrite-usb-2-driver-2.5.1.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\focusrite-usb-asio-driver-4-14-0.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\Intel Driver Update Utility Installer.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\iTunes6464Setup.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\kodi-16.1-Jarvis.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\KodiSetup-20170606-21c2dba5a9-Krypton-x86.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\LittleAlterBoy64_500.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\LSBsetup.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\MSIAfterburnerSetup420.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\NetworkWizardLoader-D482a5e6.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\OBS-Studio-17.0.2-Full-Installer.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\parkcontrolsetup64.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\processlassosetup64.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\RazerCortexSetup_8.0.104.420.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\setup.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\Setup.X86.sv-se_O365ProPlusRetail_02d61d0a-0222-4a26-941d-90bdf945f6f1_TX_DB_b_16_.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\SetupChipset.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\setupo365proplusretail.x86.sv-se_b_16_ (1).exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\setupo365proplusretail.x86.sv-se_b_16_.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\shexview_setup.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\SteelSeriesEngine3.9.13Setup.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\TeamSpeak3-Client-win64-3.1.1.1.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\TeamViewer_Setup_sv-isb.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\TeamViewer_Setup_sv.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\ventrilo-3.0.8-Windows-x64.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\vlc-2.2.4-win32.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\vmpk-0.6.2-win32-setup.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\winrar-x64-540sw.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\World-of-Warcraft-Setup.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\XMouseButtonControlSetup.2.15.exe:BDU [0] AlternateDataStreams: C:\Users\MMDATA\Downloads\XTU-Setup-exe.exe:BDU [0] AlternateDataStreams: C:\Users\Public\AppData:CSM [468] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7865 more sites. IE trusted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\sharepoint.com -> hxxps://dalarnauniversity-files.sharepoint.com IE trusted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\webcompanion.com -> hxxp://webcompanion.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\123simsen.com -> www.123simsen.com There are 7865 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-09-26 06:37 - 2018-11-09 00:13 - 000450857 ____R C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 104.28.11.23 albert.apple.com 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com There are 15468 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-612756207-1620990525-2055358983-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\MMDATA\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\175013.jpg DNS Servers: Media is not connected to internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\Services: ArcService => 3 MSCONFIG\Services: Asus WebStorage Windows Service => 2 MSCONFIG\Services: ASUSGiftBoxDekstop => 2 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: DevActSvc => 3 MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 2 MSCONFIG\Services: GamesAppIntegrationService => 2 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: IntelUSBoverIP => 2 MSCONFIG\Services: isaHelperSvc => 2 MSCONFIG\Services: MyWiFiDHCPDNS => 3 MSCONFIG\Services: SystemUsageReportSvc_QUEENCREEK => 2 MSCONFIG\Services: USER_ESRV_SVC_QUEENCREEK => 2 MSCONFIG\Services: WCAssistantService => 2 MSCONFIG\Services: wuauserv => 3 MSCONFIG\Services: XblAuthManager => 3 MSCONFIG\Services: XblGameSave => 3 MSCONFIG\Services: XTU3SERVICE => 2 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "M-Audio Taskbar Icon" HKLM\...\StartupApproved\Run32: => "Dropbox" HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk" HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-612756207-1620990525-2055358983-1005\...\StartupApproved\Run: => "Web Companion" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{75E32FCE-C0A0-4B19-A242-93252F52C9AE}C:\users\mmdata\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\mmdata\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{00CB4A29-57BE-4F71-83CC-AB1AB9396474}C:\users\mmdata\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\mmdata\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{B109E6DB-3707-4F91-B56D-788783D1281A}D:\users\mmdata\appdata\local\popcorn-time\popcorn-time.exe] => (Block) D:\users\mmdata\appdata\local\popcorn-time\popcorn-time.exe FirewallRules: [TCP Query User{DA09C6CE-A49E-4A38-A705-5EBD501CB528}D:\users\mmdata\appdata\local\popcorn-time\popcorn-time.exe] => (Block) D:\users\mmdata\appdata\local\popcorn-time\popcorn-time.exe FirewallRules: [UDP Query User{4120457A-1E62-4DB6-8FB4-596C6BA20872}D:\program files\pioneer\rekordbox 5.0.2\rekordbox.exe] => (Allow) D:\program files\pioneer\rekordbox 5.0.2\rekordbox.exe FirewallRules: [TCP Query User{DBA9EE67-6025-42B6-9671-772FACE02F81}D:\program files\pioneer\rekordbox 5.0.2\rekordbox.exe] => (Allow) D:\program files\pioneer\rekordbox 5.0.2\rekordbox.exe FirewallRules: [UDP Query User{937D1C19-5706-41F1-ABA4-9CAA8F59CE2F}D:\program files\pioneer\rekordbox 5.0.2\psvlinksysmgr.exe] => (Allow) D:\program files\pioneer\rekordbox 5.0.2\psvlinksysmgr.exe FirewallRules: [TCP Query User{9C563FEE-9DE1-4816-B286-8EF243EA0C1C}D:\program files\pioneer\rekordbox 5.0.2\psvlinksysmgr.exe] => (Allow) D:\program files\pioneer\rekordbox 5.0.2\psvlinksysmgr.exe FirewallRules: [UDP Query User{1AE8D856-DFC7-4005-A25E-923A72725725}D:\program files\pioneer\rekordbox 5.0.2\psvnfsd.exe] => (Allow) D:\program files\pioneer\rekordbox 5.0.2\psvnfsd.exe FirewallRules: [TCP Query User{590EDBC8-8831-41F2-BD70-4E51CC4D49C4}D:\program files\pioneer\rekordbox 5.0.2\psvnfsd.exe] => (Allow) D:\program files\pioneer\rekordbox 5.0.2\psvnfsd.exe FirewallRules: [UDP Query User{5DCCE62E-3F94-41BE-861E-0E2ACD77FBB9}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_44090.exe FirewallRules: [TCP Query User{194160A2-7AD4-43C6-836E-B19A955561F0}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_44090.exe FirewallRules: [UDP Query User{F7B483D9-7EF1-4923-87ED-632DCB7B33E4}D:\users\mmdata\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) D:\users\mmdata\appdata\local\popcorn-time\popcorn-time.exe FirewallRules: [TCP Query User{AFCFBE8B-E0C8-403D-BD31-5C0767CB231D}D:\users\mmdata\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) D:\users\mmdata\appdata\local\popcorn-time\popcorn-time.exe FirewallRules: [{6AE34DE7-B514-4D8C-B44C-BDCD289775D4}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{7D244E8F-2727-4428-8089-2D97C9E4270D}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{1E8C94F7-C3B9-43CF-B425-B5D0F2E321DB}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{CC2799BA-917F-44D6-BD1A-BB64AAC4C45C}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{6F880B13-787F-4D32-9CC0-4D570AB305F9}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{4FCE9B9D-2B2C-4F6D-9236-84B585BBB484}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{CE564D74-ECF0-4544-9531-2A33D71042D6}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AA768C91-46EC-4BEA-8668-6EA1495D3FA1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FB7CF14B-1F88-46B4-9E76-0636E59B24DC}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{93A9F0FD-D28F-4BF9-A063-A563B74A2754}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [UDP Query User{F9DD065D-0F8D-4E69-8636-59E75E4BC702}D:\program files (x86)\arc\arcchat.exe] => (Allow) D:\program files (x86)\arc\arcchat.exe FirewallRules: [TCP Query User{868F0D4C-92E0-4E29-8978-DD71431EDC42}D:\program files (x86)\arc\arcchat.exe] => (Allow) D:\program files (x86)\arc\arcchat.exe FirewallRules: [{890D6A47-DCE2-455A-9BC7-06CB401F3F72}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{861B728D-8AE2-4C8F-A0A2-4372E93636D9}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{043CE839-8496-43CA-830A-6521982062E9}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E728494D-0161-4FD8-B38A-926827ADC880}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FEC7A2FB-8FE2-49A5-B8DA-127D7DF3C50D}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E4514064-B238-433E-B66D-7D64C1AA67BE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{146599CD-A438-48B9-9B35-D0B322131EFD}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{39DEAE15-3A04-4759-8D40-AD0884BD9D22}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{625DD1B4-7CD5-4D71-BA7B-C5364D7CD876}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AA25B3F4-C5AD-4F5A-B6EC-E3C6D7D9B0B9}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{15028707-38A1-480C-9619-FDD51DACC2B8}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{86FFFCAB-0763-4E41-BCD6-D96E0287379B}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{59F16586-9231-4D40-BC6C-80E4529AF937}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C8A340D9-FF99-4DEB-B780-B262800F33A1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2F6C7023-35AE-4B41-9E72-AA8E3991D90C}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E7EA4373-39FE-4523-9CE8-90CEE108EFA6}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5B05D3AE-9F2B-47DD-B849-0F59F71422F9}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4A768F90-E986-4057-B175-BDC7570DCF36}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [UDP Query User{30287787-402D-41DE-B7ED-88E93DD3CA0A}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_43916.exe] => (Block) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_43916.exe FirewallRules: [TCP Query User{515D3309-1AE0-4CBE-A77B-FD0058DA48C0}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_43916.exe] => (Block) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_43916.exe FirewallRules: [{E5C77D67-D2B5-42B1-A609-BC54568D7480}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7A901A3C-84C0-45BB-87CB-DC60B9D4C589}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D6B54791-85E5-4CC8-804F-6E408BD71C54}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9217CD05-3DD2-47AB-802F-D05634B237EB}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B74C768B-951E-43DF-A253-C31AA553CDAE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{8871BEC3-7512-4C0F-A332-F48C7AB776AC}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7D98CF85-3FA4-46AC-8FC0-75E00C4E3E7B}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{68138826-27FA-4CB0-93CA-041C70BD60E8}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C6C1E8CA-6DBD-4FEF-A785-1B8BA5D604E6}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E49217DE-C7B1-44AB-AFAF-B5AA77853A6B}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{EB7282D1-B578-44E8-BBE9-EC66C9059C22}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{CF6D3FAC-61B3-4338-90E3-580F21E56DE0}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{42F169FE-8440-4FE2-BF48-BF7689CCA7CE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C4D8BC33-1BCF-4B98-9C10-B434A0A15BE3}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{28A128AB-070B-4249-8B14-43643B6B937F}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{BC2F7F47-48AE-497A-8903-51B17C8DC553}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E4A8BCB9-1EBA-4F27-ACEF-7BB452E45F78}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{639DE77A-19C5-46AD-8CD4-5E5CBCCE6409}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{55E2A97F-C7EB-4671-A25D-75C2286D122C}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{332CF124-0D31-47A3-84DD-762AB5885739}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{671D6988-81F4-4228-978F-E7B34103F2FB}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E7A6A22F-BD61-4FF0-AD90-834802825642}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7E8EDC47-F0B3-4831-BFC7-AB5643109E4B}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{003E63DD-2630-4810-9214-30E0BE1288B8}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3BC0A04B-524C-4E26-BEA9-1175127BDA42}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{692904D8-D934-4EC8-AC4F-FA0DB8EE38BA}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{83C76E81-144B-4CDD-96E8-41169C6385E4}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{0277EDA3-C418-477C-A5F7-6926D77FD45E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3FBE6848-14E2-430E-8AA8-B0087F10343F}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C528767B-510A-4AA0-B59E-D1BC629BC166}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B105CACC-EC9D-466B-8E54-81A365BA7F77}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{65BDA05F-AF75-4AD8-A381-C10641552DA4}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D08F4BC1-4D24-4296-A813-5125D0E8B2D6}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{EA217505-28EB-4A70-8DB8-9F860BB7556E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FAB80762-1BB0-4E29-B4E9-8A4E58811DF5}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B326DC4E-EF22-409D-9E47-DF56668E5A24}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{00EF5478-401F-469B-BE7E-10AFA148CBF7}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{805242B1-6FBB-4BDF-BB1F-C4C268BA3070}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D623AEB5-D7E4-4EE3-9098-B36C2DAA3386}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe FirewallRules: [{A99E565C-1EFD-4DA7-9C2C-587EEA21A72F}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe FirewallRules: [{27A6A7DC-6925-474E-84BA-72D0E3F5D600}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{50D5EB51-130F-4E5D-9EB4-D48D1BD38794}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [UDP Query User{7BFD009A-CDB6-473F-8383-BEBD1A6A8DE9}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_43804.exe] => (Block) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_43804.exe FirewallRules: [TCP Query User{613DD0EB-870A-4933-B54B-9D489C76BBB9}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_43804.exe] => (Block) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_43804.exe FirewallRules: [{CBED1A15-330C-4986-B300-FDB30A84D09B}] => (Allow) C:\Users\MMDATA\Downloads\BlackDesert_Downloader.exe FirewallRules: [{7F68FBB2-AF46-4114-8D37-23C589DDC65B}] => (Allow) C:\Users\MMDATA\Downloads\BlackDesert_Launcher.exe FirewallRules: [{1457F0FC-8119-445A-A520-80049E908859}] => (Allow) C:\Users\MMDATA\Downloads\bin64\BlackDesert64.exe FirewallRules: [{73E9CEAC-F80F-421D-A46F-FAC1993DAA3F}] => (Allow) C:\Users\MMDATA\Downloads\bin\BlackDesert32.exe FirewallRules: [{610E211C-9BA0-41BE-A65B-AB1763A35AA4}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [UDP Query User{5E432329-E0CA-41F6-A711-C75D9D3A481F}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_43580.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_43580.exe FirewallRules: [TCP Query User{11765D54-B191-418E-A50A-62CBF9D94681}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_43580.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_43580.exe FirewallRules: [UDP Query User{C923D03E-60E1-454D-B025-0D751A83A024}C:\program files (x86)\vmpk\vmpk.exe] => (Allow) C:\program files (x86)\vmpk\vmpk.exe FirewallRules: [TCP Query User{CE5AE2EE-6E15-449B-9E2D-D1669282E855}C:\program files (x86)\vmpk\vmpk.exe] => (Allow) C:\program files (x86)\vmpk\vmpk.exe FirewallRules: [UDP Query User{F3CB4B11-45BD-4720-8725-CE78E11019B3}D:\programfiles(x86)\image-line\fl studio 11\fl (compatible memory).exe] => (Allow) D:\programfiles(x86)\image-line\fl studio 11\fl (compatible memory).exe FirewallRules: [TCP Query User{1DDD84A6-A0BE-4702-BA9A-BD20B2ACBBBE}D:\programfiles(x86)\image-line\fl studio 11\fl (compatible memory).exe] => (Allow) D:\programfiles(x86)\image-line\fl studio 11\fl (compatible memory).exe FirewallRules: [{DCDDA735-8F96-401C-A99A-C849DBFB77BC}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5AC4C07A-E1F1-48CB-9D01-BC14A42ED1DD}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{59194743-FB1B-4E1C-9FE1-DC18CA2FE598}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{6DBA6796-649D-45F3-83A4-4268F6A24D08}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [UDP Query User{BE9A483B-00AB-4D1C-A1E1-1B84EBE8A908}C:\users\mmdata\appdata\roaming\utorrent\updates\3.4.9_43388.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.4.9_43388.exe FirewallRules: [TCP Query User{5A35E34D-10BE-4E69-93BC-8D596F9B958C}C:\users\mmdata\appdata\roaming\utorrent\updates\3.4.9_43388.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.4.9_43388.exe FirewallRules: [{57BC2F2E-DC75-4C75-82BD-D9348BBDDFA1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{846C9654-D242-42A0-9E72-F50608CCF5FE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AF80A734-A7D6-4923-A213-EDF5547A0D39}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{BE1B7443-7D79-4594-99B4-1E05880480CC}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9700DAE7-3A8C-4010-8EA7-87F2F7E6E6FC}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7194023B-F856-495F-81DC-91F43E186E57}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{CBBB1C0F-8431-468D-B7C8-96DF00F7AF08}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{45152C29-483E-479A-A766-F51F9D9E0009}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3C5635B8-B509-4F0B-9E71-3CD64D5CDA37}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{36A098DC-D809-4FCD-9DD0-A3B92C523413}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [UDP Query User{36D72923-664E-4D48-9E85-FB6F5FA5C6FB}D:\programfiles(x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) D:\programfiles(x86)\steam\steamapps\common\7 days to die\7daystodie.exe FirewallRules: [TCP Query User{914787D5-F629-4065-B2CA-37CACDCB82D1}D:\programfiles(x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) D:\programfiles(x86)\steam\steamapps\common\7 days to die\7daystodie.exe FirewallRules: [{490E3727-6E55-42DB-B147-C0E5DEC08B56}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B291443B-3241-47E7-9C7F-2B78E58DC6FC}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{76B51C0A-D33B-42F8-BB06-B15647C2EAE4}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7FA20F4F-6E13-4DF6-9997-ABFE57B4A2B8}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7EF6F7B7-CCB1-42EB-8392-FC0F59CAA246}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0A6160AB-8814-4B3A-A092-AF2B0B2EE532}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EF88B664-F527-4128-A97E-08DAD84B3180}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{CC4967BC-C75C-4681-A001-A5F778005A8E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9FF2E488-1023-4B90-9901-1C2DD09F982A}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D0DF7FF0-B32B-4ADA-AFA3-5EC108B90A7E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B8A0C854-B436-4C77-80BA-685DB95DF7DA}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{8127A37E-1230-4A0C-8821-5332CA6AB79D}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4BD378BD-970E-4A46-A289-AFF24BF9E28B}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9947DC22-E614-495C-876C-44277310F4C4}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{8EC93CDB-2E56-435A-99DF-15149AD7D608}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{8D709DB2-FD84-4B97-A097-51815AA6CBAC}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3DCE9A76-E83A-4F4C-B746-5853A904ED67}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E2492362-F4FC-4F54-916E-5481894D9BE8}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B0CA46E2-6DDD-4454-A598-14A2159441B7}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{15A0A232-896D-40F9-93EE-B57E45824ABB}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7957CD19-FA5A-4E73-9F55-74B929092EFC}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B947B50F-0F8C-4702-A897-A3A6813BCF84}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C6DB87E9-1705-4024-9AF4-23EC3AE75BE1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3568D60B-6895-4304-9E06-0BE2E6676CA1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{6123B23C-5BE8-4269-8704-5E1139BDF20A}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{70BE2C1C-A466-49C6-BA49-5269817A353B}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F91F6390-E16C-419B-A3C2-24279008760A}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{462D2747-7B16-4F89-9E34-A1BE32EA15DB}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{0C23569F-2E0B-435C-A5C1-014EE2E79C80}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5168CF9E-0AC5-4964-B8F0-885B3E7238A1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{47B90E49-8040-4503-869C-9052B9B15013}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{09AF0784-3F4C-4026-BAF7-135B58E70855}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C65F3B4A-C755-4635-81A2-1AD12195558C}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{6AFE1475-B2D2-45D2-834F-83D5E4C7010D}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [UDP Query User{A8CB3598-FE2E-4795-8E99-6E3D3927C310}C:\users\mmdata\appdata\roaming\utorrent\updates\3.4.9_43295.exe] => (Block) C:\users\mmdata\appdata\roaming\utorrent\updates\3.4.9_43295.exe FirewallRules: [TCP Query User{1C42C622-0F4E-4CA9-8E81-FC4D271D36AE}C:\users\mmdata\appdata\roaming\utorrent\updates\3.4.9_43295.exe] => (Block) C:\users\mmdata\appdata\roaming\utorrent\updates\3.4.9_43295.exe FirewallRules: [{CF5086B3-D443-44BE-ADA1-8A9351C5E184}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{385C0846-C564-40CA-BB50-839F37151757}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A557B237-C755-40E3-93B0-18BE86DCF5CD}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3A15924F-97D8-43DF-9A6D-757B2C1145C6}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{43C6A404-B2C7-43BF-83EE-3157208E1B6F}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{24307C6F-B332-4BA7-B422-2C8401C66CE1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{13135861-B20A-4AE7-911D-941695F204B0}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{474D1177-04BB-4436-B90F-D6D9846DED52}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1E7EB496-7543-40ED-928A-1EAFCC96A965}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5B26A5EE-9E3D-4164-9DEF-C62DD9CC5F4E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1C137088-89A6-42BC-A4F4-7E3BAE0AE478}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{04656762-5293-4A5C-B3CB-DC38C01D0033}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E91157F9-5377-4B89-8214-8FE98777C7BE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{77470503-19A1-4346-8B1E-EB95B3EA4611}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5D394641-FAC7-47B7-AEBA-BA41764F75B2}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{72154B7B-DCBB-4343-8B51-8BD1513AE5B5}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4E6CB1A9-D458-468C-9980-A3904E6D3E08}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{783849EC-C1DF-43E9-99D4-42E9BAFA42CE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{264D715F-6D68-45E5-AE71-FF45017D8184}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C58BE567-C66B-45E6-AE0D-760DCE6D2449}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{20A41D70-E86E-43C5-80EC-D907E23BA8C2}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{55FE687B-9257-4B33-A422-4E50A1416B2E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{6766C960-CE97-44E3-9230-C95BC8088E82}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{87A20FB8-0052-4BB5-8274-0019AA246781}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D265C0D3-E94E-4F1B-9EE5-08A718906885}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A6E933D7-57F9-4042-A32D-3C9F77E10E05}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{390D8474-57A1-425D-B0CC-BA6FA887D9C4}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B60690B8-C365-40DA-A63D-358D69EC5EC3}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{0FC31904-43A1-4294-B354-18860B0E8A66}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2AEBD55A-CE1D-406C-94CB-66BF00CD982A}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2DA754FC-9FD2-483C-96B1-758EC9364769}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{883FE7AF-C7FD-40EC-9302-D697F8E6F221}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FA98F410-4334-4B4F-B716-673851788DF5}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{59B9BAB1-A853-45BB-8231-D0F64644C5BF}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E4E7325F-7556-4D39-8569-8FB8DE0A0C0D}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E87FF26D-3091-4778-B254-1E3BC32E498C}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F316DF5F-B3D0-480E-8C5F-41BBB5D90909}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B80572A6-FC5D-4DF9-9B3D-70FC99E1E3F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{83916AFE-2D5F-4881-B108-61577A582244}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{31C425AB-26F5-4637-92AF-C4EB4EC48E73}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C6493975-311C-4FC3-846C-75E905115AAF}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{CF42CA88-B741-4AF3-AB4F-B0F79C29B7EF}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1164B01E-0EA2-4E21-B7DF-77EA296E066D}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{DCECD16B-5339-4AAA-839D-A32A6C9968BB}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9693F4D9-A5DB-47A9-9DD9-D298056C3413}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1FDFDB97-E830-4F0E-92AC-DEB506FD3492}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FDD85EC9-6B46-4ABF-A651-147305F77E59}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{ED3081FA-0A45-4C96-A9B7-61F5AF437075}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{64507DA7-8530-48E5-A7A1-B48A637C1B1E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{199723EB-E4DF-414A-AD6B-826BC51461DC}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{DA357F11-CF7D-4FA7-AB00-EC92C29F41A4}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{930B5A74-1F15-41B4-9701-8BA633850680}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AB40F0B8-E9CA-4B19-9A6F-4A406003533C}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1DDA65D7-481E-4F59-984E-3D6CCA65D3EB}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F2BBE6FF-CCD8-49F0-966A-6131D779923F}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{0E6B0D66-C8EE-4366-90CE-06428ECC0CD1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{24A88AC6-8D2E-4355-8438-961DE0F8FF34}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4ED32BA8-570D-49DF-84D7-5E66DAC852BF}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A6470284-7033-4768-992E-DCBC88D294A1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{6D31098E-12F4-4AE1-9402-429EA5D2CE8C}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{0EF97846-9E79-4A03-B431-1ED68F7E983F}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{869B7959-3EE6-4D0F-BFCB-A4510EBBF833}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C65AFB54-F262-43AC-8042-A0FEDB7CE827}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{6F9CF4EB-2BE0-4FD3-9119-71B1B84BC735}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{25F054E7-D214-4597-B5C1-753A1E677485}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E389E033-4146-4CBB-8113-C9FAA12DB63E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F80B3D25-4384-4D10-942C-1CA70870FAE4}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{21CEEE23-FADD-475E-95A6-CCD8951EA2BF}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4922CCC2-397C-4758-B9AA-87466B15BCDD}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7F63481D-6871-43C7-BA1D-A5F1872122F4}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F433FC4B-6FC6-4F78-ABDF-363F1917AB43}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A7A31070-3631-4243-BC8E-6BB4F1472362}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{555EB3D2-A6D1-4D37-86BB-E4961B8CAC38}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{49815B19-60A8-48FC-8246-B44AB9252524}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{287A2FF6-2249-4C78-BA57-2C7ED6B0BF98}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{231AD1B2-C758-4D4E-8ECE-B3CB52DA98D9}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{76F46C89-86A5-43BA-806A-9DC08BA98527}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{276886C5-0628-42A8-AF39-A3297E2A7CCE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{465E2F30-BA4D-47CB-A817-FC4CA720C4BB}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{90CF95DE-E076-49AD-9220-015C5E73432B}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [UDP Query User{D30FE3A2-51B7-462C-8A0D-972A01C41968}C:\users\mmdata\appdata\roaming\utorrent\updates\3.4.9_43085.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.4.9_43085.exe FirewallRules: [TCP Query User{97F61B19-F6C2-4D68-A8CE-7C498169BD2A}C:\users\mmdata\appdata\roaming\utorrent\updates\3.4.9_43085.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.4.9_43085.exe FirewallRules: [{3C14F230-DC1D-4033-A708-E82162C5F8AB}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{54D69D12-8B87-4923-A2A7-89C35DD9018A}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{93AE7635-944D-40F7-A5E2-DB04455478BE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{086A9C6E-574D-41F0-BC29-3A640D26CA90}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7A6BD908-9CEF-49E7-AD79-BF7F36D466B2}] => (Allow) D:\ProgramFiles(x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B5C11C6B-88AF-47BF-8487-E6357CE3C59D}] => (Allow) D:\ProgramFiles(x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{3A2F6E38-5B77-4149-B434-C482DC1BA570}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{0BF3C3B2-A6B7-4E81-83C9-B9B41DE85DFA}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{829D160B-09D4-41C5-94CD-93EF751E1311}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{073A7690-AB0C-4A96-9B35-1A1EBF29212F}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5190244C-E6F0-4BAC-8A79-14748961925B}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2995A01D-7497-431A-B503-8820BD05F186}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{EB752BD1-78F5-48EB-8B80-AA1233E35F5E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe FirewallRules: [{31B0E2EB-D01E-4A97-A018-D3D430230C91}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe FirewallRules: [{82A636E4-2545-4C60-9DCA-9027704AC627}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{6A89F95F-BFBE-4893-A6B1-C7D503C1DCBF}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1D78B67E-F34B-4A13-9937-B7E0DAEEF359}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 test\game\bin\win64\dota2.exe FirewallRules: [{874DAB49-99C4-4EDA-A442-C9378D236CA6}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 test\game\bin\win64\dota2.exe FirewallRules: [UDP Query User{5A1D3E47-7E35-4E1C-B892-47E358B4B6B8}D:\programfiles(x86)\kodi\kodi.exe] => (Allow) D:\programfiles(x86)\kodi\kodi.exe FirewallRules: [TCP Query User{C08B9157-9087-489A-AB1E-576B6DF110FC}D:\programfiles(x86)\kodi\kodi.exe] => (Allow) D:\programfiles(x86)\kodi\kodi.exe FirewallRules: [{C96C5036-0D52-47C1-94DC-C56670E6EF3B}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C9777D7E-A857-4637-B130-1A2953BA3ADF}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F1663B52-B613-456A-8384-A202693F35B1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{712464ED-46A6-49B9-B9A2-1A63E91F2AE4}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FC61EFC1-14C3-4C30-894C-0B3FE1E31685}] => (Allow) D:\ProgramFiles(x86)\Steam\Steam.exe FirewallRules: [{19F52C28-68FC-420B-BD6D-216D8B3E5079}] => (Allow) D:\ProgramFiles(x86)\Steam\Steam.exe FirewallRules: [{B5BA2412-6F06-4EC8-93F6-29DC3A208D0E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{379B3C93-B0CA-4776-94E4-EB36BFFE3D46}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5CA0A035-8573-45DE-A372-706F7E442824}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{61D4CFE6-C3EA-4860-B54C-C36D5244A149}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [UDP Query User{DED5C7E8-A16D-4B90-93E8-A00B29E37102}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe FirewallRules: [TCP Query User{20000AFC-1C80-46C3-AD39-B58EA68D405D}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe FirewallRules: [{61E7C40D-F195-45E5-BB47-75327445DBA3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{DF381B02-CC82-4FBE-8DCD-B7C0BFF7BEAB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2C968124-A82F-4D46-A513-A37128D7C612}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe FirewallRules: [{93DD61A3-A2DB-4BBB-AB1A-C97A03CB8AFF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe FirewallRules: [{11CB82D6-8446-4BDC-AF78-E7E42D6466E4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1DB62B81-8EE6-4594-A62C-14781A4AEB75}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AB7E0850-D7E8-45BD-B2E5-940684244D49}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe FirewallRules: [{0636D91B-BB56-40D4-96A4-ECE80065A0C5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe FirewallRules: [UDP Query User{BB880B69-4E81-4671-8A56-18F8C1F01A00}C:\users\mmdata\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mmdata\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{45CF36ED-E20A-4B5D-AD55-11C057F32CCB}C:\users\mmdata\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mmdata\appdata\roaming\spotify\spotify.exe FirewallRules: [{33E5E3BC-0F78-4B2D-A3A9-248D005805F7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior 2\ShadowWarrior2.exe FirewallRules: [{7894E4C7-A3F9-4717-ADA8-7B2441497234}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior 2\ShadowWarrior2.exe FirewallRules: [{C5BD2C73-E316-4930-8EEF-438C20CCA25E}] => (Allow) C:\Users\MMDATA\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B5CCE410-0A51-425B-B243-6D87608462F9}] => (Allow) C:\Users\MMDATA\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{19BB4D13-7764-4621-8C96-03D4F33C267C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{9DCEA089-4593-4299-981B-7B4EE79F5F99}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{0582C470-F1E1-4E6E-BEB4-276E7AF31883}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{B454EACD-FEA5-4ADD-9F88-C8B59C445DCC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A75E8868-F580-4771-8794-073EDC137A50}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A2FF5A9A-08A4-41B9-A6CF-94A014353CD1}] => (Allow) C:\Windows\SysWOW64\ftp.exe FirewallRules: [{550D7A63-A0EA-4DFF-9F41-CD08B0DF9A80}] => (Allow) C:\Windows\SysWOW64\ftp.exe FirewallRules: [{3CB043B6-B6BC-4AB6-A4C3-E19001576D1E}] => (Allow) C:\Windows\system32\ftp.exe FirewallRules: [{15E42354-DF37-4BC0-AFF2-564EB9425BFD}] => (Allow) C:\Windows\system32\ftp.exe FirewallRules: [{B2FB6694-4939-4664-8472-8B5478553651}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe FirewallRules: [{1200B1FB-EC54-4DFE-B5AB-66AB41CBC029}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe FirewallRules: [{A053AEF9-3972-47CE-9B97-7E1BC8352684}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe FirewallRules: [{88F773C9-E1E1-4B37-BFE4-3B13395D8DCA}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe FirewallRules: [{2FCE8199-35C8-4977-972E-B39D05E6B71D}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [TCP Query User{9B6DCF9C-C28B-44CC-AE24-0B12FF150F35}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_44294.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_44294.exe FirewallRules: [UDP Query User{CE7C962E-CF0A-4BC1-8F0B-CE1EF60B01EF}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_44294.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.0_44294.exe FirewallRules: [TCP Query User{3C7BD821-7C7B-4945-AD4A-3D74536F12E6}D:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) D:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{82AD1FBC-A75C-4CE3-AC8A-4709741472C6}D:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) D:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{353C5114-BE80-4146-8866-E3746AC3DB15}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe FirewallRules: [UDP Query User{BA28A9F9-9C97-4DDB-934D-7C6795D0BF1B}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe FirewallRules: [TCP Query User{E1E6E601-7B62-4EFD-B3DC-4F00D9E53B83}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe FirewallRules: [UDP Query User{B9308BFB-B064-441C-A8AE-F399D8F6506F}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe FirewallRules: [{E610D292-9348-4D93-940B-AD41654777AF}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A706BCA2-46EA-48A9-A113-45D06B5729C7}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{125728C1-37C1-46A7-91C0-DC48EA287794}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{39760B6E-E118-4DAA-B577-05865FBB8BDE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{0B43078A-271C-40E6-97DF-E68968608C91}D:\programfiles(x86)\steam\steamapps\common\skyforge\mycomgames\mycomgames.exe] => (Allow) D:\programfiles(x86)\steam\steamapps\common\skyforge\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{B57A65A4-3EC0-4DDB-9891-49536AE235D8}D:\programfiles(x86)\steam\steamapps\common\skyforge\mycomgames\mycomgames.exe] => (Allow) D:\programfiles(x86)\steam\steamapps\common\skyforge\mycomgames\mycomgames.exe FirewallRules: [{7EF2168A-95AB-4BE9-BA69-7D18EF99E61E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{242556BB-A377-487A-B548-8E9DECDB529E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F938D5EA-DF67-4B90-928F-23147BCAE282}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FDB3031C-444E-4A55-B083-35AAD7230EAF}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B6E55BA5-3EDE-4CAD-B6AA-227EB3554B3B}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AC9D3F7A-A8EE-4C2A-8ED1-8C43C630D33E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9422A938-9549-404F-BFD7-308C31BFAA8D}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe FirewallRules: [{2F5EA04B-FF49-4F5E-891F-DD88ADE288EE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe FirewallRules: [{DE83911E-3689-49A2-9C6F-A807D6F1F5AA}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{EAB63E1C-E311-465A-85F1-2EB8E3CD0AED}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{58AD60E5-30C2-485E-BE85-F04625488478}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7D11BCFB-4270-49C2-86C8-1BA1F2DD0ACD}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5D09ABDF-18F1-4960-8A26-F160ADBC4E82}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A4892A12-21D0-414A-9D36-D6522F65E399}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{DD9F90CF-F364-4754-AB24-2CBB6263AB3E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B42AD9F5-0B1F-4F1C-AF05-B3418F61E592}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A78B85C0-259F-4207-8FFF-83240192F676}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1352B8DB-0863-4F25-B082-388B5DDB8363}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{4C8F8C89-D65A-4E8C-900D-7950B676F098}D:\program files (x86)\arc\arcchat.exe] => (Allow) D:\program files (x86)\arc\arcchat.exe FirewallRules: [UDP Query User{9B55B04E-B013-4847-93C2-16698F0F4906}D:\program files (x86)\arc\arcchat.exe] => (Allow) D:\program files (x86)\arc\arcchat.exe FirewallRules: [TCP Query User{213445A8-F2C2-4571-925E-010150C6D0DB}D:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe] => (Allow) D:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe FirewallRules: [UDP Query User{81E10C6D-CE33-4758-A19C-1A4A3781A726}D:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe] => (Allow) D:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe FirewallRules: [{977623D8-8D7C-45D9-870C-69A440B0D8FB}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{8A47DBCF-67D7-4F43-8FF7-E7FC899A676A}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{E42C3F88-BE03-4AFE-AE4B-AE8E3A51E696}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44358.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44358.exe FirewallRules: [UDP Query User{70AC3277-8663-470E-99B1-9BD9FAB99B5B}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44358.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44358.exe FirewallRules: [{774DA96C-AB67-43DA-832B-4A2AA5948F1E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D07D17D8-BF3F-4270-8E51-6A0B27B152CE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{A297C5DF-21AD-4F9A-962C-3B47051FC60E}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{035A5E72-AB65-458E-A355-DB5D38664C7F}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{7DF51050-700C-4C16-86C4-1872ED8C32CF}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{1BD875C1-738D-43DC-A6DD-C6F34F1D3843}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{68DB2FBE-B9BC-4036-9693-7023679AB08E}D:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{B07767F0-B254-41B5-8B42-71E9F227F757}D:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{B9C00253-6A20-43A4-BB2F-BBDA4C7D0B33}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{00264532-A5E7-455C-9314-7F7F8C326F6C}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2C0CE95A-2928-4BC7-8BE4-5A823411FB46}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D8109282-E463-48EC-984B-C0BBDAEB55C7}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{391D5EAE-C107-420C-A5B9-9F0D900F3625}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{6A5F89E5-C7EF-498B-8448-F0CEF89E4140}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E3168345-B277-4A1C-A859-8D515561BE24}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B13FE6A6-40C2-4C15-964C-CD23E0E11521}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{7F354B68-169B-4112-803A-880969998C32}D:\program files\winhttrack\winhttrack.exe] => (Allow) D:\program files\winhttrack\winhttrack.exe FirewallRules: [UDP Query User{ECEF0E64-9CD3-4DF9-A504-41BCBEE0D5C5}D:\program files\winhttrack\winhttrack.exe] => (Allow) D:\program files\winhttrack\winhttrack.exe FirewallRules: [TCP Query User{210EE584-A19A-4815-B9EB-8F9AF0B1AF7E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe FirewallRules: [UDP Query User{235E1959-767B-46DB-8023-BB62A779D2D8}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe FirewallRules: [TCP Query User{A8BEDDCA-23B0-4FC7-875A-5F2690EC793A}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44358.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44358.exe FirewallRules: [UDP Query User{57E5808E-76E6-4E97-88EF-AD11320D1B05}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44358.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44358.exe FirewallRules: [{AF32B9AF-FDC6-4886-95CB-D2782F071397}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1A2A06B8-3B86-46FA-9C8D-081AC65E055B}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{65CFAD7B-3D70-4560-9DBB-86C3D3A5B2DB}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9C74F8AB-7A82-40DF-B883-E91CA65B2761}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B026C3CD-B4CA-4B49-B92A-0C1C5754110D}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{ED5EEC5C-EE06-4E03-9988-5BC5B62EC576}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D664BD63-F817-4925-AADD-5CEA632E3110}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E4C46730-59D9-4CCB-B0C9-572C5B89A553}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{7AAC98BF-7E81-4135-9C46-57DA31E7EB28}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{6E844109-31BC-433A-A205-514A53AFDDA2}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [{E7531176-E0C2-41EE-83A8-63EE6D1F80B5}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E54EDB49-80D5-4059-B9D4-455920C9DCD4}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{5ABF8092-9ADD-4D84-B691-A70CD0CC5FD1}D:\program files (x86)\image-line\fl studio 12\fl64.exe] => (Allow) D:\program files (x86)\image-line\fl studio 12\fl64.exe FirewallRules: [UDP Query User{DCC03E3E-3BA5-4255-AB14-26DF3A2B1DEC}D:\program files (x86)\image-line\fl studio 12\fl64.exe] => (Allow) D:\program files (x86)\image-line\fl studio 12\fl64.exe FirewallRules: [{B3983E45-603D-42BA-92D1-9CF6AC22FDC9}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe FirewallRules: [{EF6511EF-26AA-40F8-AD87-EA6D0A368E11}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe FirewallRules: [{86F8BEF3-A50F-43A6-B473-74B1DC1D0A40}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe FirewallRules: [{09FF572C-8F61-447C-99ED-58463CDDA667}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe FirewallRules: [{1F7EFFB7-76E3-41F9-B7C3-FD8C9C11F605}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1A998ACD-2B4C-482D-B390-FC97E894BF67}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C71C68F9-6194-47BB-9997-94C30D606AF1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{08841894-9551-476F-A2C2-E25379A3D266}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{0178D530-5E92-495B-A48E-109B6774E896}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [{B7F2E5D2-2CE3-4E69-A648-99955ED56DF1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{402809E6-67D0-4F9F-A17D-EF84967BD1F2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{999FB359-2F2F-401F-B11E-9DEF370EAB89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{BF2C70DE-011E-4484-BDC2-20034DC72458}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{97F47930-8BC8-40A7-971E-AA49C7DFCD56}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{5BD14ECD-F3D3-48B0-A138-613AE24B8F0C}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{8BBA0568-9E45-4539-8CA2-7FA71804E962}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{4A3659FC-AE86-4536-A151-BA4DF5819035}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{920CC9F3-A28B-4E04-840F-C3C7A613C9C6}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B7658DE2-14EC-4BC4-94E1-1B53464B51FC}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{90A59172-B108-492E-A3EA-9569E1AAE123}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FE8103EB-F944-44A1-B21D-E2DD14924734}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{25EB917A-43DF-457C-A04A-FA9DC4B83FA2}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1463D0BF-6463-416A-BC35-4B534F3113ED}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D76945AE-A300-4C92-A045-A49244D508A9}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{245E9994-00A7-4360-A782-250FE71BC3A2}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{37F02321-553E-4673-A7BE-DFD1A8409DC1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{5A8CBEBC-5587-42BC-9128-31221922E766}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44396.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44396.exe FirewallRules: [UDP Query User{013C7012-C977-4DA8-915A-39852E05D289}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44396.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44396.exe FirewallRules: [TCP Query User{08401E22-F6C4-4ED6-A013-76EC44A9A43A}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44396.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44396.exe FirewallRules: [UDP Query User{95F21B5C-4443-4A40-B78D-9ECB4CFAC0CD}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44396.exe] => (Allow) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44396.exe FirewallRules: [{AC8217DD-DE9B-4E02-B4AA-744B972D67BE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A05A4957-D548-4CFA-9D52-25218DF8BF96}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5A6E0F8B-4677-4DF5-84F3-CF8E89795881}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1C9D96CE-48E2-451A-8F0C-D37FE28111C8}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{270ABDF5-8C6D-4DF6-AD16-BC9D1C570224}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3605FE99-1332-43D9-8D43-B130BFF9DAEE}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2FBAB86E-359B-4EDD-B7B1-6A56B3D0D197}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{87E64460-3358-4D00-A804-A6733F270C2C}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{05A76D0C-8988-4196-9544-15983AC251B1}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{023D55F6-FF26-4D88-B157-DF4E500A59BD}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D207F266-E49B-4A94-B407-B987982A7B11}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3FB6AC0D-8A4A-4661-9ED0-EE64A41296E8}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{46E250CC-A82C-48D5-B47E-501061F8A748}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{FC5EBAE5-2BF5-4531-B4D8-ED84BF5C1111}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{926F03FE-1FE0-43EE-93BD-07B5F5700B13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{B27157CA-1C76-4071-8330-FB3E171ED153}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{2F0719CF-E713-4F6D-A7FD-34586A1242CB}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Block) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44494.exe FirewallRules: [UDP Query User{9B15EA5F-E46E-4A38-BB7B-9F07664D9D64}C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Block) C:\users\mmdata\appdata\roaming\utorrent\updates\3.5.3_44494.exe FirewallRules: [{7B8D2DBA-7C62-426D-B351-7F5AF9848C3E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{C42C6B5F-C524-4C5C-A614-6530B2C9DF48}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{27D13A8F-C88C-4623-87F8-01170610C4F9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{C4F6B6E8-71E9-4307-B8CA-8CB56C7A0CA8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{57EE7FBB-2D5D-4A3F-9652-2952E7C957FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{9637FDB7-1438-42E4-9813-582D9D2E30B8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{23B226A3-960B-4465-837D-355678883D20}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E374C537-4AAF-4BA0-B988-B91DA7BB459D}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E77F3DA1-356C-4363-9C82-52E2DD7C3D79}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9C0EF13E-335A-487B-942C-813089D1967D}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{93DCF896-3FCD-4A49-817E-A0BBF1DB17CF}] => (Allow) C:\Users\MMDATA\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B8DA2D09-24BF-49BB-A5EA-C963C0A9E8C6}] => (Allow) C:\Users\MMDATA\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E3322B05-F092-48ED-89E2-D277A58584A5}] => (Allow) C:\Users\MMDATA\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3D9B708F-464F-4FBF-8517-A300347B6A99}] => (Allow) C:\Users\MMDATA\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{731D36D1-8D38-41D8-827D-11DE5E9DC7F9}] => (Allow) C:\Users\MMDATA\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E2CD12D6-A1D0-452F-9EAD-D4D40BA90E18}] => (Allow) C:\Users\MMDATA\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D3367404-5A43-45FD-8113-B9F148A61297}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{188E8749-C3D0-458A-995C-F78FA3D6D1A9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{E6C4E91C-2157-44CD-8CA0-8824E2C12FE4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{B19478D2-7657-43B6-884D-818992B99549}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C9D9FEF0-045B-4E1B-B1D3-8C3EA1BC5D91}] => (Allow) D:\ProgramFiles(x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{41EF63AC-AB78-40A1-94A6-D3032C6A3478}] => (Allow) D:\ProgramFiles(x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{789FFEEB-82B0-4D6B-A1E4-489FB89DB57D}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\CrusadersOfLight\col.exe FirewallRules: [{138666C5-3E3F-4EE0-B323-6AEB1993530B}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\CrusadersOfLight\col.exe FirewallRules: [{02924EF2-18A8-41E0-BBD6-539A3E9CA98E}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D8CB8838-00BA-4650-957A-BC1C8DA25837}] => (Allow) D:\ProgramFiles(x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{CD1A58F3-1C66-481B-B47A-42436F29182A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe StandardProfile\AuthorizedApplications: [D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/09/2018 01:19:52 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\WINDOWS\System32\sdnclean64.exe. Det finns ett fel i manifest- eller principfilen C:\WINDOWS\System32\sdnclean64.exe på rad 2. Manifestfilens rotelement måste vara ett paket. Error: (11/09/2018 01:18:13 AM) (Source: CertEnroll) (EventID: 86) (User: NT instans) Description: Initieringen av SCEP-certifikatregistrering för WORKGROUP\OLIWER$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep misslyckades: GetCACaps Metod: GET(47ms) Fas: GetCACaps Okänt servernamn eller adress 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED) Error: (11/09/2018 01:03:02 AM) (Source: CertEnroll) (EventID: 86) (User: NT instans) Description: Initieringen av SCEP-certifikatregistrering för WORKGROUP\OLIWER$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep misslyckades: GetCACaps Metod: GET(79ms) Fas: GetCACaps Okänt servernamn eller adress 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED) Error: (11/09/2018 12:47:13 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/08/2018 12:29:45 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/07/2018 08:39:22 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programmet FL64.exe, version 1.1.47.0, avslutades eftersom det slutade samverka med Windows. Ytterligare information kan finnas i problemhistoriken i Säkerhet och underhåll på Kontrollpanelen. Process-ID: 27ec Starttid: 01d476bc5447d14b Avslutningstid: 44 Programsökväg: D:\Program Files (x86)\Image-Line\FL Studio 12\FL64.exe Rapport-ID: 0d480959-62a2-4b5c-90e2-2503465e3595 Fullständigt namn på felaktigt paket: Program-ID relativt till felaktigt paket: Error: (11/07/2018 12:29:46 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/06/2018 10:11:25 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fel uppstod när statusen uppdaterades till SECURITY_PRODUCT_STATE_ON. System errors: ============= Error: (11/09/2018 01:41:53 AM) (Source: DCOM) (EventID: 10010) (User: OLIWER) Description: Servern {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} registrerades inte med DCOM inom erforderlig timeout. Error: (11/09/2018 01:39:53 AM) (Source: DCOM) (EventID: 10010) (User: OLIWER) Description: Servern {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} registrerades inte med DCOM inom erforderlig timeout. Error: (11/09/2018 01:37:58 AM) (Source: DCOM) (EventID: 10016) (User: NT instans) Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} och APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} till användaren NT instans\Lokal tjänst SID (S-1-5-19) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster. Error: (11/09/2018 01:37:53 AM) (Source: DCOM) (EventID: 10010) (User: OLIWER) Description: Servern {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} registrerades inte med DCOM inom erforderlig timeout. Error: (11/09/2018 01:35:53 AM) (Source: DCOM) (EventID: 10010) (User: OLIWER) Description: Servern {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} registrerades inte med DCOM inom erforderlig timeout. Error: (11/09/2018 01:33:53 AM) (Source: DCOM) (EventID: 10010) (User: NT instans) Description: Servern {9E175B68-F52A-11D8-B9A5-505054503030} registrerades inte med DCOM inom erforderlig timeout. Error: (11/09/2018 01:31:53 AM) (Source: DCOM) (EventID: 10010) (User: OLIWER) Description: Servern {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} registrerades inte med DCOM inom erforderlig timeout. Error: (11/09/2018 01:29:53 AM) (Source: DCOM) (EventID: 10010) (User: OLIWER) Description: Servern {9E175B6D-F52A-11D8-B9A5-505054503030} registrerades inte med DCOM inom erforderlig timeout. Windows Defender: =================================== Date: 2018-11-06 22:10:07.893 Description: Windows Defender Antivirus har upptäckt skadlig kod eller annan oönskad programvara. Mer information finns nedan: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0 Namn: Trojan:Win32/Skeeyah.A!rfn ID: 2147694182 Allvarlighetsgrad: Allvarlig Kategori: Trojan Sökväg: file:_D:\Downloads\BitDefender Antivirus Plus 2018 Pre-Activated\Setup\Setup.exe Ursprung till identifieringen: Lokal dator Identifieringstyp: Konkret Identifieringskälla: Realtidsskydd Användare: OLIWER\MMDATA Processnamn: C:\Program Files\Bitdefender Antivirus Free\kitinstaller\BPInstaller.exe Signaturversion: AV: 1.279.1258.0, AS: 1.279.1258.0, NIS: 1.279.1258.0 Sökmotorversion: AM: 1.1.15400.4, NIS: 1.1.15400.4 Date: 2018-11-06 22:09:59.150 Description: Windows Defender Antivirus har upptäckt skadlig kod eller annan oönskad programvara. Mer information finns nedan: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0 Namn: Trojan:Win32/Skeeyah.A!rfn ID: 2147694182 Allvarlighetsgrad: Allvarlig Kategori: Trojan Sökväg: file:_D:\Downloads\BitDefender Antivirus Plus 2018 Pre-Activated\Setup\Setup.exe Ursprung till identifieringen: Lokal dator Identifieringstyp: Konkret Identifieringskälla: Realtidsskydd Användare: OLIWER\MMDATA Processnamn: C:\Program Files\Bitdefender Antivirus Free\kitinstaller\BPInstaller.exe Signaturversion: AV: 1.279.1258.0, AS: 1.279.1258.0, NIS: 1.279.1258.0 Sökmotorversion: AM: 1.1.15400.4, NIS: 1.1.15400.4 Date: 2018-11-06 20:48:33.730 Description: Windows Defender Antivirus-sökningen stoppades innan den slutfördes. Söknings-ID: {E8146131-88BF-4383-A50B-12BFBBE00177} Sökningstyp: Antimalware Sökningsparametrar: Snabbsökning Användare: NT instans\SYSTEM Date: 2018-11-05 16:40:06.604 Description: Windows Defender Antivirus-sökningen stoppades innan den slutfördes. Söknings-ID: {714EF670-1E59-48E3-8EB9-D3F3D6F6EC13} Sökningstyp: Antimalware Sökningsparametrar: Snabbsökning Användare: NT instans\SYSTEM Date: 2018-11-05 16:17:19.108 Description: Windows Defender Antivirus har upptäckt skadlig kod eller annan oönskad programvara. Mer information finns nedan: https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:JS/Nemucod!rfn&threatid=209523&enterprise=0 Namn: TrojanDownloader:JS/Nemucod!rfn ID: 209523 Allvarlighetsgrad: Inte ännu klassificerad Kategori: Okänd Sökväg: file:_C:\Users\MMDATA\Downloads\OBS_0_659b_With_Browser_Installer.exe Ursprung till identifieringen: Lokal dator Identifieringstyp: FastPath Identifieringskälla: Realtidsskydd Användare: OLIWER\MMDATA Processnamn: C:\WINDOWS\explorer.exe Signaturversion: AV: 1.279.1171.0, AS: 1.279.1171.0, NIS: 1.279.1171.0 Sökmotorversion: AM: 1.1.15400.4, NIS: 1.1.15400.4 Date: 2018-09-07 00:16:16.827 Description: Ett fel uppstod när Windows Defender Antivirus skulle uppdatera signaturer. Ny signaturversion: Föregående signaturversion: 1.275.710.0 Uppdateringskälla: Microsoft Malware Protection Center Signaturtyp: AntiVirus Uppdateringstyp: Fullständig Användare: NT instans\Nätverkstjänst Aktuell motorversion: Föregående motorversion: 1.1.15200.1 Felkod: 0x80072ee7 Felbeskrivning: Okänt servernamn eller adress Date: 2018-09-07 00:16:16.827 Description: Ett fel uppstod när Windows Defender Antivirus skulle uppdatera signaturer. Ny signaturversion: Föregående signaturversion: 1.275.710.0 Uppdateringskälla: Microsoft Malware Protection Center Signaturtyp: AntiSpyware Uppdateringstyp: Fullständig Användare: NT instans\Nätverkstjänst Aktuell motorversion: Föregående motorversion: 1.1.15200.1 Felkod: 0x80072ee7 Felbeskrivning: Okänt servernamn eller adress Date: 2018-09-07 00:16:16.827 Description: Ett fel uppstod när Windows Defender Antivirus skulle uppdatera signaturer. Ny signaturversion: Föregående signaturversion: 1.275.710.0 Uppdateringskälla: Microsoft Malware Protection Center Signaturtyp: AntiVirus Uppdateringstyp: Fullständig Användare: NT instans\Nätverkstjänst Aktuell motorversion: Föregående motorversion: 1.1.15200.1 Felkod: 0x80072ee7 Felbeskrivning: Okänt servernamn eller adress Date: 2018-09-07 00:16:16.820 Description: Ett fel uppstod när Windows Defender Antivirus skulle uppdatera signaturer. Ny signaturversion: Föregående signaturversion: 1.275.710.0 Uppdateringskälla: Microsoft Malware Protection Center Signaturtyp: AntiVirus Uppdateringstyp: Fullständig Användare: NT instans\Nätverkstjänst Aktuell motorversion: Föregående motorversion: 1.1.15200.1 Felkod: 0x80072ee7 Felbeskrivning: Okänt servernamn eller adress Date: 2018-09-07 00:16:16.820 Description: Ett fel uppstod när Windows Defender Antivirus skulle uppdatera signaturer. Ny signaturversion: Föregående signaturversion: 1.275.710.0 Uppdateringskälla: Microsoft Malware Protection Center Signaturtyp: AntiSpyware Uppdateringstyp: Fullständig Användare: NT instans\Nätverkstjänst Aktuell motorversion: Föregående motorversion: 1.1.15200.1 Felkod: 0x80072ee7 Felbeskrivning: Okänt servernamn eller adress CodeIntegrity: =================================== Date: 2018-11-09 01:29:49.340 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-09 01:29:49.339 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-09 01:22:58.600 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-09 01:22:58.598 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-09 01:18:34.407 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-09 01:18:34.405 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-09 01:18:03.392 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-09 01:18:03.317 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz Percentage of memory in use: 47% Total physical RAM: 8090.52 MB Available physical RAM: 4226.39 MB Total Virtual: 11418.52 MB Available Virtual: 7001.06 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:118.48 GB) (Free:5.15 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:429.01 GB) NTFS \\?\Volume{4f2dc201-12ed-4e4f-a0bc-30b8ff12b3ca}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 5F15F3C6) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 4AE54CAF) Partition: GPT. ==================== End of Addition.txt ============================ Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted November 9, 2018 Root Admin ID:1280076 Share Posted November 9, 2018 Hello @oliwwer and Let me have you run the scans again in the following order. Also, please attach the files. Directly posted logs don't always translate properly. Please run the following steps and post back the logs as an attachment when ready.STEP 01 If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes 3 installed yet please download it from here and install it. Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know on your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan Now. When finished, please click Clean & Repair. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Copy its content into your next reply. RESTART THE COMPUTER Before running Step 3 STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here. Please attach the Additions.txt log to your reply as well. Thanks Ron Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 7, 2018 Root Admin ID:1285475 Share Posted December 7, 2018 Due to the lack of feedback, this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread. Thanks Link to post Share on other sites More sharing options...
Recommended Posts