Hello, so for a while now I have been having to my LAN settings ( Control Panel > Network and Internet > Change your homepage > Connections > LAN settings) and unchecking the "Use a proxy server for your lan" and "bypass proxy server for local addresses" boxes. Even if I go to my network and internet settings on Windows 10, and go to the "Proxy" section, there is "use a proxy server" on. No matter how many times I turn it off, it turns back on. It's gotten to the point where i have to do this just to browse Amazon and a few other sites. This even affects what games I can and cannot directly connect to. It sounds silly, I know but it's extremely annoying.
The reason I am posting here is because I am thinking there is a virus or something causing this to happen. If this is not the right place, please let me know and I will repost this where it belongs!
screenshots of what im talking about: http://prntscr.com/h47iqz http://prntscr.com/h47iu3
Possible virus causing a proxy I never set up?
Started by
agamer7809
, Oct 30 2017 11:43 PM
#1
Posted 30 October 2017 - 11:43 PM
agamer7809
-
- Member
-
- 37 posts
Member
#2
Posted 31 October 2017 - 04:04 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Sounds like malware so you are in the right place. We need your FRST logs:
- Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC. If you don't know if you have a 32 or 64 bit system get them both. Only one will work and that's the right one.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Check the Addition.txt box
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please copy and paste log back here.
- It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
#3
Posted 31 October 2017 - 10:22 PM
agamer7809
- Topic Starter
-
- Member
-
- 37 posts
Member
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
Ran by Alex (administrator) on ALEXSPC (01-11-2017 00:19:58)
Running from C:\Users\Alex\Downloads
Loaded Profiles: Alex (Available Profiles: Alex)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atiesrxx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) D:\Program Files\Steam.exe
(Valve Corporation) D:\Program Files\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Program Files\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Program Files\bin\cef\cef.win7\steamwebhelper.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5857\Agent.exe
(Blizzard Entertainment) D:\Program Files (x86)\Battle.net\Battle.net.9526\Battle.net.exe
() D:\Program Files (x86)\Battle.net\Battle.net.9526\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\LeagueClient.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\LeagueClientUx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\LeagueClientUxRender.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\LeagueClientUxRender.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
() D:\Program Files (x86)\Battle.net\Battle.net.9526\Battle.net Helper.exe
(Valve Corporation) D:\Program Files\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(BitTorrent Inc.) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc.) C:\Users\Alex\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(BitTorrent Inc.) C:\Users\Alex\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8844032 2016-01-26] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [PWRISOVM.EXE] => D:\Program Files\PowerISO\PWRISOVM.EXE [455816 2017-02-02] (Power Software Ltd)
HKLM-x32\...\Run: [Corsair Utility Engine] => D:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [17401552 2017-03-01] (Corsair Components, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\Run: [f.lux] => C:\Users\Alex\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\RunOnce: [Uninstall 17.3.6998.0830\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64"
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\RunOnce: [Uninstall 17.3.6998.0830] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6998.0830"
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\MountPoints2: E - "E:\setup.exe"
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2fc26f51-f4e2-444f-b364-b86d5b6e1ce1}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2fc26f51-f4e2-444f-b364-b86d5b6e1ce1}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-13a12426&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-13a12426&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-13a12426&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-13a12426&q={searchTerms}
SearchScopes: HKU\S-1-5-21-482574108-2876646391-2450146034-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-482574108-2876646391-2450146034-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-08] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-08] (Oracle Corporation)
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-08] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-10-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-10-23] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> D:\Program Files (x86)\VLC\npvlc.dll [2017-05-24] (VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://mystart.incredibar.com/?a=6Oz8ZpUKl9&loc=skw
CHR StartupUrls: Default -> "","hxxp://mystart.incredibar.com/?a=6R9m9Z7cl4&i=26&loc=skw","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.0.5.292&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.0.443&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.5.512&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.7.598&pid=safeguard&sg=0&sap=hp","hxxps://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.9.786&pid=safeguard&sg=0&sap=hp","hxxps://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.9.799&pid=safeguard&sg=0&sap=hp","hxxp://www.trovi.com/?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=55&CUI=&UM=8&UP=SPDE37641D-D109-4BCC-9802-91C3E5978CAE&D=061215&SSPV="
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default [2017-11-01]
CHR Extension: (BetterTTV) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-04-21]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-10]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-10]
CHR Extension: (Honey) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-10-09]
CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]
CHR Extension: (OneTab) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2017-03-28]
CHR Extension: (Google Play Music) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2017-10-14]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-19]
CHR Extension: (KingsRoad) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbcbablgmkkdnioiekpgjfacejkfomlg [2017-03-10]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-09-21]
CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2017-03-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-21]
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-26]
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-10-20]
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-10-25]
CHR Extension: (Slides) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-24]
CHR Extension: (Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-24]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-07]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-07]
CHR Extension: (Sheets) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-24]
CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-24]
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-24]
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-10-20]
CHR Extension: (Google Slides) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-25]
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-25]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-25]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-25]
CHR Extension: (Google Sheets) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-25]
CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-29]
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-25]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-29]
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-20]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atiesrxx.exe [481808 2017-10-23] (AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1547200 2017-10-13] ()
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-07-21] (EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7986816 2016-11-06] (INCA Internet Co., Ltd.)
S4 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [146256 2017-02-22] (Razer Inc)
S4 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [183680 2017-03-14] (Razer Inc.)
S4 RzKLService; D:\Program Files (x86)\Razer Cortex\RzKLService.exe [252176 2017-03-15] (Razer Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atikmdag.sys [40030736 2017-10-23] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atikmpag.sys [545296 2017-10-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [118960 2017-10-12] (Advanced Micro Devices)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [43000 2017-01-31] (Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [27640 2017-01-31] (Corsair)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-04] ()
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [58144 2015-06-10] (Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47656 2015-06-10] (Logitech Inc.)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-10-30] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-10-30] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-10-30] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-30] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-10-31] (Malwarebytes)
R1 MpKsl19d992e9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{100FA6B7-33E6-4FCE-97F0-8EFFB2D10DC4}\MpKsl19d992e9.sys [58120 2017-10-22] (Microsoft Corporation)
R1 MpKsl318973a3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9D806A0D-F104-49E9-BF9B-D196E5909492}\MpKsl318973a3.sys [49392 2017-10-31] (Microsoft Corporation)
R1 MpKsl34e9739a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E695B9B6-7897-4628-ACD3-A0561ED48F77}\MpKsl34e9739a.sys [58120 2017-10-24] (Microsoft Corporation)
R1 MpKsle246ad58; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{260959B9-6653-41BF-868B-21E04CBFBC64}\MpKsle246ad58.sys [49392 2017-10-29] (Microsoft Corporation)
S3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2017-03-18] (MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [51912 2015-08-13] (Razer Inc)
S3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [43720 2015-08-13] (Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
S3 rzhnet; C:\WINDOWS\System32\Drivers\rzhnet.sys [29912 2015-08-13] (Razer Inc)
S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc)
S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc)
S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc)
S3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-04-25] (QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [38368 2017-05-25] (Wellbia.com Co., Ltd.)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-01 00:19 - 2017-11-01 00:20 - 000023922 _____ C:\Users\Alex\Downloads\FRST.txt
2017-11-01 00:19 - 2017-11-01 00:19 - 002403328 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2017-11-01 00:19 - 2017-11-01 00:19 - 000000000 ____D C:\FRST
2017-10-31 23:38 - 2017-10-31 23:38 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-482574108-2876646391-2450146034-1001
2017-10-31 23:38 - 2017-10-31 23:38 - 000002360 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-31 23:36 - 2017-10-31 23:36 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-10-31 01:46 - 2017-11-01 00:18 - 000000000 ____D C:\Users\Alex\AppData\LocalLow\BitTorrent
2017-10-31 01:00 - 2017-10-31 01:00 - 000000000 ____D C:\Users\Alex\Documents\Escape from Tarkov
2017-10-30 23:54 - 2017-10-30 23:54 - 000000000 ____D C:\Users\Alex\AppData\LocalLow\Runner Duck
2017-10-30 23:45 - 2017-10-30 23:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2017-10-30 23:45 - 2017-10-30 23:45 - 000000000 ____D C:\Battlestate Games
2017-10-30 23:42 - 2017-10-30 23:42 - 000003244 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_AutoAnalyze
2017-10-30 23:42 - 2017-10-30 23:42 - 000001235 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2017-10-30 23:42 - 2017-03-09 13:53 - 000030744 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
2017-10-30 23:42 - 2016-03-25 14:33 - 000128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2017-10-30 23:31 - 2017-10-30 23:31 - 012292112 _____ (IObit ) C:\Users\Alex\Downloads\smart-defrag-setup (2).exe
2017-10-30 23:31 - 2017-10-30 23:31 - 000004414 _____ C:\WINDOWS\System32\Tasks\SmartAppLiveUpdater
2017-10-30 13:45 - 2017-10-30 23:45 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Battlestate Games
2017-10-30 13:45 - 2017-10-30 23:45 - 000000000 ____D C:\Users\Alex\AppData\Local\Battlestate Games
2017-10-30 13:45 - 2017-10-30 13:45 - 000000000 ____D C:\ProgramData\Battlestate Games
2017-10-30 13:44 - 2017-10-30 13:44 - 068285544 _____ (Battlestate Games ) C:\Users\Alex\Downloads\BsgLauncher.0.3.0.200.exe
2017-10-30 00:37 - 2017-10-30 00:37 - 000577908 _____ C:\WINDOWS\Minidump\103017-5546-01.dmp
2017-10-30 00:37 - 2017-10-30 00:37 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-10-30 00:37 - 2017-10-30 00:37 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-10-30 00:37 - 2017-10-30 00:37 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-10-30 00:37 - 2017-10-30 00:37 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-10-28 23:55 - 2017-10-28 23:56 - 000000000 ____D C:\ProgramData\Battle.net
2017-10-28 01:04 - 2017-10-28 01:06 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2017-10-25 00:19 - 2017-10-30 00:37 - 753031138 _____ C:\WINDOWS\MEMORY.DMP
2017-10-25 00:19 - 2017-10-25 00:19 - 000579412 _____ C:\WINDOWS\Minidump\102517-6828-01.dmp
2017-10-25 00:18 - 2017-10-25 00:18 - 000003334 _____ C:\WINDOWS\System32\Tasks\AMD ThankingURL
2017-10-25 00:18 - 2017-10-25 00:18 - 000000197 _____ C:\LaunchURL.txt
2017-10-25 00:17 - 2017-10-25 00:17 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-10-25 00:17 - 2017-10-25 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-10-25 00:17 - 2017-10-25 00:17 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-10-25 00:16 - 2017-09-13 19:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-10-25 00:16 - 2017-09-13 19:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-10-25 00:16 - 2017-09-13 19:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-10-25 00:16 - 2017-09-13 19:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-10-25 00:15 - 2017-10-25 00:17 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-10-25 00:15 - 2017-10-25 00:15 - 025890000 _____ (AMD Inc.) C:\Users\Alex\Downloads\radeon-crimson-relive-17.10.2-minimalsetup-171023_64bit.exe
2017-10-25 00:15 - 2017-10-25 00:15 - 000000000 ____D C:\Users\Alex\AppData\Local\RadeonInstaller
2017-10-25 00:13 - 2017-10-25 00:14 - 009758758 _____ C:\Users\Alex\Desktop\LoL Logs.zip
2017-10-24 20:07 - 2017-10-24 20:07 - 000002386 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamLabels.lnk
2017-10-24 20:07 - 2017-10-24 20:07 - 000002378 _____ C:\Users\Alex\Desktop\StreamLabels.lnk
2017-10-24 04:04 - 2017-10-29 00:03 - 000000541 _____ C:\Users\Public\Desktop\Destiny 2.lnk
2017-10-24 04:04 - 2017-10-24 04:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Destiny 2
2017-10-24 01:40 - 2017-10-24 01:41 - 004938722 _____ C:\Users\Alex\Downloads\forge-1.12.2-14.23.0.2515-installer-win.exe
2017-10-24 01:15 - 2017-10-24 01:15 - 001912363 _____ C:\Users\Alex\Downloads\WinMTR-v092.zip
2017-10-24 00:55 - 2017-10-24 01:00 - 012292112 _____ (IObit ) C:\Users\Alex\Downloads\smart-defrag-setup (1).exe
2017-10-24 00:19 - 2017-10-24 00:20 - 000000788 _____ C:\Users\Alex\Downloads\xp_mscfix.zip
2017-10-24 00:14 - 2017-10-24 00:14 - 010945006 _____ C:\Users\Alex\Desktop\Msinfo32.txt
2017-10-23 13:12 - 2017-10-23 13:12 - 013536784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 011099664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-10-23 13:12 - 2017-10-23 13:12 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-10-23 13:12 - 2017-10-23 13:12 - 002924560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 002542608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 001464336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 001241616 _____ (AMD) C:\WINDOWS\system32\coinst_17.40.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 001061392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 001061392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000875536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000834312 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-10-23 13:12 - 2017-10-23 13:12 - 000834312 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-10-23 13:12 - 2017-10-23 13:12 - 000708112 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-10-23 13:12 - 2017-10-23 13:12 - 000704016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000556560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000552976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000548432 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000480272 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-10-23 13:12 - 2017-10-23 13:12 - 000470544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000467984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000458768 _____ C:\WINDOWS\system32\GameManager64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000445968 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000414736 _____ C:\WINDOWS\system32\atieah64.exe
2017-10-23 13:12 - 2017-10-23 13:12 - 000382992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000366608 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000361488 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000352272 _____ C:\WINDOWS\system32\clinfo.exe
2017-10-23 13:12 - 2017-10-23 13:12 - 000334864 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-10-23 13:12 - 2017-10-23 13:12 - 000277008 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000242704 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000232464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000203792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000186416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000180240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000168976 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000164544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000159248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000157864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000157712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000151056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000149600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000145936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000135696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000133648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000131304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000124944 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000122024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000122024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000120880 _____ C:\WINDOWS\system32\kapp_ci.sbin
2017-10-23 13:12 - 2017-10-23 13:12 - 000117264 _____ C:\WINDOWS\system32\atidxx64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000116208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000114192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000102664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000102656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000101904 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000099344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000069648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000045584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000042512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000034501 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2017-10-23 13:12 - 2017-10-23 13:12 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-10-23 13:12 - 2017-10-23 13:12 - 000000145 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2017-10-23 13:12 - 2017-10-23 13:12 - 000000145 _____ C:\WINDOWS\system32\amd-vulkan64.json
2017-10-23 12:52 - 2017-10-23 12:52 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-10-23 12:52 - 2017-10-23 12:52 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-10-23 12:52 - 2017-10-23 12:52 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-23 12:52 - 2017-10-23 12:52 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-10-21 00:40 - 2017-10-21 00:41 - 004935972 _____ C:\Users\Alex\Downloads\forge-1.12.2-14.23.0.2512-installer-win.exe
2017-10-21 00:39 - 2017-10-24 01:59 - 000001321 _____ C:\Users\Alex\Desktop\nativelog.txt
2017-10-20 23:50 - 2017-10-20 23:50 - 000001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-20 23:50 - 2017-10-20 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-20 23:50 - 2017-10-20 23:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-20 23:50 - 2017-10-20 23:50 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-20 23:50 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-10-20 23:49 - 2017-10-20 23:49 - 071535032 _____ (Malwarebytes ) C:\Users\Alex\Downloads\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951.exe
2017-10-19 02:16 - 2017-10-19 02:16 - 000000129 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-10-19 02:15 - 2017-10-19 02:15 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Fatshark
2017-10-17 23:44 - 2017-10-12 20:21 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-17 23:44 - 2017-10-12 20:21 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-16 01:12 - 2017-10-17 00:10 - 000000000 ____D C:\Users\Alex\AppData\Local\Overwolf
2017-10-12 23:18 - 2017-10-12 23:18 - 000123368 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll
2017-10-12 23:14 - 2017-10-12 23:14 - 000118960 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2017-10-11 23:06 - 2017-10-11 23:06 - 004734880 _____ () C:\Users\Alex\Downloads\TechnicLauncher.exe
2017-10-11 04:14 - 2017-10-11 04:14 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-11 04:14 - 2017-10-11 04:14 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-11 00:22 - 2017-10-11 00:22 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-11 00:21 - 2017-09-29 22:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-11 00:21 - 2017-09-29 22:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-11 00:21 - 2017-09-29 22:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-11 00:21 - 2017-09-29 22:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-11 00:21 - 2017-09-29 22:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-11 00:21 - 2017-09-29 22:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-11 00:21 - 2017-09-29 22:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-11 00:21 - 2017-09-29 22:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-11 00:21 - 2017-09-29 22:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-11 00:21 - 2017-09-29 22:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-11 00:21 - 2017-09-29 22:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-11 00:21 - 2017-09-29 22:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-11 00:21 - 2017-09-29 22:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-11 00:21 - 2017-09-29 22:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-11 00:21 - 2017-09-29 22:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-11 00:21 - 2017-09-29 22:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-11 00:21 - 2017-09-29 22:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-11 00:21 - 2017-09-29 22:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-11 00:21 - 2017-09-29 03:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-11 00:21 - 2017-09-29 03:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-11 00:21 - 2017-09-29 03:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-11 00:21 - 2017-09-29 03:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-11 00:21 - 2017-09-29 03:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-11 00:21 - 2017-09-29 03:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-11 00:21 - 2017-09-29 03:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-11 00:21 - 2017-09-29 03:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-11 00:21 - 2017-09-29 03:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-11 00:21 - 2017-09-29 03:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-11 00:21 - 2017-09-29 03:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-11 00:21 - 2017-09-29 03:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-11 00:21 - 2017-09-29 03:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-11 00:21 - 2017-09-29 03:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-11 00:21 - 2017-09-29 03:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-11 00:21 - 2017-09-29 03:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-11 00:21 - 2017-09-29 03:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-11 00:20 - 2017-09-30 01:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-11 00:20 - 2017-09-30 01:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-11 00:20 - 2017-09-30 01:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-11 00:20 - 2017-09-30 01:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-11 00:20 - 2017-09-30 01:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-11 00:20 - 2017-09-30 01:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-11 00:20 - 2017-09-30 01:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-11 00:20 - 2017-09-30 01:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-11 00:20 - 2017-09-30 01:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-11 00:20 - 2017-09-30 01:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-11 00:20 - 2017-09-30 01:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-11 00:20 - 2017-09-30 01:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-11 00:20 - 2017-09-30 01:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-11 00:20 - 2017-09-30 01:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-11 00:20 - 2017-09-30 01:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-11 00:20 - 2017-09-30 01:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-11 00:20 - 2017-09-30 01:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-11 00:20 - 2017-09-30 01:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-11 00:20 - 2017-09-30 01:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-11 00:20 - 2017-09-30 01:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-11 00:20 - 2017-09-30 01:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-11 00:20 - 2017-09-30 01:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-11 00:20 - 2017-09-30 01:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-11 00:20 - 2017-09-30 01:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-11 00:20 - 2017-09-30 01:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-11 00:20 - 2017-09-30 01:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-11 00:20 - 2017-09-30 01:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-11 00:20 - 2017-09-30 01:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-11 00:20 - 2017-09-30 01:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-11 00:20 - 2017-09-30 01:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-11 00:20 - 2017-09-30 01:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-11 00:20 - 2017-09-30 01:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-11 00:20 - 2017-09-30 01:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-11 00:20 - 2017-09-30 01:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-11 00:20 - 2017-09-30 01:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-11 00:20 - 2017-09-30 01:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-11 00:20 - 2017-09-30 01:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-11 00:20 - 2017-09-30 01:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-11 00:20 - 2017-09-30 01:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-11 00:20 - 2017-09-30 01:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-11 00:20 - 2017-09-30 01:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-11 00:20 - 2017-09-30 01:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-11 00:20 - 2017-09-30 01:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-11 00:20 - 2017-09-30 01:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-11 00:20 - 2017-09-30 01:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-11 00:20 - 2017-09-30 01:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-11 00:20 - 2017-09-30 01:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-11 00:20 - 2017-09-29 22:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-11 00:20 - 2017-09-29 22:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-11 00:20 - 2017-09-29 22:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-11 00:20 - 2017-09-29 22:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-11 00:20 - 2017-09-29 22:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-11 00:20 - 2017-09-29 22:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-11 00:20 - 2017-09-29 22:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-11 00:20 - 2017-09-29 22:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-11 00:20 - 2017-09-29 22:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-11 00:20 - 2017-09-29 22:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-11 00:20 - 2017-09-29 03:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-11 00:20 - 2017-09-29 03:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-11 00:20 - 2017-09-29 03:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-11 00:20 - 2017-09-29 03:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-11 00:20 - 2017-09-29 03:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-11 00:20 - 2017-09-29 03:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-11 00:20 - 2017-09-29 03:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-11 00:20 - 2017-09-29 03:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-11 00:20 - 2017-09-29 03:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-11 00:20 - 2017-09-29 03:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-11 00:20 - 2017-09-29 03:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-11 00:20 - 2017-09-29 03:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-11 00:20 - 2017-09-29 03:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-11 00:20 - 2017-09-29 03:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-11 00:20 - 2017-09-29 03:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-11 00:20 - 2017-09-29 03:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-11 00:20 - 2017-09-29 03:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-11 00:20 - 2017-09-29 03:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-11 00:20 - 2017-09-29 03:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-11 00:20 - 2017-09-29 03:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-11 00:20 - 2017-09-29 03:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-11 00:20 - 2017-09-29 03:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-11 00:20 - 2017-09-29 03:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-11 00:20 - 2017-09-29 03:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-11 00:20 - 2017-09-29 03:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-11 00:20 - 2017-09-29 03:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-11 00:20 - 2017-09-29 03:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-11 00:20 - 2017-09-29 03:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-11 00:20 - 2017-09-29 03:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-11 00:20 - 2017-09-29 03:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-11 00:20 - 2017-09-29 03:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-11 00:20 - 2017-09-29 03:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-11 00:20 - 2017-09-29 03:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-11 00:20 - 2017-09-29 03:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-11 00:20 - 2017-09-29 03:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-11 00:20 - 2017-09-29 03:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-11 00:20 - 2017-09-29 03:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-11 00:20 - 2017-09-29 03:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-11 00:20 - 2017-09-29 03:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-11 00:20 - 2017-09-29 03:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-11 00:20 - 2017-09-29 03:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-11 00:20 - 2017-09-29 03:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-11 00:20 - 2017-09-29 03:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-11 00:20 - 2017-09-29 03:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-11 00:20 - 2017-09-29 03:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-11 00:20 - 2017-09-29 03:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-11 00:20 - 2017-09-29 03:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-11 00:20 - 2017-09-29 03:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-11 00:20 - 2017-09-29 03:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-11 00:20 - 2017-09-29 03:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-11 00:20 - 2017-09-29 03:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-11 00:20 - 2017-09-29 03:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-11 00:20 - 2017-09-29 03:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-11 00:20 - 2017-09-29 03:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-11 00:20 - 2017-09-29 03:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-11 00:20 - 2017-09-29 03:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-11 00:20 - 2017-09-29 03:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-11 00:20 - 2017-09-29 03:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-11 00:20 - 2017-09-29 03:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-11 00:20 - 2017-09-29 03:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-11 00:20 - 2017-09-29 03:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-11 00:20 - 2017-09-29 03:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-11 00:20 - 2017-09-29 03:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-11 00:20 - 2017-09-29 03:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-11 00:20 - 2017-09-29 03:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-11 00:20 - 2017-09-29 03:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-11 00:20 - 2017-09-29 03:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-11 00:20 - 2017-09-29 03:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-11 00:20 - 2017-09-29 03:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-11 00:20 - 2017-09-29 03:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-11 00:20 - 2017-09-29 03:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-11 00:20 - 2017-09-29 03:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-11 00:20 - 2017-09-29 03:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-11 00:20 - 2017-09-29 03:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-11 00:20 - 2017-09-29 03:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-11 00:20 - 2017-09-29 03:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-11 00:20 - 2017-09-29 03:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-11 00:20 - 2017-09-29 03:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-11 00:20 - 2017-09-29 03:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-11 00:20 - 2017-09-29 03:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-11 00:20 - 2017-09-29 03:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-11 00:20 - 2017-09-29 03:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-11 00:20 - 2017-09-29 03:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-11 00:20 - 2017-09-29 03:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-11 00:20 - 2017-09-29 03:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-11 00:20 - 2017-09-29 03:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-11 00:20 - 2017-09-29 03:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-11 00:20 - 2017-09-29 03:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-11 00:20 - 2017-09-29 03:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-11 00:20 - 2017-09-29 03:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-11 00:20 - 2017-09-29 03:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-11 00:20 - 2017-09-29 03:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-11 00:20 - 2017-09-29 03:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-11 00:20 - 2017-09-29 03:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-11 00:20 - 2017-09-29 03:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-11 00:20 - 2017-09-29 03:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-11 00:20 - 2017-09-29 03:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-11 00:20 - 2017-09-29 03:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-11 00:20 - 2017-09-29 03:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-11 00:20 - 2017-09-29 03:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-11 00:20 - 2017-09-29 03:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-11 00:20 - 2017-09-29 03:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-11 00:20 - 2017-09-29 03:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-11 00:20 - 2017-09-29 03:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-11 00:20 - 2017-09-29 03:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-11 00:20 - 2017-09-29 03:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-11 00:20 - 2017-09-29 03:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-11 00:20 - 2017-09-29 03:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-11 00:20 - 2017-09-29 03:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-11 00:20 - 2017-09-29 03:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-11 00:20 - 2017-09-29 03:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-11 00:20 - 2017-09-29 03:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-11 00:20 - 2017-09-29 03:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-11 00:20 - 2017-09-29 03:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-11 00:20 - 2017-09-29 03:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-11 00:20 - 2017-09-29 03:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-11 00:20 - 2017-09-29 03:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-11 00:20 - 2017-09-29 03:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-11 00:20 - 2017-09-29 03:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-11 00:20 - 2017-09-29 03:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-11 00:20 - 2017-09-29 03:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-11 00:20 - 2017-09-29 03:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-11 00:20 - 2017-09-29 03:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-11 00:20 - 2017-09-29 03:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-11 00:20 - 2017-09-29 03:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-11 00:20 - 2017-09-29 03:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-11 00:20 - 2017-09-29 03:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-11 00:20 - 2017-09-29 03:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-11 00:20 - 2017-09-29 03:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-11 00:20 - 2017-09-29 03:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-11 00:20 - 2017-09-29 03:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-11 00:20 - 2017-09-29 01:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-11 00:20 - 2017-09-29 01:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-11 00:20 - 2017-09-20 11:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-11 00:20 - 2017-09-20 11:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-11 00:20 - 2017-09-20 11:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-11 00:20 - 2017-09-18 19:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-11 00:20 - 2017-09-18 19:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-11 00:20 - 2017-09-18 19:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-11 00:20 - 2017-09-18 19:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-11 00:20 - 2017-09-18 19:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-11 00:20 - 2017-09-18 19:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-11 00:20 - 2017-09-18 19:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-11 00:20 - 2017-09-18 19:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-11 00:20 - 2017-09-18 18:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-11 00:20 - 2017-09-18 18:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-11 00:20 - 2017-09-18 18:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-11 00:20 - 2017-09-18 18:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-11 00:20 - 2017-09-18 18:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-11 00:20 - 2017-09-18 18:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-06 01:23 - 2017-10-06 01:23 - 000000000 ____D C:\Users\Public\Documents\Steam
2017-10-06 01:23 - 2017-10-06 01:23 - 000000000 ____D C:\Users\Alex\AppData\LocalLow\Airship Syndicate
2017-10-05 01:41 - 2017-10-05 01:41 - 000000000 ____D C:\Users\Alex\AppData\Roaming\com.ediogames.ub.steam
2017-10-03 14:45 - 2017-10-03 14:45 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Cuphead
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-01 00:18 - 2017-03-12 23:34 - 000000000 ____D C:\Users\Alex\AppData\Roaming\BitTorrent
2017-11-01 00:14 - 2017-03-16 01:15 - 000000000 ____D C:\Users\Alex\AppData\Local\Battle.net
2017-10-31 23:38 - 2017-03-18 17:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-31 23:38 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-31 23:38 - 2015-12-15 06:42 - 000000000 ___RD C:\Users\Alex\OneDrive
2017-10-31 23:34 - 2017-05-01 12:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-31 12:06 - 2017-03-10 02:46 - 000000000 ____D C:\Users\Alex\AppData\Local\Verto Analytics
2017-10-30 23:42 - 2017-05-30 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-10-30 23:42 - 2017-05-30 16:31 - 000000000 ____D C:\Users\Alex\AppData\Roaming\IObit
2017-10-30 23:31 - 2017-05-01 12:07 - 000003360 _____ C:\WINDOWS\System32\Tasks\SmartAppMonitor
2017-10-30 23:30 - 2017-05-01 12:05 - 000000000 ____D C:\Users\Alex
2017-10-30 13:18 - 2017-03-16 00:12 - 000000000 ____D C:\Users\Alex\AppData\Roaming\vlc
2017-10-30 00:43 - 2017-05-01 12:11 - 002307262 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-30 00:37 - 2017-05-30 16:32 - 000000000 ____D C:\ProgramData\ProductData
2017-10-30 00:37 - 2017-05-05 21:06 - 000000000 ____D C:\WINDOWS\Minidump
2017-10-30 00:37 - 2017-05-01 12:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-25 00:19 - 2017-05-01 12:04 - 000217024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-25 00:17 - 2015-12-15 06:53 - 000000000 ____D C:\AMD
2017-10-25 00:16 - 2017-05-13 00:14 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-10-25 00:16 - 2017-03-18 17:01 - 000000000 ____D C:\WINDOWS\INF
2017-10-25 00:15 - 2017-05-31 14:21 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2017-10-24 19:34 - 2017-03-15 20:45 - 000000000 ____D C:\Users\Alex\AppData\Roaming\obs-studio
2017-10-24 01:58 - 2017-04-27 11:13 - 000000000 ____D C:\Users\Alex\AppData\Roaming\.minecraft
2017-10-24 01:16 - 2017-08-05 02:07 - 000000000 ____D C:\Users\Alex\AppData\Local\Ubisoft Game Launcher
2017-10-24 01:00 - 2017-05-30 16:32 - 000000000 ____D C:\ProgramData\IObit
2017-10-24 00:16 - 2017-03-18 16:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-24 00:13 - 2017-08-23 14:36 - 000078948 _____ C:\Users\Alex\Desktop\DxDiag.txt
2017-10-23 13:31 - 2017-05-20 13:50 - 000000000 ____D C:\Users\Alex\AppData\Local\PAYDAY 2
2017-10-23 12:52 - 2017-03-10 00:36 - 000000000 ____D C:\Program Files (x86)\Google
2017-10-20 23:25 - 2017-03-09 16:25 - 000000000 ____D C:\Users\Alex\AppData\Local\Packages
2017-10-20 23:23 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-20 23:20 - 2017-05-13 00:24 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-10-20 23:20 - 2017-05-13 00:24 - 000000000 ____D C:\Program Files\CCleaner
2017-10-20 23:14 - 2017-05-01 12:04 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-10-20 23:14 - 2017-03-18 07:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-10-17 13:09 - 2017-04-27 11:13 - 000000000 ____D C:\Program Files (x86)\Minecraft
2017-10-13 12:25 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-11 23:05 - 2017-05-14 22:37 - 000000000 ____D C:\Users\Alex\AppData\Roaming\.technic
2017-10-11 11:05 - 2016-09-05 01:33 - 000000000 ____D C:\Users\Alex\Documents\WB Games
2017-10-11 04:14 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-11 04:14 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-11 00:23 - 2017-03-10 00:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-11 00:22 - 2017-03-10 00:38 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-03 14:42 - 2017-09-29 11:45 - 000000000 ____D C:\Program Files (x86)\Adobe
==================== Files in the root of some directories =======
2017-08-23 16:46 - 2017-08-23 17:05 - 000011095 _____ () C:\Users\Alex\AppData\Roaming\SpeedRunnersLog.txt
2017-04-16 23:24 - 2017-07-08 10:00 - 000007602 _____ () C:\Users\Alex\AppData\Local\Resmon.ResmonCfg
2017-03-12 23:49 - 2017-03-12 23:49 - 000000003 _____ () C:\Users\Alex\AppData\Local\updater.log
2017-03-12 23:49 - 2017-05-11 09:19 - 000000425 _____ () C:\Users\Alex\AppData\Local\UserProducts.xml
2017-07-19 13:22 - 2017-07-19 13:22 - 000049337 _____ () C:\ProgramData\agent.1500484959.bdinstall.bin
2017-08-20 01:22 - 2017-08-20 01:22 - 000030272 _____ () C:\ProgramData\agent.uninstall.1503206552.bdinstall.bin
2017-07-31 20:27 - 2017-07-31 20:27 - 000030244 _____ () C:\ProgramData\agent.update.1501547268.bdinstall.bin
2017-07-19 13:27 - 2017-07-19 13:27 - 000480126 _____ () C:\ProgramData\cl.1500485107.bdinstall.bin
2017-07-19 13:27 - 2017-07-19 13:27 - 000074363 _____ () C:\ProgramData\cl.kit.1500485103.bdinstall.bin
2017-08-20 01:22 - 2017-08-20 01:22 - 000212301 _____ () C:\ProgramData\cl.uninstall.1503206468.bdinstall.bin
2017-05-01 12:04 - 2017-05-01 12:04 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-10-19 02:16 - 2017-10-19 02:16 - 000000129 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-06-29 18:00 - 2017-06-29 18:00 - 000000016 _____ () C:\ProgramData\mntemp
2017-05-31 14:21 - 2017-10-25 00:15 - 000000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml
Some files in TEMP:
====================
2017-10-21 00:41 - 2017-10-21 00:41 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Alex\AppData\Local\Temp\jansi-64-3213041485793499892.dll
2017-10-21 00:39 - 2017-10-21 00:39 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Alex\AppData\Local\Temp\jansi-64-3391090863049881916.dll
2017-10-24 01:57 - 2017-10-24 01:57 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Alex\AppData\Local\Temp\jansi-64-3978568840257113452.dll
2017-10-24 01:39 - 2017-10-24 01:39 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Alex\AppData\Local\Temp\jansi-64-5027756697141393427.dll
2017-10-24 01:56 - 2017-10-24 01:56 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Alex\AppData\Local\Temp\jansi-64-5207294456681167157.dll
2017-10-21 00:41 - 2017-10-21 00:41 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Alex\AppData\Local\Temp\jansi-64-5561945621588191922.dll
2017-10-21 00:40 - 2017-10-21 00:40 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Alex\AppData\Local\Temp\jansi-64-5571931645681206695.dll
2017-10-21 00:39 - 2017-10-21 00:39 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Alex\AppData\Local\Temp\jansi-64-6082526055495898170.dll
2017-10-24 01:42 - 2017-10-24 01:42 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Alex\AppData\Local\Temp\jansi-64-6591415607304207131.dll
2017-10-24 01:48 - 2017-10-24 01:48 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Alex\AppData\Local\Temp\jansi-64-842521978682178231.dll
2017-10-24 01:50 - 2017-10-24 01:50 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Alex\AppData\Local\Temp\jansi-64-9089526666180191063.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-27 01:29
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2017
Ran by Alex (01-11-2017 00:20:29)
Running from C:\Users\Alex\Downloads
Windows 10 Home Version 1703 15063.674 (X64) (2017-05-01 16:08:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-482574108-2876646391-2450146034-500 - Administrator - Disabled)
Alex (S-1-5-21-482574108-2876646391-2450146034-1001 - Administrator - Enabled) => C:\Users\Alex
ASPNET (S-1-5-21-482574108-2876646391-2450146034-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-482574108-2876646391-2450146034-503 - Limited - Disabled)
Guest (S-1-5-21-482574108-2876646391-2450146034-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
ASUS MultiFrame (HKLM-x32\...\{FB4D076A-DEFD-4EAF-AD63-70D5A3BC262A}) (Version: 1.1.1 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlestate Games Launcher 0.3.0.200 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 0.3.0.200 - Battlestate Games)
BitTorrent (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Corsair Utility Engine (HKLM-x32\...\{861458E3-08D8-4608-8D5A-DDC9B4699925}) (Version: 2.11.115 - Corsair)
Destiny 2 (HKLM-x32\...\Destiny 2) (Version: - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{A9C35F4D-0340-4588-A3F2-71DF8CD2C456}) (Version: 1.1.117.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\Flux) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.62 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.15 - Riot Games, Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.8 - Power Software Ltd)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.0.104.420 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.7.1 - IObit)
SmartApp (HKLM-x32\...\{74C732EB-DE42-4EAD-985F-5C45837D0951}) (Version: 3.4.0 - SmartApp)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
StreamLabels 0.2.6 (only current user) (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\8000d50a-fcb7-5b38-8a3b-a02a0ec79daa) (Version: 0.2.6 - Streamlabs)
univcredist (HKLM-x32\...\{2d9d4a60-1d22-46c1-84bb-1de04b4715d7}) (Version: 1.0.0.0 - Motiga)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-4) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Program Files\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Program Files\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-10-20] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Program Files\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0DBC0BCF-A582-468D-9F30-01BD6F51C959} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-10-20] (Advanced Micro Devices, Inc.)
Task: {1DC06FD6-E2B4-4F39-85E6-1FC1672C9899} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
Task: {3185B3A3-F8AF-4547-B516-30014CA015D6} - System32\Tasks\update-S-1-5-21-482574108-2876646391-2450146034-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {36F8FCB6-B3C9-4640-BF3C-8EF26103EB68} - System32\Tasks\SmartAppLiveUpdater => C:\Program Files (x86)\SmartApp\SmartAppLiveUpdater.exe [2017-08-28] (Verto Analytics Inc.)
Task: {435D341D-DE79-4318-AF06-E75FDEC26489} - System32\Tasks\SmartAppMonitor => C:\Program Files (x86)\SmartApp\SmartAppMonitor.exe [2017-08-28] (Verto Analytics Inc.)
Task: {4D8D7055-83AB-4E0A-82A1-E85045EB996F} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {4DC51DC5-9CBB-4441-AF60-AD3807CDB16C} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {5C84F534-BDCE-411D-AF00-01120E57953C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-23] (Google Inc.)
Task: {7BDA0380-C274-42E6-8239-368FBA4A09CB} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {AD4951D8-D203-44E8-A9C6-40EB709F237D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-23] (Google Inc.)
Task: {CB6879BC-FE6E-42DC-84C3-16C8AFC61EA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {D83677F4-9B1B-4694-8161-501B34173EEC} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2017-10-16] (IObit)
Task: {E0AA6514-80A5-4C2E-B99B-09FD55D9B47F} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-482574108-2876646391-2450146034-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-10-20 23:50 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-10-20 23:50 - 2017-10-04 13:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 16:58 - 2017-03-18 16:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-18 21:37 - 2017-10-18 21:37 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-10-18 21:37 - 2017-10-18 21:37 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-10-24 01:05 - 2017-10-24 01:05 - 002354152 _____ () D:\Program Files (x86)\Battle.net\Battle.net.9526\Battle.net Helper.exe
2017-03-18 16:59 - 2017-03-18 22:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 003495040 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\LeagueClient.exe
2017-10-27 23:56 - 2017-10-25 21:11 - 001766016 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\LeagueClientUx.exe
2017-10-27 23:56 - 2017-10-25 21:11 - 000892032 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\LeagueClientUxRender.exe
2017-10-23 12:52 - 2017-10-17 04:08 - 002871640 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.62\swiftshader\libglesv2.dll
2017-10-23 12:52 - 2017-10-17 04:08 - 000138072 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.62\swiftshader\libegl.dll
2017-10-15 23:36 - 2017-09-09 15:25 - 000688416 _____ () D:\Program Files\SDL2.dll
2017-10-30 23:42 - 2017-10-25 01:00 - 002546976 _____ () D:\Program Files\video.dll
2017-10-15 23:36 - 2016-08-31 21:02 - 004969248 _____ () D:\Program Files\v8.dll
2017-10-15 23:36 - 2016-01-27 03:49 - 000332800 _____ () D:\Program Files\libavresample-2.dll
2017-10-15 23:36 - 2016-01-27 03:49 - 000442880 _____ () D:\Program Files\libavutil-54.dll
2017-10-15 23:36 - 2016-01-27 03:49 - 000491008 _____ () D:\Program Files\libavformat-56.dll
2017-10-15 23:36 - 2016-01-27 03:49 - 002549760 _____ () D:\Program Files\libavcodec-56.dll
2017-10-15 23:36 - 2016-01-27 03:49 - 000485888 _____ () D:\Program Files\libswscale-3.dll
2017-10-15 23:36 - 2016-08-31 21:02 - 001195296 _____ () D:\Program Files\icuuc.dll
2017-10-15 23:36 - 2016-08-31 21:02 - 001563936 _____ () D:\Program Files\icui18n.dll
2017-10-30 23:42 - 2017-10-25 01:00 - 000901408 _____ () D:\Program Files\bin\chromehtml.DLL
2017-10-15 23:36 - 2016-07-04 18:17 - 000266560 _____ () D:\Program Files\openvr_api.dll
2017-10-15 23:36 - 2017-08-16 18:28 - 073130272 _____ () D:\Program Files\bin\cef\cef.win7\libcef.dll
2017-10-15 23:36 - 2017-09-06 22:04 - 000678400 _____ () D:\Program Files\bin\cef\cef.win7\SDL2.dll
2017-10-15 23:36 - 2015-09-24 19:52 - 000119208 _____ () D:\Program Files\winh264.dll
2017-10-24 01:05 - 2017-10-24 01:05 - 055782888 _____ () D:\Program Files (x86)\Battle.net\Battle.net.9526\libcef.dll
2017-10-24 01:05 - 2017-10-24 01:05 - 000540336 _____ () D:\Program Files (x86)\Battle.net\Battle.net.9526\ortp.dll
2017-10-24 01:05 - 2017-10-24 01:05 - 000133632 _____ () D:\Program Files (x86)\Battle.net\Battle.net.9526\libEGL.dll
2017-10-24 01:05 - 2017-10-24 01:05 - 003384832 _____ () D:\Program Files (x86)\Battle.net\Battle.net.9526\libGLESv2.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000108672 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\zlib.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000128640 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\yaml.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 001408640 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-patcher\rcp-be-patcher.dll
2017-10-27 23:56 - 2017-08-09 13:52 - 000669824 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-rso-auth\rcp-be-rso-auth.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 001042048 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-login\rcp-be-lol-login.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000521856 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-platform-config\rcp-be-lol-platform-config.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000568960 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-riot-messaging-service\rcp-be-riot-messaging-service.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000692352 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-summoner\rcp-be-lol-summoner.dll
2017-10-27 23:56 - 2017-09-13 20:10 - 000571008 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-ranked-stats\rcp-be-lol-ranked-stats.dll
2017-10-27 23:56 - 2017-08-09 13:52 - 000495744 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-maps\rcp-be-lol-maps.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000647808 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-game-queues\rcp-be-lol-game-queues.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000539264 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-player-preferences\rcp-be-lol-player-preferences.dll
2017-10-27 23:56 - 2017-09-27 20:09 - 000619648 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-game-settings\rcp-be-lol-game-settings.dll
2017-10-27 23:56 - 2017-08-09 13:52 - 000582272 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-settings\rcp-be-lol-settings.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000799872 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-gameflow\rcp-be-lol-gameflow.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000483456 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-pre-end-of-game\rcp-be-lol-pre-end-of-game.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000579712 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-sanitizer\rcp-be-sanitizer.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000444544 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-riot-messaging-service\rcp-be-lol-riot-messaging-service.dll
2017-10-27 23:56 - 2017-09-13 20:10 - 000537216 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-acs\rcp-be-lol-acs.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000544896 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-player-notifications\rcp-be-player-notifications.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000496768 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-loyalty\rcp-be-lol-loyalty.dll
2017-10-27 23:56 - 2017-08-23 12:46 - 000899712 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-collections\rcp-be-lol-collections.dll
2017-10-27 23:56 - 2017-10-27 23:56 - 000691840 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-champions\rcp-be-lol-champions.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000496768 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-kr-shutdown-law\rcp-be-lol-kr-shutdown-law.dll
2017-10-27 23:56 - 2017-10-11 19:45 - 000586368 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-loadouts\rcp-be-lol-loadouts.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000906368 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-lobby-team-builder\rcp-be-lol-lobby-team-builder.dll
2017-10-27 23:56 - 2017-09-13 20:10 - 000580736 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-queue-eligibility\rcp-be-lol-queue-eligibility.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000691840 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-matchmaking\rcp-be-lol-matchmaking.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000518272 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-spectator\rcp-be-lol-spectator.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 001626240 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-chat\rcp-be-lol-chat.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 001487488 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-lobby\rcp-be-lol-lobby.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000798336 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-champ-select-legacy\rcp-be-lol-champ-select-legacy.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000605824 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-champ-select\rcp-be-lol-champ-select.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000493696 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-heartbeat\rcp-be-lol-heartbeat.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000518272 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-shutdown\rcp-be-lol-shutdown.dll
2017-10-27 23:56 - 2017-10-11 19:45 - 000720512 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-store\rcp-be-lol-store.dll
2017-10-27 23:56 - 2017-10-16 23:11 - 000537728 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-inventory\rcp-be-lol-inventory.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000906368 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-loot\rcp-be-lol-loot.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000472704 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-kickout\rcp-be-lol-kickout.dll
2017-10-27 23:56 - 2017-09-13 20:10 - 000477312 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-license-agreement\rcp-be-lol-license-agreement.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000479360 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-kr-playtime-reminder\rcp-be-lol-kr-playtime-reminder.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000492160 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-game-client-chat\rcp-be-lol-game-client-chat.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000536192 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-team-boosts\rcp-be-lol-team-boosts.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000747648 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-end-of-game\rcp-be-lol-end-of-game.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000522368 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-active-boosts\rcp-be-lol-active-boosts.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000435328 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-parties\rcp-be-lol-parties.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000852608 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-leagues\rcp-be-lol-leagues.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000599168 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-pft\rcp-be-lol-pft.dll
2017-10-27 23:56 - 2017-08-09 13:52 - 000624256 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-player-behavior\rcp-be-lol-player-behavior.dll
2017-10-27 23:56 - 2017-09-27 20:09 - 000584320 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-suggested-players\rcp-be-lol-suggested-players.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000530560 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-service-status\rcp-be-lol-service-status.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000558720 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-leaver-buster\rcp-be-lol-leaver-buster.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000642176 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-match-history\rcp-be-lol-match-history.dll
2017-10-27 23:56 - 2017-08-23 12:46 - 000715392 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-recofriender\rcp-be-recofriender.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000785536 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-clubs\rcp-be-lol-clubs.dll
2017-10-27 23:56 - 2017-07-26 13:01 - 000530560 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-clubs-public\rcp-be-lol-clubs-public.dll
2017-10-27 23:56 - 2017-09-13 20:10 - 000577152 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-esport-stream-notifications\rcp-be-lol-esport-stream-notifications.dll
2017-10-27 23:56 - 2017-10-11 19:45 - 000695936 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-replays\rcp-be-lol-replays.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000504960 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-player-level-up\rcp-be-lol-player-level-up.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000487040 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-tencent-qt\rcp-be-lol-tencent-qt.dll
2017-10-27 23:56 - 2017-10-11 19:45 - 000545920 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-beta-opt-in\rcp-be-lol-beta-opt-in.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000546432 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-player-messaging\rcp-be-lol-player-messaging.dll
2017-10-27 23:56 - 2017-09-15 11:25 - 000586368 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-personalized-offers\rcp-be-lol-personalized-offers.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000471680 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-user-experience\rcp-be-lol-user-experience.dll
2017-10-27 23:56 - 2017-07-26 13:02 - 000541824 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-simple-dialog-messages\rcp-be-lol-simple-dialog-messages.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000610944 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-highlights\rcp-be-lol-highlights.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000669824 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-honor-v2\rcp-be-lol-honor-v2.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000489088 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-network-testing\rcp-be-network-testing.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000539264 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-entitlements\rcp-be-entitlements.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000679552 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-missions\rcp-be-lol-missions.dll
2017-10-27 23:56 - 2017-09-13 20:10 - 000584832 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-item-sets\rcp-be-lol-item-sets.dll
2017-10-27 23:56 - 2017-07-12 12:49 - 000466560 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-las-toxicity\rcp-be-lol-las-toxicity.dll
2017-10-27 23:56 - 2017-10-11 19:45 - 000512128 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-geoinfo\rcp-be-lol-geoinfo.dll
2017-10-27 23:56 - 2017-09-27 20:09 - 001090176 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-clash\rcp-be-lol-clash.dll
2017-10-27 23:56 - 2017-09-13 20:10 - 000486528 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-banners\rcp-be-lol-banners.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000537216 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-featured-modes\rcp-be-lol-featured-modes.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000720512 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\Plugins\rcp-be-lol-perks\rcp-be-lol-perks.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 055775872 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\libcef.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 001801344 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\libglesv2.dll
2017-10-27 23:56 - 2017-10-25 21:11 - 000022144 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.105\deploy\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Alex\AppData\Local\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Alex\AppData\Local\Temp:$DATA [16]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-09 19:13 - 2017-08-20 00:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: NGS => 3
MSCONFIG\Services: Razer Game Manager Service => 2
MSCONFIG\Services: RzActionSvc => 2
MSCONFIG\Services: RzKLService => 2
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{26E21EFB-1161-4EC2-A283-7BECDAA63791}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{60CDB7F3-29D4-4F02-8C60-0068AB104F4D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{14D814B8-7634-490D-B2A0-D70AD4BCEE58}] => (Allow) D:\Program Files\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{6EAC40B4-E729-4085-9405-AAFF5321D6FA}] => (Allow) D:\Program Files\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{FC0056BF-8D49-4846-B278-5B53C578EC5E}] => (Allow) D:\Program Files\steamapps\common\Monster Slayers\Monster Slayers DB.exe
FirewallRules: [{7F740683-59EA-4441-BA6A-CB30C78861D7}] => (Allow) D:\Program Files\steamapps\common\Monster Slayers\Monster Slayers DB.exe
FirewallRules: [{99B4FF07-8312-43F3-8DC5-EA3FFED5C030}] => (Allow) D:\Program Files\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{BB8BF754-0338-4D16-BFB7-9717B760CF53}] => (Allow) D:\Program Files\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{169E7C0C-54A5-4132-A1C2-B5A4E4BAE075}] => (Allow) D:\Program Files\steamapps\common\Oh...Sir! The Insult Simulator\ohsir.exe
FirewallRules: [{4CBB7ADD-260E-4DCF-9003-AAB656731862}] => (Allow) D:\Program Files\steamapps\common\Oh...Sir! The Insult Simulator\ohsir.exe
FirewallRules: [{AB96B6D2-DFB3-40EE-866E-BF27DEC3AD03}] => (Allow) D:\Program Files\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{007E52DD-6EA7-4AD1-976D-56613A0468B9}] => (Allow) D:\Program Files\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{F304232C-A08C-4220-9FC2-82992969D716}] => (Allow) D:\Program Files\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{D23BF7CB-C812-40FE-ADFB-C09551683987}] => (Allow) D:\Program Files\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{8980099F-7FF9-44FF-A782-0089E439ED03}] => (Allow) D:\Program Files\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E20A9105-A12E-4177-907C-DD51262BB47D}] => (Allow) D:\Program Files\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{76F4377C-48B7-4DD6-881A-755E2DA8EE06}D:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) D:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [TCP Query User{3BBBDA8B-9CE8-49CF-925F-8A1BDFE063AB}D:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) D:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [{FFA160C9-3591-4C67-A10D-25EFA09EDF80}] => (Allow) D:\Program Files\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{3115376C-1E0A-4C79-A7D7-7893C7928619}] => (Allow) D:\Program Files\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{9CC4D58A-4DB4-4993-841D-5C560C53777F}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B1652C53-30EC-4509-A0BD-65B6894971CD}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{5A41F5E3-0E58-468D-8FF0-20C02359E0FE}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{21F81489-ED16-4504-8F39-8F2C397C2B63}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{64BA99BF-C7A4-40C1-B4A1-0FE840AE990E}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{ADA614BC-F7EF-4630-BC64-741B74E10945}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{8759863E-44DC-4A20-B86B-604FCB367789}] => (Allow) D:\Program Files\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{CBF93253-BE77-4CA2-912E-F12D1B975209}] => (Allow) D:\Program Files\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{77A32A58-F09A-4FF1-BFB4-FC62EE425059}] => (Allow) D:\Program Files\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{02C5914C-7264-468E-A422-AC92272F3197}] => (Allow) D:\Program Files\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9E63B044-8792-4BD5-BF30-3631DD05DAA9}] => (Allow) D:\Program Files\Steam.exe
FirewallRules: [{BB653BD4-4E5A-49FC-AC1E-B6A01138B298}] => (Allow) D:\Program Files\Steam.exe
FirewallRules: [TCP Query User{5C0E0F39-B264-4D1E-9698-909D1E5C0F15}C:\program files (x86)\java\jre1.8.0_131\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\jp2launcher.exe
FirewallRules: [UDP Query User{88AC545F-CE12-45AE-B5E2-97A2BECAA13C}C:\program files (x86)\java\jre1.8.0_131\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\jp2launcher.exe
FirewallRules: [TCP Query User{27962B74-6D19-4FE0-BAF9-B0F03FF61FA2}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{D1395244-9E24-4D65-969D-011D4DFA1A1A}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [TCP Query User{9B8249DE-5E51-4CE7-9FED-EF160C34EE6E}C:\program files (x86)\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) C:\program files (x86)\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [UDP Query User{239935FF-AA41-40C9-8F3F-7C8BDA67901A}C:\program files (x86)\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) C:\program files (x86)\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [{000592AF-38AD-473C-A26B-3BD66AABB7A4}] => (Allow) D:\Program Files\steamapps\common\The Surge\bin\TheSurge.exe
FirewallRules: [{BFA10313-BD17-4615-9AA6-73FCCA48D0BC}] => (Allow) D:\Program Files\steamapps\common\The Surge\bin\TheSurge.exe
FirewallRules: [{C33D8264-D019-40FF-B31D-DCB263FDDA7B}] => (Allow) D:\Program Files\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{2E2836B5-A7BE-44DF-AA98-C067517B5760}] => (Allow) D:\Program Files\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{A0A8559B-C45C-430E-899A-BABD62878F82}] => (Allow) D:\Program Files\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{D94AB387-E98B-4A94-A65A-07808ACAA03D}] => (Allow) D:\Program Files\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{952D97A4-0A3F-4C00-ACFC-2D840D31CCCA}] => (Allow) D:\Program Files\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{57492209-2214-4F6E-ABCD-490E7BEBAE4F}] => (Allow) D:\Program Files\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{E486E2DB-9719-44F7-9458-E6CB93026905}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{523E620D-BF60-4E75-BCEA-6B06C35154DB}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{928C8E06-C302-4FF8-A5A9-2547A163002B}] => (Allow) D:\Program Files\steamapps\common\Metro 2033 Redux\metro.exe
FirewallRules: [{358D3B3C-B34D-47EC-8BDD-F69600398A28}] => (Allow) D:\Program Files\steamapps\common\Metro 2033 Redux\metro.exe
FirewallRules: [TCP Query User{D1DB41DA-FE91-45BD-B549-9DD89ABC963B}D:\program files\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\program files\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{69BF2C5A-7EEA-42AC-AAFF-94C226E9B5D2}D:\program files\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\program files\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{6B5DA1AF-AE87-4AF3-9935-E94CFEBFADB0}C:\program files (x86)\smartapp\smartapp.exe] => (Allow) C:\program files (x86)\smartapp\smartapp.exe
FirewallRules: [UDP Query User{5C8F58E8-7EDC-48C6-8D9F-D01434998F71}C:\program files (x86)\smartapp\smartapp.exe] => (Allow) C:\program files (x86)\smartapp\smartapp.exe
FirewallRules: [{BB17E023-03A6-40B4-8744-ED3F44E06D4A}] => (Allow) C:\Users\Alex\AppData\Local\KeystonePublic\Downloaded\Public\KeystonePublic.x64.exe
FirewallRules: [{E3D69CC1-BBEF-4875-92ED-2EC78444BB2C}] => (Allow) C:\Users\Alex\AppData\Local\KeystonePublic\Downloaded\Public\KeystonePublic.x64.exe
FirewallRules: [{D6EA69A6-BBB0-45E4-9EAA-4D771B637EFD}] => (Allow) C:\Users\Alex\AppData\Local\KeystonePublic\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{338BFBA4-5FB3-422D-B051-B35C62C1C719}] => (Allow) C:\Users\Alex\AppData\Local\KeystonePublic\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{ABDA7A37-B162-4FD5-B6CE-B9FCA16CCD88}] => (Allow) C:\Users\Alex\AppData\Local\KeystonePublic\Downloaded\Public\KeystonePublic.x64.exe
FirewallRules: [{8880A0F4-EDC1-4718-B13F-499125191A9F}] => (Allow) C:\Users\Alex\AppData\Local\KeystonePublic\Downloaded\Public\KeystonePublic.x64.exe
FirewallRules: [{886094C8-E12D-42AC-8A24-C24330A2B656}] => (Allow) C:\Users\Alex\AppData\Local\KeystonePublic\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{87FD17E9-938C-4C87-999E-D637158F0047}] => (Allow) C:\Users\Alex\AppData\Local\KeystonePublic\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{64A2396E-618B-419E-AB61-584B449FCB3D}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{7F0FE4B7-7DCF-4456-8B70-58C5766205B9}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{8C069B1F-FFA6-4830-BF28-E5A5514AF804}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{EC7FA6B4-FFA2-4417-8B54-4EDFC7E45587}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{56BEA950-8702-47BD-A793-450898FB17C9}] => (Allow) D:\Program Files\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F0DAEE0E-09BB-4397-9421-01D42232BDE1}] => (Allow) D:\Program Files\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{4199A144-C309-40EB-97B3-D71CA4CA5FCD}] => (Allow) D:\Program Files\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{803F1064-7BCE-4B93-B6B2-CD9A0244F9AD}] => (Allow) D:\Program Files\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{5AB0B067-D01D-4CC4-B297-40B010B80206}] => (Allow) D:\Program Files\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{1D9338A2-932A-458B-8C4B-39BF14A3A10D}] => (Allow) D:\Program Files\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{CEF38A27-9BF7-4A75-9EC6-2D500C1950EB}] => (Allow) D:\Program Files\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{BF687B2E-27CF-4A2E-AA95-E1E1A6C693ED}] => (Allow) D:\Program Files\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C06475D5-071E-4D9E-B011-950CB77A0638}] => (Allow) D:\Program Files\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{195BF06C-79A1-476D-BD1E-634B876D0A05}] => (Allow) D:\Program Files\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{CE201677-804E-4307-9336-D3D01E08476D}] => (Allow) D:\Program Files\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{9CD42CA4-9751-4135-BEF5-58F6C6102B60}] => (Allow) D:\Program Files\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{20CD0AA6-339D-47AB-83DE-891AF8351EA2}] => (Allow) D:\Program Files\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{40E31BBB-853A-47B2-9AFD-5DE2FB2AFB54}] => (Allow) D:\Program Files\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [TCP Query User{C5C78AB4-388D-4A1F-BC7E-7FF7F9D9FBCC}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{9DBB42BF-B340-4050-84A5-BAF89E692DF3}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{110A7F21-B48A-497A-8776-4096DB0C69A5}D:\program files\steamapps\common\guardians of ember\exedir\ruplatform.exe] => (Allow) D:\program files\steamapps\common\guardians of ember\exedir\ruplatform.exe
FirewallRules: [UDP Query User{3A4FA43E-8A14-4EA5-B7E2-A8930D03C756}D:\program files\steamapps\common\guardians of ember\exedir\ruplatform.exe] => (Allow) D:\program files\steamapps\common\guardians of ember\exedir\ruplatform.exe
FirewallRules: [{1D28A37D-175B-497B-9665-69D1610ED2DF}] => (Allow) D:\Program Files\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{846DD15B-84E3-4103-825D-B185EE8F1486}] => (Allow) D:\Program Files\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{8C2319C3-0F1D-4461-9A4A-D06B800C5E08}D:\program files (x86)\destiny 2\destiny2.exe] => (Allow) D:\program files (x86)\destiny 2\destiny2.exe
FirewallRules: [UDP Query User{F9A397B0-8CF1-4A9D-BB1A-41868775A37C}D:\program files (x86)\destiny 2\destiny2.exe] => (Allow) D:\program files (x86)\destiny 2\destiny2.exe
FirewallRules: [{56A3639D-0BFC-428C-90C6-1D81214CF451}] => (Allow) D:\Program Files\steamapps\common\Overcooked\Overcooked.exe
FirewallRules: [{6138739F-4DA7-4B2E-B9EF-AF60D7A0F8AE}] => (Allow) D:\Program Files\steamapps\common\Overcooked\Overcooked.exe
FirewallRules: [{C4498D49-1898-4B4F-B37E-E3E20614A128}] => (Allow) C:\SteamLibrary\steamapps\common\ShellShock Live\ShellShockLive.exe
FirewallRules: [{6E58DC04-5564-45CB-8BF6-9FA79AA35BC9}] => (Allow) C:\SteamLibrary\steamapps\common\ShellShock Live\ShellShockLive.exe
FirewallRules: [TCP Query User{3FCC361F-2391-4549-A2DD-9E430E1D7E31}D:\program files\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) D:\program files\steamapps\common\divinity original sin 2\bin\eocapp.exe
FirewallRules: [UDP Query User{E13FEBD2-AF27-4E80-8AA1-5C34534ED851}D:\program files\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) D:\program files\steamapps\common\divinity original sin 2\bin\eocapp.exe
FirewallRules: [{B0281F0E-F079-4453-B1F8-F41C09EE3110}] => (Allow) C:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{D89E81F9-BC58-46C5-AFC4-8C625DDB2AED}] => (Allow) C:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{E17CCA9E-40BF-4276-BE97-81E0B337FE98}] => (Allow) D:\Program Files\steamapps\common\Dead Cells\deadcells.exe
FirewallRules: [{E3965B76-BB39-413C-A0CE-65AFA30C7686}] => (Allow) D:\Program Files\steamapps\common\Dead Cells\deadcells.exe
FirewallRules: [{8CCDDF2D-5200-4E31-85D2-93965CE22482}] => (Allow) D:\Program Files\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe
FirewallRules: [{09B26431-F2C8-43A3-9C4C-17D5AF4D9749}] => (Allow) D:\Program Files\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe
FirewallRules: [{6D41E82B-A3B5-4A7B-947C-0B090A6D7921}] => (Allow) D:\Program Files\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe
FirewallRules: [{45A09984-BF47-483E-8581-F1E04EF0DF8B}] => (Allow) D:\Program Files\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe
FirewallRules: [{54DD938B-C63D-4FDC-8550-958E4E6BE1AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7F5A7319-B460-46AE-A6E4-A7C919263950}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe
FirewallRules: [{1E5F2757-29C2-42E8-9FBA-903E7DF5658F}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/31/2017 01:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: EscapeFromTarkov.exe, version: 0.4.0.586, time stamp: 0x59aed1bf
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000011d37edb
Faulting process id: 0x1e70
Faulting application start time: 0x01d3520781cd3a1c
Faulting application path: C:\Battlestate Games\BsgLauncher\EFT\EscapeFromTarkov.exe
Faulting module path: unknown
Report Id: 43c85e4d-de89-4d97-a8df-f6c5c35ac77f
Faulting package full name:
Faulting package-relative application ID:
Error: (10/30/2017 12:37:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Lightshot.exe, version: 5.4.0.1, time stamp: 0x5736b4d1
Faulting module name: net.dll, version: 5.4.0.1, time stamp: 0x5736b4b8
Exception code: 0xc0000005
Fault offset: 0x0004204a
Faulting process id: 0x2f54
Faulting application start time: 0x01d35138d5a430c9
Faulting application path: C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
Faulting module path: C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\net.dll
Report Id: 4579a52d-f00e-441d-b4f7-7b4c5122fb3f
Faulting package full name:
Faulting package-relative application ID:
Error: (10/28/2017 01:38:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Battle.net Helper.exe, version: 0.0.0.0, time stamp: 0x59e7d7ce
Faulting module name: libcef.dll, version: 3.2623.1435.0, time stamp: 0x591a1a2e
Exception code: 0x80000003
Fault offset: 0x0019b129
Faulting process id: 0x22c8
Faulting application start time: 0x01d34faeeb48b40a
Faulting application path: D:\Program Files (x86)\Battle.net\Battle.net.9526\Battle.net Helper.exe
Faulting module path: D:\Program Files (x86)\Battle.net\Battle.net.9526\libcef.dll
Report Id: 57b0fd99-f569-405c-8dac-8abb2e9bbf8f
Faulting package full name:
Faulting package-relative application ID:
Error: (10/28/2017 01:07:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Battle.net Helper.exe, version: 0.0.0.0, time stamp: 0x59e7d7ce
Faulting module name: libcef.dll, version: 3.2623.1435.0, time stamp: 0x591a1a2e
Exception code: 0x80000003
Fault offset: 0x0019b129
Faulting process id: 0x3060
Faulting application start time: 0x01d34faa800a457e
Faulting application path: D:\Program Files (x86)\Battle.net\Battle.net.9526\Battle.net Helper.exe
Faulting module path: D:\Program Files (x86)\Battle.net\Battle.net.9526\libcef.dll
Report Id: 4d00d0f4-0909-4db1-b66d-40c81db272d8
Faulting package full name:
Faulting package-relative application ID:
Error: (10/24/2017 12:51:05 AM) (Source: System Restore) (EventID: 8209) (User: )
Description: System Restore did not run because the system was restarted, lost power, or stopped responding. Additional information: (Removed Amazing Eternals).
Error: (10/24/2017 12:21:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 10.0.15063.0, time stamp: 0x02799ef5
Faulting module name: amdxc64.dll, version: 22.19.662.4, time stamp: 0x597131f6
Exception code: 0xc0000005
Fault offset: 0x000000000064e08a
Faulting process id: 0x35ec
Faulting application start time: 0x01d34c7f91f64424
Faulting application path: c:\windows\system32\svchost.exe
Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\c0316467.inf_amd64_3d8fbd78102e53d7\amdxc64.dll
Report Id: af8072da-fbb1-4873-8ce3-28ce9d48d27e
Faulting package full name:
Faulting package-relative application ID:
Error: (10/24/2017 12:20:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WinRAR.exe, version: 5.40.0.0, time stamp: 0x57b0c341
Faulting module name: KERNELBASE.dll, version: 10.0.15063.674, time stamp: 0x93d2100b
Exception code: 0xc06d007e
Fault offset: 0x0000000000069e08
Faulting process id: 0x306c
Faulting application start time: 0x01d34c7f5e2f2b00
Faulting application path: C:\Program Files\WinRAR\WinRAR.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: f4dbdf4d-7c74-4622-b036-5c83c9ba0d33
Faulting package full name:
Faulting package-relative application ID:
Error: (10/24/2017 12:20:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WinRAR.exe, version: 5.40.0.0, time stamp: 0x57b0c341
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000000c14e6f40d8
Faulting process id: 0x306c
Faulting application start time: 0x01d34c7f5e2f2b00
Faulting application path: C:\Program Files\WinRAR\WinRAR.exe
Faulting module path: unknown
Report Id: 26f96a32-787c-42ca-acfe-896d21cbfa2f
Faulting package full name:
Faulting package-relative application ID:
Error: (10/24/2017 12:18:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 10.0.15063.0, time stamp: 0x02799ef5
Faulting module name: amdxc64.dll, version: 22.19.662.4, time stamp: 0x597131f6
Exception code: 0xc0000005
Fault offset: 0x000000000064e08a
Faulting process id: 0x38dc
Faulting application start time: 0x01d34c7f22f46d20
Faulting application path: c:\windows\system32\svchost.exe
Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\c0316467.inf_amd64_3d8fbd78102e53d7\amdxc64.dll
Report Id: 02fca55c-de8d-40af-97e9-69366c5c53e8
Faulting package full name:
Faulting package-relative application ID:
Error: (10/24/2017 12:15:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 10.0.15063.0, time stamp: 0x02799ef5
Faulting module name: amdxc64.dll, version: 22.19.662.4, time stamp: 0x597131f6
Exception code: 0xc0000005
Fault offset: 0x000000000064e08a
Faulting process id: 0x1e30
Faulting application start time: 0x01d34c7de170ac00
Faulting application path: c:\windows\system32\svchost.exe
Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\c0316467.inf_amd64_3d8fbd78102e53d7\amdxc64.dll
Report Id: dbede74e-c19b-4d56-b3e0-39c26ec7c71b
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (10/31/2017 11:34:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/31/2017 12:03:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/30/2017 11:42:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/30/2017 11:42:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (10/30/2017 11:28:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/30/2017 02:29:43 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1400000000c0b3. The name of the file is "\found.001\file00000000.chk".
Error: (10/30/2017 12:37:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.
Error: (10/30/2017 12:37:20 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xffffffffc0000005, 0xfffff802bac98bde, 0xffffd9815a436fa8, 0xffffd9815a4367f0). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: d916ca99-8ee4-4db2-a934-f53e20bab528.
Error: (10/30/2017 12:37:20 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:41:03 AM on 10/29/2017 was unexpected.
Error: (10/30/2017 12:37:13 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 16) (User: NT AUTHORITY)
Description: 32212254734614856461280440
CodeIntegrity:
===================================
Date: 2017-10-17 00:10:22.967
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2017-10-17 00:10:22.963
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2017-10-17 00:10:22.960
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2017-10-17 00:10:22.956
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2017-10-17 00:10:22.953
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2017-10-17 00:10:22.949
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2017-10-17 00:10:17.938
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2017-10-17 00:10:17.935
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2017-10-17 00:10:17.932
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2017-10-17 00:10:17.929
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.107.36.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core™ i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 29%
Total physical RAM: 16295.52 MB
Available physical RAM: 11447.93 MB
Total Virtual: 18727.52 MB
Available Virtual: 11553.18 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.44 GB) (Free:71.83 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:931.51 GB) (Free:230.71 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 59C3683A)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 59C36822)
Partition 1: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
#4
Posted 01 November 2017 - 04:38 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Download the attached fixlist.txt to the same location as FRST
[attachment=86172:fixlist.txt]
Run FRST and press Fix
A fix log will be generated please post that
Run FRST again as before. Make sure Addition.txt is checked and hit Scan. Post both logs.
If it comes back after this then let's try downloading the free Avast as there is an indication that your Windows Defender is not running correctly.
http://www.avast.com/index
Click on Download then choose the free version.
(Don't accept the trial - stay with the Basic option.)
Once you get it installed and it has updated tell it you wnat a boot time scan:
It takes like 6 hours so I usually let it run at night.
Click on the Avast ball. Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan. Click on Install Special Definitions. Click on Run on Next PC Reboot.
Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows. Mute your speakers so it doesn't wake you up when Windows boots.
When you reboot you will see the scan start. It will tell you where it saves its log. Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location. This is a hidden location so you will need to tell Windows to let you see it:
http://www.howtogeek...-windows-vista/
Copy and paste the text from the log to a Reply when done.
I also see a BSOD so let's run
lueScreenView
http://www.nirsoft.n...creen_view.html
Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.
Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.
#5
Posted 02 November 2017 - 10:10 AM
agamer7809
- Topic Starter
-
- Member
-
- 37 posts
Member
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-11-2017
Ran by Alex (02-11-2017 12:01:39) Run:1
Running from C:\Users\Alex\Downloads
Loaded Profiles: Alex (Available Profiles: Alex)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CHR HomePage: Default -> hxxp://mystart.incredibar.com/?a=6Oz8ZpUKl9&loc=skw
CHR StartupUrls: Default -> "","hxxp://mystart.incredibar.com/?a=6R9m9Z7cl4&i=26&loc=skw","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.0.5.292&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.0.443&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.5.512&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.7.598&pid=safeguard&sg=0&sap=hp","hxxps://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.9.786&pid=safeguard&sg=0&sap=hp","hxxps://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.9.799&pid=safeguard&sg=0&sap=hp","hxxp://www.trovi.com/?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=55&CUI=&UM=8&UP=SPDE37641D-D109-4BCC-9802-91C3E5978CAE&D=061215&SSPV="
CHR Extension: (Honey) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-10-09]
CHR Extension: (Honey) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-10-09]
Task: C:\WINDOWS\Tasks\update-S-1-5-21-482574108-2876646391-2450146034-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
CMD: for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"
EMPTY TEMP:
CMD: bitsadmin /Reset
*****************
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
CHR Extension: (Honey) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-10-09] => Error: No automatic fix found for this entry.
CHR Extension: (Honey) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-10-09] => Error: No automatic fix found for this entry.
C:\WINDOWS\Tasks\update-S-1-5-21-482574108-2876646391-2450146034-1001.job => moved successfully
C:\WINDOWS\Tasks\update-sys.job => moved successfully
========= for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1" =========
Failed to clear log Microsoft-Windows-LiveId/Analytic. Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational. Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider.
========= End of CMD: =========
========= bitsadmin /Reset =========
BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 64970622 B
Java, Flash, Steam htmlcache => 278332784 B
Windows/system/drivers => 140174 B
Edge => 3420619 B
Chrome => 505007055 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 29769 B
LocalService => 0 B
NetworkService => 74352 B
Alex => 274898566 B
RecycleBin => 385172498 B
EmptyTemp: => 1.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:02:21 ====
I'll be doing the Avast scan and BSOD scans when I get home from work and I will post the logs afterwards.
I'll be doing the Avast scan and BSOD scans when I get home from work and I will post the logs afterwards.
#6
Posted 04 November 2017 - 09:51 PM
agamer7809
- Topic Starter
-
- Member
-
- 37 posts
Member
I have tried installing avast a few times but it fails everytime. http://prntscr.com/h6e1io
I also copied the logs provided as to why it didnt install:
2017-11-05 03:45:31.960Infoinstup[9144,15552]Command: '"C:\Users\Alex\AppData\Local\Temp\_av_iup.tm~a14916\instup.exe" /edition:1 /ga_clientid:e1165723-f437-4262-919d-b76200496dc0 /guid:be8d4517-c096-4861-bc05-de258efef969 /prod:ais /sfx:lite /sfxstorage:C:\Users\Alex\AppData\Local\Temp\_av_iup.tm~a14916'
2017-11-05 03:45:31.960Infoinstup[9144,15552]CPU: Intel® Core™ i7-4790 CPU @ 3.60GHz,8
2017-11-05 03:45:31.960Infoinstup[9144,15552]OS: Windows 10 (10.0.15063) x64
2017-11-05 03:45:31.960Infoinstup[9144,15552]Memory: 25% load. Phys:4194303/4194303K free, Page:4194303/4194303K free, Virt:3992160/4194176K free
2017-11-05 03:45:31.960Infoinstup[9144,15552]DISKs: C:\ - 72GB free / 232GB total
2017-11-05 03:45:31.960Infoinstup[9144,15552]DISKs: D:\ - 258GB free / 931GB total
2017-11-05 03:45:31.960Infoinstup[9144,15552]Running module version: instup.exe - '17.7.3660.0'
2017-11-05 03:45:31.960Infoinstup[9144,15552]Running module version: Instup.dll - '17.7.3660.0'
2017-11-05 03:45:31.966Infomutex[9144,15552]The ownership of the fallback mutex has been successfully taken.
2017-11-05 03:45:31.969Infoinstup[9144,15552]The proxy settings were successfully set from OS ('http=127.0.0.1', 64550).
2017-11-05 03:45:31.979Warningsettings[9144,15552]Did not find any values in file 'programData\avast5.ini'
2017-11-05 03:45:32.158Infoshepsync[9144,15552]Trying server IP address '77.234.42.107'
2017-11-05 03:45:32.167Warningshepsync[9144,15552]Exception: Unable to set WinHTTP proxy information!
Code: 0x00002eeb (12011)
2017-11-05 03:45:32.167Infoshepsync[9144,15552]Trying server IP address '5.62.40.22'
2017-11-05 03:45:32.169Warningshepsync[9144,15552]Exception: Unable to set WinHTTP proxy information!
Code: 0x00002eeb (12011)
2017-11-05 03:45:32.170Infoshepsync[9144,15552]Current postpone interval: 3600, next 7200
2017-11-05 03:45:32.175Warningsettings[9144,8400]Did not find any values in file 'programData\burger_client.ini'
2017-11-05 03:45:32.181Infowizard[9144,15552]Running module version: HTMLayout.dll - '3.3.2.1'
2017-11-05 03:45:32.205Infowizard[9144,15552]Loaded module version: C:\Users\Alex\AppData\Local\Temp\_av_iup.tm~a14916\HTMLayout.dll - '3.3.2.1'
2017-11-05 03:45:32.233Infowizard[9144,15552]Setup gui was successfully started.
2017-11-05 03:45:32.233Infoinstcore[9144,15552]Sfx setup update has started.
2017-11-05 03:45:32.238Infoservers[9144,15552]Server definition(s) loaded for 'C:\Users\Alex\AppData\Local\Temp\_av_iup.tm~a14916\servers.def': 29 (maintenance:0)
2017-11-05 03:45:32.239Infoservers[9144,15552]ChooseServer: selected server 'Download d3116203 AVAST9 Server' with current url 'http://d3116203.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:32.269Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:32.273Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://d3116203.iavs...rvers.def.vpx'.Next try: 1
2017-11-05 03:45:32.274Infoservers[9144,15552]ChooseServer: selected server 'Download v7630928 AVAST9 Server' with current url 'http://v7630928.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:34.314Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:34.320Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://v7630928.iavs...rvers.def.vpx'.Next try: 2
2017-11-05 03:45:34.323Infoservers[9144,15552]ChooseServer: selected server 'Download p4085325 AVAST9 Server' with current url 'http://p4085325.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:36.366Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:36.369Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://p4085325.iavs...rvers.def.vpx'.Next try: 3
2017-11-05 03:45:36.370Infoservers[9144,15552]ChooseServer: selected server 'Download w6607332 AVAST9 Server' with current url 'http://w6607332.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:38.404Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:38.406Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://w6607332.iavs...rvers.def.vpx'.Next try: 4
2017-11-05 03:45:38.407Infoservers[9144,15552]ChooseServer: selected server 'Download g0511470 AVAST9 Server' with current url 'http://g0511470.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:40.449Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:40.451Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://g0511470.iavs...rvers.def.vpx'.Next try: 5
2017-11-05 03:45:40.452Infoservers[9144,15552]ChooseServer: selected server 'Download j8087387 AVAST9 Server' with current url 'http://j8087387.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:42.487Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:42.492Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://j8087387.iavs...rvers.def.vpx'.Next try: 6
2017-11-05 03:45:42.493Infoservers[9144,15552]ChooseServer: selected server 'Download v6834318 AVAST9 Server' with current url 'http://v6834318.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:44.527Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:44.528Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://v6834318.iavs...rvers.def.vpx'.Next try: 7
2017-11-05 03:45:44.529Infoservers[9144,15552]ChooseServer: selected server 'Download t3036159 AVAST9 Server' with current url 'http://t3036159.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:46.573Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:46.574Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://t3036159.iavs...rvers.def.vpx'.Next try: 8
2017-11-05 03:45:46.575Infoservers[9144,15552]ChooseServer: selected server 'Download h1874089 AVAST9 Server' with current url 'http://h1874089.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:48.612Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:48.613Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://h1874089.iavs...rvers.def.vpx'.Next try: 9
2017-11-05 03:45:48.614Infoservers[9144,15552]ChooseServer: selected server 'Download v7630928 AVAST9 Server' with current url 'http://v7630928.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:50.645Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:50.646Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://v7630928.iavs...rvers.def.vpx'.Next try: 10
2017-11-05 03:45:50.647Infoservers[9144,15552]ChooseServer: selected server 'Download p4085325 AVAST9 Server' with current url 'http://p4085325.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:52.648Infoservers[9144,15552]ChooseServer: selected server 'Download d0211227 AVAST9 Server' with current url 'http://d0211227.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:52.679Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:52.680Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://d0211227.iavs.../prod-pgm.vpx'.Next try: 1
2017-11-05 03:45:52.681Infoservers[9144,15552]ChooseServer: selected server 'Download y9663457 AVAST9 Server' with current url 'http://y9663457.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:54.716Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:54.717Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://y9663457.iavs.../prod-pgm.vpx'.Next try: 2
2017-11-05 03:45:54.718Infoservers[9144,15552]ChooseServer: selected server 'Download g0511470 AVAST9 Server' with current url 'http://g0511470.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:45:56.768Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:45:56.769Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://g0511470.iavs.../prod-pgm.vpx'.Next try: 3
2017-11-05 03:45:56.772Infoservers[9144,15552]ChooseServer: selected server 'Download j8087387 AVAST9 Server' with current url 'http://j8087387.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:46:02.569Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:46:02.570Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://j8087387.iavs.../prod-pgm.vpx'.Next try: 4
2017-11-05 03:46:02.571Infoservers[9144,15552]ChooseServer: selected server 'Download w9448963 AVAST9 Server' with current url 'http://w9448963.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:46:04.610Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:46:04.615Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://w9448963.iavs.../prod-pgm.vpx'.Next try: 5
2017-11-05 03:46:04.616Infoservers[9144,15552]ChooseServer: selected server 'Download z2461313 AVAST9 Server' with current url 'http://z2461313.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:46:06.660Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:46:06.661Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://z2461313.iavs.../prod-pgm.vpx'.Next try: 6
2017-11-05 03:46:06.662Infoservers[9144,15552]ChooseServer: selected server 'Download s7284151 AVAST9 Server' with current url 'http://s7284151.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:46:08.701Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:46:08.703Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://s7284151.iavs.../prod-pgm.vpx'.Next try: 7
2017-11-05 03:46:08.704Infoservers[9144,15552]ChooseServer: selected server 'Download y9663457 AVAST9 Server' with current url 'http://y9663457.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:46:10.748Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:46:10.750Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://y9663457.iavs.../prod-pgm.vpx'.Next try: 8
2017-11-05 03:46:10.751Infoservers[9144,15552]ChooseServer: selected server 'Download s4705686 AVAST9 Server' with current url 'http://s4705686.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:46:12.793Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:46:12.796Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://s4705686.iavs.../prod-pgm.vpx'.Next try: 9
2017-11-05 03:46:12.797Infoservers[9144,15552]ChooseServer: selected server 'Download z9820048 AVAST9 Server' with current url 'http://z9820048.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:46:14.831Errordldwrap[9144,15552]HttpGet: download failed with error 0x00002bc5!
2017-11-05 03:46:14.833Errordldwrap[9144,15552]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from 'http://z9820048.iavs.../prod-pgm.vpx'.Next try: 10
2017-11-05 03:46:14.834Infoservers[9144,15552]ChooseServer: selected server 'Download j8087387 AVAST9 Server' with current url 'http://j8087387.iavs...ast.com/iavs9x'of type 'URL_TYPE_DOWNLOAD_PROGRAM'.
2017-11-05 03:46:16.835Errorengine[9144,15552]LoadLatestProdAndParts: download product file 'prod-pgm.vpx' has failed. Status: 41227 (0x0000A10B) [Downloader system error]
2017-11-05 03:46:16.855Warningsettings[9144,13688]Did not find any values in file 'C:\ProgramData\AVAST Software\Avast\avast5.ini'
2017-11-05 03:46:16.855Warningsettings[9144,8400]Did not find any values in file 'C:\ProgramData\AVAST Software\Avast\burger_client.ini'
#7
Posted 06 November 2017 - 08:25 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Suspect your proxy came back and is blocking the connection. If it is back see if you can run TCPView while the proxy is in effect and post its log:
http://live.sysinternals.com/Tcpview.exe Download, Save and then run it by right clicking and Run As Admin.
Then File, Save As (to your desktop), tcp , OK. This should createa file tcp.txt on your desktop. Attach or copy and paste it to a reply.
#8
Posted 07 November 2017 - 12:44 PM
agamer7809
- Topic Starter
-
- Member
-
- 37 posts
Member
The proxy isnt there though.
https://prnt.sc/h7gb2v
The link you posted in your reply is a deadend btw. There isn't anything there.
#9
Posted 07 November 2017 - 03:34 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Yes looks like they changed it. Try:
https://docs.microso...wnloads/tcpview
The Download where it says: Download TCPView (285 KB) is a zip but if you use the link after Run Now it's a direct .exe file so no need to unzip.
If you try the off-line download of Avast (222MB) it might work since it doesn't have to contact the mothership:
https://www.avast.co...ST&locale=en-ww
#10
Posted 08 November 2017 - 07:47 PM
agamer7809
- Topic Starter
-
- Member
-
- 37 posts
Member
<non-existent> 8048 TCP Alexspc 53698 localhost 64550 FIN_WAIT2
<non-existent> 8048 TCP Alexspc 53702 localhost 64550 FIN_WAIT2
<non-existent> 8048 TCP Alexspc 53706 localhost 64550 FIN_WAIT2
<non-existent> 8048 TCP Alexspc 53710 localhost 64550 FIN_WAIT2
[System Process] 0 TCP alexspc.fios-router.home 52595 53.16.211.130.bc.googleusercontent.com https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52597 iad30s10-in-f4.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52603 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52604 iad30s10-in-f4.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52621 iad23s59-in-f3.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52624 iad23s59-in-f3.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52626 iad23s44-in-f170.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52631 iad23s42-in-f10.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52668 iad23s42-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52670 iad30s14-in-f2.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52676 iad23s60-in-f14.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52679 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52680 iad23s44-in-f170.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52681 lga25s61-in-f14.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52682 iad23s42-in-f109.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52683 iad30s08-in-f14.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52685 iad30s14-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52687 229.26.211.130.bc.googleusercontent.com https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52695 iad23s42-in-f2.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52720 iad30s09-in-f3.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52747 iad23s60-in-f8.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52757 iad23s61-in-f14.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52764 lga34s13-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52803 ql-in-f157.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 52812 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 52843 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 52849 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 52908 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 52937 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 52946 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53039 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53040 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53041 216.58.217.101 https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53043 iad30s09-in-f3.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53044 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53045 216.58.217.101 https TIME_WAIT
[System Process] 0 TCP Alexspc 53054 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53055 216.58.217.101 https TIME_WAIT
[System Process] 0 TCP Alexspc 53056 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53058 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53059 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53060 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53061 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53064 229.26.211.130.bc.googleusercontent.com https TIME_WAIT
[System Process] 0 TCP Alexspc 53066 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53070 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53073 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53074 iad30s08-in-f14.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53193 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53195 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53212 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53213 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53215 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53218 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53254 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53255 216.58.217.138 https TIME_WAIT
[System Process] 0 TCP Alexspc 53330 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53336 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53338 iad23s42-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53340 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53341 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53343 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53344 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53345 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53346 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53347 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53348 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53349 iad23s42-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53351 iad23s42-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53352 iad23s42-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53353 iad23s42-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53354 iad23s42-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53355 iad23s42-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53356 iad23s42-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53357 iad23s42-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53358 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53359 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53360 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53361 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53362 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53416 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53417 iad23s42-in-f1.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53456 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53458 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53462 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53466 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53467 172.217.3.46 https TIME_WAIT
[System Process] 0 TCP Alexspc 53468 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53469 97.107.19.215 http TIME_WAIT
[System Process] 0 TCP Alexspc 53470 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53471 97.107.19.215 http TIME_WAIT
[System Process] 0 TCP Alexspc 53472 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53473 104.100.135.213 http TIME_WAIT
[System Process] 0 TCP Alexspc 53477 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53478 iad30s08-in-f14.1e100.net https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53480 iad30s08-in-f14.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53481 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53482 53.16.211.130.bc.googleusercontent.com https TIME_WAIT
[System Process] 0 TCP Alexspc 53483 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53484 130.211.30.54 https TIME_WAIT
[System Process] 0 TCP Alexspc 53491 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53496 93.184.216.180 https TIME_WAIT
[System Process] 0 TCP Alexspc 53498 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53499 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53500 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53501 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53506 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53509 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53510 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53513 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53516 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53520 204.79.197.200 https TIME_WAIT
[System Process] 0 TCP Alexspc 53524 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53525 93.184.216.180 https TIME_WAIT
[System Process] 0 TCP Alexspc 53526 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53527 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53528 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53529 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53531 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53535 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53536 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53537 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53538 53.16.211.130.bc.googleusercontent.com https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53539 53.16.211.130.bc.googleusercontent.com https TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53540 53.16.211.130.bc.googleusercontent.com https TIME_WAIT
[System Process] 0 TCP Alexspc 53543 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53547 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53553 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53554 204.79.197.200 https TIME_WAIT
[System Process] 0 TCP Alexspc 53555 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53556 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53557 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53558 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53561 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53563 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53564 63.241.108.103 https TIME_WAIT
[System Process] 0 TCP Alexspc 53565 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53567 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53568 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53571 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53573 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53574 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53575 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53576 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53577 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53578 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53585 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53587 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53588 172.217.3.46 https TIME_WAIT
[System Process] 0 TCP Alexspc 53591 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53593 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53595 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53596 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53597 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53600 72.21.81.200 https TIME_WAIT
[System Process] 0 TCP Alexspc 53602 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53603 53.16.211.130.bc.googleusercontent.com https TIME_WAIT
[System Process] 0 TCP Alexspc 53604 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53605 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53606 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53607 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53610 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53611 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53612 72.21.81.200 https TIME_WAIT
[System Process] 0 TCP Alexspc 53616 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53617 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53618 229.26.211.130.bc.googleusercontent.com https TIME_WAIT
[System Process] 0 TCP Alexspc 53620 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53621 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53624 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53627 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53629 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53633 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53634 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53636 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53637 137.116.48.250 https TIME_WAIT
[System Process] 0 TCP Alexspc 53657 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53658 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53663 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53665 23.100.46.198 https TIME_WAIT
[System Process] 0 TCP Alexspc 53668 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53669 204.79.197.200 https TIME_WAIT
[System Process] 0 TCP Alexspc 53670 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53671 172.217.3.46 https TIME_WAIT
[System Process] 0 TCP Alexspc 53672 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53684 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53686 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53687 iad23s42-in-f110.1e100.net https TIME_WAIT
[System Process] 0 TCP Alexspc 53688 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53690 localhost 64550 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53691 172.217.3.46 https TIME_WAIT
[System Process] 0 TCP Alexspc 53714 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53719 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53721 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53723 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 64550 localhost 53541 TIME_WAIT
[System Process] 0 TCP Alexspc 64550 localhost 53545 TIME_WAIT
[System Process] 0 TCP Alexspc 64550 localhost 53551 TIME_WAIT
[System Process] 0 TCP Alexspc 64550 localhost 53653 TIME_WAIT
[System Process] 0 TCP alexspc.fios-router.home 53017 iad23s42-in-f110.1e100.net https TIME_WAIT 1 63
[System Process] 0 TCP Alexspc 53729 localhost 64550 TIME_WAIT
[System Process] 0 TCP Alexspc 53741 localhost 64550 TIME_WAIT
chrome.exe 5820 TCP alexspc.fios-router.home 52606 qr-in-f188.1e100.net 5228 ESTABLISHED
chrome.exe 5820 TCP alexspc.fios-router.home 52642 104.27.80.31 https ESTABLISHED
chrome.exe 5820 TCP alexspc.fios-router.home 52675 151.101.0.175 https ESTABLISHED
chrome.exe 5820 TCP alexspc.fios-router.home 52708 ec2-52-11-96-21.us-west-2.compute.amazonaws.com https ESTABLISHED 3 431
chrome.exe 5820 TCP alexspc.fios-router.home 52709 151.101.0.249 https ESTABLISHED
chrome.exe 5820 TCP alexspc.fios-router.home 52710 151.101.0.249 https ESTABLISHED
chrome.exe 5820 TCP alexspc.fios-router.home 52711 151.101.0.249 https ESTABLISHED
chrome.exe 5820 TCP alexspc.fios-router.home 52732 a104-64-60-225.deploy.static.akamaitechnologies.com https ESTABLISHED
chrome.exe 5820 TCP alexspc.fios-router.home 52767 sockets.betterttv.net https ESTABLISHED 1 35 1 31
chrome.exe 5820 TCP alexspc.fios-router.home 52768 104.27.81.31 https ESTABLISHED
chrome.exe 5820 TCP alexspc.fios-router.home 52772 151.101.2.49 https ESTABLISHED
chrome.exe 5820 TCP alexspc.fios-router.home 52779 ec2-35-162-33-130.us-west-2.compute.amazonaws.com https ESTABLISHED
chrome.exe 5820 TCP alexspc.fios-router.home 52785 ec2-34-215-8-107.us-west-2.compute.amazonaws.com https ESTABLISHED
chrome.exe 5820 TCP Alexspc 52864 localhost 64550 ESTABLISHED 1 971 2 432
chrome.exe 5820 TCP Alexspc 53447 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53474 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53475 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53487 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53488 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53489 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53490 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53497 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53511 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53512 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53514 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53515 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53533 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53546 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53559 localhost 64550 ESTABLISHED 2 1,622 7 1,908
chrome.exe 5820 TCP Alexspc 53625 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53626 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53631 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53638 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53639 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53640 localhost 64550 ESTABLISHED 1 2,294 2 634
chrome.exe 5820 TCP Alexspc 53645 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53649 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53650 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53654 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53662 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53666 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53676 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53677 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53682 localhost 64550 ESTABLISHED
chrome.exe 5820 UDP Alexspc 5353 * *
chrome.exe 5820 UDP Alexspc 5353 * *
chrome.exe 5820 UDP Alexspc 5353 * *
chrome.exe 5820 UDPV6 [0:0:0:0:0:0:0:0] 5353 * *
chrome.exe 5820 UDPV6 [0:0:0:0:0:0:0:0] 5353 * *
chrome.exe 5820 UDP alexspc.fios-router.home 59839 * * 4 692
chrome.exe 5820 TCP Alexspc 53733 localhost 64550 ESTABLISHED 24 924
chrome.exe 5820 TCP Alexspc 53735 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53737 localhost 64550 ESTABLISHED
chrome.exe 5820 TCP Alexspc 53743 localhost 64550 ESTABLISHED
jucheck.exe 636 TCP Alexspc 53692 localhost 64550 ESTABLISHED
LeagueClient.exe 5284 TCP Alexspc 52963 Alexspc 0 LISTENING
LeagueClient.exe 5284 TCP Alexspc 52963 localhost 52967 ESTABLISHED 5 1,940
LeagueClient.exe 5284 TCP Alexspc 52963 localhost 53001 ESTABLISHED
LeagueClient.exe 5284 TCP Alexspc 52963 localhost 53004 ESTABLISHED 4 4,265
LeagueClient.exe 5284 TCP alexspc.fios-router.home 53238 52.41.178.66 https ESTABLISHED
LeagueClient.exe 5284 TCP alexspc.fios-router.home 53241 192.64.174.65 2099 ESTABLISHED
LeagueClient.exe 5284 TCP alexspc.fios-router.home 53257 192.64.174.69 5223 ESTABLISHED
LeagueClient.exe 5284 TCP alexspc.fios-router.home 53268 104.17.49.19 https ESTABLISHED
LeagueClient.exe 5284 TCP alexspc.fios-router.home 53448 151.101.1.62 https ESTABLISHED 1 209 1 864
LeagueClientUx.exe 2932 TCP Alexspc 52967 localhost 52963 ESTABLISHED 5 1,940
LeagueClientUx.exe 2932 TCP Alexspc 53001 localhost 52963 ESTABLISHED
LeagueClientUx.exe 2932 TCP Alexspc 53004 localhost 52963 ESTABLISHED 4 4,265
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53005 65.200.22.17 https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53006 65.200.22.17 https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53010 104.100.146.9 https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53012 65.200.22.17 https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53013 65.200.22.17 https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53014 65.200.22.17 https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53015 65.200.22.17 https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53016 iad23s60-in-f14.1e100.net https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53018 104.100.153.156 https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53278 65.200.22.58 https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53279 65.200.22.58 https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53280 65.200.22.58 https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53281 65.200.22.58 https ESTABLISHED
LeagueClientUx.exe 2932 TCP alexspc.fios-router.home 53282 65.200.22.58 https ESTABLISHED
lsass.exe 908 TCP Alexspc 49670 Alexspc 0 LISTENING
lsass.exe 908 TCPV6 [0:0:0:0:0:0:0:0] 49670 [0:0:0:0:0:0:0:0] 0 LISTENING
MBAMService.exe 3796 TCP alexspc.fios-router.home 49771 ec2-34-210-65-22.us-west-2.compute.amazonaws.com https CLOSE_WAIT
MsMpEng.exe 3296 TCP alexspc.fios-router.home 53728 40.83.143.209 https ESTABLISHED
RadeonInstaller.exe 5172 TCP Alexspc 53429 localhost 64550 FIN_WAIT2
services.exe 900 TCP Alexspc 49668 Alexspc 0 LISTENING
services.exe 900 TCPV6 [0:0:0:0:0:0:0:0] 49668 [0:0:0:0:0:0:0:0] 0 LISTENING
SmartApp.exe 9660 TCP alexspc.fios-router.home 52865 edge-star-shv-01-lga3.facebook.com https ESTABLISHED 1 966 2 403
SmartApp.exe 9660 TCP alexspc.fios-router.home 52871 162.254.192.18 http CLOSE_WAIT
SmartApp.exe 9660 TCP alexspc.fios-router.home 52874 65.202.58.63 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 52920 104.97.113.196 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 52929 65.202.58.65 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 52930 65.202.58.65 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 52931 65.202.58.65 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 52932 65.202.58.65 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 52933 65.202.58.65 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 52934 65.202.58.65 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 52935 65.202.58.65 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 52936 65.202.58.65 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 52992 a104-100-94-51.deploy.static.akamaitechnologies.com https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 52995 a104-100-94-51.deploy.static.akamaitechnologies.com https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53032 104.97.113.196 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53288 65.202.58.57 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53289 65.202.58.57 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53300 23.48.205.147 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53307 65.55.44.109 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53419 65.55.44.109 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53430 23.195.246.236 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53432 65.55.44.109 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53435 8.254.207.206 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53439 65.55.44.109 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53449 31.13.71.36 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53465 40.80.145.38 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53476 104.100.135.213 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53486 104.100.135.213 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53492 104.100.135.213 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53493 104.100.135.213 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53494 104.100.135.213 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53495 104.100.135.213 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53517 204.79.197.200 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53518 204.79.197.200 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53519 204.79.197.200 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53521 204.79.197.200 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53534 23.218.226.75 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53548 35.186.217.6 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53560 31.13.69.228 https ESTABLISHED 2 1,617 3 1,762
SmartApp.exe 9660 TCP alexspc.fios-router.home 53632 23.60.11.158 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53635 65.55.44.109 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53641 192.30.253.113 https CLOSE_WAIT
SmartApp.exe 9660 TCP alexspc.fios-router.home 53646 65.55.44.109 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53647 23.32.212.183 https ESTABLISHED 1 2,289 2 605
SmartApp.exe 9660 TCP alexspc.fios-router.home 53648 229.26.211.130.bc.googleusercontent.com https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53651 53.16.211.130.bc.googleusercontent.com https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53652 53.16.211.130.bc.googleusercontent.com https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53656 23.32.212.183 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53659 iad23s42-in-f110.1e100.net https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53664 ql-in-f157.1e100.net https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53675 40.80.145.38 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53678 65.55.44.109 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53679 72.21.81.200 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53683 191.236.128.229 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53693 23.202.96.60 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53695 23.202.96.60 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53699 23.4.181.163 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53703 23.4.181.163 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53707 23.4.181.163 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53711 23.4.181.163 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53717 40.80.145.38 http ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 Alexspc 0 LISTENING
SmartApp.exe 9660 TCP Alexspc 64550 localhost 52864 ESTABLISHED 2 432 2 971
SmartApp.exe 9660 TCP Alexspc 64550 localhost 52870 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 52873 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 52919 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53682 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 52922 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 52923 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 52924 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 52925 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 52926 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 52927 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 52928 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53031 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53286 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53287 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53306 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53418 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53429 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53431 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53438 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53447 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53474 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53475 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53487 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53488 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53489 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53490 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53497 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53511 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53512 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53514 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53515 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53533 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53546 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53559 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53625 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53626 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53631 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53638 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53639 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53640 ESTABLISHED 2 634 3 2,294
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53645 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53649 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53650 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53654 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53662 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53666 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53676 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53677 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53731 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53692 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53698 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53702 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53706 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53710 CLOSE_WAIT
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53737 ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53732 40.80.145.38 http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53734 216.58.217.99 https ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53736 iad23s42-in-f110.1e100.net http ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53738 65.246.5.45 http ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53735 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53733 ESTABLISHED
SmartApp.exe 9660 TCP Alexspc 64550 localhost 53743 ESTABLISHED
SmartApp.exe 9660 TCP alexspc.fios-router.home 53744 104.64.67.34 https ESTABLISHED
spoolsv.exe 2896 TCP Alexspc 49667 Alexspc 0 LISTENING
spoolsv.exe 2896 TCPV6 [0:0:0:0:0:0:0:0] 49667 [0:0:0:0:0:0:0:0] 0 LISTENING
Steam.exe 8444 TCP Alexspc 27036 Alexspc 0 LISTENING
Steam.exe 8444 TCP Alexspc 27060 Alexspc 0 LISTENING
Steam.exe 8444 TCP Alexspc 52870 localhost 64550 ESTABLISHED
Steam.exe 8444 TCP Alexspc 52873 localhost 64550 ESTABLISHED
Steam.exe 8444 TCP Alexspc 52919 localhost 64550 FIN_WAIT2
Steam.exe 8444 TCP Alexspc 52921 localhost 64550 FIN_WAIT2
Steam.exe 8444 TCP Alexspc 52922 localhost 64550 FIN_WAIT2
Steam.exe 8444 TCP Alexspc 52923 localhost 64550 FIN_WAIT2
Steam.exe 8444 TCP Alexspc 52924 localhost 64550 FIN_WAIT2
Steam.exe 8444 TCP Alexspc 52925 localhost 64550 FIN_WAIT2
Steam.exe 8444 TCP Alexspc 52926 localhost 64550 FIN_WAIT2
Steam.exe 8444 TCP Alexspc 52927 localhost 64550 FIN_WAIT2
Steam.exe 8444 TCP Alexspc 52928 localhost 64550 FIN_WAIT2
Steam.exe 8444 UDP Alexspc 27036 * *
Steam.exe 8444 UDP Alexspc 56412 * * 4 240 3 476
steamwebhelper.exe 9396 TCP Alexspc 53031 localhost 64550 ESTABLISHED
steamwebhelper.exe 9396 TCP Alexspc 53286 localhost 64550 ESTABLISHED
steamwebhelper.exe 9396 TCP Alexspc 53287 localhost 64550 ESTABLISHED
svchost.exe 596 TCP Alexspc epmap Alexspc 0 LISTENING
svchost.exe 1424 TCP Alexspc 49665 Alexspc 0 LISTENING
svchost.exe 1408 TCP Alexspc 49666 Alexspc 0 LISTENING
svchost.exe 3260 TCP alexspc.fios-router.home 52581 bn4sch101123202.wns.windows.com https ESTABLISHED
svchost.exe 3252 TCP Alexspc 53306 localhost 64550 FIN_WAIT2
svchost.exe 3252 TCP Alexspc 53418 localhost 64550 FIN_WAIT2
svchost.exe 3252 TCP Alexspc 53431 localhost 64550 FIN_WAIT2
svchost.exe 3252 TCP Alexspc 53438 localhost 64550 FIN_WAIT2
svchost.exe 3180 UDP Alexspc isakmp * *
svchost.exe 6192 UDP Alexspc ssdp * *
svchost.exe 6192 UDP alexspc.fios-router.home ssdp * *
svchost.exe 3180 UDP Alexspc ipsec-msft * *
svchost.exe 9776 UDP Alexspc 5050 * *
svchost.exe 2624 UDP Alexspc 5353 * *
svchost.exe 2624 UDP Alexspc llmnr * *
svchost.exe 6192 UDP alexspc.fios-router.home 56874 * *
svchost.exe 6192 UDP Alexspc 56875 * *
svchost.exe 596 TCPV6 [0:0:0:0:0:0:0:0] epmap [0:0:0:0:0:0:0:0] 0 LISTENING
svchost.exe 1424 TCPV6 [0:0:0:0:0:0:0:0] 49665 [0:0:0:0:0:0:0:0] 0 LISTENING
svchost.exe 1408 TCPV6 [0:0:0:0:0:0:0:0] 49666 [0:0:0:0:0:0:0:0] 0 LISTENING
svchost.exe 3180 UDPV6 [0:0:0:0:0:0:0:0] 500 * *
svchost.exe 6192 UDPV6 [0:0:0:0:0:0:0:1] 1900 * *
svchost.exe 6192 UDPV6 [fe80:0:0:0:8d6d:adda:b024:dda8] 1900 * *
svchost.exe 3180 UDPV6 [0:0:0:0:0:0:0:0] 4500 * *
svchost.exe 2624 UDPV6 [0:0:0:0:0:0:0:0] 5353 * *
svchost.exe 2624 UDPV6 [0:0:0:0:0:0:0:0] 5355 * *
svchost.exe 6192 UDPV6 [fe80:0:0:0:8d6d:adda:b024:dda8] 56872 * *
svchost.exe 6192 UDPV6 [0:0:0:0:0:0:0:1] 56873 * *
svchost.exe 2308 TCP Alexspc 53731 localhost 64550 ESTABLISHED
System 4 TCP alexspc.fios-router.home netbios-ssn Alexspc 0 LISTENING
System 4 TCP Alexspc microsoft-ds Alexspc 0 LISTENING
System 4 UDP alexspc.fios-router.home netbios-ns * * 11 550
System 4 UDP alexspc.fios-router.home netbios-dgm * *
System 4 TCPV6 [0:0:0:0:0:0:0:0] microsoft-ds [0:0:0:0:0:0:0:0] 0 LISTENING
wininit.exe 820 TCP Alexspc 49664 Alexspc 0 LISTENING
wininit.exe 820 TCPV6 [0:0:0:0:0:0:0:0] 49664 [0:0:0:0:0:0:0:0] 0 LISTENING
Okay, there is that and I will have Avast run over night and post the logs tomorrow, as well as anything to do with the BSOD.
#11
Posted 08 November 2017 - 09:13 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
I take it you got Avast to install OK using the off-line installer. Looking forward to the scan results.
What is SmartApp? It seems to be really busy in TCP land.but I am not familiar with it and can't seem to find much on it.
#12
Posted 11 November 2017 - 11:16 PM
agamer7809
- Topic Starter
-
- Member
-
- 37 posts
Member
To make a long story short, SmartApp is a progam that I have installed on all of my devices, phone and computer, which earns me money for Amazon or Paypal. Here is the link to it if you would like to look into it more: https://smartpanel.io/en-US/
I ran the Avast scan last night but I do not have the text file you are asking for. Here is what I have http://prntscr.com/h9cjmk
Sorry it took so long, but I finally got the BSOD reports as well which will be in the response below this one!
#13
Posted 11 November 2017 - 11:16 PM
agamer7809
- Topic Starter
-
- Member
-
- 37 posts
Member
==================================================
Dump File : 110217-5140-01.dmp
Crash Time : 11/2/2017 10:37:41 AM
Bug Check String : MEMORY_MANAGEMENT
Bug Check Code : 0x0000001a
Parameter 1 : 00000000`00041792
Parameter 2 : fffffe00`00007008
Parameter 3 : 00000000`00800000
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+16c580
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+16c580
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\110217-5140-01.dmp
Processors Count : 8
Major Version : 15
Minor Version : 15063
Dump File Size : 638,404
Dump File Time : 11/2/2017 10:38:25 AM
==================================================
==================================================
Dump File : 103017-5546-01.dmp
Crash Time : 10/29/2017 11:36:33 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : ffffffff`c0000005
Parameter 2 : fffff802`bac98bde
Parameter 3 : ffffd981`5a436fa8
Parameter 4 : ffffd981`5a4367f0
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+82bde
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+82bde
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\103017-5546-01.dmp
Processors Count : 8
Major Version : 15
Minor Version : 15063
Dump File Size : 577,908
Dump File Time : 10/29/2017 11:37:19 PM
==================================================
==================================================
Dump File : 102517-6828-01.dmp
Crash Time : 10/24/2017 11:18:18 PM
Bug Check String : MEMORY_MANAGEMENT
Bug Check Code : 0x0000001a
Parameter 1 : 00000000`00041792
Parameter 2 : ffff8a80`000237b0
Parameter 3 : 09000000`00000000
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+16c580
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+16c580
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\102517-6828-01.dmp
Processors Count : 8
Major Version : 15
Minor Version : 15063
Dump File Size : 579,412
Dump File Time : 10/24/2017 11:19:08 PM
==================================================
#14
Posted 12 November 2017 - 09:01 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Thought I had replied to this but I guess it didn't take.
Bug Check String : MEMORY_MANAGEMENTBug Check Code : 0x0000001a
Usually means bad RAM.
Windows has a built in memory checker but it's not all that good. It's option 1 on
https://www.howtogee...m-for-problems/
If it fails your RAM then remove one stick and try it again. Try to isolate to a single stick.
If it doesn't fail then try Option 2 above. They say to be sure you should let it run 6 passes which will take all day.
#15
Posted 08 January 2018 - 08:27 PM
agamer7809
- Topic Starter
-
- Member
-
- 37 posts
Member
Okay...I know I am like 2 months late on this response and I am sorry 
I did replace my ram and got the BSOD fixed. But we never solved the original issue I came here about.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
