Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.02.2018 Ran by aakas (25-02-2018 22:05:14) Running from C:\Users\aakas\Desktop Windows 10 Pro Version 1709 16299.248 (X64) (2017-12-08 20:17:48) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= aakas (S-1-5-21-2531647964-3082266107-1929717-1002 - Administrator - Enabled) => C:\Users\aakas Administrator (S-1-5-21-2531647964-3082266107-1929717-500 - Administrator - Disabled) anish (S-1-5-21-2531647964-3082266107-1929717-1003 - Limited - Disabled) DefaultAccount (S-1-5-21-2531647964-3082266107-1929717-503 - Limited - Disabled) Guest (S-1-5-21-2531647964-3082266107-1929717-501 - Limited - Disabled) murth (S-1-5-21-2531647964-3082266107-1929717-1004 - Administrator - Enabled) WDAGUtilityAccount (S-1-5-21-2531647964-3082266107-1929717-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) . . (HKLM\...\{569F29BA-2D46-439B-8B7C-01D999B9201D}) (Version: 7.1 - Intel) Hidden . . . (HKLM-x32\...\{9F460796-0348-4B11-BCA0-714C4B85E3D7}) (Version: 3.1.2.2 - Intel) Hidden 3DMark (HKLM\...\{BDD2EE93-C1C4-4536-A59E-C85326E454A8}) (Version: 2.4.3819.0 - Futuremark) Hidden 3DMark (HKLM-x32\...\{4f8a7a7f-23df-4a3b-a6e8-b46222e740b3}) (Version: 2.4.3819.0 - Futuremark) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.00.10 - ASUSTeK Computer Inc.) AllToMP3 0.3.2 (only current user) (HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\c7605133-1e88-50dc-a31b-c14ca85089b6) (Version: 0.3.2 - Basile Bruneau) ApoDispatchConfigurator (HKLM\...\{4FEB3307-A0EF-4385-9C8F-4B4C1503311C}) (Version: 3.6.801 - ASUSTeKcomputer.Inc) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.) Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.5.8.0 - ASUSTek COMPUTER INC.) Hidden ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.5.8.0 - ASUSTek COMPUTER INC.) Asus Sonic Radar 3 (HKLM-x32\...\{0809df9f-2675-4ce5-895b-96a581918a98}) (Version: 3.6.8.43712 - ASUSTeKcomputer.Inc) Asus Sonic Studio 3 (HKLM-x32\...\{9a3b12f4-e885-4495-b04f-c661f1e532b5}) (Version: 3.6.8.43712 - ASUSTeKcomputer.Inc) AudioCaptureNotificationConfigurator (HKLM\...\{04C5CE55-7F32-4D2D-AEA2-FDC03E8F65CC}) (Version: 3.6.801 - ASUSTeKcomputer.Inc) Hidden AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.05.28 - ASUSTeK Computer Inc.) Aurora Web Installer 1.0.0 (HKLM-x32\...\{9444602B-C5D8-4EF5-9D5B-E76D06B53C71}_is1) (Version: 1.0.0 - Anton Pupkov) Autodesk Fusion 360 (HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.3803 - Autodesk, Inc.) AutoHotkey 1.1.26.01 (HKLM\...\AutoHotkey) (Version: 1.1.26.01 - Lexikos) Backup and Sync from Google (HKLM-x32\...\{AC62F3F2-61A2-4357-93EC-C308E3FEDF4E}) (Version: 3.39.8370.7843 - Google, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BitTorrent (HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\BitTorrent) (Version: 7.10.0.44091 - BitTorrent Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 9.4.9 - Andrew Sampson) CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform) Chrome Remote Desktop Host (HKLM-x32\...\{14C6B17A-F825-431E-9A36-8D89E65B24C8}) (Version: 65.0.3325.40 - Google Inc.) Clipdiary 5.1 (HKLM-x32\...\Clipdiary) (Version: 5.1 - Tiushkov Nikolay) Clover V3.4 (HKLM-x32\...\Clover) (Version: 3.4.1.01161 - 易捷科技) CpuCoreParking (HKLM-x32\...\{93F2C625-D50A-47BE-9C68-3B1A55DD091C}) (Version: 2.0.1.0 - CpuCoreParking) CPUID CPU-Z 1.82 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.82 - ) CPUID HWMonitor 1.33 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.33 - ) DeviceRoutingConfigurator (HKLM\...\{AC306567-A1B7-4208-8FED-97CF535050BC}) (Version: 3.6.801 - ASUSTeKcomputer.Inc) Hidden Discord (HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\Discord) (Version: 0.0.300 - Discord Inc.) Discord PTB (HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\DiscordPTB) (Version: 0.0.39 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden EaseUS MobiSaver (HKLM-x32\...\EaseUS MobiSaver_is1) (Version: - EaseUS) Epic Games Launcher (HKLM-x32\...\{2B6AC31A-9883-465C-AFC6-1EC5AA48F5BD}) (Version: 1.1.138.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Exodus (HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\exodus) (Version: 1.44.0 - Exodus Movement Inc) f.lux (HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\Flux) (Version: - f.lux Software LLC) FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) foobar2000 v1.3.17 (HKLM-x32\...\foobar2000) (Version: 1.3.17 - Peter Pawlowski) Futuremark SystemInfo (HKLM-x32\...\{71BFECB2-2CFD-4E6A-A8AF-4EE600A816B7}) (Version: 5.3.629.0 - Futuremark) Geekbench 4 (HKLM-x32\...\Geekbench 4) (Version: - Primate Labs Inc.) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Gyazo 3.3.5 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.292 - SurfRight B.V.) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) InputMapper (HKLM-x32\...\{026D2025-A7FA-4F5C-AF8C-A6F7A9B917FC}) (Version: 1.6.10.19991 - DSDCS) Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Intel(R) Computing Improvement Program (HKLM\...\{699E6891-25C3-443A-9B8E-80C74F0172C8}) (Version: 2.1.03413 - Intel Corporation) Intel(R) Network Connections 22.9.16.0 (HKLM\...\PROSetDX) (Version: 22.9.16.0 - Intel) Intel(R) Rapid Storage Technology enterprise (HKLM-x32\...\{440479f1-6bb9-4b41-9b9a-8f20b062b862}) (Version: 5.2.0.1212 - Intel Corporation) Intel® Accelerated Storage Manager (HKLM\...\{A8ECB591-B77E-42D7-8041-B95669C06055}) (Version: 1.2.0.75 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{e7adbf16-34ad-490a-a4e8-feb60fb99973}) (Version: 3.1.2.2 - Intel) iTunes (HKLM\...\{1D7D1271-5258-4F5A-B8C1-7176BF398782}) (Version: 12.7.3.46 - Apple Inc.) Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Jaxx 1.3.9 (only current user) (HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\c8bd836d-41d7-5f55-90da-0bae2db13a07) (Version: 1.3.9 - decentral.ca) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains) Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech) Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.) Lumenata Pro Setup (HKLM-x32\...\$REGNAME) (Version: 1.0 - ) MEmu (HKLM-x32\...\MEmu) (Version: 3.6.9.0 - Microvirt Software Technology Co. Ltd.) Microsoft OneDrive (HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD) NahimicSettingsConfigurator (HKLM\...\{3C0382DE-E72C-4ADF-A0F3-1A3E034802E2}) (Version: 3.6.801 - ASUSTeKcomputer.Inc) Hidden NiceHash Miner 2 0.1.11 (HKLM\...\08059810-bc78-5c10-942c-2092eebb5ec8) (Version: 0.1.11 - NiceHash d.o.o) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.4 - Notepad++ Team) NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision Driver 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation) NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation) NVIDIA GeForce NOW 1.5.1.189 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 1.5.1.189 - NVIDIA Corporation) NVIDIA Graphics Driver 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) osu! (HKLM-x32\...\{bc205693-ebc4-4cc7-8554-88dd9e636310}) (Version: latest - ppy Pty Ltd) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.6.801 - ASUSTeKcomputer.Inc) Hidden ProfileSwitcherCleanup (HKLM\...\{48DF27B3-44FE-463A-9756-7D774456DB7C}) (Version: 3.6.8.43712 - ASUSTeKcomputer.Inc) Hidden Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.5.11.584 - Razer Inc.) REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.4.887.170518 - REALTEK Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8210 - Realtek Semiconductor Corp.) Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0019 - REALTEK Semiconductor Corp.) Roblox Player for aakas (HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games) Rules of Survival version 1.0.0 (HKLM-x32\...\{F560482D-4378-4FB8-8EB7-4F017FDBCC90}_is1) (Version: 1.0.0 - Hong Kong Netease Interactive Entertainment Limited) SonicMapperConfigurator (HKLM\...\{E89C3033-37E5-471E-B80E-BF971A535EE8}) (Version: 3.6.8.43712 - ASUSTeKcomputer.Inc) Hidden SonicRadar3Setup (HKLM\...\{9138D650-706E-4A6A-8993-82F8A9C16D88}) (Version: 3.6.8.43712 - ASUSTeKcomputer.Inc) Hidden SonicStudio3Setup (HKLM\...\{065BAFE8-7C11-4E22-9B3C-61A56EB511B5}) (Version: 3.6.8.43712 - ASUSTeKcomputer.Inc) Hidden Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform) Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.) Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.2.0.0 - Splashtop Inc.) Spotify (HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\Spotify) (Version: 1.0.74.380.g1fcff12a - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Twitch (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Twitch Interactive, Inc.) Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft) VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - ) Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software) Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2531647964-3082266107-1929717-1002_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\aakas\AppData\Local\Autodesk\webdeploy\production\8556a3e1d81f6c5f0bca3f1440fbfa311d80a809\NPreview10.dll () ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-12-31] () ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01BF3749-E5D8-498E-96A3-8D9B654DB7C9} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {03C07449-0D32-4898-94FA-5BA9AABFC84E} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.) Task: {0C22518A-6597-4085-B74D-D33E35A7B0FC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation) Task: {179790EC-0C85-418B-9AE4-71655E9A4700} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2017-11-14] (TODO: ) Task: {18CD8E39-509D-4943-A355-4CB653CA7442} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {228E0016-19F3-4E9F-BF23-582C65E15243} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2017-12-15] () Task: {28848566-913E-4796-B986-C884928B3C07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-07] (Google Inc.) Task: {3F29EFA8-9118-4E39-8F0A-92A1E65FC5A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-19] (Microsoft Corporation) Task: {3FE65824-1ECA-4E1D-91BE-66C31CFEC673} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation) Task: {41587884-D625-41BE-BA49-5206120804EB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation) Task: {57D76F37-3659-4D38-8E37-54CE074C4F06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.) Task: {5F74447F-874B-4FEB-BD4F-1CD486AA1751} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: ) Task: {698779DC-56A1-414A-BF3A-27439547EF9E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation) Task: {6D729291-BD31-4135-A114-56BC711FD847} - System32\Tasks\ExclusiveTool => C:\Program Files (x86)\DSDCS\InputMapper\ExclusiveModeTool.exe [2016-10-04] (InputMapper) Task: {6FF23FA3-A0B5-47FD-AF20-31D01E11509E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd) Task: {701ADA5F-B65A-4533-AEAA-5C4FBC050B95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-19] (Microsoft Corporation) Task: {72DC6C3C-1CD3-416F-BB15-0E062E3981E1} - System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\aakas\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe [2018-02-13] (NVIDIA Corporation) Task: {793BC718-B34D-415B-9544-78A1D4947B32} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2017-11-24] () Task: {8BEB7DFC-11BD-4F4A-B0D0-A130144C921F} - System32\Tasks\SS3svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe [2017-07-12] (ASUSTeK COMPUTER INC.) Task: {93C61EF0-A47C-495B-AF25-CFE7E769267D} - System32\Tasks\SS3svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [2017-07-12] (ASUSTeK COMPUTER INC.) Task: {94215CA7-1306-466B-B42E-96898A54F0CF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation) Task: {9CE005FF-FC76-4BFE-90B2-C0CA059A3FE9} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.35\AsRogAuraGpuDllServer.exe [2018-02-01] () Task: {9CEAA93E-D390-4A19-BEED-2C87C1CD67DC} - System32\Tasks\update-S-1-5-21-2531647964-3082266107-1929717-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: ) Task: {AB9B87F1-1C86-4D53-8FE2-BDE9D432688D} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2017-12-04] (ASUSTeK Computer Inc.) Task: {B4E0A12F-D47C-46C0-936B-3F20C618965B} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation) Task: {BC21EB1A-9176-45A8-89DF-C75F882A41AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-07] (Google Inc.) Task: {BE94EE64-9E7D-470F-AA60-5E2C993E1AB6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation) Task: {C02A69B7-CFAC-43EE-A8B8-9CCE2DF4B455} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe Task: {C19AD344-BE27-4BE0-A72B-854F91C58E7A} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2017-11-24] (TODO: ) Task: {CA24D1EF-F41C-41CA-AFFF-EDB9FE563889} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-19] (Microsoft Corporation) Task: {CAED40FE-9E3E-4CDF-8DF5-8F0BE46FB386} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.) Task: {D5A9C94D-36BF-4DFD-982E-EFD0A0FF609E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation) Task: {D5B6D283-5D97-48B4-B997-FE60D9B1D75E} - System32\Tasks\S-1-5-21-2531647964-3082266107-1929717-1002\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation) Task: {DF1437B6-E4B7-45C5-A687-75397A3102A9} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation) Task: {E34B9845-BE73-41C5-93B6-D61754AE3A20} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-19] (Microsoft Corporation) Task: {EE5F75CE-BA1E-420F-A05C-C2EB70B047E6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation) Task: {FF695225-FA6A-4756-BC64-8A208967E423} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe Task: C:\Windows\Tasks\update-S-1-5-21-2531647964-3082266107-1929717-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\aakas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp ShortcutWithArgument: C:\Users\aakas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\DellDisco.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=afklhpnabnbhaommppgieeaaphdekbjk ShortcutWithArgument: C:\Users\aakas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Floating for YouTube™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=jjphmlaoffndcnecccgemfdaaoighkel ShortcutWithArgument: C:\Users\aakas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Aakash - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Loaded Modules (Whitelisted) ============== 2017-09-29 05:41 - 2017-09-29 05:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll 2018-01-22 22:43 - 2018-01-23 16:23 - 000544240 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll 2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-12-07 20:38 - 2017-12-07 20:38 - 001360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 2013-04-22 08:30 - 2013-04-07 05:09 - 000542208 _____ () C:\Users\aakas\AppData\Local\McMyAdmin\MCMA_Service.exe 2018-01-11 01:25 - 2018-01-11 01:25 - 000182544 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe 2018-01-22 22:43 - 2018-01-10 06:33 - 001268024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-12-24 17:58 - 2017-12-24 17:56 - 000346600 _____ () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe 2017-10-26 15:21 - 2017-10-26 15:21 - 000419328 ____R () C:\Program Files\Intel\Wired Networking\NCS2\Agent\AdapterAgnt.DLL 2017-12-24 17:57 - 2017-12-24 17:56 - 001780712 _____ () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe 2018-02-02 13:20 - 2018-01-10 06:33 - 000019760 _____ () c:\program files\nvidia corporation\nvstreamsrv\detoured.dll 2017-12-15 01:04 - 2017-12-15 01:04 - 000725288 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe 2018-01-09 18:03 - 2017-11-24 08:48 - 001448408 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe 2018-02-01 17:34 - 2018-02-01 17:33 - 000280536 _____ () C:\Program Files (x86)\LightingService\1.00.35\AsRogAuraGpuDllServer.exe 2017-12-31 17:07 - 2017-12-31 17:07 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll 2017-12-24 17:57 - 2017-12-24 17:56 - 000839656 _____ () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe 2018-02-14 17:10 - 2018-02-09 20:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2018-02-14 17:10 - 2018-02-09 20:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-12-07 20:38 - 2017-12-07 20:37 - 000105304 _____ () C:\Windows\SYSTEM32\audioLibVc.dll 2015-03-06 16:07 - 2015-03-06 16:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2017-10-19 19:29 - 2017-10-19 19:29 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-06 16:07 - 2015-03-06 16:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2017-10-19 19:29 - 2017-10-19 19:29 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2017-10-19 19:02 - 2017-10-19 19:02 - 000077824 _____ () C:\Program Files\Logitech Gaming Software\LAClient\zlib.dll 2017-10-19 19:02 - 2017-10-19 19:02 - 000144896 _____ () C:\Program Files\Logitech Gaming Software\LAClient\libssh2.dll 2018-01-29 12:42 - 2018-01-29 12:42 - 041100328 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe 2017-01-09 17:09 - 2017-01-09 17:09 - 004518400 _____ () C:\Program Files\Aurora\Aurora.exe 2017-07-23 19:40 - 2017-07-23 19:40 - 006580224 _____ () C:\Program Files (x86)\Clipdiary\Clipdiary.exe 2017-12-02 23:55 - 2017-12-02 23:57 - 000233640 _____ () C:\Users\aakas\AppData\Roaming\SearchProtocolHosts.exe 2017-12-02 23:55 - 2017-12-02 23:56 - 000293544 _____ () C:\Users\aakas\AppData\Roaming\svnhost.exe 2018-01-03 05:33 - 2018-01-03 05:33 - 000060384 _____ () C:\Program Files\CCleaner\branding.dll 2018-02-13 18:13 - 2018-02-12 20:25 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.167\libglesv2.dll 2018-02-13 18:13 - 2018-02-12 20:25 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.167\libegl.dll 2017-10-18 09:52 - 2017-10-18 09:52 - 001723392 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\ASUSGPUFanServiceEx.exe 2018-01-11 01:25 - 2018-01-11 01:25 - 000886032 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe 2018-01-11 01:25 - 2018-01-11 01:25 - 002309904 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_modeler.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000270096 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\pl_agent_lib.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000260368 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_acpi_battery_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000306960 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_wifi_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000231184 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\devices_use_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000277776 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_system_power_state_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000638736 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_os_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000212240 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_winstat_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000453392 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_upnp_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000375568 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_process_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000609552 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_hw_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000295184 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sampler_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000248080 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sgx_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000708368 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\sql_logger.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000818448 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe 2018-01-11 01:25 - 2018-01-11 01:25 - 000214800 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\foreground_window_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000279312 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_user_waiting_input.dll 2018-01-11 01:25 - 2018-01-11 01:25 - 000207120 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_events_input.dll 2018-02-05 16:03 - 2018-02-05 16:03 - 000735584 _____ () c:\program files (x86)\clover\cloversvc.dll 2018-01-09 18:01 - 2018-01-09 18:01 - 000081368 _____ () C:\Program Files (x86)\ASUS\AXSP\3.00.10\ATKEX.dll 2018-01-09 18:01 - 2018-01-09 18:01 - 000229848 _____ () C:\Program Files (x86)\ASUS\AXSP\3.00.10\ASUS_WMI.dll 2018-02-25 21:54 - 2018-02-25 21:54 - 000047912 _____ () C:\Program Files (x86)\ASUS\AXSP\3.00.10\PEbiosinterface32.dll 2018-01-09 18:03 - 2018-01-09 18:01 - 000229848 _____ () C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\ASUS_WMI.dll 2018-02-01 17:34 - 2018-02-01 17:33 - 001777664 _____ () C:\Program Files (x86)\LightingService\1.00.35\Vender.dll 2018-02-01 17:34 - 2018-02-01 17:33 - 000073728 _____ () C:\Program Files (x86)\LightingService\1.00.35\ClaymoreProtocol.dll 2018-02-01 17:34 - 2018-02-01 17:33 - 000073728 _____ () C:\Program Files (x86)\LightingService\1.00.35\RogNewmouseProtocol.dll 2018-02-01 17:34 - 2018-02-01 17:33 - 001951232 _____ () C:\Program Files (x86)\LightingService\1.00.35\R2Clib.dll 2018-02-01 17:34 - 2018-02-01 17:33 - 000053248 _____ () C:\Program Files (x86)\LightingService\1.00.35\cpuutil.dll 2017-12-14 09:56 - 2017-12-14 09:56 - 000056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2017-12-14 09:56 - 2017-12-14 09:56 - 000232448 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2017-12-14 09:56 - 2017-12-14 09:56 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2017-12-14 09:56 - 2017-12-14 09:56 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2017-12-14 09:57 - 2017-12-14 09:57 - 000566784 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2018-02-02 13:20 - 2018-01-10 06:33 - 000019760 _____ () c:\program files (x86)\nvidia corporation\nvstreamsrv\detoured.dll 2018-01-09 18:03 - 2017-11-24 08:48 - 000323544 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll 2018-01-09 18:03 - 2017-11-24 08:48 - 000882136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll 2018-01-09 18:03 - 2017-11-24 08:48 - 000940504 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll 2018-01-09 18:03 - 2017-11-24 08:48 - 000910296 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll 2018-01-22 22:43 - 2018-01-10 06:33 - 001041208 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-12-24 17:57 - 2017-12-24 17:56 - 068210152 _____ () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\libcef.dll 2017-12-24 17:57 - 2017-12-24 17:56 - 003110376 _____ () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\libglesv2.dll 2017-12-24 17:57 - 2017-12-24 17:56 - 000087016 _____ () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\libegl.dll 2018-02-25 21:54 - 2018-02-25 21:54 - 000088064 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\_ctypes.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000069120 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\bz2.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000920064 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\_hashlib.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000098816 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32api.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000110080 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\pywintypes27.dll 2018-02-25 21:54 - 2018-02-25 21:54 - 000364544 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\pythoncom27.dll 2018-02-25 21:54 - 2018-02-25 21:54 - 000686080 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\unicodedata.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000320512 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32com.shell.shell.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 001177088 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\wx._core_.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000806912 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\wx._gdi_.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000816640 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\wx._windows_.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 001067520 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\wx._controls_.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000733696 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\wx._misc_.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000736256 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\pysqlite2._sqlite.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000119808 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32file.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000108544 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32security.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000007168 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\hashobjs_ext.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000017920 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\thumbnails_ext.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000082432 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\usb_ext.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000013824 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\common.time34.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000018432 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32event.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000027648 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\windows.conditional.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000017408 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\windows.winwrap.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000089088 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\windows.volumes.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000167936 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32gui.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000046080 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\_socket.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 001311232 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\_ssl.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000135680 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\_elementtree.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000133632 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\pyexpat.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000038912 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32inet.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000077824 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\wx._html2.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000036864 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\_psutil_windows.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000524248 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\windows._lib_cacheinvalidation.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000010240 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\select.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000011264 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32crypt.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000218624 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\PIL._imaging.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000027648 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\_multiprocessing.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000020480 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\_yappi.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000035840 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32process.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000024064 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32pipe.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000025600 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32pdh.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000059392 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\windows.device_monitor.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000017408 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32profile.pyd 2018-02-25 21:54 - 2018-02-25 21:54 - 000022528 _____ () C:\Users\aakas\AppData\Local\Temp\_MEI115762\win32ts.pyd 2018-01-17 16:10 - 2018-01-16 10:34 - 001025848 _____ () C:\Program Files (x86)\Razer\Razer Cortex\CefSharp.Core.dll 2018-01-17 16:10 - 2018-01-16 10:35 - 053913416 _____ () C:\Program Files (x86)\Razer\Razer Cortex\libcef.dll 2017-11-06 19:24 - 2017-11-06 19:26 - 001005408 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.dll 2017-11-06 19:24 - 2017-11-06 19:26 - 053444984 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libcef.dll 2017-11-06 19:24 - 2017-11-06 19:26 - 000691056 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.Core.dll 2017-11-06 19:24 - 2017-11-06 19:26 - 001984392 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libglesv2.dll 2017-11-06 19:24 - 2017-11-06 19:26 - 000082824 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libegl.dll 2018-01-22 22:43 - 2018-01-10 06:33 - 066907448 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2017-09-12 18:05 - 2017-09-12 18:05 - 000065536 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Exeio.dll 2017-11-14 15:35 - 2017-11-14 15:35 - 001772544 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll 2017-06-20 15:32 - 2017-06-20 15:32 - 000940032 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\glkIo.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\AppData:CSM [472] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-2531647964-3082266107-1929717-1002\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-09-29 05:46 - 2018-01-23 18:52 - 000000197 _____ C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 pubads.g.doubleclick.net 0.0.0.0 securepubads.g.doubleclick.net 0.0.0.0 www.googletagservices.com 0.0.0.0 gads.pubmatic.com 0.0.0.0 ads.pubmatic.com 0.0.0.0 spclient.wg.spotify.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2531647964-3082266107-1929717-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\aakas\Pictures\mountains-moon-trees-minimalism-hd-1920x1080.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "Sonic Studio 3" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "$REGNAME" HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "DSATray" HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\StartupApproved\Run: => "MurGee.com Auto Clicker" HKU\S-1-5-21-2531647964-3082266107-1929717-1002\...\StartupApproved\Run: => "RandomMouseClicker" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{624A4410-878F-452E-BCA0-5CA1E8934DB7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{52A17222-97A1-4B3D-BC25-B1E0B82C4C01}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{3F89CF21-2AE4-45B7-88D7-EC3560F97A7F}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{542A9150-FA46-40B6-824B-08B9C8ABA0FD}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{E9BF22F4-1092-45B9-816D-4712E80E203F}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{5888D418-46DE-4BA2-91F1-2B7027600446}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{97B8C268-B6FC-4154-9504-AE5467299D6E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{56A12E8B-5BC7-4278-A530-2F5D93A5F18E}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{BC02E377-E381-4ACC-8927-B456A8D1E974}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{6BDBA445-94C5-40F1-9379-55DF92146469}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{E89C27B6-26D3-471A-9169-5420D2B9E3E1}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{25923D9B-BFF7-4BD9-BF51-F175075EBCE2}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{56F7BF48-4FCE-4D42-B886-33DE5537AD98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{01CCA00E-6C2F-4420-B6C9-FFEBD8A5D86C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{84D19528-9F8F-4BAF-952D-7A5A61D00578}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [UDP Query User{3415F363-F54D-4075-9877-67A14755D9D7}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [{FE344873-E7AB-4FF2-91C4-E6171B7FC1C1}] => (Allow) LPort=9143 FirewallRules: [{C2261C57-D471-424E-9570-8269C8D81090}] => (Allow) LPort=2333 FirewallRules: [{7443A60B-E033-4BCA-9172-EEAC7900BCF6}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{0266F2F5-184B-44E0-98E2-B83DD9C0DC66}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{B9C1FE5E-C944-4266-A192-FACF9B66A61C}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{69621808-CD44-4F4E-85A8-FA6AEC212244}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{5CDFB5B1-A162-4CBD-BAEC-E7374AF8F520}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{53DA6DB2-1A10-40D9-8742-595AE79732C2}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{4C41D311-F61C-41E6-B44D-FD52DFCFA669}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{FD9A4029-1268-4014-B6AF-E3A6F3767FD2}C:\users\aakas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aakas\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{4443C4FB-2AF5-4C6F-94D9-46D1FF98278D}C:\users\aakas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aakas\appdata\roaming\spotify\spotify.exe FirewallRules: [{11657BC1-D460-4912-9738-D642DDE9633A}] => (Block) C:\users\aakas\appdata\roaming\spotify\spotify.exe FirewallRules: [{09D1A101-C12B-49A5-988A-72096B246BFA}] => (Block) C:\users\aakas\appdata\roaming\spotify\spotify.exe FirewallRules: [{9DE73BA2-1C3A-40AE-85A4-335D4A79D87B}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{01E5019D-9398-4502-A574-61AD2DCD3DA0}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{CD700BDB-87E5-49D6-82D6-8598CEB124A7}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{0832E681-F520-4585-9F97-DF5FA242033E}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{455CB1C6-FF4F-4C7F-BDD5-C402EF85F0D5}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{1B3E2712-C63C-4666-A5BB-B163165DA474}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{CEF8C4ED-4E14-4D61-B454-816D4234DF47}C:\users\aakas\documents\important folder\ethcontrol-0.0.15\miners\claymore10\ethdcrminer64.exe] => (Allow) C:\users\aakas\documents\important folder\ethcontrol-0.0.15\miners\claymore10\ethdcrminer64.exe FirewallRules: [UDP Query User{D0D30432-6408-4452-99CB-DF1D0AADAED1}C:\users\aakas\documents\important folder\ethcontrol-0.0.15\miners\claymore10\ethdcrminer64.exe] => (Allow) C:\users\aakas\documents\important folder\ethcontrol-0.0.15\miners\claymore10\ethdcrminer64.exe FirewallRules: [TCP Query User{AF9C67C0-50C4-43F3-9CA9-6EC34AF40A9C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{B011136B-1B60-451F-886B-B5DD2265EDA2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{DAE7968F-1B36-45DA-978F-5E744D46B5D2}C:\programdata\oracle\java\javapath_target_18635343\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_18635343\java.exe FirewallRules: [UDP Query User{3F9CFBF5-9FC6-4EB8-9F22-5BEE445AD7D0}C:\programdata\oracle\java\javapath_target_18635343\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_18635343\java.exe FirewallRules: [{64484D25-4F3D-4BA5-9F74-383076E28053}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{9039D10A-B4B3-444A-B67B-D79C17A703EE}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{A43BD7A9-DFD3-4429-AB07-AF18FFA3AEEA}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{6C5D8EE5-A905-44B5-828C-C49A32B34C07}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{BB28BA64-B12D-48DD-AC47-984C9F88B4CC}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{EE467D85-66C4-4546-87DD-CDF117FD2DBD}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{5CD9DE43-7F36-4288-A8C9-AC5BF6334538}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{47413C78-1DC2-4592-8FCE-1B8F4F4A1613}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{C9E45C1B-7F54-421E-9FF1-9A36DA43ADB7}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{A3046D06-3519-4E30-8D2D-9F25942F32D9}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe FirewallRules: [UDP Query User{A525D183-A821-41BB-89F7-96FF03D7CF92}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe FirewallRules: [{9270D12C-7B03-4999-8684-CBFF925F0FC8}] => (Block) C:\ros\ros.exe FirewallRules: [{5C035BD6-328A-4256-9843-4CF9BD381D19}] => (Block) C:\ros\ros.exe FirewallRules: [TCP Query User{BF16459F-2744-4D42-B90A-54A7A374A714}C:\ros\ccmini\ccmini.exe] => (Allow) C:\ros\ccmini\ccmini.exe FirewallRules: [UDP Query User{D407416C-FA7F-41F0-A9E6-BCA30CA8C0EF}C:\ros\ccmini\ccmini.exe] => (Allow) C:\ros\ccmini\ccmini.exe FirewallRules: [{AC20063E-004E-4482-A422-F2B7227B3BAF}] => (Block) C:\ros\ccmini\ccmini.exe FirewallRules: [{F4E73CE0-D1CE-45D6-B485-E34B291CD06F}] => (Block) C:\ros\ccmini\ccmini.exe FirewallRules: [{DBD722FA-8341-4BD4-A1D7-7259CEAD96D8}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{7AD39871-9C2E-45FA-8EC7-C2F55C904228}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{5F78F2A6-9DB9-41A0-816A-AEC3D946A0B0}C:\users\aakas\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\aakas\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{EA763644-2B64-4115-9DC2-9FC4F7E5AEFE}C:\users\aakas\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\aakas\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{0B2F8E23-1F8D-4576-B819-71844674CF14}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{44F48E37-B29B-4C85-840F-84CA8A1A7CB5}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{CC075C64-A53A-4445-8304-2C84EF600AC5}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{17433293-92DC-4F37-B70B-A2E0E50E8F5D}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{72B89886-D126-4F79-882C-46A08C40BC1F}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe FirewallRules: [UDP Query User{547E8168-978B-4E13-9065-B1F9C595919B}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe FirewallRules: [TCP Query User{BBF48B7F-DB81-4BF3-AB1C-6D8BD3F27135}C:\users\aakas\appdata\local\mcmyadmin\mcmyadmin.exe] => (Allow) C:\users\aakas\appdata\local\mcmyadmin\mcmyadmin.exe FirewallRules: [UDP Query User{EAD65D31-F497-4C3E-93CA-5E00F037963C}C:\users\aakas\appdata\local\mcmyadmin\mcmyadmin.exe] => (Allow) C:\users\aakas\appdata\local\mcmyadmin\mcmyadmin.exe FirewallRules: [{EEB73481-6B6F-4237-841B-ED5A34C83FB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [{9F2AB62D-8EC0-4F91-864A-473B78545BDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [{08CBA3FF-BC6E-434A-B315-E47966C74CB8}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{41C84CDD-254C-4EF9-9E58-428578688383}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{104CF1F5-549E-41C2-AD5A-F3575EE34CAE}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{69003C06-6C6C-4957-96AD-807C6114660E}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{C2025EDA-DCA4-48E3-866F-2182E2CE1B2E}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{5833648B-01F8-4395-A27A-987B13315BB6}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{0E8C2E35-6E98-409A-9879-74BD38E6234A}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{F0AAD66B-A349-41F2-A33C-CC068A4FDAA0}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{3281F99D-0D65-4D97-972F-6CE36460D6CF}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{F08895D5-463F-47D7-8EB9-5B0144935B55}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{DD978F2D-5A9E-4FE6-B804-E6B20CE9D061}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{36226297-380C-4409-8D78-977A229795DE}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [{09F513C0-AED1-4E6C-B98A-AE922988DE20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{9605D15E-3F36-49DF-96AF-6785BCB9CEBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{253648CE-2BE7-4769-BE25-C9A2E145B539}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe FirewallRules: [{4A32F7A1-B3B4-4461-A836-5794BDDE882A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe FirewallRules: [{6E095AE4-5E14-487B-98E3-90C5254FEA63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{D90E42CC-1F01-41EF-BD95-945A076513F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{715C1554-D138-4552-98A8-9C783220EEBB}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{7DF35214-7281-4926-A240-FDACA312E0DC}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{3B4F029B-DB0B-43C6-BBBD-05AB41506287}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{64F23DB1-FC66-412F-8D26-5A9F9070D50D}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{D624948D-73D7-4146-B873-B24A2B6310CD}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{D8B5DDCC-795C-44AC-983F-0F239DBE6999}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{3D9E4AAE-276F-46B5-81C6-84DA9CC42DD2}C:\program files (x86)\vb\voicemeeter\voicemeetermacrobuttons.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\voicemeetermacrobuttons.exe FirewallRules: [UDP Query User{614826F3-0157-4272-89DA-46144FFECB77}C:\program files (x86)\vb\voicemeeter\voicemeetermacrobuttons.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\voicemeetermacrobuttons.exe FirewallRules: [{9228FAD8-A479-4EB6-A358-1B0BC5C0A6DD}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{EDF77015-24DB-4ED1-995D-8429AD47C364}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{B996669A-CB10-4550-B59F-E21C1DA4260E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{1873B495-A0C6-4089-B9D0-16C0379AD272}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{2570CF6E-4C7F-4171-811B-760568D0E5C8}] => (Allow) C:\Users\aakas\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{EE383A03-E746-4B66-ADCA-C9BEEF7D66C4}] => (Allow) C:\Users\aakas\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{32790877-5302-4B20-9390-EEA0768D40C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rustangelo\Rustangelo.exe FirewallRules: [{3661A5EC-0C7C-4735-8571-E7EEF91FD858}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rustangelo\Rustangelo.exe FirewallRules: [{3148DC26-8E43-447E-99CD-A378D5346F9C}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{00251FCD-999F-4067-B14C-C1E045AB7C26}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{93E73E3E-2D7F-4651-8E05-80196FC3C888}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{E893BEC5-D958-4A73-B335-AFE4CE0AE11F}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{E9A47758-87B6-44A5-A09C-DB89A19B0B5D}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{C67C47A5-1CAC-47D3-925F-5966DFB6F7F3}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{5B1C791C-A8D9-4CF3-9BD6-C775CC417A6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderless Gaming\BorderlessGaming.exe FirewallRules: [{FA53A2CC-3E25-4636-B502-EB6E1BC8F8F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderless Gaming\BorderlessGaming.exe FirewallRules: [{9D75E950-8A8A-40F7-A1E2-536CFECFBFC1}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{4CDA0F98-2208-492C-A3C9-8BE18C4D4E45}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{7919D320-1C54-4EFE-8D6F-16188A795949}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletopia\Tabletopia.exe FirewallRules: [{799DA3AD-1B10-4164-9488-67A179137213}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletopia\Tabletopia.exe FirewallRules: [{5C134F7A-B71C-4033-BD5A-F54200CD03FE}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{7EBF19C9-BCAC-4094-82B9-4CE18A0A7C12}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{BF247710-9826-4893-B3D1-696AD7A1A613}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{2C728019-010A-4014-B75A-D887B626257D}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{9E85B866-0165-4DAF-A73C-9653B103A385}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{124CBFC6-FF03-484C-BE32-26C66B3C1518}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{EC62B4AA-B95A-4EDE-B0E2-01AAF0754D6A}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{7CCCB0AA-733C-4057-95BD-D2681E195DAB}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{DEEABF24-2365-4282-B05C-B9D2DF292C62}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{22C0E9C6-D064-4B74-938B-542FB1BE89AE}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{8F4B363F-BA4E-4CA1-8461-13F8148752BD}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{DF0CBDE2-9B5A-46F8-A19A-41D17B8BF044}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{76C557B2-DC7C-42C2-9F84-0B6B80BC65B4}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{408C6F25-45C9-4D69-9763-11D81EAE2A48}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{9174D8F0-1DAD-4696-B3BF-D592C3ED1982}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{4446C5B3-A404-4A6A-9612-2F4E8B8B0E77}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [UDP Query User{B90E232F-33CE-4288-BFC3-6955DB14D460}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [{73E1E836-4419-47E3-9AE3-522437CBDFBB}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{1BD63DD6-0EBF-406E-B1EA-C524E83AE0AC}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{34FA971C-BF94-4D44-B7A6-C18C99E90ED7}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{E98FF5E9-299D-4A9F-B688-790CD00E7CAA}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{4620D408-7DC9-4E9F-907E-DF63BA2A7130}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{64BABC51-87D6-458C-83C8-0D4740869041}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe FirewallRules: [{74B65A0E-A542-462F-8541-19A316703A21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe FirewallRules: [TCP Query User{FB4ABF93-FBAC-4924-BE24-E59F0DFC218C}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [UDP Query User{FA6C48AF-7066-4175-84FE-6FAE14F792BA}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{A07BF999-2E9A-4D48-9FF5-16514F20408E}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{841E36F7-E6A3-420F-BFFF-919032EDA473}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{CF270B39-D5D6-48E0-A499-7D62E51934E6}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{6DA40FE9-8D78-41F4-9CF5-9106EBE0EEAC}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{F91C93DF-1630-47BF-BE36-2CCBF26D1771}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{37FFF755-1F3B-41B4-8237-B31B916BB936}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{E9C521CC-6206-4149-ABCF-A36FDCBB9BDE}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{F0B56111-09C9-4106-8B28-340078155E67}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{DB9464D1-34C5-4BAB-AC5A-46C88CEAEC6E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{1BEE62C6-33F7-4786-96B0-805A9F0730A1}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{D7EAD7E2-B3C8-4E4C-BC8F-983BCAC22FA0}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{1A567391-C57F-4DC9-8FD4-C48B36E7314A}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe FirewallRules: [{115A6FED-9D28-4449-B261-5D5E1E73A62C}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe FirewallRules: [{16F20B1C-13A3-4168-8A7C-42A2969BA160}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe FirewallRules: [{85249650-98B0-49D8-93DA-3DD5073C41A6}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe FirewallRules: [{C578CFD4-004A-43D1-8166-C5F5B15FFFEE}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{DAA5D142-B048-4007-ACE6-B1199FCF0C19}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{A4134E96-7B6C-4696-B449-BA4095924E27}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{895D2B0D-2593-46A6-A57C-F38D2545E3F1}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{EEB4DB22-9CFB-4197-8675-0665189B360D}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{BF24FB62-D757-4B47-9218-2303A1F53A54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BATTALION 1944 TEST ZONE\Launcher\BattalionLauncher.exe FirewallRules: [{961138C5-FDA2-4EAA-BABA-B6554B73C3C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BATTALION 1944 TEST ZONE\Launcher\BattalionLauncher.exe FirewallRules: [TCP Query User{805D80C0-7D7D-44F4-BD15-2947B0400309}C:\program files (x86)\steam\steamapps\common\battalion 1944 test zone\battalion\binaries\win64\battalion.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battalion 1944 test zone\battalion\binaries\win64\battalion.exe FirewallRules: [UDP Query User{77A9E4BA-146E-4C59-96FB-FCAF93A9D53D}C:\program files (x86)\steam\steamapps\common\battalion 1944 test zone\battalion\binaries\win64\battalion.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battalion 1944 test zone\battalion\binaries\win64\battalion.exe FirewallRules: [{46C12711-824F-413A-A221-9DB8E299CEE2}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{8B0A7C45-FCEB-4A64-ABE1-29E7D41BB1B0}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{4A52B066-5189-4FD6-991D-F744E913D12A}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{2B9764FD-02AF-4342-A65C-AF79B77D5D78}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{64948126-BE18-458A-9E03-99554389BC37}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{2005AF14-1D76-4B33-A495-3FD061CEB040}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{EBE8FF65-2F13-4B09-8B65-109B15F67D2F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{60CD5820-61E1-4B0C-85A0-A3D9DB790EE1}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [{F7C0AFC6-5FDE-47E8-874E-6CA868C2E339}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{60A03162-0FBE-4516-A752-D16BBF26555E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{EBDA4034-D6ED-41A1-BF1D-F5CDDA34C5DC}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{C3303571-D4F9-4173-B254-703673C33566}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{3A749E91-4131-4082-8131-16E3F85E0A99}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{B7DD7A0F-3AFC-42F1-BD36-39EAE2EC048E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{3DB85636-2AFE-423F-9B09-F974A7B8D537}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [{B41BB976-8E7C-4A40-A4A6-3C11619D9C90}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{FA302F85-F648-43DC-88BF-C28FD42E912B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{74AEAC51-C5B6-46E8-B244-CCD122CBB2D7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A42CC60C-E116-45B0-8073-B5205C2DD0CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D2734F6A-F52C-4BA4-801C-18EC3470960F}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{C667F58B-735B-43F7-800B-553905584DC5}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{90A867DE-4D34-457D-AC7F-4764A0109197}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{12D6AE33-CDAA-459F-A2D2-AB26CDD6BF49}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{BAA76A35-5505-4466-B4C5-1648E38F0AE9}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{DCA39A78-8D7F-4207-BE6C-47904A790E05}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{674EF853-8BB6-4B05-BC40-FB7672DE0EA0}C:\users\aakas\downloads\19.4-x86_64-w64-mingw32\bin\garlicoind.exe] => (Allow) C:\users\aakas\downloads\19.4-x86_64-w64-mingw32\bin\garlicoind.exe FirewallRules: [UDP Query User{55AFE51F-8D28-4898-B9F7-173D5FC2C67A}C:\users\aakas\downloads\19.4-x86_64-w64-mingw32\bin\garlicoind.exe] => (Allow) C:\users\aakas\downloads\19.4-x86_64-w64-mingw32\bin\garlicoind.exe FirewallRules: [{E5C83E50-AD8D-44FC-B9F1-9FFFCAAE9E97}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{6F03927B-3DE1-439B-9D61-852A9F555942}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{9434EE0A-EF5F-4601-AB82-44536D9A6030}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{13CF55D4-5B44-46F5-9EF6-9BBA28E039A0}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{2DF2DD08-40B9-4ED7-A1A9-90D50D37FE4C}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{A4188E9E-96CA-4805-88E3-EB316F28ED40}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{89042B61-3ABB-46E3-B29E-D71FA26D7B77}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{60A5FD06-E2AA-4C5D-895E-CF005F719D5F}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{23C3BCE3-3731-4E0D-B8CC-5959BC68541D}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{ED63F1EB-F330-47AB-A3BB-4F99332F374A}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{B98B7511-237E-4820-B18A-3F0EEEE64020}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{615FF1CE-C7CC-4907-A55F-7CC7A20314C8}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{784F3DFC-2501-4288-847C-463B263EAB2C}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{D9FAE931-146D-4338-9F24-7733E95E7BF7}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{F2EE3DA9-845E-4364-A071-1798993628FF}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{BE0EDCDD-138B-46F4-9FFF-EBED5E356052}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{48B7D34C-9E3B-4736-A8F3-D4670F5E4228}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{23A6888A-1FAE-4617-99C8-CDFEAB6DD111}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [{86CE594A-1CD3-447E-95ED-E27CBC22C6E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [TCP Query User{7B213B1D-EB53-4596-8A4A-D63A38E9B32B}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [UDP Query User{AC42B8AF-BEF3-4ABF-92E6-278FB6C1D109}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [TCP Query User{44F0AE40-02E2-4EDF-A5D1-D48F783CCE54}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [UDP Query User{5642C9E5-1280-4576-88F3-D66F2CB43255}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{3AD70FE2-275F-4A22-85D2-9F3B4510F676}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{1D518817-9CF5-4991-9D87-C007DBC0C719}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{C59E5417-026D-40F9-B63F-979781C3105C}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{A653DFFC-321A-45BB-B7E8-F564F6B601D9}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{5C9A6B59-6015-4B64-B33F-C4507D4472D4}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{6D84C3D2-4A44-4C9E-8750-F7971E320783}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{B639E1DC-9788-4E49-A7F5-AF57566C2C84}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{5759685D-BA2E-40D4-9ED3-815ED7E06E17}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{C499401E-6EA9-4C72-AB48-FA700BD2B13F}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{6A504479-0ADE-4265-BC81-91EB2B0BAF56}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{2AC80AE5-511C-4A85-B387-E78014F55CED}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{9830D7E6-3CF1-4568-955A-F4D9C538AD65}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{B141A608-9BEB-4D87-804D-5A6BE65BA317}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{20D9CBC8-A03E-4B48-AE51-ADCEBE21A214}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{8D8443A5-798A-41E1-B120-95864750B0F7}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{56879A97-617B-476C-9EB9-BB6F19CD5E70}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{BD719224-CB69-49C2-B7D6-56F39C1C3A8E}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{165DFA8E-27C9-45D1-AFF6-D8C97F038B26}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{F09F64FC-0312-4B7F-AC35-86757949F29D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{02CBFF12-D9B4-49FA-B22D-A6C1F5227DFB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{D4C9ED10-0C83-4010-AA77-7360A6A8959A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{87B4A8E3-81DB-425B-829A-EDD36057CFE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{084ABA27-F17A-4A8F-9B4C-DAB465C38C56}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{3F3C1C5E-5629-4569-8F75-2757C8AA9BCD}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{75D853D6-0A74-4B50-8B74-2D5389BAA15D}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{99A12091-2FAA-42C1-8965-B28DFA55B31F}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{E27B1C22-978E-4E06-B2D6-F732EECC31A7}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{ACE32D45-7213-4144-AE55-09B66B4D24B8}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{FC2B600A-0A52-49F4-9A76-751901389D50}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{C32A3FB1-0762-4AB4-A5A3-326E1B70D407}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{11F67BBB-B27E-40E1-98D4-45ED039B7AA7}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{9E29C91A-290A-4AC6-9539-C84280E4817A}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{89377A5E-2BF3-49F9-9EDE-0ADDEBDE84ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{DF831AF5-E402-4A8F-B8A9-570E523BD80A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{4FDCC265-E473-4FF5-B560-DA2BD135E432}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{24C39885-37BB-4172-89E6-099F983CAD0C}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{C5719B1F-DF1A-4B4B-9A50-7ADF45FDE2F5}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{1EB56123-0C07-4B25-99AC-596013CFFF00}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{6C10C3BD-1DCF-48AB-9F57-70C46724910E}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{18CF4427-5B8D-4EB0-B316-A0DCE59ADDEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{FF0FD12A-4673-4E7D-80D0-BFE7A50E90D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{B35DCB49-1386-441B-BAB7-C7F830D481A5}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{D72AB440-233C-46D3-B4F0-9C031ABB1D56}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{7184FD62-50C9-4AC7-8A7F-AA36612FE4F4}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{AD291E40-C2B6-4B2A-8A54-8BC700CFA931}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{EF9AE9B8-1338-4948-9021-E1BACAD23D5E}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{9504BF70-BD29-400F-8B29-DD4FACF0BD02}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{9928D4CE-5E5D-40F6-91B1-6081F52A30EA}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{54FCF808-C1BF-4224-BDD5-B40FBB032BEA}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{30D53927-1C07-4F91-8BE4-FEF805F61AF8}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{D1685F2E-F0F9-4DAF-8CA0-AA1DD2A148D3}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{64DDEA71-68A6-4B97-AEEB-ADCD9862CE37}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{4E262FE2-7312-4562-89BD-5C9CA09EC23F}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{0FC335F4-1451-4AAF-B12E-A2303FC6D10C}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{3B5AC03A-E068-416C-A45F-CB10CA42603C}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{275FE2DF-7EC2-4DF2-B400-EA761F0AF48C}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{725E10F5-3082-444F-A27F-4886C845A15E}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{0A1AD959-64B5-4673-BE58-E5AB800B5683}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{4D5DD88C-66C6-4BAB-9704-3615F2BA169D}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{BB33629A-2462-4A95-BF79-909A7F145993}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{7B3A9010-6313-4B88-8156-36B64F4F0BBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe FirewallRules: [{AE55B383-B54D-4470-8A9E-0A8668BA775B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe FirewallRules: [{FABD2DDD-2BCE-4E43-B83C-342D17EDF3AC}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{E5788175-0888-409E-B801-7A45CD5EC51A}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{41BA888D-9958-4A14-B3FD-B9B0ADD97C33}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{D3D05FEE-7FB2-4587-B37B-7BD3372E04C9}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{03793114-ABEC-44EF-9490-3CE3B9F10A68}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{A4921C98-8E24-4501-94B2-29ABF843AC5F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{CB5D53ED-6DC4-4654-9C12-C9BFE3A4FB8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Insurgency Dedicated Server\srcds.exe FirewallRules: [{2F46BC46-AC49-469A-BBBB-FE75F31E7AAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Insurgency Dedicated Server\srcds.exe FirewallRules: [{B56976F8-83FF-40E6-A4E2-5C5F87259782}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe FirewallRules: [{D881DA69-94F7-490E-BEA3-28B23751A6D5}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\65.0.3325.40\remoting_host.exe FirewallRules: [TCP Query User{6079A56E-B48B-4B76-B751-DF41411C9C32}C:\users\aakas\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\aakas\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe FirewallRules: [UDP Query User{85563D0C-8463-46A4-8992-F9D90AF0BFE5}C:\users\aakas\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\aakas\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe FirewallRules: [{48DDFF50-E6C3-401E-A335-8CFDCD9E5507}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{55775756-FB28-426B-A0DC-A12121FAADBF}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{B967DC0D-9CCC-4190-8D4C-BD3A4100B267}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{6C2A83ED-D566-4EE2-82EF-DAA5EFD0EC47}] => (Allow) %systemroot%\system32\alg.exe ==================== Restore Points ========================= 13-02-2018 17:50:36 Windows Update 18-02-2018 10:47:23 Windows Update 22-02-2018 08:42:36 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 25-02-2018 09:50:47 Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/25/2018 09:54:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Aurora-Updater.exe, version: 1.0.0.0, time stamp: 0x58743440 Faulting module name: KERNELBASE.dll, version: 10.0.16299.248, time stamp: 0x4414ec23 Exception code: 0xe0434352 Fault offset: 0x0000000000014008 Faulting process id: 0x3294 Faulting application start time: 0x01d3aec65441b31b Faulting application path: C:\Program Files\Aurora\Aurora-Updater.exe Faulting module path: C:\Windows\System32\KERNELBASE.dll Report Id: efa3da81-01ed-42ec-8c56-a362186983c6 Faulting package full name: Faulting package-relative application ID: Error: (02/25/2018 09:54:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Aurora-Updater.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32, System.String) at System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].AddSearchableDirsToStack(SearchData) at System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].MoveNext() at System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.Collections.Generic.IEnumerable`1) at System.IO.Directory.GetFiles(System.String, System.String, System.IO.SearchOption) at Aurora_Updater.UpdateManager.performCleanup() at Aurora_Updater.UpdateManager..ctor() at Aurora_Updater.Program.Main(System.String[]) Error: (02/25/2018 10:29:13 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Aurora-Updater.exe, version: 1.0.0.0, time stamp: 0x58743440 Faulting module name: KERNELBASE.dll, version: 10.0.16299.248, time stamp: 0x4414ec23 Exception code: 0xe0434352 Fault offset: 0x0000000000014008 Faulting process id: 0x30c4 Faulting application start time: 0x01d3ae6688b56189 Faulting application path: C:\Program Files\Aurora\Aurora-Updater.exe Faulting module path: C:\Windows\System32\KERNELBASE.dll Report Id: 17647f03-d8c6-49e2-a9ea-67a9de164597 Faulting package full name: Faulting package-relative application ID: Error: (02/25/2018 10:29:13 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Aurora-Updater.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32, System.String) at System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].AddSearchableDirsToStack(SearchData) at System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].MoveNext() at System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.Collections.Generic.IEnumerable`1) at System.IO.Directory.GetFiles(System.String, System.String, System.IO.SearchOption) at Aurora_Updater.UpdateManager.performCleanup() at Aurora_Updater.UpdateManager..ctor() at Aurora_Updater.Program.Main(System.String[]) Error: (02/25/2018 10:10:54 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "WmiApRpl" in DLL "C:\Windows\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (02/25/2018 10:10:54 AM) (Source: Perflib) (EventID: 1010) (User: ) Description: The Collect Procedure for the "C:\Windows\System32\winspool.drv" service in DLL "Spooler" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code. Error: (02/25/2018 10:10:54 AM) (Source: Perflib) (EventID: 1023) (User: ) Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code. Error: (02/25/2018 10:10:54 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. System errors: ============= Error: (02/25/2018 09:55:16 PM) (Source: DCOM) (EventID: 10016) (User: RGB-BEAST) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user RGB-BEAST\aakas SID (S-1-5-21-2531647964-3082266107-1929717-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/25/2018 09:54:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/25/2018 09:54:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/25/2018 09:54:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/25/2018 09:54:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/25/2018 09:54:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/25/2018 09:54:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/25/2018 09:43:53 PM) (Source: DCOM) (EventID: 10016) (User: RGB-BEAST) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user RGB-BEAST\aakas SID (S-1-5-21-2531647964-3082266107-1929717-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Windows Defender: =================================== Date: 2018-02-21 21:04:36.380 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {D0AEAFBB-4127-491D-8487-D4AB876ECA99} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-02-10 00:50:41.246 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/CoinMiner&threatid=2147725015&enterprise=0 Name: HackTool:Win64/CoinMiner ID: 2147725015 Severity: Medium Category: Tool Path: file:_C:\Program Files\MinerGate\minergate.exe;file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MinerGate\MinerGate.lnk;regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MinerGate;startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MinerGate\MinerGate.lnk;uninstall:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MinerGate Detection Origin: Local machine Detection Type: Concrete Detection Source: System Process Name: Unknown Signature Version: AV: 1.261.1025.0, AS: 1.261.1025.0, NIS: 118.2.0.0 Engine Version: AM: 1.1.14500.5, NIS: 2.1.14202.0 Date: 2018-02-10 00:14:30.432 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/CoinMiner&threatid=2147725015&enterprise=0 Name: HackTool:Win64/CoinMiner ID: 2147725015 Severity: Medium Category: Tool Path: file:_C:\Program Files\MinerGate\minergate.exe;file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MinerGate\MinerGate.lnk;regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MinerGate;startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MinerGate\MinerGate.lnk;uninstall:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MinerGate Detection Origin: Local machine Detection Type: Concrete Detection Source: System Process Name: Unknown Signature Version: AV: 1.261.1006.0, AS: 1.261.1006.0, NIS: 118.2.0.0 Engine Version: AM: 1.1.14500.5, NIS: 2.1.14202.0 Date: 2018-02-09 20:42:06.912 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/CoinMiner&threatid=2147725015&enterprise=0 Name: HackTool:Win64/CoinMiner ID: 2147725015 Severity: Medium Category: Tool Path: containerfile:_C:\Users\aakas\Downloads\MinerGate-7.2-win64.exe;file:_C:\Program Files\MinerGate\minergate.exe;file:_C:\Users\aakas\Downloads\MinerGate-7.2-win64.exe->(nsis-3-minergate.exe);webfile:_C:\Users\aakas\Downloads\MinerGate-7.2-win64.exe|https://download.minergate.com/win|chrome.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Downloads and attachments Process Name: C:\Windows\ImmersiveControlPanel\SystemSettings.exe Signature Version: AV: 1.261.1006.0, AS: 1.261.1006.0, NIS: 118.2.0.0 Engine Version: AM: 1.1.14500.5, NIS: 2.1.14202.0 Date: 2018-02-08 20:14:28.150 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Spursint.F!cl&threatid=2147717281&enterprise=0 Name: Trojan:Win32/Spursint.F!cl ID: 2147717281 Severity: Severe Category: Trojan Path: file:_C:\Users\aakas\Downloads\Dox Tool V2.exe;webfile:_C:\Users\aakas\Downloads\Dox Tool V2.exe|https://www.drizzybot.com/releases/DoxDESKTOP-N27N53M\aakasToolDESKTOP-N27N53M\aakasV2.exe|chrome.exe Detection Origin: Internet Detection Type: FastPath Detection Source: Downloads and attachments Process Name: Unknown Signature Version: AV: 1.261.947.0, AS: 1.261.947.0, NIS: 118.2.0.0 Engine Version: AM: 1.1.14500.5, NIS: 2.1.14202.0 Date: 2018-02-22 20:54:11.586 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.1531.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-02-22 20:54:11.585 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 118.2.0.0 Update Source: Microsoft Malware Protection Center Signature Type: Network Inspection System Update Type: Full Current Engine Version: Previous Engine Version: 2.1.14202.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-02-22 20:54:11.580 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.1531.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-02-22 20:54:11.580 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.1531.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-02-22 20:54:11.580 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.1531.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80072ee7 Error description: The server name or address could not be resolved CodeIntegrity: =================================== Date: 2018-02-25 22:04:43.017 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-25 22:04:43.016 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-25 22:03:44.181 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-25 22:03:44.179 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-25 22:03:40.030 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-25 22:03:40.028 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-25 21:59:47.116 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-25 21:59:47.113 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-7800X CPU @ 3.50GHz Percentage of memory in use: 31% Total physical RAM: 16057.07 MB Available physical RAM: 11027.85 MB Total Virtual: 54911.22 MB Available Virtual: 48321.43 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:446.53 GB) (Free:113.07 GB) NTFS \\?\Volume{b03c4c55-8ba9-4def-b8e9-00085ae1ce21}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.14 GB) NTFS \\?\Volume{7446dedd-6a4e-47ec-b029-342ec7ad86ec}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================