Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Resource in use? Please help.

Started by TheMonkeyKingYT , Nov 06 2017 01:00 AM

  • This topic is locked This topic is locked

#1
TheMonkeyKingYT
Posted 06 November 2017 - 01:00 AM

TheMonkeyKingYT

    New Member

  • Member
  • Pip
  • 4 posts

So i have a rootkit i think i can't download mbar when i try to install it says "resource in use" same when i try to open razer synapse. Malwarebytes works fine i even did 2 threat scans and deleted everything but i can't scan with rootkit. Please help. I also have this weird thing in task manager that i have never seen called "windows process manager" i posted a pic of it and another of it in details.

Attached Thumbnails

  • Weird exe.jpg
  • weird exe 2.jpg

  • 0

Advertisements

#2
LiquidTension
Posted 06 November 2017 - 01:15 PM

LiquidTension

    Expert

  • Expert
  • 1,151 posts

Hello TheMonkeyKingYT, welcome to Geeks to Go!

 

Please refer to the following guide and carry out Step 3:

http://www.geekstogo...cleaning-guide/

 

Once completed, please copy and paste the generated diagnostic logs into a new post within this topic.

 

Thank you!


  • 0

#3
TheMonkeyKingYT
Posted 06 November 2017 - 02:43 PM

TheMonkeyKingYT

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Hello TheMonkeyKingYT, welcome to Geeks to Go!

 

Please refer to the following guide and carry out Step 3:

http://www.geekstogo...cleaning-guide/

 

Once completed, please copy and paste the generated diagnostic logs into a new post within this topic.

 

Thank you!

Ok so the first one is FRST.txt and the second one is Addition.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by Isaac (administrator) on DESKTOP-QLO2U2Q (06-11-2017 14:36:04)
Running from C:\Users\isaac\Desktop
Loaded Profiles: Isaac (Available Profiles: defaultuser0 & Isaac & jevis & jevis_b)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(TOSHIBA CORPORATION) C:\Windows\Temp\mskuybvsrv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
(Alienware) C:\Program Files\Alienware\Command Center\ThermalsWindowsService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\igfxEM.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\stank\massing.exe
(The Chromium Authors) C:\Users\isaac\AppData\Local\yc\Application\yc.exe
(The Chromium Authors) C:\Users\isaac\AppData\Local\yc\Application\yc.exe
(Spotify Ltd) C:\Users\isaac\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Mega Limited) C:\Users\isaac\AppData\Local\MEGAsync\MEGAsync.exe
(The Chromium Authors) C:\Users\isaac\AppData\Local\yc\Application\yc.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(The Chromium Authors) C:\Users\isaac\AppData\Local\yc\Application\yc.exe
(The Chromium Authors) C:\Users\isaac\AppData\Local\yc\Application\yc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Online Connect\ioc.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe
() C:\Users\isaac\AppData\Local\wmikuwy\wmikuwy.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Alienware\Dell Foundation Services\DFSSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Alienware Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Alienware Update\DellUpTray.exe
(Dell) C:\Program Files\Alienware\Alienware Product Registration\PRSvc.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell) C:\Program Files\Alienware\Dell Foundation Services\DFS.Common.Agent.exe
() C:\Users\isaac\AppData\Local\wmikuwy\lsaeupa.exe
() C:\Users\isaac\AppData\Local\wmikuwy\lsaeupa.exe
(Intel® Corporation) C:\Program Files\Intel\Intel® Online Connect Access\LegacyCsLoaderService.exe
(Intel® Corporation) C:\Program Files\Intel\Intel® Online Connect Access\IntelTechnologyAccessService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Discord Inc.) C:\Users\isaac\AppData\Local\Discord\app-0.0.298\Discord.exe
(Discord Inc.) C:\Users\isaac\AppData\Local\Discord\app-0.0.298\Discord.exe
(Discord Inc.) C:\Users\isaac\AppData\Local\Discord\app-0.0.298\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\isaac\AppData\Local\wmikuwy\lsaeupa.exe
() C:\Users\isaac\AppData\Local\wmikuwy\lsaeupa.exe
() C:\Users\isaac\AppData\Local\wmikuwy\lsaeupa.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9039880 2016-10-28] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2016-10-31] (Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [MRT] => C:\Windows\system32\MRT.exe [138202976 2017-09-12] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455816 2017-02-02] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596664 2017-08-30] (Razer Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1052488 2017-10-23] ()
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Run: [WallpaperEngine] => "C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe" -silent --restore-last-session
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098944 2017-08-23] (Electronic Arts)
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Run: [Steam] => C:\Steam\steam.exe [3102496 2017-10-30] (Valve Corporation)
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Run: [Spotify] => C:\Users\isaac\AppData\Roaming\Spotify\Spotify.exe [20791408 2017-10-30] (Spotify Ltd)
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Run: [massing] => C:\Program Files (x86)\stank\massing.exe [66911 2017-08-01] ()
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Run: [chintzy] => "C:\Program Files (x86)\Carley\financiere.exe"
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Run: [ycAutoLaunch_E95947102215AF9F009824F820550021] => C:\Users\isaac\AppData\Local\yc\Application\yc.exe [4018688 2017-10-19] (The Chromium Authors)
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Run: [Chromium] => c:\users\isaac\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors)
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Run: [Winhost] => C:\Users\Isaac\AppData\Roaming\Bot.exe
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Run: [dvOniaIY.exe] => C:\Users\isaac\AppData\Local\Temp\dab79e787a9e456f9e1b0b14598d78e3\dvOniaIY.exe  <==== ATTENTION
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Run: [Spotify Web Helper] => C:\Users\isaac\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-10-30] (Spotify Ltd)
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\MountPoints2: E - "E:\setup.exe" 
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\MountPoints2: {67f0669f-7976-11e7-9cee-9cb6d0d7af12} - "L:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\MountPoints2: {e6b7a69a-4e06-11e7-9cd3-9cb6d0d7af12} - "L:\HiSuiteDownLoader.exe" 
Startup: C:\Users\isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Pro 3.8.9.718.lnk [2017-09-29]
ShortcutTarget: Adobe Acrobat Pro 3.8.9.718.lnk -> C:\TVOtd79.tmp\mKA.vbs ()
Startup: C:\Users\isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-09-29]
ShortcutTarget: MEGAsync.lnk -> C:\Users\isaac\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\merlins.lnk [2017-09-29]
ShortcutTarget: merlins.lnk -> C:\Program Files (x86)\Carley\financiere.exe (No File)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{c07bbb50-0cdf-4b89-ab1f-a488e4c190f4}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{cf45474f-85d5-4419-b3df-64d9cf2bcde9}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{cf45474f-85d5-4419-b3df-64d9cf2bcde9}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{fc1f0af8-53af-4c14-ac00-417119b8eb2f}: [NameServer] 82.202.226.203,193.238.153.54
ManualProxies: 
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131466996435339269&GUID=6E20A0B7-CC88-42FE-A10E-162936AF6BCA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131466996435340910&GUID=6E20A0B7-CC88-42FE-A10E-162936AF6BCA
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM -> DefaultScope {A402E42B-7103-4B44-8431-B57AE4563104} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {A402E42B-7103-4B44-8431-B57AE4563104} URL = 
SearchScopes: HKU\S-1-5-21-3267251706-2764207904-1746666680-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
SearchScopes: HKU\S-1-5-21-3267251706-2764207904-1746666680-1001 -> {518b33ae-375d-712d-6742-d1fe0400268d} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-3267251706-2764207904-1746666680-1001 -> {64AF4D11-6492-4C25-B014-B6C6CEE3B0C5} URL = hxxps://www.baidu.com/s?tn=80035161_2_dg&wd={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-27] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-20] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-20] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-23] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-23] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-27] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-27] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-27] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-27] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF DefaultProfile: ylq2ubeq.default
FF ProfilePath: C:\Users\isaac\AppData\Roaming\Mozilla\Firefox\Profiles\ylq2ubeq.default [2017-10-12]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ylq2ubeq.default -> Поиск@Mail.Ru
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ylq2ubeq.default -> Поиск@Mail.Ru
FF Homepage: Mozilla\Firefox\Profiles\ylq2ubeq.default -> hxxps://mail.ru/cnt/11956636?fr=ffhp1.0.3&gp=811013
FF Extension: (TAARExperiment) - C:\Users\isaac\AppData\Roaming\Mozilla\Firefox\Profiles\ylq2ubeq.default\Extensions\[email protected] [2017-10-11]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-20] (Oracle Corporation)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-20] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> inline.go.mail.ru
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=dse&q={searchTerms}&fr=chxtn12.0.23
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Default [2017-11-06]
CHR Extension: (Roblox+) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbnmfgkohlfclfnplnlenbalpppohkm [2017-11-05]
CHR Extension: (Fair AdBlocker) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2017-10-15]
CHR Extension: (Roblox Trade Enhancer) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhfjkdhahmelehfjhnbgopnghoeppjof [2017-10-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-12]
CHR Extension: (Chrome Media Router) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-12]
CHR Profile: C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-10-12]
CHR Extension: (Slides) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-12]
CHR Extension: (YouTube) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-12]
CHR Extension: (Sheets) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-12]
CHR Extension: (Gmail) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-12]
CHR Extension: (Chrome Media Router) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-12]
CHR Profile: C:\Users\isaac\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-12]
CHR Extension: (ae) - C:\Users\isaac\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lndiecnlfaibiffoeijpjnblnmdlcpog [2017-10-08]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
 
Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AlienFXWindowsService; C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [14880 2016-11-30] (Alienware)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-09-07] (Windows ® Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-09-02] ()
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-06-29] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923880 2017-10-23] (Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Alienware\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 DellUpdate; C:\Program Files (x86)\Alienware Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-05-23] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-11] (Hi-Rez Studios) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-10-31] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel® Corporation)
R3 Intel® Online Connect; C:\Program Files\Intel\Intel® Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
S2 Intel® Online Connect Helper; C:\Program Files\Intel\Intel® Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel® Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel® Online Connect Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R2 Intel® TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel® Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel® Corporation)
R2 Intel® TechnologyAccessService; C:\Program Files\Intel\Intel® Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 IRMTService; C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe [182896 2016-10-13] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-10-23] (Overwolf LTD)
R2 Product Registration; C:\Program Files\Alienware\Alienware Product Registration\PRSvc.exe [47144 2017-04-06] (Dell)
S2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69768 2017-02-01] (Razer Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [321032 2016-10-28] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-09-22] (Dell Inc.)
R2 ThermalsWindowsService; C:\Program Files\Alienware\Command Center\ThermalsWindowsService.exe [14368 2016-11-30] (Alienware)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [X]
S2 Razer Game Scanner Service; "C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe" [X]
S2 RzKLService; "C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313248.inf_amd64_aad49543f8f714a1\atikmdag.sys [36556696 2017-04-14] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313248.inf_amd64_aad49543f8f714a1\atikmpag.sys [528792 2017-04-14] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Advanced Micro Devices)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-06-20] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-06-20] (Dell Computer Corporation)
S4 dsvuxnul; C:\WINDOWS\System32\drivers\fpacpa.sys [79064 2017-10-22] (Malwarebytes)
S4 fqmsqddb; C:\WINDOWS\System32\drivers\ymisevjj.sys [79064 2017-09-29] (Malwarebytes)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-23] (Huawei Technologies Co., Ltd.)
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [34720 2016-10-13] (Intel Corporation)
S4 jgsfk; C:\WINDOWS\System32\drivers\gvnwvapb.sys [79064 2017-11-05] (Malwarebytes)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
R1 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-11-05] (Malwarebytes)
R2 memudrv; C:\Program Files\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (Microvirt Corporation)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
R3 PCDSRVC{90AB3B40-A9A6E5C8-06020200}_0; c:\program files\alienware\supportassist\pcdsrvc_x64.pkms [25584 2017-09-11] (PC-Doctor, Inc.)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-08-31] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 TesSafe; C:\Windows\system32\TesSafe.sys [1007928 2017-04-26] (TENCENT)
R2 TsQBDrv; C:\Windows\system32\drivers\TsQBDrv.sys [162264 2017-02-20] (Tencent Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-07-31] (BigNox Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 DrvAgent64; \??\C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [X]
S1 newviqxo; \??\C:\Windows\system32\drivers\newviqxo.sys [X]
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-06 14:36 - 2017-11-06 14:38 - 000028248 _____ C:\Users\isaac\Desktop\FRST.txt
2017-11-06 14:35 - 2017-11-06 14:36 - 000000000 ____D C:\FRST
2017-11-06 14:33 - 2017-11-06 14:34 - 002403328 _____ (Farbar) C:\Users\isaac\Desktop\FRST64.exe
2017-11-06 00:26 - 2017-11-06 00:26 - 000000000 ____D C:\Program Files (x86)\Razer
2017-11-06 00:12 - 2017-11-06 00:12 - 000116048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumwzdgj.sys
2017-11-05 23:55 - 2017-11-06 00:12 - 000000000 ____D C:\AdwCleaner
2017-11-05 23:52 - 2017-11-05 23:55 - 008261584 _____ (Malwarebytes) C:\Users\isaac\Downloads\adwcleaner_7.0.4.0.exe
2017-11-05 23:23 - 2017-11-05 23:24 - 014178840 _____ (Malwarebytes Corp.) C:\Users\isaac\Downloads\mbar-1.10.3.1001 (1).exe
2017-11-05 23:16 - 2017-11-05 23:18 - 014178840 _____ (Malwarebytes Corp.) C:\Users\isaac\Downloads\mbar-1.10.3.1001.exe
2017-11-05 19:05 - 2017-11-05 19:05 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\gvnwvapb.sys
2017-11-05 19:04 - 2017-11-05 19:06 - 000001040 _____ C:\Users\isaac\Desktop\virus.txt
2017-11-05 18:50 - 2017-11-05 18:50 - 000000000 ____D C:\Users\isaac\AppData\LocalLow\TerriVellmann
2017-11-05 18:29 - 2017-11-05 18:33 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\74776311.sys
2017-11-05 18:03 - 2017-11-05 18:03 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\58C54ECC.sys
2017-11-05 17:27 - 2017-11-05 17:27 - 000000000 ____D C:\Program Files (x86)\PKGInstaller
2017-11-05 17:26 - 2017-11-05 17:26 - 000001025 _____ C:\Users\isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2017-11-05 17:26 - 2017-11-05 17:26 - 000001017 _____ C:\Users\isaac\Desktop\osu!.lnk
2017-11-05 17:10 - 2017-11-05 17:26 - 026194416 _____ (Razer USA Ltd) C:\Users\isaac\Downloads\Razer_Synapse_Installer_v2.21.00.830.exe
2017-11-05 17:09 - 2017-11-05 17:09 - 000000661 _____ C:\Users\isaac\Desktop\High [bleep].lnk
2017-11-05 17:07 - 2017-11-05 17:09 - 000000000 ____D C:\Blood Code
2017-11-05 17:03 - 2017-11-05 17:03 - 000112145 _____ C:\Users\isaac\Downloads\Top15BlackwidowChromaEffectsFixed.RazerSynapse
2017-11-05 16:54 - 2017-11-05 16:55 - 000000000 ___HD C:\$WINDOWS.~BT
2017-11-05 16:53 - 2017-11-05 18:49 - 000000000 ____D C:\Users\isaac\AppData\Local\osu!
2017-11-05 16:52 - 2017-11-05 16:53 - 004487224 _____ (ppy) C:\Users\isaac\Downloads\osu!install.exe
2017-11-04 16:12 - 2017-11-04 16:12 - 000752974 _____ C:\Users\isaac\Downloads\c00lgui Reborn By Team_Jay V2.txt
2017-11-04 16:04 - 2017-11-04 16:04 - 000272294 _____ C:\Users\isaac\Downloads\Fdj13Uxn.lua
2017-11-03 20:09 - 2017-11-03 20:09 - 000000144 _____ C:\Users\isaac\Downloads\Meepcity Gamepass (1).txt
2017-11-03 17:43 - 2017-11-03 17:43 - 000187412 _____ C:\Users\isaac\Desktop\knife.txt
2017-11-03 13:21 - 2017-11-03 13:21 - 000000144 _____ C:\Users\isaac\Downloads\Meepcity Gamepass.txt
2017-11-03 11:46 - 2017-11-03 11:46 - 000001290 _____ C:\Users\isaac\Desktop\seraph.exe - Shortcut.lnk
2017-11-03 10:29 - 2017-11-03 10:29 - 000015026 _____ C:\Users\isaac\Downloads\mm2 (1).txt
2017-11-03 10:29 - 2017-11-03 10:29 - 000000399 _____ C:\Users\isaac\Downloads\Coin Grabber mm2.txt
2017-11-03 10:21 - 2017-11-03 10:21 - 002886484 _____ C:\Users\isaac\Downloads\MM2.txt
2017-11-03 10:21 - 2017-11-03 10:21 - 000111512 _____ C:\Users\isaac\Downloads\UnJailBreakUPDATED.txt
2017-11-03 10:21 - 2017-11-03 10:21 - 000024097 _____ C:\Users\isaac\Downloads\Phantom_Forces.txt
2017-11-03 10:07 - 2017-11-03 10:10 - 009717801 _____ C:\Users\isaac\Downloads\Seraph (1).7z
2017-11-03 10:03 - 2017-11-03 10:03 - 000000000 ____D C:\Users\isaac\Downloads\Seraph
2017-11-03 10:01 - 2017-11-03 10:03 - 009717801 _____ C:\Users\isaac\Downloads\Seraph.7z
2017-11-03 10:01 - 2017-11-03 10:01 - 000000064 _____ C:\Users\isaac\Desktop\keyyyy.txt
2017-11-02 15:41 - 2017-11-02 15:41 - 126645728 _____ C:\Users\isaac\Desktop\alan.nds
2017-11-01 11:38 - 2017-11-01 11:59 - 081199517 _____ C:\Users\isaac\Downloads\Pokemon - White Version 2 (USA, Europe) (NDSi Enhanced).7z
2017-11-01 11:36 - 2017-11-01 12:04 - 081465886 _____ C:\Users\isaac\Downloads\Pokemon - Black Version 2 (USA, Europe) (NDSi Enhanced).7z
2017-11-01 10:16 - 2017-11-01 10:16 - 000000202 _____ C:\Users\isaac\Desktop\Warframe.url
2017-11-01 06:54 - 2017-11-01 06:54 - 000011005 _____ C:\Users\isaac\Downloads\PearInjector.rar
2017-11-01 06:54 - 2017-11-01 06:54 - 000000000 ____D C:\Users\isaac\Downloads\PearInjector
2017-11-01 06:47 - 2017-11-01 06:47 - 000000000 ____D C:\Users\isaac\Downloads\[Porkchop Dessert] Glory Exploit
2017-11-01 06:44 - 2017-11-01 06:44 - 000200742 _____ C:\Users\isaac\Downloads\[Porkchop Dessert] Glory Exploit.rar
2017-11-01 06:30 - 2017-11-01 06:30 - 000000000 ____D C:\Users\isaac\AppData\LocalLow\uTorrent
2017-10-31 16:21 - 2017-10-31 16:21 - 004138358 _____ C:\Users\isaac\Downloads\vipervenom-qtx_level7.rar
2017-10-31 16:21 - 2017-10-31 16:21 - 000000000 ____D C:\Users\isaac\Downloads\vipervenom-qtx_level7
2017-10-31 15:52 - 2017-10-31 15:52 - 000000000 ____D C:\Users\isaac\Downloads\PANDERS_Paradox
2017-10-31 15:51 - 2017-10-31 15:52 - 002757196 _____ C:\Users\isaac\Downloads\PANDERS_Paradox.zip
2017-10-31 15:42 - 2017-10-31 15:42 - 000000000 ____D C:\Users\isaac\Downloads\Full_LUA_C_Script_pack
2017-10-31 15:37 - 2017-10-31 15:40 - 000904942 _____ C:\Users\isaac\Downloads\Full_LUA_C_Script_pack.zip
2017-10-31 14:59 - 2017-10-31 14:59 - 000016902 _____ C:\WINDOWS\System32\Tasks\Candy Retlean call Software
2017-10-31 04:02 - 2017-10-31 04:02 - 000520252 _____ C:\Users\isaac\Downloads\Skimas_v2.rar
2017-10-31 04:02 - 2017-10-31 04:02 - 000000000 ____D C:\Users\isaac\Downloads\Skimas_v2
2017-10-30 11:29 - 2017-10-30 11:29 - 000262227 _____ C:\Users\isaac\Downloads\CanOBean-master.zip
2017-10-30 11:29 - 2017-10-30 11:29 - 000000000 ____D C:\Users\isaac\Downloads\CanOBean-master
2017-10-30 11:23 - 2017-10-30 11:26 - 000201216 _____ C:\Users\isaac\Downloads\Arsonist-WebBase (2).exe
2017-10-30 04:27 - 2017-10-30 04:27 - 000205160 _____ C:\Users\isaac\Downloads\ChrySploit_LuaC_Script_Pack.zip
2017-10-30 04:27 - 2017-10-30 04:27 - 000000000 ____D C:\Users\isaac\Downloads\ChrySploit_LuaC_Script_Pack
2017-10-30 04:22 - 2017-10-30 04:22 - 000111512 _____ C:\Users\isaac\Downloads\jb_script.txt
2017-10-30 04:20 - 2017-10-30 04:20 - 000064000 _____ C:\Users\isaac\Downloads\VMProtectSDK32 (1).dll
2017-10-29 07:43 - 2017-10-29 07:43 - 000000000 ____D C:\Users\isaac\Downloads\Oregues
2017-10-29 07:42 - 2017-10-29 07:42 - 000663942 _____ C:\Users\isaac\Downloads\Oregues.rar
2017-10-29 07:42 - 2017-10-29 07:42 - 000064000 _____ C:\Users\isaac\Downloads\VMProtectSDK32.dll
2017-10-29 05:41 - 2017-10-29 05:41 - 000000000 ____D C:\Users\isaac\Downloads\RC7 Cracked
2017-10-29 05:40 - 2017-10-29 05:40 - 000656780 _____ C:\Users\isaac\Downloads\RC7 Cracked.rar
2017-10-29 05:19 - 2017-10-29 05:19 - 000201216 _____ C:\Users\isaac\Downloads\Arsonist-WebBase (1).exe
2017-10-29 05:19 - 2017-10-29 05:19 - 000148480 _____ C:\Users\isaac\Downloads\Arsonist-WebBase.exe
2017-10-29 05:15 - 2017-10-29 05:15 - 000029970 _____ C:\Users\isaac\Downloads\aimbot_phantom_forces.txt
2017-10-29 05:09 - 2017-10-29 05:09 - 000000000 ____D C:\Users\isaac\Downloads\CHRYSLER_Small_Scripts
2017-10-29 05:07 - 2017-10-29 05:07 - 000266970 _____ C:\Users\isaac\Downloads\CHRYSLER_Small_Scripts.zip
2017-10-28 00:25 - 2017-10-28 00:25 - 000046130 _____ C:\Users\isaac\Downloads\SteamAchievementManager63_hotfix.zip
2017-10-27 09:41 - 2017-10-27 09:41 - 000414413 _____ C:\Users\isaac\Downloads\CS-GO FPS & PING GUIDE BY NT.rar
2017-10-27 09:41 - 2017-10-27 09:41 - 000000000 ____D C:\Users\isaac\Downloads\CS-GO FPS & PING GUIDE BY NT
2017-10-26 02:19 - 2017-10-26 02:19 - 000000000 ____D C:\Users\isaac\AppData\Local\EpicGamesLauncher
2017-10-25 08:57 - 2017-10-25 08:57 - 000000000 ____D C:\Users\isaac\Downloads\[ViperVenom] NOCLIP Unpatchable
2017-10-25 03:23 - 2017-10-25 03:24 - 000000000 ____D C:\Users\isaac\AppData\Roaming\Mouse Recorder
2017-10-25 03:23 - 2017-10-25 03:23 - 000001154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MouseRecorder.lnk
2017-10-25 03:23 - 2017-10-25 03:23 - 000000000 ____D C:\ProgramData\MouseRecorder
2017-10-25 03:23 - 2017-10-25 03:23 - 000000000 ____D C:\Program Files (x86)\MouseRecorder
2017-10-25 00:40 - 2017-10-25 00:40 - 000000000 ____D C:\Users\isaac\Downloads\xliveless-0.999b7
2017-10-25 00:21 - 2017-10-25 00:21 - 000000000 ____D C:\Users\isaac\Downloads\1494192257_GTA IV SAVE GAME
2017-10-25 00:18 - 2017-10-25 00:18 - 000000000 ____D C:\Users\isaac\Downloads\DUBStep gun
2017-10-24 07:59 - 2017-10-29 05:29 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2017-10-24 03:06 - 2017-10-24 03:18 - 000000000 ____D C:\Users\isaac\Downloads\GTA San Andreas
2017-10-22 23:55 - 2017-10-22 23:55 - 000000000 ____D C:\Users\isaac\Downloads\Cities Skylines V1.7.0 Trainer +5 MrAntiFun
2017-10-22 23:36 - 2017-10-22 23:36 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\4467078D.sys
2017-10-22 11:19 - 2017-10-22 11:19 - 000001981 _____ C:\Users\isaac\Desktop\Game.exe - Shortcut (3).lnk
2017-10-22 10:02 - 2017-10-22 10:02 - 000000000 ____D C:\Program Files (x86)\Activision
2017-10-22 04:14 - 2017-11-06 02:24 - 000000000 ____D C:\Users\isaac\AppData\Local\wmikuwy
2017-10-22 04:04 - 2017-10-22 04:04 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\fpacpa.sys
2017-10-21 18:27 - 2017-10-21 18:28 - 000000000 ____D C:\Users\isaac\Downloads\dev0lved_enb_v1.2.zip-10-1-2
2017-10-21 08:57 - 2017-10-22 00:52 - 000001684 _____ C:\Users\Public\Desktop\VTM Bloodlines.lnk
2017-10-21 08:57 - 2017-10-21 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampire the Masquerade - Bloodlines [GOG.com]
2017-10-21 04:08 - 2017-10-21 04:08 - 000000000 ____D C:\Users\isaac\Downloads\vampire_the_masquerade_bloodlines
2017-10-20 17:01 - 2017-10-20 17:01 - 000000000 ____D C:\Users\isaac\AppData\LocalLow\LionShield
2017-10-19 21:10 - 2017-10-19 21:10 - 000000000 ____D C:\Users\isaac\Downloads\Pokemon - HeartGold Version (US)
2017-10-19 21:05 - 2017-10-19 21:05 - 000001310 _____ C:\Users\isaac\Desktop\DeSmuME.exe - Shortcut.lnk
2017-10-19 21:05 - 2017-10-19 21:05 - 000000000 ____D C:\Users\isaac\Downloads\Pokemon - SoulSilver Version (US)
2017-10-19 20:57 - 2017-10-19 21:13 - 000000000 ____D C:\Users\isaac\Downloads\desmume-0.9.8-win32
2017-10-19 15:43 - 2017-10-19 15:43 - 000000000 ____D C:\Users\Public\Documents\uPlay
2017-10-18 13:34 - 2017-10-19 15:35 - 000000000 ____D C:\Users\isaac\Downloads\cdp-sptfbw
2017-10-17 16:03 - 2017-10-22 18:11 - 000000000 ____D C:\Users\isaac\Downloads\Spiderman.Shattered.Dimensions-RELOADED
2017-10-17 15:28 - 2017-10-17 15:28 - 000000000 ____D C:\Users\isaac\Downloads\0621_Prototype_2_gamersky
2017-10-17 15:21 - 2017-10-17 15:39 - 000000000 ____D C:\Users\isaac\Documents\Prototype
2017-10-17 15:19 - 2017-10-17 15:31 - 000000000 ____D C:\Users\isaac\Downloads\PROTOTYPE.V1.0.0.1.PLUS9TRN.PSYCHRADIANCE
2017-10-17 12:28 - 2017-10-17 12:28 - 000000000 ____D C:\Users\isaac\AppData\Roaming\Prototype
2017-10-17 05:50 - 2017-10-17 05:50 - 000000000 ____D C:\Users\isaac\Downloads\MONOPOLY.PLUS-STEAMPUNKS
2017-10-15 08:47 - 2017-10-15 08:47 - 000016896 _____ C:\WINDOWS\System32\Tasks\EPSON Stylus CX5600 Series
2017-10-14 12:38 - 2017-11-02 19:51 - 000000000 ____D C:\Users\isaac\AppData\Roaming\Infinity
2017-10-14 12:38 - 2017-11-02 19:14 - 000002299 _____ C:\Users\isaac\Desktop\Infinity.lnk
2017-10-14 12:38 - 2017-11-02 19:14 - 000000000 ____D C:\Users\isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2017-10-14 12:38 - 2017-11-02 19:14 - 000000000 ____D C:\Users\isaac\AppData\Local\Infinity
2017-10-14 08:43 - 2017-11-05 16:12 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\71226B26.sys
2017-10-13 16:00 - 2017-09-29 23:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-13 16:00 - 2017-09-29 23:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-13 16:00 - 2017-09-29 23:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-13 16:00 - 2017-09-29 23:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-13 16:00 - 2017-09-29 23:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-13 16:00 - 2017-09-29 23:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-13 16:00 - 2017-09-29 23:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-13 16:00 - 2017-09-29 23:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-13 16:00 - 2017-09-29 23:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-13 16:00 - 2017-09-29 23:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-13 16:00 - 2017-09-29 23:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-13 16:00 - 2017-09-29 23:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-13 16:00 - 2017-09-29 23:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-13 16:00 - 2017-09-29 20:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-13 16:00 - 2017-09-29 20:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-13 16:00 - 2017-09-29 20:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-13 16:00 - 2017-09-29 20:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-13 16:00 - 2017-09-29 20:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-13 16:00 - 2017-09-29 20:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-13 16:00 - 2017-09-29 20:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-13 16:00 - 2017-09-29 20:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-13 16:00 - 2017-09-29 20:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-13 16:00 - 2017-09-29 20:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-13 16:00 - 2017-09-29 20:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-13 16:00 - 2017-09-29 20:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-13 16:00 - 2017-09-29 20:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-13 16:00 - 2017-09-29 20:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-13 16:00 - 2017-09-29 20:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-13 16:00 - 2017-09-29 20:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-13 16:00 - 2017-09-29 20:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-13 16:00 - 2017-09-29 20:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-13 16:00 - 2017-09-29 20:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-13 16:00 - 2017-09-29 20:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-13 16:00 - 2017-09-29 01:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-13 16:00 - 2017-09-29 01:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-13 16:00 - 2017-09-29 01:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-13 16:00 - 2017-09-29 01:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-13 16:00 - 2017-09-29 01:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-13 16:00 - 2017-09-29 01:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-13 16:00 - 2017-09-29 01:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-13 16:00 - 2017-09-29 01:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-13 16:00 - 2017-09-29 01:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-13 16:00 - 2017-09-29 01:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-13 16:00 - 2017-09-29 01:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-13 16:00 - 2017-09-29 01:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-13 16:00 - 2017-09-29 01:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-13 16:00 - 2017-09-29 01:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-13 16:00 - 2017-09-29 01:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-13 16:00 - 2017-09-29 01:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-13 16:00 - 2017-09-29 01:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-13 16:00 - 2017-09-29 01:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-13 16:00 - 2017-09-29 01:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-13 16:00 - 2017-09-29 01:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-13 16:00 - 2017-09-29 01:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-13 16:00 - 2017-09-29 01:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-13 16:00 - 2017-09-29 01:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-13 16:00 - 2017-09-29 01:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-13 16:00 - 2017-09-29 01:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-13 16:00 - 2017-09-29 01:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-13 16:00 - 2017-09-29 01:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-13 16:00 - 2017-09-29 01:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-13 16:00 - 2017-09-29 01:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-13 16:00 - 2017-09-29 01:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-13 16:00 - 2017-09-29 01:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-13 16:00 - 2017-09-29 01:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-13 16:00 - 2017-09-29 01:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-13 16:00 - 2017-09-29 01:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-13 16:00 - 2017-09-29 01:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-13 16:00 - 2017-09-29 01:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-13 16:00 - 2017-09-29 01:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-13 16:00 - 2017-09-29 01:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-13 16:00 - 2017-09-29 01:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-13 15:59 - 2017-09-29 20:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-13 15:59 - 2017-09-29 20:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-13 15:59 - 2017-09-29 20:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-13 15:59 - 2017-09-29 20:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-13 15:59 - 2017-09-29 20:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-13 15:59 - 2017-09-29 20:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-13 15:59 - 2017-09-29 20:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-13 15:59 - 2017-09-29 20:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-13 15:59 - 2017-09-29 01:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-13 15:59 - 2017-09-29 01:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-13 15:59 - 2017-09-29 01:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-13 15:59 - 2017-09-29 01:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-13 15:59 - 2017-09-29 01:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-13 15:59 - 2017-09-29 01:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-13 15:59 - 2017-09-29 01:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-13 15:59 - 2017-09-29 01:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-13 15:59 - 2017-09-29 01:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-13 15:59 - 2017-09-29 01:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-13 15:59 - 2017-09-29 01:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-13 15:59 - 2017-09-29 01:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-13 15:59 - 2017-09-29 01:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-13 15:59 - 2017-09-29 01:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-13 15:59 - 2017-09-29 01:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-13 15:59 - 2017-09-29 01:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-13 15:59 - 2017-09-29 01:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-13 15:59 - 2017-09-29 01:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-13 15:59 - 2017-09-29 01:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-13 15:59 - 2017-09-29 01:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-13 15:59 - 2017-09-29 01:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-13 15:59 - 2017-09-29 01:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-13 15:59 - 2017-09-29 01:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-13 15:59 - 2017-09-29 01:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-13 15:59 - 2017-09-28 23:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-13 15:59 - 2017-09-28 23:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-13 15:59 - 2017-09-20 09:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-13 15:59 - 2017-09-20 09:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-13 15:59 - 2017-09-20 09:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-13 15:59 - 2017-09-18 16:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-13 15:59 - 2017-09-18 16:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-13 15:55 - 2017-09-29 23:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-13 15:55 - 2017-09-29 23:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-13 15:55 - 2017-09-29 01:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-13 15:55 - 2017-09-29 01:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-13 15:55 - 2017-09-29 01:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-13 15:54 - 2017-09-29 23:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-13 15:54 - 2017-09-29 23:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-13 15:54 - 2017-09-29 23:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-13 15:54 - 2017-09-29 23:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-13 15:54 - 2017-09-29 23:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-13 15:54 - 2017-09-29 23:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-13 15:54 - 2017-09-29 23:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-13 15:54 - 2017-09-29 23:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-13 15:54 - 2017-09-29 23:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-13 15:54 - 2017-09-29 23:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-13 15:54 - 2017-09-29 23:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-13 15:54 - 2017-09-29 23:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-13 15:54 - 2017-09-29 01:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-13 15:54 - 2017-09-29 01:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-13 15:54 - 2017-09-29 01:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-13 15:54 - 2017-09-29 01:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-13 15:54 - 2017-09-29 01:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-13 15:54 - 2017-09-29 01:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-13 15:54 - 2017-09-29 01:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-13 15:54 - 2017-09-29 01:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-13 15:54 - 2017-09-29 01:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-13 15:54 - 2017-09-29 01:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-13 15:54 - 2017-09-29 01:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-13 15:54 - 2017-09-29 01:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-13 15:54 - 2017-09-29 01:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-13 15:54 - 2017-09-29 01:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-13 15:54 - 2017-09-29 01:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-13 15:54 - 2017-09-29 01:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-13 15:54 - 2017-09-29 01:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-13 15:54 - 2017-09-29 01:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-13 15:54 - 2017-09-29 01:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-13 15:54 - 2017-09-29 01:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-13 15:54 - 2017-09-29 01:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-13 15:54 - 2017-09-29 01:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-13 15:54 - 2017-09-29 01:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-13 15:54 - 2017-09-29 01:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-13 15:54 - 2017-09-29 01:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-13 15:54 - 2017-09-29 01:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-13 15:54 - 2017-09-29 01:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-13 15:54 - 2017-09-29 01:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-13 15:54 - 2017-09-29 01:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-13 15:54 - 2017-09-29 01:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-13 15:54 - 2017-09-29 01:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-13 15:54 - 2017-09-29 01:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-13 15:54 - 2017-09-29 01:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-13 15:54 - 2017-09-29 01:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-13 15:54 - 2017-09-29 01:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-13 15:54 - 2017-09-29 01:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-13 15:54 - 2017-09-29 01:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-13 15:54 - 2017-09-29 01:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-13 15:54 - 2017-09-29 01:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-13 15:54 - 2017-09-29 01:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-13 15:54 - 2017-09-29 01:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-13 15:54 - 2017-09-29 01:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-13 15:54 - 2017-09-29 01:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-13 15:54 - 2017-09-29 01:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-13 15:54 - 2017-09-29 01:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-13 15:54 - 2017-09-29 01:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-13 15:54 - 2017-09-29 01:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-13 15:54 - 2017-09-29 01:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-13 15:54 - 2017-09-29 01:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-13 15:54 - 2017-09-29 01:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-13 15:54 - 2017-09-29 01:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-13 15:54 - 2017-09-29 01:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-13 15:54 - 2017-09-29 01:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-13 15:54 - 2017-09-29 01:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-13 15:54 - 2017-09-29 01:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-13 15:54 - 2017-09-29 01:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-13 15:54 - 2017-09-29 01:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-13 15:54 - 2017-09-29 01:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-13 15:54 - 2017-09-29 01:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-13 15:54 - 2017-09-18 17:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-13 15:53 - 2017-09-29 23:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-13 15:53 - 2017-09-29 23:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-13 15:53 - 2017-09-29 23:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-13 15:53 - 2017-09-29 23:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-13 15:53 - 2017-09-29 23:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-13 15:53 - 2017-09-29 23:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-13 15:53 - 2017-09-29 23:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-13 15:53 - 2017-09-29 23:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-13 15:53 - 2017-09-29 23:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-13 15:53 - 2017-09-29 23:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-13 15:53 - 2017-09-29 23:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-13 15:53 - 2017-09-29 23:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-13 15:53 - 2017-09-29 01:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-13 15:53 - 2017-09-29 01:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-13 15:53 - 2017-09-29 01:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-13 15:53 - 2017-09-29 01:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-13 15:53 - 2017-09-29 01:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-13 15:53 - 2017-09-29 01:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-13 15:53 - 2017-09-29 01:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-13 15:53 - 2017-09-29 01:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-13 15:53 - 2017-09-29 01:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-13 15:53 - 2017-09-29 01:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-13 15:53 - 2017-09-29 01:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-13 15:53 - 2017-09-29 01:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-13 15:53 - 2017-09-29 01:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-13 15:53 - 2017-09-29 01:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-13 15:53 - 2017-09-29 01:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-13 15:53 - 2017-09-29 01:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-13 15:53 - 2017-09-29 01:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-13 15:53 - 2017-09-29 01:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-13 15:53 - 2017-09-29 01:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-13 15:53 - 2017-09-29 01:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-13 15:53 - 2017-09-29 01:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-13 15:53 - 2017-09-29 01:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-13 15:53 - 2017-09-29 01:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-13 15:53 - 2017-09-29 01:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-13 15:53 - 2017-09-29 01:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-13 15:53 - 2017-09-29 01:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-13 15:53 - 2017-09-29 01:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-13 15:53 - 2017-09-29 01:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-13 15:53 - 2017-09-29 01:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-13 15:53 - 2017-09-18 16:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-13 15:52 - 2017-09-29 23:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-13 15:52 - 2017-09-29 23:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-13 15:52 - 2017-09-29 23:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-13 15:52 - 2017-09-29 23:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-13 15:52 - 2017-09-29 23:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-13 15:52 - 2017-09-29 23:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-13 15:52 - 2017-09-29 23:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-13 15:52 - 2017-09-29 23:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-13 15:52 - 2017-09-29 01:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-13 15:52 - 2017-09-29 01:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-13 15:52 - 2017-09-29 01:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-13 15:52 - 2017-09-29 01:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-13 15:52 - 2017-09-29 01:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-13 15:52 - 2017-09-29 01:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-13 15:52 - 2017-09-29 01:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-13 15:52 - 2017-09-29 01:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-13 15:52 - 2017-09-18 17:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-13 15:52 - 2017-09-18 17:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-13 15:52 - 2017-09-18 17:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-13 15:52 - 2017-09-18 17:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-13 15:52 - 2017-09-18 17:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-13 15:52 - 2017-09-18 17:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-13 15:52 - 2017-09-18 17:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-13 15:52 - 2017-09-18 16:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-13 15:52 - 2017-09-18 16:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-13 15:52 - 2017-09-18 16:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-13 12:21 - 2017-10-13 15:45 - 000000000 ____D C:\Users\isaac\Downloads\1976 - Dragon Ball Z - Extreme Butoden (Europe) (En,Fr,De,Es,It) Decrypted
2017-10-13 12:20 - 2017-10-13 12:20 - 000008931 _____ C:\Users\isaac\Downloads\1976 - Dragon Ball Z - Extreme Butoden (Europe) (En,Fr,De,Es,It) Decrypted.torrent
2017-10-13 12:19 - 2017-10-13 12:19 - 000003934 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-10-13 08:39 - 2017-10-13 08:41 - 000000000 ____D C:\Users\isaac\Downloads\tModLoader.Windows.v0.10.1
2017-10-13 08:11 - 2017-10-13 08:11 - 000000202 _____ C:\Users\isaac\Desktop\Terraria.url
2017-10-13 08:08 - 2017-10-13 08:08 - 000000438 _____ C:\Users\isaac\Desktop\client-crashlog.txt
2017-10-13 04:33 - 2017-10-13 06:30 - 000000000 ____D C:\Users\isaac\Downloads\Middle Earth Shadow Of War V1.01 Trainer +9 MrAntiFun (1)
2017-10-12 13:34 - 2017-10-12 13:34 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\73842DCC.sys
2017-10-12 12:08 - 2017-10-12 12:08 - 000002482 _____ C:\Users\isaac\Desktop\mail.ru - Chrome.lnk
2017-10-12 07:27 - 2017-10-12 12:50 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\183A1544.sys
2017-10-12 06:46 - 2017-10-12 06:46 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\71817535.sys
2017-10-12 06:44 - 2017-10-12 06:44 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\193473AA.sys
2017-10-12 06:43 - 2017-10-12 06:43 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\4B5C7386.sys
2017-10-12 06:39 - 2017-10-12 06:39 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\290D702B.sys
2017-10-12 06:38 - 2017-10-12 06:38 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\0E426F13.sys
2017-10-12 06:32 - 2017-10-12 06:32 - 000000000 ____D C:\Users\isaac\Downloads\Middle Earth Shadow Of War V1.00 Trainer +9 MrAntiFun
2017-10-11 10:46 - 2017-10-11 10:50 - 000000000 ____D C:\Users\isaac\AppData\Local\8fd21c9aea704726b282bb762297a52b
2017-10-09 07:20 - 2017-10-09 07:21 - 000000000 ____D C:\Users\isaac\Documents\The Incredible Hulk
2017-10-09 07:06 - 2017-10-09 07:06 - 000000000 ____D C:\Users\isaac\Downloads\mofunzone.com--the_incredible_hulk_7_trainer
2017-10-08 21:39 - 2017-10-08 21:39 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\5C6A6875.sys
2017-10-08 21:20 - 2017-10-08 21:20 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\408E59CA.sys
2017-10-08 21:19 - 2017-10-08 21:19 - 000016784 _____ C:\WINDOWS\System32\Tasks\Ausspote
2017-10-08 21:11 - 2017-10-08 21:11 - 000021602 _____ C:\WINDOWS\System32\Tasks\H8oORveanSgX
2017-10-08 21:09 - 2017-11-05 19:04 - 000000000 ____D C:\Users\isaac\AppData\Roaming\607011f4a07346c0b85c6659afb4967a
2017-10-08 20:35 - 2017-11-05 19:04 - 000000000 ____D C:\ProgramData\b16f064b2851448a972804ef816a98ed
2017-10-08 20:35 - 2017-11-05 19:04 - 000000000 ____D C:\ProgramData\62aca03ff0214d418dec84725b972714
2017-10-08 20:33 - 2017-10-08 20:34 - 000000000 ____D C:\Users\isaac\Desktop\fortnite fix aimbot
2017-10-08 20:32 - 2017-10-08 20:32 - 000000000 ____D C:\Users\isaac\Downloads\fortnite-fix-aimbot-e6-389
2017-10-08 20:29 - 2017-10-08 20:29 - 000000000 ____D C:\Users\isaac\Downloads\msvcr100
2017-10-08 06:27 - 2017-10-27 09:39 - 000000622 _____ C:\Users\isaac\Desktop\New Text Document (2).txt
2017-10-07 22:34 - 2017-10-07 23:38 - 000000000 ____D C:\Users\isaac\AppData\LocalLow\Mozilla
2017-10-07 22:32 - 2017-10-12 12:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-10-07 22:32 - 2017-10-12 12:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-07 22:32 - 2017-10-07 22:38 - 000000000 ____D C:\Users\isaac\AppData\Local\Mozilla
2017-10-07 22:32 - 2017-10-07 22:34 - 000000000 ____D C:\Users\isaac\AppData\Roaming\Mozilla
2017-10-07 21:41 - 2017-10-07 21:41 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2017-10-07 21:41 - 2017-10-07 21:41 - 000001258 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2017-10-07 21:40 - 2017-10-08 20:29 - 000000000 ____D C:\Users\isaac\Downloads\Fu ckNITE loader ( undetected 10.07.2017 )
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-06 14:37 - 2017-05-04 03:56 - 000000000 ____D C:\Users\isaac
2017-11-06 14:35 - 2017-03-18 15:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-06 14:35 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-06 14:30 - 2017-05-04 07:24 - 000000000 ____D C:\Steam
2017-11-06 14:14 - 2017-05-04 03:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-06 14:14 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-06 00:45 - 2017-04-23 16:28 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-06 00:28 - 2017-02-21 01:03 - 000000000 ____D C:\Users\isaac\AppData\Local\CrashDumps
2017-11-06 00:26 - 2017-02-20 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2017-11-06 00:24 - 2017-02-20 12:43 - 000000000 ____D C:\ProgramData\Razer
2017-11-06 00:20 - 2017-05-04 04:08 - 001424554 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-06 00:18 - 2017-04-07 06:25 - 000000000 ____D C:\ProgramData\Origin
2017-11-06 00:17 - 2017-02-26 22:49 - 000000000 ____D C:\Users\isaac\AppData\Local\Overwolf
2017-11-06 00:17 - 2017-02-22 10:08 - 000000000 ____D C:\Users\isaac\AppData\Roaming\Spotify
2017-11-06 00:15 - 2017-02-20 12:26 - 000000000 __SHD C:\Users\isaac\IntelGraphicsProfiles
2017-11-06 00:14 - 2017-02-28 13:27 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-11-06 00:13 - 2017-09-29 17:03 - 000081696 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\msidntfs.sys
2017-11-06 00:13 - 2017-05-04 04:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-06 00:12 - 2017-05-04 03:55 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-11-06 00:12 - 2017-03-18 05:40 - 034603008 _____ C:\WINDOWS\system32\config\HARDWARE
2017-11-06 00:12 - 2017-03-18 05:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-11-06 00:12 - 2016-07-16 05:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-05 23:32 - 2017-02-22 10:08 - 000000000 ____D C:\Users\isaac\AppData\Local\Spotify
2017-11-05 23:19 - 2017-02-20 12:35 - 000000000 ____D C:\Users\isaac\AppData\Roaming\discord
2017-11-05 23:14 - 2017-08-01 20:29 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-11-05 19:13 - 2017-08-01 20:05 - 000000258 __RSH C:\Users\isaac\ntuser.pol
2017-11-05 19:13 - 2017-02-20 13:26 - 000000258 __RSH C:\ProgramData\ntuser.pol
2017-11-05 19:09 - 2017-03-18 15:03 - 000000000 ____D C:\Program Files\Candy Retlean call Software
2017-11-05 19:04 - 2017-09-29 16:59 - 000000000 ____D C:\ProgramData\09aed392d6fb423cbc2f88a564baae5b
2017-11-05 19:04 - 2017-06-21 00:54 - 000000000 ____D C:\WINDOWS\System32\Tasks\System
2017-11-05 18:44 - 2017-07-31 12:16 - 000000000 ____D C:\Users\isaac\AppData\Local\Nox
2017-11-05 18:43 - 2017-02-21 01:12 - 000000000 ____D C:\Users\isaac\.android
2017-11-05 18:42 - 2017-07-31 15:24 - 000000000 ____D C:\Users\isaac\vmlogs
2017-11-05 18:42 - 2017-07-31 12:17 - 000000000 ____D C:\Users\isaac\.BigNox
2017-11-05 16:40 - 2017-02-21 01:10 - 000000000 ____D C:\Users\isaac\Documents\MEGAsync Downloads
2017-11-04 15:59 - 2017-03-18 14:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-02 22:12 - 2017-09-14 22:20 - 000000000 ____D C:\Users\isaac\AppData\Roaming\Rem4p
2017-11-02 21:06 - 2017-02-20 13:15 - 000000000 ____D C:\Users\isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-11-02 19:51 - 2017-10-01 21:10 - 000000000 ____D C:\Program Files (x86)\Cuphead
2017-11-02 19:14 - 2017-02-20 12:35 - 000000000 ____D C:\Users\isaac\AppData\Local\SquirrelTemp
2017-11-02 18:32 - 2017-09-29 20:59 - 000000000 ____D C:\Users\isaac\AppData\Local\niscdjb
2017-11-02 15:42 - 2017-03-13 09:28 - 000000000 ____D C:\Users\isaac\Downloads\UPRandomizer-172-win
2017-11-02 14:19 - 2017-04-07 01:11 - 000000000 ____D C:\Program Files (x86)\Plague Inc Evolved Shadow Plague
2017-11-02 13:52 - 2017-02-21 17:06 - 000000000 ____D C:\Users\isaac\Desktop\Games
2017-11-01 12:11 - 2017-03-13 09:27 - 000000000 ____D C:\Users\isaac\Downloads\Pokemon - White Version 2 (USA, Europe) (NDSi Enhanced)
2017-11-01 12:10 - 2017-03-13 09:24 - 000000000 ____D C:\Users\isaac\Downloads\Pokemon - Black Version 2 (USA, Europe) (NDSi Enhanced)
2017-11-01 09:24 - 2017-05-28 16:00 - 000000000 ____D C:\WINDOWS\Minidump
2017-11-01 09:23 - 2017-02-15 22:20 - 001229949 ____N C:\WINDOWS\Minidump\110117-41125-01.dmp
2017-11-01 08:25 - 2017-02-15 22:20 - 001231373 ____N C:\WINDOWS\Minidump\110117-29921-01.dmp
2017-11-01 08:21 - 2017-02-21 16:49 - 000000000 ____D C:\Users\isaac\AppData\Roaming\uTorrent
2017-10-31 16:10 - 2017-07-26 21:33 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3267251706-2764207904-1746666680-1001
2017-10-31 16:10 - 2017-02-20 12:29 - 000002369 _____ C:\Users\isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-31 16:10 - 2017-02-20 12:29 - 000000000 ___RD C:\Users\isaac\OneDrive
2017-10-31 15:28 - 2017-02-26 12:47 - 000000000 ____D C:\Users\isaac\AppData\Roaming\Curse Client
2017-10-31 14:00 - 2017-03-18 15:03 - 000000000 ____D C:\Program Files\EPSON Stylus CX5600 Series
2017-10-30 04:58 - 2017-09-25 13:57 - 000000000 ____D C:\Users\isaac\AppData\Roaming\dll 2.0
2017-10-28 00:25 - 2017-02-27 21:33 - 000000000 ____D C:\Users\isaac\Downloads\SteamAchievementManager63_hotfix
2017-10-28 00:07 - 2017-06-26 10:48 - 000000000 ____D C:\Users\isaac\Downloads\GameOwner v0.3_[unknowncheats.me]_
2017-10-27 23:43 - 2017-03-18 15:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-27 23:42 - 2017-02-15 23:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-27 04:03 - 2017-06-30 16:22 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2017-10-27 04:03 - 2017-05-04 04:11 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1492899575
2017-10-27 04:03 - 2017-04-22 16:19 - 000000000 ____D C:\Program Files\Opera
2017-10-26 08:16 - 2017-04-28 23:57 - 000000000 ____D C:\Users\isaac\AppData\Roaming\EasyAntiCheat
2017-10-26 08:16 - 2017-02-25 01:25 - 000796712 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-10-26 04:52 - 2017-09-14 22:25 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS4 Remote Play.lnk
2017-10-26 04:52 - 2017-09-14 22:25 - 000002140 _____ C:\Users\Public\Desktop\PS4 Remote Play.lnk
2017-10-26 04:52 - 2017-03-06 23:51 - 000000000 ____D C:\Program Files (x86)\Sony
2017-10-25 00:32 - 2017-02-25 14:44 - 000000000 ____D C:\Users\isaac\Downloads\NIBMods.v1.9.2
2017-10-25 00:05 - 2017-03-04 00:13 - 000000000 ____D C:\Users\isaac\Downloads\HULK script mod
2017-10-24 07:38 - 2017-02-26 19:31 - 000000000 ____D C:\Users\isaac\AppData\Local\Activision
2017-10-24 05:25 - 2017-02-26 22:51 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-10-23 01:21 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-23 01:21 - 2017-02-15 22:20 - 001230221 ____N C:\WINDOWS\Minidump\102317-37234-01.dmp
2017-10-22 11:19 - 2017-02-26 19:31 - 000000000 ____D C:\Users\isaac\Documents\Activision
2017-10-22 10:25 - 2017-02-15 23:07 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-10-21 08:52 - 2017-03-03 20:32 - 000000000 ____D C:\GOG Games
2017-10-19 20:52 - 2017-08-01 20:25 - 000000000 ____D C:\Users\isaac\AppData\Local\yc
2017-10-19 17:35 - 2017-05-25 19:31 - 000000000 ____D C:\Program Files (x86)\NCSOFT
2017-10-19 17:33 - 2017-05-25 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2017-10-19 15:34 - 2017-02-20 14:19 - 000000000 ____D C:\Users\isaac\Documents\My Games
2017-10-17 15:24 - 2017-07-27 12:04 - 000000000 ____D C:\Users\isaac\Downloads\snes9x-1.53-x64 (1)
2017-10-17 12:28 - 2017-02-27 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2017-10-16 13:55 - 2017-03-06 19:49 - 000000000 ____D C:\Users\isaac\AppData\Roaming\StardewValley
2017-10-16 11:16 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-15 22:32 - 2017-03-18 15:01 - 000000000 ____D C:\WINDOWS\INF
2017-10-15 08:46 - 2017-02-15 23:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-15 01:00 - 2017-03-18 15:03 - 000000000 ____D C:\Program Files\Dash Analyser
2017-10-15 01:00 - 2017-03-18 15:03 - 000000000 ____D C:\Program Files\Ausspote
2017-10-15 00:19 - 2017-05-04 03:52 - 000289840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-15 00:16 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-15 00:16 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-15 00:15 - 2017-03-18 15:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-15 00:15 - 2017-03-18 15:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-13 16:33 - 2017-07-08 02:57 - 000002299 _____ C:\Users\isaac\Desktop\Citra Edge.lnk
2017-10-13 16:33 - 2017-07-08 02:57 - 000000000 ____D C:\Users\isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra Development Team
2017-10-13 16:33 - 2017-07-08 02:57 - 000000000 ____D C:\Users\isaac\AppData\Local\citra
2017-10-13 15:45 - 2017-07-08 03:29 - 000000000 ____D C:\Users\isaac\Desktop\3DS
2017-10-12 18:21 - 2017-03-18 15:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-12 18:21 - 2017-03-18 15:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-12 12:49 - 2017-09-29 17:16 - 000001177 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-10-12 12:49 - 2017-09-29 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-10-12 12:49 - 2017-09-29 17:16 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-10-12 12:08 - 2017-08-08 15:00 - 000002438 _____ C:\Users\isaac\Desktop\The Monkey - Chrome.lnk
2017-10-12 06:35 - 2017-10-03 05:23 - 000000000 ____D C:\Riot Games
2017-10-12 06:33 - 2017-03-07 01:41 - 000000000 ____D C:\Users\isaac\Documents\WB Games
2017-10-08 20:35 - 2017-06-19 21:39 - 000000000 ____D C:\Program Files\Virtual Audio Cable
2017-10-08 18:02 - 2017-02-20 12:26 - 000000000 ____D C:\Users\isaac\AppData\Local\Packages
2017-10-07 22:04 - 2017-02-21 09:39 - 000000000 ____D C:\Program Files\Epic Games
2017-10-07 21:42 - 2017-02-21 09:33 - 000000000 ____D C:\Users\isaac\AppData\Local\UnrealEngine
2017-10-07 21:41 - 2017-02-21 09:33 - 000000000 ____D C:\Program Files (x86)\Epic Games
 
==================== Files in the root of some directories =======
 
2016-02-01 03:47 - 2016-01-28 04:27 - 003240606 _____ () C:\Program Files\MEmu_Manual.pdf
2017-06-11 13:56 - 2017-06-11 13:56 - 051880633 _____ () C:\Users\isaac\AppData\Roaming\chport.exe
2017-04-06 05:18 - 2017-04-11 06:56 - 000016864 _____ () C:\Users\isaac\AppData\Roaming\data.log
2017-06-11 13:56 - 2017-06-11 13:56 - 088198144 _____ () C:\Users\isaac\AppData\Roaming\Launcher.dat
2017-06-11 13:56 - 2017-06-11 13:56 - 011814319 _____ () C:\Users\isaac\AppData\Roaming\m.fjk
2017-03-28 13:29 - 2017-03-31 17:31 - 000004858 _____ () C:\Users\isaac\AppData\Roaming\SpeedRunnersLog.txt
2017-06-11 13:56 - 2017-06-11 14:10 - 000000009 _____ () C:\Users\isaac\AppData\Roaming\update.dat
2017-06-25 00:04 - 2017-07-25 23:04 - 000000313 _____ () C:\Users\isaac\AppData\Roaming\WB.CFG
2017-02-26 15:19 - 2017-02-26 15:19 - 000000003 _____ () C:\Users\isaac\AppData\Local\updater.log
2017-02-26 15:19 - 2017-05-06 10:41 - 000000425 _____ () C:\Users\isaac\AppData\Local\UserProducts.xml
2017-03-24 08:16 - 2017-08-05 01:11 - 000000174 _____ () C:\Users\isaac\AppData\Local\uts.ini
2017-02-20 15:52 - 2017-04-26 23:21 - 000000275 _____ () C:\ProgramData\DP0004.dat
2017-05-04 03:54 - 2017-05-04 03:54 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-03-21 23:32 - 2017-03-21 23:32 - 000000016 _____ () C:\ProgramData\mntemp
 
Files to move or delete:
====================
C:\ProgramData\DP0004.dat
 
 
Some files in TEMP:
====================
2017-07-12 22:20 - 2017-07-20 00:16 - 000000000 _____ () C:\Users\isaac\AppData\Local\Temp\3fc1552ba19ee3472398342b0fadfa41.dll
2017-06-26 08:29 - 2017-06-26 08:29 - 000392192 _____ () C:\Users\isaac\AppData\Local\Temp\5c778.dll
2017-06-25 09:21 - 2017-06-25 09:21 - 000000180 _____ () C:\Users\isaac\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
2017-07-02 01:13 - 2017-07-02 01:24 - 000000000 _____ () C:\Users\isaac\AppData\Local\Temp\6a246669c4722113966d0cbd29442eb9.dll
2017-06-26 08:33 - 2017-06-26 08:33 - 000399360 _____ () C:\Users\isaac\AppData\Local\Temp\6cbba.dll
2017-09-29 16:57 - 2017-09-29 16:57 - 002598616 _____ () C:\Users\isaac\AppData\Local\Temp\6eoc3nwBlh8g.exe
2017-06-24 09:24 - 2017-06-24 09:24 - 003443200 _____ () C:\Users\isaac\AppData\Local\Temp\712c3b3e0.dll
2017-06-26 08:27 - 2017-06-26 08:27 - 000078336 _____ () C:\Users\isaac\AppData\Local\Temp\7165d6d3.dll
2017-08-01 19:54 - 2017-08-01 19:54 - 000468564 _____ (                                                            ) C:\Users\isaac\AppData\Local\Temp\7biDBy62k8Xa.exe
2017-08-01 19:58 - 2017-08-01 20:01 - 000000000 _____ () C:\Users\isaac\AppData\Local\Temp\7R5iyeGLysEZ.exe
2017-07-02 01:16 - 2017-07-02 01:16 - 000075776 _____ () C:\Users\isaac\AppData\Local\Temp\8738e43.dll
2017-06-26 10:45 - 2017-06-26 10:45 - 002068992 _____ () C:\Users\isaac\AppData\Local\Temp\8f3045fcd.dll
2017-09-29 17:26 - 2017-09-29 17:26 - 038316032 ____N (The Chromium Authors) C:\Users\isaac\AppData\Local\Temp\8XVHPTxL8FAe.exe
2017-07-02 01:14 - 2017-07-02 01:18 - 000000044 _____ () C:\Users\isaac\AppData\Local\Temp\b78fd2d402a98f58334084b2e1c8c1d1.dll
2017-07-02 15:41 - 2017-07-02 15:41 - 000753664 _____ () C:\Users\isaac\AppData\Local\Temp\borderpatrol.dll
2017-08-01 19:56 - 2017-08-01 19:56 - 000363208 _____ (BitRaider, LLC) C:\Users\isaac\AppData\Local\Temp\BRSVC_20024468_hlp.exe
2017-07-12 22:55 - 2017-07-12 22:55 - 000182752 _____ (Byte Technologies LLC) C:\Users\isaac\AppData\Local\Temp\bytefenceupdater-csb.exe
2017-08-01 19:58 - 2017-08-01 20:01 - 000000000 _____ () C:\Users\isaac\AppData\Local\Temp\c1k7SOYgLArM.exe
2017-06-25 09:21 - 2017-06-25 09:21 - 000000030 _____ () C:\Users\isaac\AppData\Local\Temp\c31d9f5d4343f3ee1249e84b479c251e.dll
2017-07-02 01:24 - 2017-07-02 01:24 - 000057856 _____ () C:\Users\isaac\AppData\Local\Temp\cc2657.dll
2017-08-24 16:12 - 2017-08-24 16:12 - 000003072 _____ () C:\Users\isaac\AppData\Local\Temp\CH.dll
2017-09-29 17:23 - 2017-09-29 17:23 - 038316032 ____N (The Chromium Authors) C:\Users\isaac\AppData\Local\Temp\CxZxoPestLCv.exe
2017-07-22 22:07 - 2017-07-31 15:41 - 000076168 _____ (Tencent) C:\Users\isaac\AppData\Local\Temp\dr.dll
2017-10-25 00:07 - 2017-10-25 01:53 - 000204800 _____ (Sony DADC Austria AG) C:\Users\isaac\AppData\Local\Temp\drm_dyndata_7380014.dll
2017-10-29 05:41 - 2017-10-29 05:41 - 000443904 _____ () C:\Users\isaac\AppData\Local\Temp\FB_4D1.tmp.exe
2017-10-29 05:41 - 2017-10-29 05:41 - 001421312 _____ () C:\Users\isaac\AppData\Local\Temp\FB_540.tmp.exe
2017-09-29 17:05 - 2017-09-29 17:08 - 000000000 _____ () C:\Users\isaac\AppData\Local\Temp\gDZGNORZGWXA.exe
2017-08-01 20:20 - 2017-08-01 20:20 - 001205216 _____ () C:\Users\isaac\AppData\Local\Temp\gqTkMCxHE78c.exe
2017-08-01 18:59 - 2017-03-28 07:35 - 000037376 _____ (Microsoft) C:\Users\isaac\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
2017-08-01 18:59 - 2017-03-28 07:35 - 000020480 _____ (Microsoft) C:\Users\isaac\AppData\Local\Temp\HiRezLauncherControls.dll
2017-08-01 19:58 - 2017-08-01 20:02 - 003678208 _____ () C:\Users\isaac\AppData\Local\Temp\IaOpcDdoPZY6.exe
2017-10-14 12:23 - 2017-10-14 12:38 - 052961936 _____ (WeMod) C:\Users\isaac\AppData\Local\Temp\Infinity-Setup.exe
2017-03-31 21:32 - 2017-03-31 21:32 - 000744080 _____ () C:\Users\isaac\AppData\Local\Temp\InstallHelper.exe
2017-07-21 22:21 - 2017-07-21 22:21 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-174976923519586625.dll
2017-07-21 22:19 - 2017-07-21 22:19 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-2257515617040660689.dll
2017-07-21 22:36 - 2017-07-21 22:36 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-2542059710961442091.dll
2017-07-20 15:33 - 2017-07-20 15:33 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-3066272904945082717.dll
2017-07-20 16:14 - 2017-07-20 16:14 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-3637743854470376722.dll
2017-07-21 22:48 - 2017-07-21 22:48 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-3651473718981886794.dll
2017-07-22 05:17 - 2017-07-22 05:17 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-404452150510113877.dll
2017-07-19 18:19 - 2017-07-19 18:19 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-4392253716091004825.dll
2017-07-20 15:19 - 2017-07-20 15:19 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-4442544834578739319.dll
2017-07-19 17:54 - 2017-07-19 17:54 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-4665981092565510432.dll
2017-07-19 18:16 - 2017-07-19 18:16 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-4695418582610206196.dll
2017-07-21 22:18 - 2017-07-21 22:18 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-4752311094059450067.dll
2017-07-20 15:20 - 2017-07-20 15:20 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-4946649858081256912.dll
2017-07-19 18:07 - 2017-07-19 18:07 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-5082497293889330766.dll
2017-07-22 20:15 - 2017-07-22 20:15 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-5689776166848036627.dll
2017-07-22 05:19 - 2017-07-22 05:19 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-570254013855514281.dll
2017-07-19 18:15 - 2017-07-19 18:15 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-5792766523636540731.dll
2017-07-21 22:19 - 2017-07-21 22:19 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-6458021089066690901.dll
2017-07-20 15:23 - 2017-07-20 15:23 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-7208907182279438183.dll
2017-07-21 22:40 - 2017-07-21 22:40 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-772519685779410329.dll
2017-07-22 16:52 - 2017-07-22 16:52 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-781332410513357943.dll
2017-10-02 20:14 - 2017-10-02 20:14 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-7858815046753838034.dll
2017-07-20 17:04 - 2017-07-20 17:04 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-802995572844040344.dll
2017-07-19 18:00 - 2017-07-19 18:00 - 000019968 _____ (Red Hat®, Inc.) C:\Users\isaac\AppData\Local\Temp\jansi-64-8271943358954855590.dll
2017-09-29 17:30 - 2017-09-29 17:30 - 064938720 ____N (Kometa LCC) C:\Users\isaac\AppData\Local\Temp\jbDoCvcS7dCT.exe
2017-09-29 17:08 - 2017-09-29 17:11 - 000000000 _____ () C:\Users\isaac\AppData\Local\Temp\JDTy1ODbIqbe.exe
2017-08-01 20:25 - 2017-08-01 20:25 - 037564928 _____ (The Chromium Authors) C:\Users\isaac\AppData\Local\Temp\JfYp76zj5NWM.exe
2017-07-20 20:52 - 2017-07-20 20:52 - 000739904 _____ (Oracle Corporation) C:\Users\isaac\AppData\Local\Temp\jre-8u141-windows-au.exe
2017-08-01 19:58 - 2017-08-01 20:01 - 000000000 _____ () C:\Users\isaac\AppData\Local\Temp\lkvd4Cj2JqWS.exe
2017-08-01 20:20 - 2017-08-01 20:20 - 004557329 _____ () C:\Users\isaac\AppData\Local\Temp\M3egRJCftISF.exe
2017-09-29 17:03 - 2017-09-29 17:03 - 000192000 _____ () C:\Users\isaac\AppData\Local\Temp\MRZTr33mfrdO.exe
2017-08-01 20:18 - 2017-08-01 20:18 - 000468564 _____ (                                                            ) C:\Users\isaac\AppData\Local\Temp\nvXeyWbR6WDk.exe
2017-09-29 17:07 - 2017-09-29 17:09 - 000000000 _____ () C:\Users\isaac\AppData\Local\Temp\p0wUH5ERVpfR.exe
2017-08-01 19:56 - 2017-08-01 19:56 - 001205216 _____ () C:\Users\isaac\AppData\Local\Temp\P3Zevmob1pP5.exe
2017-08-01 20:19 - 2017-08-01 20:19 - 006654464 _____ () C:\Users\isaac\AppData\Local\Temp\PQDNRKLxrRX6.exe
2017-08-01 19:52 - 2017-08-01 19:52 - 002578648 _____ () C:\Users\isaac\AppData\Local\Temp\Pt1Fusm9kKQ5.exe
2017-10-26 04:50 - 2017-10-26 04:51 - 019968096 _____ (Sony Interactive Entertainment Inc.) C:\Users\isaac\AppData\Local\Temp\RemotePlayInstaller.exe
2017-08-01 19:57 - 2017-08-01 20:02 - 016261120 _____ () C:\Users\isaac\AppData\Local\Temp\t1h1UOP1N0SC.exe
2017-08-01 20:10 - 2017-08-01 20:10 - 000046924 _____ () C:\Users\isaac\AppData\Local\Temp\tu17p84.exe
2017-10-08 20:33 - 2017-10-08 20:33 - 002598616 ____N () C:\Users\isaac\AppData\Local\Temp\vhNQ8gVd6326.exe
2017-09-29 16:56 - 2017-09-29 16:57 - 002598616 _____ () C:\Users\isaac\AppData\Local\Temp\WAqMhUlLkPML.exe
2017-08-01 19:58 - 2017-08-01 20:01 - 000000000 _____ () C:\Users\isaac\AppData\Local\Temp\WV7eZeO49uJ5.exe
2017-08-01 19:58 - 2017-08-01 20:01 - 000000000 _____ () C:\Users\isaac\AppData\Local\Temp\xhEY6ULFWdJ0.exe
2017-08-01 19:58 - 2017-08-01 20:01 - 000000000 _____ () C:\Users\isaac\AppData\Local\Temp\XZpFZfiJkJGh.exe
2017-09-29 17:29 - 2017-09-29 17:29 - 064938720 ____N (Kometa LCC) C:\Users\isaac\AppData\Local\Temp\zH8QEidNvHNI.exe
2017-06-03 08:37 - 2017-06-05 14:44 - 000000064 _____ () C:\Users\jevis\AppData\Local\Temp\02d3336423168040c9624fdc56e0be78.dll
2017-06-03 08:36 - 2017-06-05 20:08 - 000000000 _____ () C:\Users\jevis\AppData\Local\Temp\3fc1552ba19ee3472398342b0fadfa41.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-10-30 06:25
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by Isaac (06-11-2017 14:39:22)
Running from C:\Users\isaac\Desktop
Windows 10 Home Version 1703 15063.674 (X64) (2017-05-04 10:21:21)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3267251706-2764207904-1746666680-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3267251706-2764207904-1746666680-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3267251706-2764207904-1746666680-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3267251706-2764207904-1746666680-501 - Limited - Disabled)
Isaac (S-1-5-21-3267251706-2764207904-1746666680-1001 - Administrator - Enabled) => C:\Users\isaac
jevis (S-1-5-21-3267251706-2764207904-1746666680-1002 - Administrator - Enabled) => C:\Users\jevis
jevis_b (S-1-5-21-3267251706-2764207904-1746666680-1003 - Limited - Enabled) => C:\Users\jevis_b
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
«Devil May Cry 4» 1.1.0 (HKLM-x32\...\Devil May Cry 4_is1) (Version: 1.1.0 - R.G. Catalyst)
µTorrent (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
Activision® (HKLM-x32\...\{14C36646-83C8-430E-92B3-16F998BDB4E0}) (Version: 1.0 - Activision) Hidden
Alienware Command Center (HKLM\...\{221ACBDF-6529-4932-9B02-7AB63DA6471E}) (Version: 4.6.20.0 - Dell Inc.) Hidden
Alienware Command Center (HKLM-x32\...\InstallShield_{221ACBDF-6529-4932-9B02-7AB63DA6471E}) (Version: 4.6.20.0 - Dell Inc.)
Alienware Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Alienware Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)
Alienware Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
Alienware Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Amnesia The Dark Descent ver. 1.3.1 (HKLM-x32\...\{09123290-33QW-22ZA-00X5-55GWAF2186QS}_is1) (Version: 1.3.1 - Frictional Games)
Attack.on.Titan.[v1.02+4Dlcs]-ALI213 version 1.02 (HKLM-x32\...\{00054C64-40C5-4538-BB25-1DEC9CE991F0}}_is1) (Version: 1.02 - Ali213.net)
AutoHotkey 1.1.26.00 (HKLM\...\AutoHotkey) (Version: 1.1.26.00 - Lexikos)
Batman Arkham Knight - Premium Edition version 1.0.4.5 (HKLM-x32\...\Batman Arkham Knight - Premium Edition_is1) (Version: 1.0.4.5 - Mr DJ)
Batman Arkham Origins version 1.0.0.0 (HKLM-x32\...\Batman Arkham Origins_is1) (Version: 1.0.0.0 - Mr DJ)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.14.1 - Bethesda Softworks)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.6 - Kakao Games Europe B.V.)
Black Ops 2 - GSC Studio (HKLM-x32\...\{909C0DF9-6BBE-42BD-8FB2-0ADEBA3459B6}_is1) (Version: 16.2.15.0 - iMCS Productions)
Blender (HKLM\...\{DEA73CCA-7EC9-41EA-8509-1041C1CABFD0}) (Version: 2.78.3 - Blender Foundation)
Blood Code (HKLM\...\DARKSiDERS - Blood Code) (Version:  - DARKSiDERS)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.12.1547 - BlueStack Systems, Inc.)
BOSS (HKLM\...\BOSS) (Version: 2.3.2 - BOSS Development Team)
Call Of Duty World At War version 1.7.1263.0 (HKLM-x32\...\Call Of Duty World At War_is1) (Version: 1.7.1263.0 - Mr DJ)
Castle Story (HKLM-x32\...\Castle Story_is1) (Version:  - )
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{5181A89F-09DD-E67D-46F8-C49E025FBFD2}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{583DA604-67B7-130B-3ECB-ADD1411E66EC}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{37312517-1DD8-48E3-DC08-789E901A9020}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{622139CF-71A8-7A11-C028-2C30BBAC510C}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{31ACE608-9780-2E6C-A657-D4738BBE7DAD}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{C780E2D6-C3A0-D470-5450-B8E71C61DDE6}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{3250204F-8B11-1359-8C1C-36FBB4B4BBF6}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1E06D137-70D9-1D47-C7AE-DF73E49D52C5}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{A2D7A75C-02A6-FC84-967D-B9894393971E}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{6DC5D4D2-C012-90BE-DA7E-86B2502C2B97}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{8D97FC65-8356-E742-D0F0-72B1FF8743D5}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{68A252A3-6775-0955-452F-10F6C2DA6111}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{862087D0-695D-ED21-1EFB-5A107412CA80}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A77B52B5-095B-C380-6E55-C697CA984E59}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{ABAD4EB3-DF39-E1EF-BF30-B4E62E8F6A66}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{9F12D721-8755-C3F7-25CD-DC3E7D72CDF4}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A36649BF-1EAA-8A7F-DDA5-A37696B5B08F}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{59647BE1-B9FC-988E-07C6-9DE02C366D79}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E56983F1-03EF-85BC-86CA-2E5A6A6FD4FE}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{43EA9A21-C95E-6DF9-9892-9283B2CFAF89}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{AA891189-816A-F0BE-FFA2-89B11D4BCFF1}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{0BB19DE4-A26E-9079-F7A7-79EFA22FC048}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{49D2F54E-D0A0-A447-B9D0-7A479D12A106}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{A5B0D6EF-3A94-A323-865A-00F8897208AC}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{FC4539F0-4063-5F68-0EB0-6B0FAD3A438B}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{2F05B3F3-9195-573C-6D8A-A978AFBDB1D6}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{93BF6D0F-9936-2456-FE41-308145DD7895}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{7720E621-9FA2-505C-6E6D-A81A245659A6}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{F1A7F86D-9C4E-D423-7938-8E6BBFB243D2}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{33808B22-0068-B5D0-5946-13FF99350017}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{E14554F1-13B4-BF54-1A1C-1A5D3BBD187E}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{72B2FA2A-72D6-E84E-13C4-13A980D007D3}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{AF7D189E-B7D5-DA70-3B76-74011BD2C72C}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{7B04C96A-615C-96AC-EE1F-32C30EC85624}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{8628C260-8FE6-3A83-723C-3B980B57F2D2}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{9DCAF0B1-7CFE-EA6E-97FC-DBAD0B26C5C1}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{BD750833-856E-0F37-DFEA-FC35B76C699C}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{607F995D-3E7A-D342-8E89-79EEC0AC6447}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{E9AE0D04-4F2D-901B-DA30-B8CC43270E89}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0F77D3DD-D65F-6D7D-D988-B282F6614A48}) (Version: 2017.0125.1845.33722 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{F315CF1D-1B8F-7BE3-7EBB-E236D07E7E97}) (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
Chromium (HKLM-x32\...\{2EB5C675-7E35-17F5-CFB5-67751F35B4F5}) (Version:  - )
Citra Edge (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\citra) (Version: 0.1.463 - Citra Development Team)
Conan Exiles - Barbarian Edition - Version 23580.9921 (HKLM-x32\...\Conan Exiles - Barbarian Edition_is1) (Version: 23580.9921 - RePack by VickNet)
Creatures of Darkness (HKLM-x32\...\{5B616A3F-43D9-4F0B-9F49-D39342A98592}) (Version: 3.3.0 - Screaming Bee LLC)
CrossFire NA (HKLM-x32\...\CrossFire_is1) (Version:  - Z8Games.com)
Cuphead (HKLM-x32\...\Cuphead_is1) (Version:  - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Dark Souls III (HKLM-x32\...\Dark Souls III_is1) (Version:  - )
Dead Island: Riptide (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Utomik App 1065) (Version: 0.00.02 - )
Dead Rising 3 Apocalypse Edition (HKLM-x32\...\Dead Rising 3 Apocalypse Edition_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
Deep Space Voices (HKLM-x32\...\{336E1A2D-E3EB-4846-B7D0-BD75BBBBC0A4}) (Version: 3.3.0 - Screaming Bee)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssistAgent (HKLM\...\{18EF001B-B005-46CB-917B-112BA69ED85E}) (Version: 2.0.3.10 - Dell)
Depth (HKLM-x32\...\Depth_is1) (Version:  - )
Discord (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Dishonored - Game of the Year Edition (HKLM-x32\...\Dishonored - Game of the Year Edition_is1) (Version:  - )
Disney Infinity 3.0 Gold Edition (HKLM-x32\...\Disney Infinity 3.0 Gold Edition_is1) (Version:  - )
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dragons Dogma Dark Arisen (HKLM-x32\...\Dragons Dogma Dark Arisen_is1) (Version:  - )
Dying Light (HKLM-x32\...\1448452156_is1) (Version: 2.0.0.8 - GOG.com)
Dynasty Warriors 8 Xtreme Legends (HKLM-x32\...\Dynasty Warriors 8 Xtreme Legends_is1) (Version:  - )
Enter the Gungeon (HKLM-x32\...\1456912569_is1) (Version: 2.7.0.9 - GOG.com)
Epic Games Launcher (HKLM-x32\...\{F7118EF5-320C-4340-99F4-25F970B428A3}) (Version: 1.1.125.0 - Epic Games, Inc.)
Everything (HKLM\...\ZXZlcnl0aGluZw_is1) (Version: 1 - )
Evoland (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Utomik App 305) (Version: 0.00.02 - )
Evolve (HKLM-x32\...\Evolve_is1) (Version:  - )
Fable Anniversary (HKLM-x32\...\Fable Anniversary_is1) (Version:  - )
Fantasy Voice Pack (HKLM-x32\...\{8061C2C9-C2A3-4550-A3FC-585B646840CB}) (Version: 1.3.0 - Screaming Bee)
Female Voice Pack (HKLM-x32\...\{71F8C486-8A13-468E-8B73-06051075556A}) (Version: 3.3.1 - Screaming Bee)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Furry Voices for Second Life (HKLM-x32\...\{0DB44859-4112-4946-BE5E-A4275B3FFB5E}) (Version: 1.3.0 - Screaming Bee)
Galactic Voices (HKLM-x32\...\{DF3FE308-58F2-45E2-9BB0-6A993794AD5C}) (Version: 1.3.0 - Screaming Bee)
GCFScape 1.8.6 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8302}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Handset WinDriver 1.02.03.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.0.2 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitBox (HKLM\...\aGl0Ym94_is1) (Version: 1 - )
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Ma雔 H鰎z)
Immortal Redneck (HKLM-x32\...\Immortal Redneck_is1) (Version:  - )
IMVU Avatar Chat Software (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\IMVU Avatar chat client software BETA) (Version:  - )
Infinity (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Infinity) (Version: 3.0.35 - WeMod)
Injustice - Gods Among Us. Ultimate Edition (HKLM-x32\...\Injustice - Gods Among Us. Ultimate Edition_R.G.~AC85A1BE_is1) (Version:  - R.G. Mechanics, markfiter)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel® Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.2.1030 - Intel Corporation)
Intel® Ready Mode Technology (HKLM\...\{CC3C017C-876D-4A31-A128-593FF92A1FE7}) (Version: 1.1.70.528 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iZotope iDrum (HKLM-x32\...\iZotope iDrum_is1) (Version: 1.75 - iZotope, Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Killer Wireless Drivers (HKLM-x32\...\{CD892D7D-F6D0-4A4A-9652-99EEFA6673F5}) (Version: 1.1.65.1335 - Rivet Networks)
Killer Wireless-AC Drivers (HKLM\...\{E6AE2A62-D36E-44D8-A0C6-9B966B59801A}) (Version: 1.1.65.1335 - Rivet Networks) Hidden
Kingo ROOT version 1.5.4.3126 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.5.4.3126 - Kingosoft Technology Ltd.)
KingRoot version 3.5.0.1157 (HKLM-x32\...\{FA3B7324-9EB4-4ADC-84D0-5461BE113832}_is1) (Version: 3.5.0.1157 - KingRoot)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
LEGO City Undercover (HKLM-x32\...\LEGO City Undercover_is1) (Version:  - )
LEGO Marvels Avengers (HKLM-x32\...\LEGO Marvels Avengers_is1) (Version:  - )
LEGO Worlds Classic Space Pack (HKLM-x32\...\LEGO Worlds Classic Space Pack_is1) (Version:  - )
Lichdom: Battlemage (HKLM-x32\...\Lichdom: Battlemage_is1) (Version:  - Xaviant Games)
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
LOOT version 0.11.0 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.11.0 - LOOT Team)
Male Voice Pack (HKLM-x32\...\{45BF4F8E-7BE7-4384-94C6-60AC70C401C6}) (Version: 1.3.0 - Screaming Bee)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
MEmu (HKLM-x32\...\MEmu) (Version: 2.9.3 - Microvirt)
Metal Gear Solid V: The Phantom Pain (HKLM-x32\...\{48397BFF-7C01-4B64-8F1A-0D468DDE5D73}_is1) (Version:  - Kojima Productions)
Metro Last Light Redux (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Utomik App 1060) (Version: 0.00.03 - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.8528.2147 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle Earth - Shadow of Mordor (HKLM-x32\...\Middle Earth - Shadow of Mordor_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft Story Mode Episode 8 (HKLM-x32\...\Minecraft Story Mode Episode 8_is1) (Version:  - )
Minimal ADB and Fastboot version 1.4.2 (HKLM-x32\...\{1901BAF7-7E78-4041-BC88-D0EE5DD1DFD9}_is1) (Version: 1.4.2 - Sam Rodberg)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
MorphVOX Pro (HKLM-x32\...\{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}) (Version: 4.3.13 - Screaming Bee)
Mortal Kombat XL (HKLM-x32\...\Mortal Kombat XL_is1) (Version:  - )
MouseRecorder v1.0.51 (HKLM-x32\...\MouseRecorder_is1) (Version: 1.0.51 - Bartels Media GmbH)
NARUTO SHIPPUDEN Ultimate Ninja STORM 4 (HKLM-x32\...\NARUTO SHIPPUDEN Ultimate Ninja STORM 4_is1) (Version:  - )
NBA Playgrounds (HKLM\...\bmJhcGxheWdyb3VuZHM_is1) (Version: 1 - )
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 2.0.0 - Nexon)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
No Mans Sky version final (HKLM-x32\...\No Mans Sky_is1) (Version: final - TOP SECRET)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 5.0.0.0 - Duodian Technology Co. Ltd.)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8528.2147 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8528.2147 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8528.2147 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
ONE.PIECE.BURNING.BLOOD.[Gold.Edition]-ALI213 version 1.0 (HKLM-x32\...\{946E2B1B-60B8-4008-B5F2-AE937FB7F594}}_is1) (Version: 1.0 - Ali213.net)
OpenIV (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
Opera Stable 48.0.2685.52 (HKLM-x32\...\Opera 48.0.2685.52) (Version: 48.0.2685.52 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{bd1dcce1-42f5-483d-b8bb-d9a4b400684a}) (Version: latest - ppy Pty Ltd)
Outlast 2 (HKLM-x32\...\Outlast 2_is1) (Version:  - )
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.107.256.0 - Overwolf Ltd.)
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
Papers Please version 1.1.67 (HKLM-x32\...\Papers Please_is1) (Version: 1.1.67 - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
Personality Voices (HKLM-x32\...\{29C042AB-059B-414C-840E-94775E3F24A8}) (Version: 1.0.0 - Screaming Bee)
Pixelmon Launcher (Beta) (HKLM-x32\...\{FC6D2320-0CFF-43B7-B273-81BCFFF3CDDA}) (Version: 2.1.4 - Ikara Software Limited) Hidden
Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.1.4) (Version: 2.1.4 - Ikara Software Limited)
Plague Inc Evolved Shadow Plague (HKLM-x32\...\Plague Inc Evolved Shadow Plague_is1) (Version:  - )
PlayStation™Now (HKLM-x32\...\{3B458B67-D1F7-4BD3-A4C3-2708889397C2}) (Version: 9.0.5 - Sony Interactive Entertainment Network America LLC)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.8 - Power Software Ltd)
Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Prototype (HKLM-x32\...\Prototype_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
PS4 Remote Play (HKLM-x32\...\{963E665C-3966-409A-9C15-82FB8A097208}) (Version: 2.5.0.09220 - Sony Interactive Entertainment Inc.)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.279 - Qualcomm Atheros)
Rain World (HKLM-x32\...\Rain World_is1) (Version:  - )
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.13.6 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.6.8.66 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7968 - Realtek Semiconductor Corp.)
REM4P 1.1.1.0 (HKLM-x32\...\{A0C44FB3-400D-4D09-B55E-43CB24D58C46}_is1) (Version: 1.1.1.0 - TMACDEV)
Remote Play PC 1.09 (HKLM-x32\...\bd67a359-9038-4d20-8ebf-c41b2802f6e9_is1) (Version: 1.09 - TMACDEV)
Roblox Player for Isaac (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - Roblox Corporation)
ROBLOX Studio for Isaac (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Rocket League - Hot Wheels Edition version 1.0 (HKLM-x32\...\Rocket League - Hot Wheels Edition_is1) (Version: 1.0 - Psyonix Inc)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Ryse - Son of Rome (HKLM-x32\...\Ryse - Son of Rome_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
Sci-Fi Voice Pack (HKLM-x32\...\{216E21F4-0489-4311-92D6-20D1FB950FCE}) (Version: 1.3.0 - Screaming Bee)
Shadow.Warrior.2.Deluxe.Edition.[v.1.1.3.0]-ALI213 version 1.1.3.0 (HKLM-x32\...\{ACB6FC5F-552D-4C67-A0F5-25555114841B}}_is1) (Version: 1.1.3.0 - Ali213.net)
Slice, Dice & Rice version 1.0 (HKLM-x32\...\Slice, Dice & Rice_is1) (Version: 1.0 - Playway SA)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 4.5.3980.0 - Hi-Rez Studios)
Sniper Elite 3 (HKLM-x32\...\U25pcGVyRWxpdGUz_is1) (Version: 1 - )
SpeedRunners (HKLM-x32\...\SpeedRunners_is1) (Version:  - )
Spider-Man® - Web of Shadows™ 1.1 Patch (HKLM-x32\...\InstallShield_{9208F706-6528-4591-A997-F41395FBD8A7}) (Version:  - ) Hidden
Spider-Man™ - Shattered Dimensions (HKLM-x32\...\InstallShield_{14C36646-83C8-430E-92B3-16F998BDB4E0}) (Version: 1.0 - Activision)
Spider-Man™ - Web of Shadows 1.1 Patch (HKLM-x32\...\{9208F706-6528-4591-A997-F41395FBD8A7}) (Version: 1.1 - Activision) Hidden
Spider-Man: Web of Shadows (HKLM-x32\...\Spider-Man: Web of Shadows_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Spotify (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Spotify) (Version: 1.0.65.320.gac7a8e02 - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 12.0.0.14 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.8.0.10 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steam Customizer (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Steam Customizer) (Version: 1.00.00.00 - Blumont)
Sumotori Full Version (HKLM-x32\...\Sumotori Full Version) (Version:  - )
Super Smash Flash 2 Beta (HKLM-x32\...\{7603695C-A9FF-48D5-BE83-CD07DB80E957}_is1) (Version: 1.0.0.0 - McLeodGaming, Inc.)
The Amazing Spider-Man 2  (HKLM-x32\...\{9948481A-A24E-427F-A846-06A4B5C7702E}) (Version: 6.0 - Black Box)
The Darkness II - Limited Edition (HKLM-x32\...\The Darkness II - Limited Edition_is1) (Version:  - )
The T-Pain Effect Bundle (HKLM-x32\...\The T-Pain Effect Bundle_is1) (Version: 1.02 - iZotope, Inc.)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
The.Sims.4.Deluxe.Edition.v1.25.136.1020.ALL.DLC.Repack version 1.25.136.1020 (HKLM-x32\...\{011310DA-DD70-4852-BAD9-05F7688BD14F}}_is1) (Version: 1.25.136.1020 - 0)
Toukiden 2 (HKLM-x32\...\Toukiden 2_is1) (Version:  - )
Towerfall - Ascension (HKLM-x32\...\1430924174_is1) (Version: 2.5.0.6 - GOG.com)
Translator Fun Voice Pack (HKLM-x32\...\{602A1471-063B-4E03-9DCE-0210B914EFF5}) (Version: 1.5.0 - Screaming Bee)
TRON 2.0 (HKLM-x32\...\1655444396_is1) (Version: 2.0.0.2 - GOG.com)
Trove North America (HKLM-x32\...\Glyph Trove North America) (Version:  - Trion Worlds, Inc.)
TroveTools .NET (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\0ad522f4516a2a4e) (Version: 1.2.0.5 - Dazo)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Ultimate Marvel vs. Capcom 3 (HKLM-x32\...\Ultimate Marvel vs. Capcom 3_is1) (Version:  - )
Unreal Development Kit: 2012-07 (HKLM\...\UDK-f4a0e209-2853-4f18-9bec-fcb9863c9bba) (Version:  - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 31.1 - Ubisoft)
Utomik (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\Utomik) (Version:  - Utomik B.V.)
Vampire - The Masquerade - Bloodlines (HKLM-x32\...\1207659240_is1) (Version: 2.1.0.8 - GOG.com)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Viking: Battle for Asgard (HKLM-x32\...\Viking: Battle for Asgard_is1) (Version:  - )
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0-2) (Version: 1.0.37.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0-3) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Watch_Dogs 2 (HKLM-x32\...\{B0E33297-78B1-4B37-B8C1-39150F2DEE43}_is1) (Version:  - Ubisoft)
WhatsApp (HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\WhatsApp) (Version: 0.2.5093 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION®3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WWE 2K17 (HKLM-x32\...\WWE 2K17_is1) (Version:  - )
Youtubers Life (HKLM-x32\...\Youtubers Life_is1) (Version:  - )
使命召唤Online (HKLM-x32\...\使命召唤Online) (Version:  - Tencent)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3267251706-2764207904-1746666680-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3267251706-2764207904-1746666680-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3267251706-2764207904-1746666680-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3267251706-2764207904-1746666680-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3267251706-2764207904-1746666680-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3267251706-2764207904-1746666680-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3267251706-2764207904-1746666680-1001_Classes\CLSID\{c31ca596-532d-a36f-e223-ce16b9ac70a56}\InprocServer32 -> 0xA0BC40EEC894D2015FD242EEC894D201010000000100000000000000 => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\isaac\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\isaac\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\isaac\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ShellIconOverlayIdentifiers: [QBOverlayIcon] -> {96959DE7-C855-42BD-8382-2AAABF2A8F52} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\isaac\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\isaac\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\isaac\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-03-07] ()
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\isaac\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\isaac\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\isaac\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-01-25] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\igfxDTCM.dll [2016-11-25] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {038BE2B5-D451-42E7-82E4-C96472FE697B} - System32\Tasks\Opera scheduled Autoupdate 1492899575 => C:\Program Files\Opera\launcher.exe [2017-10-24] (Opera Software)
Task: {06E83B82-99D8-4DCB-A631-A9A4E3385B31} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-09-22] (Dell Inc.)
Task: {0992743C-59A9-4355-B9C5-E51C3C7DFB0C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-22] (Google Inc.)
Task: {0BC9E7F5-B09F-40A8-A01D-FB83F845DB5F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-01-25] (Advanced Micro Devices, Inc.)
Task: {0C266AB7-7344-4C53-BA4E-8E503BBE3094} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-22] (Google Inc.)
Task: {0F2BEC96-A037-42D6-BE76-A0F7FBD56D6B} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {12DD336C-1FE5-4633-805E-5D6941683BB2} - \3239755 -> No File <==== ATTENTION
Task: {2A54B36B-46C9-4358-A27A-4802ACE633B5} - System32\Tasks\Candy Retlean call Software => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Candy Retlean call Software\Candy Retlean call Software.dll",wEawRROYrXH <==== ATTENTION
Task: {2E6003E1-C9B6-4E7D-8956-BCA3A2288059} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-23] (Microsoft Corporation)
Task: {344B71D2-1570-414B-A78F-6BB857D96037} - System32\Tasks\EPSON Stylus CX5600 Series => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\EPSON Stylus CX5600 Series\EPSON Stylus CX5600 Series.dll",lwXSlNiOsgN <==== ATTENTION
Task: {3DDEA578-7474-4070-A174-F01CE1A31B34} - \DefenderUpdate -> No File <==== ATTENTION
Task: {44E91FEF-E14B-4444-9AA2-228302F09056} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] ()
Task: {477BA811-E422-4BB1-9C5E-F8991DB60B3C} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel® Online Connect Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {59917A89-5CB0-4F80-BB56-B9FB8338E1CB} - System32\Tasks\update-S-1-5-21-3267251706-2764207904-1746666680-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {5E805713-1E99-4A63-AEE0-46A1ECD13933} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel® Online Connect Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {6151CCF6-F904-4BC3-B80E-D7D172614D28} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {62498032-1DB6-4C40-9B72-6EE2E1F07F2C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel® Corporation)
Task: {6592141F-1BD8-43BB-BDA4-CF6A78D5192A} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {6D442C32-A615-49FA-B578-2C6020F4C96A} - System32\Tasks\Syper Strategic Analyzer => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Syper Strategic Analyzer\Syper Strategic Analyzer.dll",JSBLEio <==== ATTENTION
Task: {70A4B1E3-A186-4807-9044-51BD58F5E220} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-09-22] (Dell Inc.)
Task: {8D709395-F874-4092-BAAA-E0852FAFA9B8} - System32\Tasks\LaunchCommandCenterControllers => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [2016-11-30] (Alienware)
Task: {9E8BA9F5-CE1D-4ACC-A05B-5436AD2DDC71} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {A2F65B45-CFA5-4E46-A61D-4CD656763B04} - System32\Tasks\Update Manager => C:\Users\isaac\AppData\Roaming\DARK.SOULS.III.Deluxe.Edition.v1.14+DLCs\uzgmil.exe
Task: {A30A0C29-396D-4F5A-B0CE-0F3C0782A723} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-24] ()
Task: {A6CA5ABA-56D1-436F-8998-56F972FC2A1C} - System32\Tasks\Dash Analyser => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Dash Analyser\Dash Analyser.dll",nIPEIAcL <==== ATTENTION
Task: {A7F6B221-5354-4BD6-97D1-A71E9DFB684D} - System32\Tasks\EMhOvRs5Cozc => emhovrs5cozc.exe
Task: {AD3998EF-731D-4FD7-842E-152667FC135A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-24] ()
Task: {B042C4A5-1F7F-454E-B2FE-B125AB2E2741} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-23] (Microsoft Corporation)
Task: {C82A7B1C-A194-4853-B15F-264831AE811D} - System32\Tasks\Ausspote => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Ausspote\Ausspote.dll",OTHOPHiHp <==== ATTENTION
Task: {CD169B96-8294-4DAD-B3DA-3FBB53C1A9D1} - System32\Tasks\Always Ready Mode => C:\Program Files\Alienware\Command Center\ULPMEnter.exe [2016-11-30] ()
Task: {CED44A7D-DCEB-4594-9701-DE13A31D1E09} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-10-28] (Realtek Semiconductor)
Task: {D8721668-48E2-447A-BEB4-D7FBB86F62DE} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-10-23] (Overwolf LTD)
Task: {D94BE4B1-F60B-4904-B17D-E0B8B31AC205} - System32\Tasks\H8oORveanSgX => h8oorveansgx.exe
Task: {F1C4F6EC-A506-442E-AD52-510070E2F10A} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {F6A6EC40-C4ED-4FF4-ADA0-F25A2405C743} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3267251706-2764207904-1746666680-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\isaac\Desktop\mail.ru - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\isaac\Desktop\The Monkey - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-11-16 16:05 - 2015-11-16 16:05 - 000081304 _____ () C:\WINDOWS\SYSTEM32\AlienFXBiosSupportAPI64.DLL
2015-11-16 16:06 - 2015-11-16 16:06 - 000080280 _____ () C:\WINDOWS\SYSTEM32\ThermalSupportAPI.dll
2017-03-18 14:58 - 2017-03-18 14:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-10-31 13:45 - 2017-06-22 18:22 - 000598528 _____ () C:\Users\isaac\AppData\Local\MEGAsync\ShellExtX64.dll
2017-03-07 20:42 - 2017-03-07 20:42 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-03-18 14:59 - 2017-03-18 20:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-01 00:14 - 2017-08-01 00:14 - 000066911 _____ () C:\Program Files (x86)\stank\massing.exe
2016-10-04 19:09 - 2016-10-04 19:09 - 000253664 _____ () C:\Program Files\Intel\Intel® Online Connect\CSLibWrapper.dll
2017-10-01 19:20 - 2017-10-01 19:20 - 000936960 _____ () C:\Users\isaac\AppData\Local\wmikuwy\wmikuwy.exe
2016-08-29 16:54 - 2016-08-29 16:54 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-08-29 16:54 - 2016-08-29 16:54 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-08-29 16:54 - 2016-08-29 16:54 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-08-29 16:54 - 2016-08-29 16:54 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-08-29 16:54 - 2016-08-29 16:54 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-08-29 16:54 - 2016-08-29 16:54 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-08-29 16:54 - 2016-08-29 16:54 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-09-29 10:24 - 2017-09-29 10:24 - 001087488 _____ () C:\Users\isaac\AppData\Local\wmikuwy\lsaeupa.exe
2016-10-05 14:15 - 2016-10-05 14:15 - 000107752 _____ () C:\Program Files\Intel\Intel® Online Connect Access\libglog.dll
2016-10-05 14:15 - 2016-10-05 14:15 - 000412904 _____ () C:\Program Files\Intel\Intel® Online Connect Access\JsonCpp.dll
2017-09-26 17:47 - 2017-09-21 01:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-26 17:47 - 2017-09-21 01:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-11-06 14:30 - 2017-11-06 14:33 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.480.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-04-13 02:38 - 2016-04-13 02:38 - 000482304 _____ () C:\Users\isaac\AppData\Local\MEGAsync\libsodium.dll
2017-10-19 20:52 - 2017-10-19 09:53 - 003103232 _____ () C:\Users\isaac\AppData\Local\yc\Application\61.0.3163.100\libglesv2.dll
2017-10-19 20:52 - 2017-10-19 09:53 - 000079872 _____ () C:\Users\isaac\AppData\Local\yc\Application\61.0.3163.100\libegl.dll
2016-12-21 10:24 - 2016-12-21 10:24 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2016-05-02 16:46 - 2016-05-02 16:46 - 000134008 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-05-01 14:27 - 2017-05-01 14:27 - 000133992 _____ () C:\Program Files (x86)\Alienware Update\ServiceTagPlusPlus.dll
2016-10-20 03:28 - 2016-10-20 03:28 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-08-02 20:40 - 2017-08-02 20:40 - 053460480 _____ () C:\Users\isaac\AppData\Local\wmikuwy\libcef.dll
2016-05-31 10:43 - 2016-05-31 10:43 - 001976832 _____ () C:\Users\isaac\AppData\Local\wmikuwy\libglesv2.dll
2016-05-31 10:44 - 2016-05-31 10:44 - 000075264 _____ () C:\Users\isaac\AppData\Local\wmikuwy\libegl.dll
2017-08-09 23:48 - 2017-08-08 14:13 - 001893880 _____ () C:\Users\isaac\AppData\Local\Discord\app-0.0.298\ffmpeg.dll
2017-08-09 23:49 - 2017-08-09 23:49 - 001577976 _____ () \\?\C:\Users\isaac\AppData\Roaming\discord\0.0.298\modules\discord_toaster\discord_toaster.node
2017-08-09 23:48 - 2017-08-08 14:13 - 001938424 _____ () C:\Users\isaac\AppData\Local\Discord\app-0.0.298\libglesv2.dll
2017-08-09 23:48 - 2017-08-08 14:13 - 000095736 _____ () C:\Users\isaac\AppData\Local\Discord\app-0.0.298\libegl.dll
2017-08-09 23:49 - 2017-10-06 03:32 - 009722360 _____ () \\?\C:\Users\isaac\AppData\Roaming\discord\0.0.298\modules\discord_voice\discord_voice.node
2017-08-09 23:49 - 2017-08-09 23:49 - 001440248 _____ () \\?\C:\Users\isaac\AppData\Roaming\discord\0.0.298\modules\discord_utils\discord_utils.node
2017-11-06 14:31 - 2017-11-06 14:31 - 000148992 _____ () \\?\C:\Users\isaac\AppData\Local\Temp\DD80.tmp.node
2017-08-09 23:49 - 2017-08-09 23:49 - 002658296 _____ () \\?\C:\Users\isaac\AppData\Roaming\discord\0.0.298\modules\discord_rpc\discord_rpc.node
2017-08-09 23:49 - 2017-08-09 23:49 - 002673656 _____ () \\?\C:\Users\isaac\AppData\Roaming\discord\0.0.298\modules\discord_contact_import\discord_contact_import.node
2016-06-15 16:15 - 2016-06-15 16:15 - 017599640 _____ () C:\Users\isaac\AppData\Local\wmikuwy\pepflashplayer.dll
2017-11-03 10:03 - 2017-11-02 19:39 - 001260032 _____ () C:\Users\isaac\Downloads\Seraph\Seraph\seraph.exe
2017-11-03 10:03 - 2017-11-02 20:14 - 004815360 _____ () C:\Users\isaac\Downloads\Seraph\Seraph\bin\exploit.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ejcjfxbp.sys:changelist [215]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\henkugeb.sys:changelist [898]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vkaakcbc.sys:changelist [2382]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zexbrqdi.sys:changelist [1110]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 05:47 - 2017-11-05 19:04 - 000013459 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 gf.tools.avast.com
127.0.0.1 pair.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 id.avast.com
127.0.0.1 v4618535.iavs9x.u.avast.com
127.0.0.1 v4618535.ivps9x.u.avast.com
127.0.0.1 v4618535.ivps9tiny.u.avast.com
127.0.0.1 v4618535.vpsnitro.u.avast.com
127.0.0.1 v4618535.vpsnitrotiny.u.avast.com
127.0.0.1 v4618535.iavs5x.u.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7event.stats.avast.com
127.0.0.1 sm00.avast.com
127.0.0.1 submit5.avast.com
127.0.0.1 geoip.avast.com
127.0.0.1 w9448963.iavs9x.u.avast.com
127.0.0.1 w9448963.ivps9x.u.avast.com
127.0.0.1 w9448963.ivps9tiny.u.avast.com
127.0.0.1 w9448963.vpsnitro.u.avast.com
127.0.0.1 w9448963.vpsnitrotiny.u.avast.com
127.0.0.1 w9448963.iavs5x.u.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7event.stats.avast.com
127.0.0.1 sm00.avast.com
127.0.0.1 submit5.avast.com
127.0.0.1 geoip.avast.com
 
There are 331 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\isaac\Downloads\1448297-fairy-tail-chibi.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "MRT"
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\StartupApproved\StartupFolder: => "Adobe Acrobat Pro 3.8.9.718.lnk"
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\StartupApproved\StartupFolder: => "merlins.lnk"
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\StartupApproved\Run: => "ag0D0Ew0Ljr.exe"
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\StartupApproved\Run: => "Winhost"
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\StartupApproved\Run: => "dvOniaIY.exe"
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\StartupApproved\Run: => "chintzy"
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\StartupApproved\Run: => "jnWphrffkU.exe"
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\StartupApproved\Run: => "ZEDwhBIcbK.exe"
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\StartupApproved\Run: => "PGGRhvJJF69.exe"
HKU\S-1-5-21-3267251706-2764207904-1746666680-1001\...\StartupApproved\Run: => "wEbOUg7yzMO.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{1B88AB24-A0BA-476A-B099-838C248E1ABF}C:\program files (x86)\saints row iv\saintsrowiv.exe] => (Allow) C:\program files (x86)\saints row iv\saintsrowiv.exe
FirewallRules: [TCP Query User{DAE97818-CE98-49C4-9468-9B6CC2AE9B84}C:\program files (x86)\saints row iv\saintsrowiv.exe] => (Allow) C:\program files (x86)\saints row iv\saintsrowiv.exe
FirewallRules: [UDP Query User{CF24F9D4-2CD6-4FFB-AA6E-44EF35338DEF}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{E42A8DED-E7F3-4E02-A7DA-403527570F83}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{85C3FFFC-1644-4F51-B4F3-19585A57D32E}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{D6292C21-6C83-4954-9675-5163315C4575}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [{777BC464-9691-45E8-A6BD-C012B36AC476}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\For Honor\forhonor.exe
FirewallRules: [{E1CD754B-52D4-4091-85F5-29D0737E1402}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\For Honor\forhonor.exe
FirewallRules: [{42FDA7D7-E1F4-49B5-A6C3-854C9B5EEAF3}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{0F524F70-0AFE-43F1-A566-5AAD9186D6AA}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [UDP Query User{EF5F41CC-DC36-4C2F-BF9E-6359D18254BE}C:\program files (x86)\outlast 2\binaries\win64\outlast2.exe] => (Allow) C:\program files (x86)\outlast 2\binaries\win64\outlast2.exe
FirewallRules: [TCP Query User{6A3498AD-D242-4DAB-802F-8CF0A35FFA05}C:\program files (x86)\outlast 2\binaries\win64\outlast2.exe] => (Allow) C:\program files (x86)\outlast 2\binaries\win64\outlast2.exe
FirewallRules: [UDP Query User{503D45E8-8DD8-4131-B41F-B6952563AE9F}C:\users\isaac\documents\megasync downloads\crawl\crawl\crawl.exe] => (Allow) C:\users\isaac\documents\megasync downloads\crawl\crawl\crawl.exe
FirewallRules: [TCP Query User{D419A05D-EEB4-4EA5-A474-E5605C39E754}C:\users\isaac\documents\megasync downloads\crawl\crawl\crawl.exe] => (Allow) C:\users\isaac\documents\megasync downloads\crawl\crawl\crawl.exe
FirewallRules: [UDP Query User{F791487C-365F-4576-B6C8-03EFB76C446D}C:\users\isaac\documents\megasync downloads\brawlout\brawlout\brawlout.exe] => (Allow) C:\users\isaac\documents\megasync downloads\brawlout\brawlout\brawlout.exe
FirewallRules: [TCP Query User{85AC2501-2DE5-46BE-AEA8-0377C6E16DF9}C:\users\isaac\documents\megasync downloads\brawlout\brawlout\brawlout.exe] => (Allow) C:\users\isaac\documents\megasync downloads\brawlout\brawlout\brawlout.exe
FirewallRules: [UDP Query User{39249AA2-03DE-4C07-B20F-F803669D7C60}C:\games\saints row iv nosteam\saintsrowiv.exe] => (Allow) C:\games\saints row iv nosteam\saintsrowiv.exe
FirewallRules: [TCP Query User{80026E9A-2FB6-4ADC-BD30-3E8A15AF04AE}C:\games\saints row iv nosteam\saintsrowiv.exe] => (Allow) C:\games\saints row iv nosteam\saintsrowiv.exe
FirewallRules: [UDP Query User{7C555EDD-A580-4CF5-8D2E-9254DF1CA72F}C:\program files\腾讯游戏\使命召唤online\tcls\client.exe] => (Allow) C:\program files\腾讯游戏\使命召唤online\tcls\client.exe
FirewallRules: [TCP Query User{242D02AB-2688-467E-9D94-10E516FA331D}C:\program files\腾讯游戏\使命召唤online\tcls\client.exe] => (Allow) C:\program files\腾讯游戏\使命召唤online\tcls\client.exe
FirewallRules: [{16659379-C30B-4017-9B33-B6696F42BF18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{9948527B-6FF9-446A-B48B-A507776B2A15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{A6B83531-8392-4BBF-8A84-826A73C2C9F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BrainOut\bin\javaw.exe
FirewallRules: [{2D530B41-CB87-4249-B101-7C5467A26CC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BrainOut\bin\javaw.exe
FirewallRules: [{751AB093-D86B-47E9-8845-3DD048447D6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duelyst\Duelyst.exe
FirewallRules: [{98819EA1-6862-4FBE-BEF9-A6CFE6C37075}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duelyst\Duelyst.exe
FirewallRules: [UDP Query User{93BF51C3-0D92-42D1-8EEB-C77AF2EE9CC7}C:\program files (x86)\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) C:\program files (x86)\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [TCP Query User{0F1DEC29-843D-45A9-A9B0-CFF90F11305D}C:\program files (x86)\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) C:\program files (x86)\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [UDP Query User{7BB3A2A8-561D-47B7-AE98-E66DA3779290}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{0453182B-A1AD-42EB-BAAE-22A30C33F1C3}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{20DBFB0E-FEEB-4D02-AA9A-39E996507FAC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EC166736-11E6-43A0-9382-0445721B9939}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FC9F6A71-58F0-4F98-B1A0-C44CFDABB3E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8967792F-2984-4751-97CF-07755D5ABBD9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{42524A8E-CB38-489F-92CC-51FB3340EB93}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [TCP Query User{BE6118C4-4D16-407B-ADA5-EAD2FA938C6D}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{BE2B2F93-09FA-4A9D-AAF0-AC94D254AD71}C:\users\isaac\downloads\igg-shaolin.vs.wutang.v1.0g2\igg-shaolin.vs.wutang.v1.0g2\svw.exe] => (Allow) C:\users\isaac\downloads\igg-shaolin.vs.wutang.v1.0g2\igg-shaolin.vs.wutang.v1.0g2\svw.exe
FirewallRules: [TCP Query User{D44EE9BC-9A76-48B9-BD1E-BC3B6F07B992}C:\users\isaac\downloads\igg-shaolin.vs.wutang.v1.0g2\igg-shaolin.vs.wutang.v1.0g2\svw.exe] => (Allow) C:\users\isaac\downloads\igg-shaolin.vs.wutang.v1.0g2\igg-shaolin.vs.wutang.v1.0g2\svw.exe
FirewallRules: [{BA8B344C-E1DE-4258-A493-F3BD9C9A2677}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{B0B6F552-56CD-4708-A7A6-9A81E04F825E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [UDP Query User{3C60C68C-E10C-4335-8449-FBE696609B16}C:\program files (x86)\wii u updates\wiiu_usb_helper.exe] => (Allow) C:\program files (x86)\wii u updates\wiiu_usb_helper.exe
FirewallRules: [TCP Query User{857C7A3C-2E87-4DFD-BDA0-2609AC593A1C}C:\program files (x86)\wii u updates\wiiu_usb_helper.exe] => (Allow) C:\program files (x86)\wii u updates\wiiu_usb_helper.exe
FirewallRules: [UDP Query User{30F521AE-BC5E-4BF9-A35F-70F1ED40F4EC}C:\program files (x86)\wiiu_usb_helper.exe] => (Allow) C:\program files (x86)\wiiu_usb_helper.exe
FirewallRules: [TCP Query User{2D5D9124-276D-4B8F-9965-8F2E4B0D2956}C:\program files (x86)\wiiu_usb_helper.exe] => (Allow) C:\program files (x86)\wiiu_usb_helper.exe
FirewallRules: [UDP Query User{7F5BD08D-A12A-4A8E-970D-610401F1473B}C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe
FirewallRules: [TCP Query User{5001497E-EEAE-4979-A2F0-7E9D7015DC91}C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe
FirewallRules: [{0079C82E-2A6B-439F-BD72-BF12A6B2F98E}] => (Allow) C:\Program Files (x86)\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{81C29C7B-14E6-4244-B91B-9C8D795F7EA3}] => (Allow) C:\Program Files (x86)\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{0E524C57-AEBB-4415-8532-F3E71F8821B5}] => (Allow) C:\Program Files (x86)\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{0D32FB84-4496-48FE-9C0D-109626AE93C9}] => (Allow) C:\Program Files (x86)\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [UDP Query User{42575DC6-B7B5-4589-8C8E-A55859FD560A}C:\users\isaac\downloads\viscera.cleanup.detail.v1.09.inclu.all.dlc\viscera.cleanup.detail.v1.09.inclu.all.dlc\binaries\win64\udk.exe] => (Allow) C:\users\isaac\downloads\viscera.cleanup.detail.v1.09.inclu.all.dlc\viscera.cleanup.detail.v1.09.inclu.all.dlc\binaries\win64\udk.exe
FirewallRules: [TCP Query User{CDDAA866-EA18-409D-BBA7-DB2B388924C3}C:\users\isaac\downloads\viscera.cleanup.detail.v1.09.inclu.all.dlc\viscera.cleanup.detail.v1.09.inclu.all.dlc\binaries\win64\udk.exe] => (Allow) C:\users\isaac\downloads\viscera.cleanup.detail.v1.09.inclu.all.dlc\viscera.cleanup.detail.v1.09.inclu.all.dlc\binaries\win64\udk.exe
FirewallRules: [UDP Query User{0520420B-5285-4E00-BC6C-A1F0C399B9AE}C:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe] => (Allow) C:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe
FirewallRules: [TCP Query User{B6FA72E3-D3A2-4FF4-86D5-D4CAA2B11E49}C:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe] => (Allow) C:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe
FirewallRules: [UDP Query User{612C190A-F035-42D0-ABE3-7823B25A6602}C:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe] => (Allow) C:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [TCP Query User{5BD7AF03-BE22-473B-B8BD-87E73E5C174F}C:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe] => (Allow) C:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [UDP Query User{AF5FBC58-8DC9-4106-A03F-8F01F811A075}C:\users\isaac\documents\megasync downloads\fresh body\fresh body\freshbody.exe] => (Allow) C:\users\isaac\documents\megasync downloads\fresh body\fresh body\freshbody.exe
FirewallRules: [TCP Query User{A80564CF-CB89-4388-9D65-6D7E3FE9B1E6}C:\users\isaac\documents\megasync downloads\fresh body\fresh body\freshbody.exe] => (Allow) C:\users\isaac\documents\megasync downloads\fresh body\fresh body\freshbody.exe
FirewallRules: [UDP Query User{4A05D9DA-AA4E-4D90-8D33-511F63B70922}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe] => (Allow) C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe
FirewallRules: [TCP Query User{0170665B-FAEB-4523-AC95-7AEFD7D81150}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe] => (Allow) C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe
FirewallRules: [UDP Query User{DCC80D0A-630A-45A4-9EBC-27F54279CE3C}C:\program files (x86)\rock of ages\binaries\win32\roa.exe] => (Allow) C:\program files (x86)\rock of ages\binaries\win32\roa.exe
FirewallRules: [TCP Query User{9829C63D-0AAC-4982-9989-45EA9377EE5A}C:\program files (x86)\rock of ages\binaries\win32\roa.exe] => (Allow) C:\program files (x86)\rock of ages\binaries\win32\roa.exe
FirewallRules: [{0BDE7167-4D46-4CE7-8532-BFCFB3B67769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{AE92F7E4-0AE2-455B-9D67-2B73AC2DADB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{EB47EFB2-F327-4635-9D42-DE097773305F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{81F493A8-B874-48AC-8894-8620872A3CA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{9EF11826-B35E-4F44-9BC0-F3B00F35D8B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{E8454B52-1F43-4243-A476-F02FA2070D56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{0D53FEAC-C4A0-4024-86E3-B3470EF0A6B5}] => (Allow) C:\Program Files (x86)\Mr DJ\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{F175E722-FA38-49E2-BFD5-EA8DE9102362}] => (Allow) C:\Program Files (x86)\Mr DJ\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{D8CE65B1-3772-40F4-A340-2B16DDCD2B02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{69847952-87EE-4C8E-8B40-7D5EB39067EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0BA27D5A-ABB2-4B10-B780-E0A4AF52C8F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{25634EA0-B1F5-45F4-8F97-AAE37267BBCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{EE42F75E-1A86-46F4-8DC0-6732A9FD9FBA}] => (Allow) C:\Program Files (x86)\PlayStationNow\unidater.exe
FirewallRules: [{2A0EEE90-9982-4388-ADAF-C8F6DEF3E8F0}] => (Allow) C:\Users\isaac\AppData\Local\Gaikai\CrashReports\dumpupload.exe
FirewallRules: [{B235079A-A880-4DCA-95A1-B05FB335F22A}] => (Allow) C:\Program Files (x86)\PlayStationNow\psnowlauncher.exe
FirewallRules: [UDP Query User{5D0E062E-42C5-4B4F-AD88-3970603CDC6B}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{56F1B6C6-7E4D-4EFD-8C4A-0B588033DFD5}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{3133A546-31BA-4B24-8114-F3C6C1461900}C:\users\isaac\downloads\gang.beasts.v0.5.5\gang.beasts.v0.5.5\gang beasts.exe] => (Allow) C:\users\isaac\downloads\gang.beasts.v0.5.5\gang.beasts.v0.5.5\gang beasts.exe
FirewallRules: [TCP Query User{04F23FF7-1AD8-4482-B457-931E1BB3B137}C:\users\isaac\downloads\gang.beasts.v0.5.5\gang.beasts.v0.5.5\gang beasts.exe] => (Allow) C:\users\isaac\downloads\gang.beasts.v0.5.5\gang.beasts.v0.5.5\gang beasts.exe
FirewallRules: [UDP Query User{4153BAB0-590C-46C9-AF50-6B1F287A0E73}C:\program files (x86)\mortal kombat xl\binaries\retail\mk10.exe] => (Block) C:\program files (x86)\mortal kombat xl\binaries\retail\mk10.exe
FirewallRules: [TCP Query User{65BF5658-4F60-49AA-AB3D-7CCE254ACCD3}C:\program files (x86)\mortal kombat xl\binaries\retail\mk10.exe] => (Block) C:\program files (x86)\mortal kombat xl\binaries\retail\mk10.exe
FirewallRules: [UDP Query User{BCD1B75C-0BDE-44EA-9FB5-76BB00891A36}C:\program files (x86)\bethesda softworks\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Block) C:\program files (x86)\bethesda softworks\dishonored - game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{7472EF34-D569-4B23-A627-DE6C54764A4B}C:\program files (x86)\bethesda softworks\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Block) C:\program files (x86)\bethesda softworks\dishonored - game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [{B57DE7C8-8018-4519-BE52-C6FDC9CD2968}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{936E6710-D9D5-43D5-A1BC-C26C70AA3D3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [UDP Query User{B9E57F30-84F3-44D4-9A53-EBE8AF49EE20}C:\users\isaac\downloads\move.or.die.v7.0.3.hotfix\move.or.die.v7.0.3.hotfix\love\win\love.exe] => (Block) C:\users\isaac\downloads\move.or.die.v7.0.3.hotfix\move.or.die.v7.0.3.hotfix\love\win\love.exe
FirewallRules: [TCP Query User{D560AB1F-A95B-4391-9FBC-FB429BF03014}C:\users\isaac\downloads\move.or.die.v7.0.3.hotfix\move.or.die.v7.0.3.hotfix\love\win\love.exe] => (Block) C:\users\isaac\downloads\move.or.die.v7.0.3.hotfix\move.or.die.v7.0.3.hotfix\love\win\love.exe
FirewallRules: [UDP Query User{0AA42BA8-8A41-4F06-896A-62B8B9500A99}C:\users\isaac\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\isaac\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{641D2534-165A-46E4-935C-0FF675D43C96}C:\users\isaac\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\isaac\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{AACA4D49-A98D-4DDA-9E36-2724F1593AD8}C:\program files (x86)\depth\binaries\win32\depthgame.exe] => (Block) C:\program files (x86)\depth\binaries\win32\depthgame.exe
FirewallRules: [TCP Query User{DF29D24A-E85B-4D27-A585-26023A6F418F}C:\program files (x86)\depth\binaries\win32\depthgame.exe] => (Block) C:\program files (x86)\depth\binaries\win32\depthgame.exe
FirewallRules: [UDP Query User{30F3B9AA-96ED-4FD4-851D-9A6F591897AF}C:\users\isaac\downloads\feed.and.grow.fish.v0.7.4\feed.and.grow.fish.v0.7.4\feed and grow.exe] => (Allow) C:\users\isaac\downloads\feed.and.grow.fish.v0.7.4\feed.and.grow.fish.v0.7.4\feed and grow.exe
FirewallRules: [TCP Query User{1A8933A3-0D85-4B8C-9036-400FF4AC9777}C:\users\isaac\downloads\feed.and.grow.fish.v0.7.4\feed.and.grow.fish.v0.7.4\feed and grow.exe] => (Allow) C:\users\isaac\downloads\feed.and.grow.fish.v0.7.4\feed.and.grow.fish.v0.7.4\feed and grow.exe
FirewallRules: [UDP Query User{B73424AC-1DB2-4C23-9C6D-D1F929C66F2B}C:\users\isaac\downloads\street.fighter.v.deluxe.edition.v2.0.incl.dlc.multi.13\street.fighter.v.deluxe.edition.v2.0.incl.dlc.multi.13\streetfighterv\binaries\win64\streetfighterv.exe] => (Allow) C:\users\isaac\downloads\street.fighter.v.deluxe.edition.v2.0.incl.dlc.multi.13\street.fighter.v.deluxe.edition.v2.0.incl.dlc.multi.13\streetfighterv\binaries\win64\streetfighterv.exe
FirewallRules: [TCP Query User{A0F9E302-38ED-4FD1-8638-80D4FD0C1AE0}C:\users\isaac\downloads\street.fighter.v.deluxe.edition.v2.0.incl.dlc.multi.13\street.fighter.v.deluxe.edition.v2.0.incl.dlc.multi.13\streetfighterv\binaries\win64\streetfighterv.exe] => (Allow) C:\users\isaac\downloads\street.fighter.v.deluxe.edition.v2.0.incl.dlc.multi.13\street.fighter.v.deluxe.edition.v2.0.incl.dlc.multi.13\streetfighterv\binaries\win64\streetfighterv.exe
FirewallRules: [{E42EC4E4-05D4-43BC-A3AD-732DF9FE794C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{0DA7A275-A6FB-4D96-B320-DF69E4FBAD5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{CDD266B0-18AB-4236-93F9-A91FDDF1D0F3}] => (Allow) C:\Program Files (x86)\DRAGON BALL XENOVERSE 2\bin\DBXV2.exe
FirewallRules: [{611DCA26-3DE7-461C-972A-B6EE01C62A81}] => (Allow) C:\Program Files (x86)\DRAGON BALL XENOVERSE 2\bin\DBXV2.exe
FirewallRules: [{D315D90B-56E1-4129-81C9-F61A44D79D38}] => (Allow) C:\Program Files (x86)\DRAGON BALL XENOVERSE 2\bin\DBXV2.exe
FirewallRules: [{1161DC72-E5B0-4991-820D-0E9B6E393607}] => (Allow) C:\Program Files (x86)\DRAGON BALL XENOVERSE 2\bin\DBXV2.exe
FirewallRules: [UDP Query User{079AE126-939C-4E43-B1FC-1E6DB9A1A112}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe
FirewallRules: [TCP Query User{58C2A332-7EDC-42BE-BC11-7A1A0195B95C}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe
FirewallRules: [UDP Query User{24AA0DDC-F26C-4B86-ABB3-F3B62E50FBC9}C:\users\isaac\documents\megasync downloads\myworld\myworld\myworld.exe] => (Allow) C:\users\isaac\documents\megasync downloads\myworld\myworld\myworld.exe
FirewallRules: [TCP Query User{761A5D4B-EB15-45E4-9771-03E06DF5E72C}C:\users\isaac\documents\megasync downloads\myworld\myworld\myworld.exe] => (Allow) C:\users\isaac\documents\megasync downloads\myworld\myworld\myworld.exe
FirewallRules: [UDP Query User{727B2D73-0CA0-4763-956B-0AC0F5F7945A}C:\program files (x86)\heroes of the storm\versions\base51375\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base51375\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F142985C-0B00-4268-A650-2FA88B3A88CE}C:\program files (x86)\heroes of the storm\versions\base51375\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base51375\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{592511FF-7EEE-4E15-A441-E4B7F54B7CF8}C:\games\call of duty black ops 2\t6mpv43.exe] => (Block) C:\games\call of duty black ops 2\t6mpv43.exe
FirewallRules: [TCP Query User{6D3DF9AA-0591-4F2D-818A-073E9A0E81B0}C:\games\call of duty black ops 2\t6mpv43.exe] => (Block) C:\games\call of duty black ops 2\t6mpv43.exe
FirewallRules: [UDP Query User{3C018ED6-E008-4AAD-AE07-5F498CAEC18C}C:\games\call of duty black ops 2\t6mp.exe] => (Block) C:\games\call of duty black ops 2\t6mp.exe
FirewallRules: [TCP Query User{DCBCCA72-19D8-4BCF-8D11-1A86F8AD0A08}C:\games\call of duty black ops 2\t6mp.exe] => (Block) C:\games\call of duty black ops 2\t6mp.exe
FirewallRules: [UDP Query User{31B1133B-9794-4CF3-8DCF-CCE805D70449}C:\games\call of duty black ops 2\t6zm.exe] => (Block) C:\games\call of duty black ops 2\t6zm.exe
FirewallRules: [TCP Query User{11F209C1-6B05-4A8E-B90D-0720FA1D433C}C:\games\call of duty black ops 2\t6zm.exe] => (Block) C:\games\call of duty black ops 2\t6zm.exe
FirewallRules: [UDP Query User{8E36807D-41AC-4D5F-88F0-0DCBB184CE3D}C:\games\call of duty black ops 2\t6zmv41.exe] => (Block) C:\games\call of duty black ops 2\t6zmv41.exe
FirewallRules: [TCP Query User{41CC23B5-BF22-44D1-AA73-C896865D6C2C}C:\games\call of duty black ops 2\t6zmv41.exe] => (Block) C:\games\call of duty black ops 2\t6zmv41.exe
FirewallRules: [{416EB33E-29B4-4A3F-B6CB-4161C844C1F6}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{A5C57CE2-8928-4364-997A-0486E7A5D623}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{F22C118E-9435-4DF3-A030-47C5F07C55B1}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{9BFE86C4-DE18-465B-9827-37DB04C276C1}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [UDP Query User{AA58A5F1-0665-4C3B-9CBB-8B41ABCA6EA1}C:\users\isaac\downloads\the.isle.v0.0.0.16\the.isle.v0.0.0.16\theisle\binaries\win64\theisle.exe] => (Allow) C:\users\isaac\downloads\the.isle.v0.0.0.16\the.isle.v0.0.0.16\theisle\binaries\win64\theisle.exe
FirewallRules: [TCP Query User{E95D9CAF-7C59-4586-ADE9-C9DA1B468D58}C:\users\isaac\downloads\the.isle.v0.0.0.16\the.isle.v0.0.0.16\theisle\binaries\win64\theisle.exe] => (Allow) C:\users\isaac\downloads\the.isle.v0.0.0.16\the.isle.v0.0.0.16\theisle\binaries\win64\theisle.exe
FirewallRules: [UDP Query User{F588E3F1-825F-44C8-A363-BEAD0E5978C7}C:\program files (x86)\evolve\bin64_steamretail\evolve.exe] => (Block) C:\program files (x86)\evolve\bin64_steamretail\evolve.exe
FirewallRules: [TCP Query User{5DF09C7B-7E16-41AB-95A6-A9B99DAA50BE}C:\program files (x86)\evolve\bin64_steamretail\evolve.exe] => (Block) C:\program files (x86)\evolve\bin64_steamretail\evolve.exe
FirewallRules: [UDP Query User{E0108642-D976-43BD-951D-48B961F5E817}C:\program files (x86)\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{187E959E-C5D4-44FE-B354-0654DA20B54A}C:\program files (x86)\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{45E29BD9-3DF0-4152-B6B7-08304CE4505A}] => (Allow) C:\Program Files (x86)\Mr DJ\Batman Arkham Knight - Premium Edition\Binaries\Win64\BatmanAK.exe
FirewallRules: [{CE59E5B7-2F58-4E15-885D-87A4F38F57F7}] => (Allow) C:\Program Files (x86)\Mr DJ\Batman Arkham Knight - Premium Edition\Binaries\Win64\BatmanAK.exe
FirewallRules: [UDP Query User{11DDBACE-3E5E-4CEC-A3B3-A2F13A8BD0BC}C:\users\isaac\appdata\roaming\utorrent\updates\3.4.9_43295.exe] => (Allow) C:\users\isaac\appdata\roaming\utorrent\updates\3.4.9_43295.exe
FirewallRules: [TCP Query User{A9C3868A-37DA-491C-8EA6-2E6BE15CBE9C}C:\users\isaac\appdata\roaming\utorrent\updates\3.4.9_43295.exe] => (Allow) C:\users\isaac\appdata\roaming\utorrent\updates\3.4.9_43295.exe
FirewallRules: [UDP Query User{9562D372-B9E8-4B37-9547-568056221E84}C:\users\isaac\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe] => (Allow) C:\users\isaac\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe
FirewallRules: [TCP Query User{4155CFBF-5C91-4649-AFA3-1AB6EA530703}C:\users\isaac\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe] => (Allow) C:\users\isaac\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe
FirewallRules: [UDP Query User{EAE1E346-2437-47F1-8F29-04797A13F316}C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{A42632F3-8B7E-438E-A7EF-24E9BBEC0529}C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{7234A4F3-6AA5-4F2C-8049-E1E8971858D5}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{1A4F3387-09B3-4DD8-8402-4244FBABADC7}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{7D0F696B-D667-4B4B-82AE-6BC87DBC824D}C:\program files\hitbox\win64\hitbox\binaries\win64\boxmanbegins-win64-shipping.exe] => (Allow) C:\program files\hitbox\win64\hitbox\binaries\win64\boxmanbegins-win64-shipping.exe
FirewallRules: [TCP Query User{9C3118AD-9974-4F03-81A5-705137189354}C:\program files\hitbox\win64\hitbox\binaries\win64\boxmanbegins-win64-shipping.exe] => (Allow) C:\program files\hitbox\win64\hitbox\binaries\win64\boxmanbegins-win64-shipping.exe
FirewallRules: [UDP Query User{A7727143-57F1-4D50-8484-29B38B05C767}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [TCP Query User{A7ECC9B5-2AF9-417D-A528-907C581D63E0}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [UDP Query User{A203F285-D2F5-4EFF-A476-DDDB267369AC}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{4DB6B09E-D508-457C-805A-678B3F255E0C}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{F13CEC1D-5D07-4834-BEB2-DF2DE8D0248F}] => (Allow) C:\Program Files (x86)\Mr DJ\Call Of Duty World At War\CoDWaW.exe
FirewallRules: [{66CAB580-19C7-4C29-AE16-3001B29DDF26}] => (Allow) C:\Program Files (x86)\Mr DJ\Call Of Duty World At War\CoDWaW.exe
FirewallRules: [UDP Query User{0D5FD2AC-FFD5-4BD4-B329-D25DAE7DDEAF}C:\users\isaac\appdata\local\temp\i1488427632\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\isaac\appdata\local\temp\i1488427632\windows\resource\jre\bin\javaw.exe
FirewallRules: [TCP Query User{12FB6D71-FEC8-4C5C-8ECE-60A933BD4326}C:\users\isaac\appdata\local\temp\i1488427632\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\isaac\appdata\local\temp\i1488427632\windows\resource\jre\bin\javaw.exe
FirewallRules: [UDP Query User{F3F87258-9551-4B22-B444-8744AB4AC44E}C:\users\isaac\appdata\local\temp\i1488416733\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\isaac\appdata\local\temp\i1488416733\windows\resource\jre\bin\javaw.exe
FirewallRules: [TCP Query User{49BBDB89-17D5-4BE9-A38A-02B6B65B9B7A}C:\users\isaac\appdata\local\temp\i1488416733\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\isaac\appdata\local\temp\i1488416733\windows\resource\jre\bin\javaw.exe
FirewallRules: [UDP Query User{AD7DB89F-1352-40A7-822F-BF96096CA190}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{A4909732-D95C-4D65-9344-AFA13180F0C8}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{EDB20D7D-38DC-4725-9C9C-A6998F437B8C}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{8E5FB4AC-D346-4FA3-A1D3-32C6F49AAA65}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{CA8EBC24-CF55-444A-8FD5-ECDFCA8108C6}C:\program files (x86)\steam\steamapps\common\turbo pug 3d\turbo_pug_3d\binaries\win64\turbo_pug_3d-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\turbo pug 3d\turbo_pug_3d\binaries\win64\turbo_pug_3d-win64-shipping.exe
FirewallRules: [TCP Query User{5B077C52-FD32-4F85-8E6F-AAA444AB805B}C:\program files (x86)\steam\steamapps\common\turbo pug 3d\turbo_pug_3d\binaries\win64\turbo_pug_3d-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\turbo pug 3d\turbo_pug_3d\binaries\win64\turbo_pug_3d-win64-shipping.exe
FirewallRules: [{0B396FFA-4074-48B9-A35B-22CDDBBD3F4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Mega Neo Pug\SuperNeoPug.exe
FirewallRules: [{3EB7792B-B07D-43A7-AFE9-031A516E0762}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Mega Neo Pug\SuperNeoPug.exe
FirewallRules: [{0DD72047-1067-41B9-B503-1C2F52D4A862}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turbo Pug\game.exe
FirewallRules: [{B877C691-545E-4FB2-A077-0E4B88BDAB7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turbo Pug\game.exe
FirewallRules: [{31B01225-610E-4780-A776-F2CFA0EBCC87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hyper color ball\HCB.exe
FirewallRules: [{068C685F-0F17-4C33-9FF0-6A2CF1737CDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hyper color ball\HCB.exe
FirewallRules: [{ACBFA1C0-A818-44FB-9CC7-FA9FD26C7FA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turbo Pug 3D\Turbo Pug 3D.exe
FirewallRules: [{EA67596D-0A33-4CE2-ABDB-C59C85746F7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turbo Pug 3D\Turbo Pug 3D.exe
FirewallRules: [{B35379A2-34B3-46D7-A318-E3FC4830B201}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turbo Pug DX\turbopugDX.exe
FirewallRules: [{0B80D7CA-3A5D-4E5B-A69C-BF59C09454F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turbo Pug DX\turbopugDX.exe
FirewallRules: [UDP Query User{CDFF4E35-F2F0-407A-9EC9-53E4D202811C}C:\program files (x86)\disney infinity 3.0 gold edition\disneyinfinity3.exe] => (Allow) C:\program files (x86)\disney infinity 3.0 gold edition\disneyinfinity3.exe
FirewallRules: [TCP Query User{54903FDD-5283-414A-8232-350E471EE856}C:\program files (x86)\disney infinity 3.0 gold edition\disneyinfinity3.exe] => (Allow) C:\program files (x86)\disney infinity 3.0 gold edition\disneyinfinity3.exe
FirewallRules: [UDP Query User{B8CF2054-F210-4BB3-B40D-71A39FDD9F33}C:\games\conan exiles - barbarian edition\conansandbox\binaries\win64\conansandbox-win64-test.exe] => (Allow) C:\games\conan exiles - barbarian edition\conansandbox\binaries\win64\conansandbox-win64-test.exe
FirewallRules: [TCP Query User{9B0F8A15-D3E4-4C28-9B4B-1F66093A1CFC}C:\games\conan exiles - barbarian edition\conansandbox\binaries\win64\conansandbox-win64-test.exe] => (Allow) C:\games\conan exiles - barbarian edition\conansandbox\binaries\win64\conansandbox-win64-test.exe
FirewallRules: [{C3D44ADF-2661-44B3-8CB8-24A2F858A69F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{7F0C1E36-E28E-486E-A8B7-B433F77F9230}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [UDP Query User{C07098DF-881C-4E0A-B3C3-3D99A6729D88}C:\users\isaac\downloads\dead.by.daylight.v1.3.1d.hotfix.2.inclu.dlc\dead.by.daylight.v1.3.1d.hotfix.2.inclu.dlc\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\users\isaac\downloads\dead.by.daylight.v1.3.1d.hotfix.2.inclu.dlc\dead.by.daylight.v1.3.1d.hotfix.2.inclu.dlc\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{0654569A-58D3-40C1-B759-9662E7191A42}C:\users\isaac\downloads\dead.by.daylight.v1.3.1d.hotfix.2.inclu.dlc\dead.by.daylight.v1.3.1d.hotfix.2.inclu.dlc\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\users\isaac\downloads\dead.by.daylight.v1.3.1d.hotfix.2.inclu.dlc\dead.by.daylight.v1.3.1d.hotfix.2.inclu.dlc\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{1B4F4F78-FFA0-4B03-ADE4-1BBC0ED47D80}C:\users\isaac\downloads\party.panic.v0.9.0.2\party.panic.v0.9.0.2\partypanic.exe] => (Allow) C:\users\isaac\downloads\party.panic.v0.9.0.2\party.panic.v0.9.0.2\partypanic.exe
FirewallRules: [TCP Query User{7E69852E-3102-4901-AC4C-9430D615B0A5}C:\users\isaac\downloads\party.panic.v0.9.0.2\party.panic.v0.9.0.2\partypanic.exe] => (Allow) C:\users\isaac\downloads\party.panic.v0.9.0.2\party.panic.v0.9.0.2\partypanic.exe
FirewallRules: [UDP Query User{DDC90019-876E-4F76-A688-1102B75D3E5C}C:\users\isaac\documents\megasync downloads\gang beasts\gang beasts\gang beasts.exe] => (Allow) C:\users\isaac\documents\megasync downloads\gang beasts\gang beasts\gang beasts.exe
FirewallRules: [TCP Query User{65591276-E12C-449E-836E-E145EB4E3D86}C:\users\isaac\documents\megasync downloads\gang beasts\gang beasts\gang beasts.exe] => (Allow) C:\users\isaac\documents\megasync downloads\gang beasts\gang beasts\gang beasts.exe
FirewallRules: [UDP Query User{6154996B-686E-4760-A2F5-45904101837A}C:\users\isaac\downloads\subnautica3.v43357\subnautica3.v43357\subnautica.exe] => (Allow) C:\users\isaac\downloads\subnautica3.v43357\subnautica3.v43357\subnautica.exe
FirewallRules: [TCP Query User{D120B4BE-5695-4422-8305-EE4E4DF03C96}C:\users\isaac\downloads\subnautica3.v43357\subnautica3.v43357\subnautica.exe] => (Allow) C:\users\isaac\downloads\subnautica3.v43357\subnautica3.v43357\subnautica.exe
FirewallRules: [{1187E4A3-B831-47DD-BD86-E43F6DCE39A3}] => (Allow) C:\Users\isaac\Downloads\BlackDesert_Downloader.exe
FirewallRules: [{73E4F3A3-B28B-4E70-A0D3-CCCEEC3C7C74}] => (Allow) C:\Users\isaac\Downloads\BlackDesert_Launcher.exe
FirewallRules: [{11BBBD04-9484-478E-8E87-1C2F1DEAB775}] => (Allow) C:\Users\isaac\Downloads\bin64\BlackDesert64.exe
FirewallRules: [{41B01CFF-424D-4061-86A4-C58433E411E1}] => (Allow) C:\Users\isaac\Downloads\bin\BlackDesert32.exe
FirewallRules: [{2EB6A31A-470E-492E-9503-7145C2AA0297}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{4AA41F36-BC2D-4D76-A6EA-F2B569AAFE72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [UDP Query User{A907611F-FD21-4870-9B99-E71BC8ED231D}C:\users\isaac\downloads\universe.sandbox.alpha.v19.3a\universe.sandbox.alpha.v19.3a\universe sandbox.exe] => (Allow) C:\users\isaac\downloads\universe.sandbox.alpha.v19.3a\universe.sandbox.alpha.v19.3a\universe sandbox.exe
FirewallRules: [TCP Query User{5F8043B7-2B1B-463C-986F-1F98124979C7}C:\users\isaac\downloads\universe.sandbox.alpha.v19.3a\universe.sandbox.alpha.v19.3a\universe sandbox.exe] => (Allow) C:\users\isaac\downloads\universe.sandbox.alpha.v19.3a\universe.sandbox.alpha.v19.3a\universe sandbox.exe
FirewallRules: [UDP Query User{1921FB67-C270-43B0-B856-4C761F168A21}C:\users\isaac\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\isaac\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DA5A536A-3359-4327-BCC0-1F92243F56A2}C:\users\isaac\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\isaac\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C49D15A5-7253-4C3A-9BA5-04DBDBF51E56}C:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{77F427BE-4FAA-40F9-A7CB-379A19ABAF01}C:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe
FirewallRules: [{B134599C-755B-474F-ABCB-8B3B636A2D6E}] => (Allow) C:\Users\isaac\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C13DB70F-CAE1-45A2-B74F-53366C62B28C}] => (Allow) C:\Users\isaac\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AE991B5B-05E3-442B-A04C-D2EC795C9EBB}] => (Allow) C:\Users\isaac\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94A1A5D3-7CAB-4359-8BAF-00181CB9013A}] => (Allow) C:\Users\isaac\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F9290B9E-3DF6-4361-B06F-33BEBEE06581}] => (Allow) C:\Users\isaac\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{020B6AD6-4609-40C8-B9DD-C527ABCBDDD8}] => (Allow) C:\Users\isaac\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{A9774EB6-8CC4-41C4-8914-C9E8D786FBE8}C:\users\isaac\documents\megasync downloads\dragonballunrealdemo\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\isaac\documents\megasync downloads\dragonballunrealdemo\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{42C44E03-570C-4CEC-9D12-0CD6B682BE4F}C:\users\isaac\documents\megasync downloads\dragonballunrealdemo\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\isaac\documents\megasync downloads\dragonballunrealdemo\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{B4D8AD40-915B-4EF9-A8A2-B1AAD81B82AA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{A562FD80-4BCE-4403-9A9C-C04524E672F7}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{F2632DA4-7F11-4DA1-A8CD-DDBDD639B700}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{0A5A4152-C1A1-4DDF-8FAC-10DA7711E665}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{36ED086A-1381-4899-A9FA-718ECA144EFB}] => (Allow) C:\Users\isaac\Downloads\BlackDesert_Downloader.exe
FirewallRules: [{7E97839F-8F7D-4F12-9485-87A9412F9163}] => (Allow) C:\Users\isaac\Downloads\BlackDesert_Launcher.exe
FirewallRules: [{E6F15EAD-659C-4CEE-AA6E-B1FD7F570DEB}] => (Allow) C:\Users\isaac\Downloads\bin64\BlackDesert64.exe
FirewallRules: [{601C6831-77F1-4F7D-A264-E58F9D93044B}] => (Allow) C:\Users\isaac\Downloads\bin\BlackDesert32.exe
FirewallRules: [{331A089C-6939-43AF-A258-2E4F0776BF3C}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{56EA3C13-E969-4981-9F1A-5618D25D3274}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [UDP Query User{C473E98E-DD48-4EBA-9F32-8A1B439A9B5B}C:\users\isaac\documents\megasync downloads\portal.knights\portal.knights\portal_knights_x64.exe] => (Allow) C:\users\isaac\documents\megasync downloads\portal.knights\portal.knights\portal_knights_x64.exe
FirewallRules: [TCP Query User{56E2561E-F563-43BB-BF88-92A979375FE1}C:\users\isaac\documents\megasync downloads\portal.knights\portal.knights\portal_knights_x64.exe] => (Allow) C:\users\isaac\documents\megasync downloads\portal.knights\portal.knights\portal_knights_x64.exe
FirewallRules: [UDP Query User{BF97B851-B09B-452B-AE44-BB0560DEB164}C:\users\isaac\documents\megasync downloads\paint the town red\paintthetownred\paintthetownred.exe] => (Allow) C:\users\isaac\documents\megasync downloads\paint the town red\paintthetownred\paintthetownred.exe
FirewallRules: [TCP Query User{5AE4DC1A-D403-482B-A55D-80A3AB9B4B56}C:\users\isaac\documents\megasync downloads\paint the town red\paintthetownred\paintthetownred.exe] => (Allow) C:\users\isaac\documents\megasync downloads\paint the town red\paintthetownred\paintthetownred.exe
FirewallRules: [UDP Query User{468E4894-BC17-43B0-8728-FF51EF31DD04}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{4965576D-E73C-40BC-BC98-7DBAF6E6E98F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{673E8F9E-A5D2-4219-84E6-813A00E4409A}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\Cross\Apps\CQS\QTalk\Bin\QTalk.exe
FirewallRules: [{A2E17BDC-C956-4FE9-94C2-701DAC1134E6}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\Cross\Apps\CQS\QTalk\Bin\QTalk.exe
FirewallRules: [{DED040B0-5FDE-4A49-80E5-3F1725712040}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\Cross\Apps\CQS\QTalk\Bin\QTalk.exe
FirewallRules: [{E3C9BED7-AFE4-4F55-98DE-DCFA9EBB5A68}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\Cross\Apps\CQS\QTalk\Bin\QTalk.exe
FirewallRules: [{A1760559-A21C-41EA-97F3-4381C69DFA8A}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\Cross\Apps\NBAPP\QT\Bin\QTalk.exe
FirewallRules: [{1F310AFF-9D12-447D-9692-AFAFCF5B7F85}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\Cross\Apps\NBAPP\QT\Bin\QTalk.exe
FirewallRules: [{E740D701-075D-44FC-B985-EF09E43D267E}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\Cross\Apps\NBAPP\QT\Bin\QTalk.exe
FirewallRules: [{D080832D-E51A-4837-92D4-F325F6ACBBFC}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\Cross\Apps\NBAPP\QT\Bin\QTalk.exe
FirewallRules: [{59900871-2B36-4C7D-BAB4-96048E9F1956}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\Cross\CrossProxy.exe
FirewallRules: [{F4F11C03-9346-4D9F-821A-76FC8E4E862D}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\Cross\CrossProxy.exe
FirewallRules: [{752C2F6D-68D3-42FC-9FB5-2759F6E509B2}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\Cross\CrossProxy.exe
FirewallRules: [{589F694A-00B4-4E07-9F58-9F007A6FEBA2}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\Cross\CrossProxy.exe
FirewallRules: [UDP Query User{63A860ED-F629-43F1-B428-AB8E310CD840}C:\program files\腾讯游戏\使命召唤online\codomp_client_shipretail.exe] => (Allow) C:\program files\腾讯游戏\使命召唤online\codomp_client_shipretail.exe
FirewallRules: [TCP Query User{D8233648-211E-494E-9448-C0AE2C891A6C}C:\program files\腾讯游戏\使命召唤online\codomp_client_shipretail.exe] => (Allow) C:\program files\腾讯游戏\使命召唤online\codomp_client_shipretail.exe
FirewallRules: [{A33EDE10-016D-463A-A30D-97B6DFE82FFA}] => (Allow) C:\Users\isaac\AppData\Roaming\QB\9.4.8071.400\qqbrowser.exe
FirewallRules: [{F38C34ED-75F6-47C6-AD5C-60E9131B0DA4}] => (Allow) C:\Users\isaac\AppData\Roaming\QB\9.4.8071.400\qqbrowser.exe
FirewallRules: [{7C6D1F20-6D6C-48BF-BA66-7D8F3822AFE6}] => (Allow) C:\Users\isaac\AppData\Roaming\QB\BugReport.exe
FirewallRules: [{65A715C5-1E94-46BF-B419-FFC93B8343E9}] => (Allow) C:\Users\isaac\AppData\Roaming\QB\BugReport.exe
FirewallRules: [{5A80E4C8-E6DE-4D86-9FF2-125F0D189C34}] => (Allow) C:\Users\isaac\AppData\Roaming\QB\QQBrowser.exe
FirewallRules: [{94196D0F-6BE0-40D1-86E1-4F463729DE4A}] => (Allow) C:\Users\isaac\AppData\Roaming\QB\QQBrowser.exe
FirewallRules: [UDP Query User{E5A8B9A5-5C88-4450-B1BB-0988E3497BAA}C:\users\isaac\appdata\local\temp\commongamedownloader\268_1486967239_20903\teniodl.exe] => (Allow) C:\users\isaac\appdata\local\temp\commongamedownloader\268_1486967239_20903\teniodl.exe
FirewallRules: [TCP Query User{6E87EE94-F5D5-44B9-9BC5-DD92643D6720}C:\users\isaac\appdata\local\temp\commongamedownloader\268_1486967239_20903\teniodl.exe] => (Allow) C:\users\isaac\appdata\local\temp\commongamedownloader\268_1486967239_20903\teniodl.exe
FirewallRules: [{B94F4A9F-2808-43A4-A73D-8656A0E65B14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{B91099A9-165A-499B-B707-AFA5EE5F84A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{7461595D-35F4-4C73-A7FF-97B8A4F7089F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe
FirewallRules: [{7554F80D-9183-4F0F-8C01-96771ACB501C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe
FirewallRules: [{CDA1764B-EA83-4D40-AC14-27BC3082B623}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{339B258D-03F5-4D95-B1C7-E2DC69130879}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A726B3E2-C3FD-48DA-A750-7953064DF57B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{064DA235-0C68-4E0B-94E8-5FB61A69953D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EE1A9E4E-9C7C-46B6-B551-9804FAFB84E7}] => (Allow) C:\Steam\Steam.exe
FirewallRules: [{C987F380-C21F-447B-84FB-C36C83FB2442}] => (Allow) C:\Steam\Steam.exe
FirewallRules: [{3F9A337A-0177-43D1-96FC-DB01FCEC74B1}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C75F78BB-DDF1-4508-8C2D-C053CE24E149}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8A0ACF14-77E8-4C2C-B958-7299A71AB7C4}] => (Allow) C:\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{D7073629-D5F1-4744-AE4E-AE27860C6D5B}] => (Allow) C:\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{CB2CD490-9933-4DB6-B4F3-EC86A3427ED0}] => (Allow) C:\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{070C6E3A-F5BC-4C5E-A56F-5500FA49C69B}] => (Allow) C:\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [TCP Query User{904F87B8-76DA-4F71-ADB3-2458DA56C342}C:\gog games\dying light\dyinglightgame.exe] => (Allow) C:\gog games\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{70BDCC2C-00FB-4F03-8A7A-626371A6E107}C:\gog games\dying light\dyinglightgame.exe] => (Allow) C:\gog games\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{E3E0446D-968C-4A47-99A5-434CA7F4C88C}C:\games\sxt\sftk.exe] => (Allow) C:\games\sxt\sftk.exe
FirewallRules: [UDP Query User{6EF5C9B6-728C-4932-B162-3698C98A18D2}C:\games\sxt\sftk.exe] => (Allow) C:\games\sxt\sftk.exe
FirewallRules: [{A61D1039-2969-44D4-8A25-719BA60988AF}] => (Allow) C:\Steam\steamapps\common\MirageAWTest\TBL-Win64-Shipping.exe
FirewallRules: [{01F1F43E-9AC7-4064-A756-6125C7733DBE}] => (Allow) C:\Steam\steamapps\common\MirageAWTest\TBL-Win64-Shipping.exe
FirewallRules: [TCP Query User{E2AFE8FF-290E-4D5F-A57B-BDD4A24C6CE0}C:\steam\steamapps\common\mirageawtest\tbl\binaries\win64\tbl-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\mirageawtest\tbl\binaries\win64\tbl-win64-shipping.exe
FirewallRules: [UDP Query User{A4A78BE4-EDF6-4347-898D-136985C2DF74}C:\steam\steamapps\common\mirageawtest\tbl\binaries\win64\tbl-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\mirageawtest\tbl\binaries\win64\tbl-win64-shipping.exe
FirewallRules: [{38FE06B9-77E3-4BCC-A924-304927D6DAD4}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{7F6D92E5-F6A5-4F7E-9041-45B817B7E1E1}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{03BD0438-8099-4E6F-9F96-D435FF7FDF24}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{6E7F59C9-3210-45C7-9AF9-7ACB9F024DE6}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{A7BF9C10-BEF9-4C2E-9984-85D0EFC97D0A}C:\users\isaac\documents\megasync downloads\dead cells (early access)\dead cells (early access)\deadcells.exe] => (Allow) C:\users\isaac\documents\megasync downloads\dead cells (early access)\dead cells (early access)\deadcells.exe
FirewallRules: [UDP Query User{192502A8-C4BC-4FA5-9F07-145143B02730}C:\users\isaac\documents\megasync downloads\dead cells (early access)\dead cells (early access)\deadcells.exe] => (Allow) C:\users\isaac\documents\megasync downloads\dead cells (early access)\dead cells (early access)\deadcells.exe
FirewallRules: [TCP Query User{51111726-6A95-4822-86A4-5DD3198A7A8E}C:\users\isaac\downloads\nazizombies\executable\[bleep] zombies 2d.exe] => (Allow) C:\users\isaac\downloads\nazizombies\executable\[bleep] zombies 2d.exe
FirewallRules: [UDP Query User{0ECCD926-5BC2-4584-91D7-27CEEBB0447C}C:\users\isaac\downloads\nazizombies\executable\[bleep] zombies 2d.exe] => (Allow) C:\users\isaac\downloads\nazizombies\executable\[bleep] zombies 2d.exe
FirewallRules: [TCP Query User{EE7D2699-A829-4E76-B0E3-C388CBCA38A0}C:\users\isaac\downloads\slime.rancher.v0.5.1c\slime.rancher.v0.5.1c\x64\slimerancher.exe] => (Allow) C:\users\isaac\downloads\slime.rancher.v0.5.1c\slime.rancher.v0.5.1c\x64\slimerancher.exe
FirewallRules: [UDP Query User{F5623CC1-0BA5-410D-8769-33A3941790D8}C:\users\isaac\downloads\slime.rancher.v0.5.1c\slime.rancher.v0.5.1c\x64\slimerancher.exe] => (Allow) C:\users\isaac\downloads\slime.rancher.v0.5.1c\slime.rancher.v0.5.1c\x64\slimerancher.exe
FirewallRules: [TCP Query User{83ADF228-17D4-4453-B39C-68C9454E48E8}C:\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe
FirewallRules: [UDP Query User{9FDE2C2A-72C2-4895-BA17-79B0C9CE276D}C:\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe
FirewallRules: [{3C3EA9BC-E663-4F22-9F8D-53D4280D32BD}] => (Allow) C:\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{56AFF231-DF48-49B4-9F2B-07B666D8987A}] => (Allow) C:\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{108A5EBF-7852-4B72-BCA2-878DDDF3C843}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{26D16FDD-B851-46FE-B3A5-79C73BDF816A}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{A260A0AF-DD98-4221-9EE5-2255A4AB6EF2}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{E6C996EB-0344-40E8-93C6-F923A7323571}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{E3EA5A7B-1272-4EA1-A943-8F1133E32A1A}] => (Allow) C:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{97C7C567-53C0-4B2B-B8A0-81A9BA744C00}] => (Allow) C:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{AB0450CE-071A-4288-9A0B-63DC328B85C5}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5D03AB23-C170-4212-8E15-B79DB1B71CC8}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{7AEFADB8-2A0E-4007-AC65-2C272535DD7F}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{27F44565-06FB-4AF6-B309-6CB6935F02BA}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{688740E4-3301-45C5-B975-74DAAECB936F}] => (Allow) C:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{B1DBD038-2EDB-4BD1-8B4F-06199DCA146A}] => (Allow) C:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{CC04BD37-E545-48D4-814A-84596867636E}] => (Allow) C:\Nexon\Library\combatarms\appdata\NMService.exe
FirewallRules: [{143594B8-EB36-445A-82EA-672312C2B3FA}] => (Allow) C:\Nexon\Library\combatarms\appdata\NMService.exe
FirewallRules: [TCP Query User{7D90947B-46E7-4638-8944-387683F9FB86}C:\nexon\library\combatarms\appdata\engine.exe] => (Allow) C:\nexon\library\combatarms\appdata\engine.exe
FirewallRules: [UDP Query User{5A9956E8-34EF-4B3F-AF9B-CE39E346DB17}C:\nexon\library\combatarms\appdata\engine.exe] => (Allow) C:\nexon\library\combatarms\appdata\engine.exe
FirewallRules: [{B0340964-48ED-48F1-8C92-B13799D945F2}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
FirewallRules: [{3107D872-5F92-4076-B08C-FE51ADD5DBC0}] => (Allow) C:\Steam\steamapps\common\BrainOut\bin\javaw.exe
FirewallRules: [{2B40ED67-338E-4C3E-ABED-502ACF6A4597}] => (Allow) C:\Steam\steamapps\common\BrainOut\bin\javaw.exe
FirewallRules: [{B3DA04D8-17A3-4806-80C0-D1B8099883E4}] => (Allow) C:\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{901C8ED7-1DCD-4DB7-B99A-E06035A5DDEB}] => (Allow) C:\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{8DE49108-95BF-4FB1-8C1F-B030CAAD0A90}] => (Allow) C:\Program Files\腾讯游戏\使命召唤Online\TCLS\plugins\TCLSUPDATE.EXE
FirewallRules: [{39D0A083-9C4E-4E04-9715-27348F85563C}] => (Allow) C:\Program Files (x86)\Carley\financiere.exe
FirewallRules: [{6BD71820-C6E1-4CB9-A16F-DC25B218248C}] => (Allow) C:\Program Files (x86)\Goldmans\financiere.exe
FirewallRules: [{98507192-E288-406C-AE58-1318836F3398}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{EA716DFC-62B3-47C8-9A5B-32CE207FDF11}] => (Allow) C:\Users\isaac\AppData\Roaming\GreenDawn\greendawn.exe
FirewallRules: [{88324CBA-6578-4E4E-A848-2EA57C43A5E5}] => (Allow) C:\Users\isaac\AppData\Roaming\GreenDawn\greendawn.exe
FirewallRules: [{247D57DD-EA5E-4B45-BE15-B2B428127635}] => (Allow) C:\Users\isaac\AppData\Local\yc\Application\yc.exe
FirewallRules: [TCP Query User{816A8AB5-BDD0-4F05-AEF3-4ABA737FD4F4}C:\tvotd79.tmp\taskhostis.exe] => (Block) C:\tvotd79.tmp\taskhostis.exe
FirewallRules: [UDP Query User{FF61C8DE-E0F7-48C8-949C-0A2BD400D847}C:\tvotd79.tmp\taskhostis.exe] => (Block) C:\tvotd79.tmp\taskhostis.exe
FirewallRules: [TCP Query User{3A49971C-7B45-480D-9ED5-70656A8F0FCB}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{32B5D050-DE9D-4B99-A618-ECAD5C06D654}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{556F3A85-896A-437E-8DE9-0F950170CD8B}] => (Allow) C:\Steam\steamapps\common\RPG MO\nw.exe
FirewallRules: [{495C0270-30A3-4666-AE1E-B63362E903BF}] => (Allow) C:\Steam\steamapps\common\RPG MO\nw.exe
FirewallRules: [TCP Query User{902DE269-B7E6-4396-B2FF-EBC96236D9BB}C:\users\isaac\documents\megasync downloads\absolver.beta\absolver.beta\theplaines\binaries\win64\theplaines-win64-shipping.exe] => (Allow) C:\users\isaac\documents\megasync downloads\absolver.beta\absolver.beta\theplaines\binaries\win64\theplaines-win64-shipping.exe
FirewallRules: [UDP Query User{C31755F7-B949-4F00-8BAB-65D2BCC721FE}C:\users\isaac\documents\megasync downloads\absolver.beta\absolver.beta\theplaines\binaries\win64\theplaines-win64-shipping.exe] => (Allow) C:\users\isaac\documents\megasync downloads\absolver.beta\absolver.beta\theplaines\binaries\win64\theplaines-win64-shipping.exe
FirewallRules: [TCP Query User{8FD98EC6-08D2-4A5B-BF9D-D7E51871D5D3}C:\users\isaac\documents\megasync downloads\hero siege\hero siege\hero_siege.exe] => (Allow) C:\users\isaac\documents\megasync downloads\hero siege\hero siege\hero_siege.exe
FirewallRules: [UDP Query User{0F8B9029-8AFD-483D-9421-829619809684}C:\users\isaac\documents\megasync downloads\hero siege\hero siege\hero_siege.exe] => (Allow) C:\users\isaac\documents\megasync downloads\hero siege\hero siege\hero_siege.exe
FirewallRules: [TCP Query User{F8271191-B67E-499B-AB93-2851386B1BA1}C:\users\isaac\appdata\local\temp\ixp000.tmp\youtubers clicker pc.exe] => (Allow) C:\users\isaac\appdata\local\temp\ixp000.tmp\youtubers clicker pc.exe
FirewallRules: [UDP Query User{AE5AA9DA-6195-46E8-9779-F5BFF73B11EF}C:\users\isaac\appdata\local\temp\ixp000.tmp\youtubers clicker pc.exe] => (Allow) C:\users\isaac\appdata\local\temp\ixp000.tmp\youtubers clicker pc.exe
FirewallRules: [TCP Query User{5C6647AF-DA92-445B-BF6A-97FAC7051234}C:\steam\steamapps\common\absolver\absolver\binaries\win64\absolver-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\absolver\absolver\binaries\win64\absolver-win64-shipping.exe
FirewallRules: [UDP Query User{C6C5A2BA-966D-4CA2-8E99-E9B7E9F94837}C:\steam\steamapps\common\absolver\absolver\binaries\win64\absolver-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\absolver\absolver\binaries\win64\absolver-win64-shipping.exe
FirewallRules: [{3978A998-D677-4847-A358-C4317C3029F3}] => (Allow) L:\new cs bb\QYZ8NtQAGeCgkQDjwo.exe
FirewallRules: [{37389906-A72D-4230-8947-3CED6159A951}] => (Allow) L:\new cs bb\QYZ8NtQAGeCgkQDjwo.exe
FirewallRules: [{D6188EDB-E798-4664-9BB6-175BF9695F45}] => (Allow) L:\new cs bb\QYZ8NtQAGeCgkQDjwo.exe
FirewallRules: [{B3A4528A-0B25-4D3A-890D-16F02B9F0D82}] => (Allow) L:\new cs bb\QYZ8NtQAGeCgkQDjwo.exe
FirewallRules: [TCP Query User{BFF78393-4405-4B60-83DF-AC1CDB51A214}C:\users\isaac\downloads\for.the.king.v1.1.09\for.the.king.v1.1.09\ftk.exe] => (Allow) C:\users\isaac\downloads\for.the.king.v1.1.09\for.the.king.v1.1.09\ftk.exe
FirewallRules: [UDP Query User{EC3E41AB-E70F-4D43-B5BF-842F8348FCC3}C:\users\isaac\downloads\for.the.king.v1.1.09\for.the.king.v1.1.09\ftk.exe] => (Allow) C:\users\isaac\downloads\for.the.king.v1.1.09\for.the.king.v1.1.09\ftk.exe
FirewallRules: [TCP Query User{0E695C22-DD9C-45E9-AEA0-04D3966D9658}C:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{60C9C96F-3304-4DD5-B74D-17390CB5147C}C:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{A1EB4DC7-C255-4DF7-B83C-B34FB4C13F11}C:\gog games\absolver\absolver\binaries\win64\absolver-win64-shipping.exe] => (Allow) C:\gog games\absolver\absolver\binaries\win64\absolver-win64-shipping.exe
FirewallRules: [UDP Query User{AA72D564-00CE-4ED1-92B4-016B1BA469B5}C:\gog games\absolver\absolver\binaries\win64\absolver-win64-shipping.exe] => (Allow) C:\gog games\absolver\absolver\binaries\win64\absolver-win64-shipping.exe
FirewallRules: [{69C2E726-E8FE-460E-BDA0-3AD15C082DBB}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [TCP Query User{6271F405-776A-4E28-A02E-357CB618454B}C:\users\isaac\documents\megasync downloads\super.fancy.pants.adventure\super.fancy.pants.adventure\super fancy pants adventure\sfpa.exe] => (Allow) C:\users\isaac\documents\megasync downloads\super.fancy.pants.adventure\super.fancy.pants.adventure\super fancy pants adventure\sfpa.exe
FirewallRules: [UDP Query User{CA850A68-1F22-4A78-A912-53681B8C61A7}C:\users\isaac\documents\megasync downloads\super.fancy.pants.adventure\super.fancy.pants.adventure\super fancy pants adventure\sfpa.exe] => (Allow) C:\users\isaac\documents\megasync downloads\super.fancy.pants.adventure\super.fancy.pants.adventure\super fancy pants adventure\sfpa.exe
FirewallRules: [{6258F6C4-C4A5-42F4-A4CE-1A57071E04E9}] => (Allow) C:\Users\isaac\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{4ED32164-F465-4AE9-A170-1F86F6C6A534}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B2F0E79E-6721-49C4-98FA-4AAF8E077B0E}] => (Allow) C:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4753A2E8-1ED0-4902-B45E-5D5AAE271A21}] => (Allow) C:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{0A7461FB-4239-4463-A4A3-1EE8826216B3}C:\users\isaac\documents\megasync downloads\on.a.roll.crack.fxied\on.a.roll.crack.fxied\on a roll\on a roll.exe] => (Block) C:\users\isaac\documents\megasync downloads\on.a.roll.crack.fxied\on.a.roll.crack.fxied\on a roll\on a roll.exe
FirewallRules: [UDP Query User{86613279-4849-4962-BC3F-F2705F2C2962}C:\users\isaac\documents\megasync downloads\on.a.roll.crack.fxied\on.a.roll.crack.fxied\on a roll\on a roll.exe] => (Block) C:\users\isaac\documents\megasync downloads\on.a.roll.crack.fxied\on.a.roll.crack.fxied\on a roll\on a roll.exe
FirewallRules: [{5E8D4460-671D-457B-994B-1304DB36810A}] => (Allow) C:\Program Files\Opera\48.0.2685.35\opera.exe
FirewallRules: [{1A710151-6B80-4881-BF38-E4881023AB9B}] => (Allow) C:\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe
FirewallRules: [{AC48222F-4F51-4BF0-B248-1F5F19478ECD}] => (Allow) C:\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe
FirewallRules: [{D4F266F4-2410-4121-9856-F8FE9B3E848E}] => (Allow) C:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{09FD5611-7352-4947-99FC-4A7E5752E6DF}] => (Allow) C:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{D73DCA85-AF65-4B64-8202-68E25187E72A}] => (Allow) C:\Program Files\Opera\48.0.2685.39\opera.exe
FirewallRules: [{0C0357C3-8140-4516-A0E5-98298C34B245}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{EA819900-7EB2-4C3D-8551-74F671DF677B}] => (Allow) C:\Windows\System32\rundll32.exe
 
==================== Restore Points =========================
 
04-11-2017 10:57:33 Scheduled Checkpoint
06-11-2017 00:24:48 Installed Razer Synapse.
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/06/2017 01:16:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IntelTechnologyAccessService.exe, version: 1.9.5.68, time stamp: 0x57f550f5
Faulting module name: KERNELBASE.dll, version: 10.0.15063.674, time stamp: 0x93d2100b
Exception code: 0x40000015
Fault offset: 0x0000000000069e08
Faulting process id: 0xd20
Faulting application start time: 0x01d35722e4a7eb16
Faulting application path: C:\Program Files\Intel\Intel® Online Connect Access\IntelTechnologyAccessService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: f8713dfb-d3cf-48e9-81e1-dee864338e99
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/06/2017 01:16:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LegacyCsLoaderService.exe, version: 1.9.5.68, time stamp: 0x57f5510a
Faulting module name: KERNELBASE.dll, version: 10.0.15063.674, time stamp: 0x93d2100b
Exception code: 0x40000015
Fault offset: 0x0000000000069e08
Faulting process id: 0x2c90
Faulting application start time: 0x01d35722e49b35b2
Faulting application path: C:\Program Files\Intel\Intel® Online Connect Access\LegacyCsLoaderService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: ba528d86-dd2e-492b-82bd-1275ac988ff7
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/06/2017 11:15:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LegacyCsLoaderService.exe, version: 1.9.5.68, time stamp: 0x57f5510a
Faulting module name: KERNELBASE.dll, version: 10.0.15063.674, time stamp: 0x93d2100b
Exception code: 0x40000015
Fault offset: 0x0000000000069e08
Faulting process id: 0x16e8
Faulting application start time: 0x01d357121444da94
Faulting application path: C:\Program Files\Intel\Intel® Online Connect Access\LegacyCsLoaderService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 0a0a60ff-4bc6-4dff-9aaa-b678070ead18
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/06/2017 11:15:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IntelTechnologyAccessService.exe, version: 1.9.5.68, time stamp: 0x57f550f5
Faulting module name: KERNELBASE.dll, version: 10.0.15063.674, time stamp: 0x93d2100b
Exception code: 0x40000015
Fault offset: 0x0000000000069e08
Faulting process id: 0x1b04
Faulting application start time: 0x01d3571213face82
Faulting application path: C:\Program Files\Intel\Intel® Online Connect Access\IntelTechnologyAccessService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: fb7ddc81-9881-4114-8dba-9d0d65add912
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/06/2017 09:15:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LegacyCsLoaderService.exe, version: 1.9.5.68, time stamp: 0x57f5510a
Faulting module name: KERNELBASE.dll, version: 10.0.15063.674, time stamp: 0x93d2100b
Exception code: 0x40000015
Fault offset: 0x0000000000069e08
Faulting process id: 0x1fc4
Faulting application start time: 0x01d357014dc5522c
Faulting application path: C:\Program Files\Intel\Intel® Online Connect Access\LegacyCsLoaderService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: ca537dcb-78ef-41c0-9af1-b51f64a35dd4
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/06/2017 09:15:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IntelTechnologyAccessService.exe, version: 1.9.5.68, time stamp: 0x57f550f5
Faulting module name: KERNELBASE.dll, version: 10.0.15063.674, time stamp: 0x93d2100b
Exception code: 0x40000015
Fault offset: 0x0000000000069e08
Faulting process id: 0x2eb8
Faulting application start time: 0x01d357014ae4d0fc
Faulting application path: C:\Program Files\Intel\Intel® Online Connect Access\IntelTechnologyAccessService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 71c02fa3-6852-4cdb-9cb7-918e25e42e2d
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/06/2017 07:15:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LegacyCsLoaderService.exe, version: 1.9.5.68, time stamp: 0x57f5510a
Faulting module name: KERNELBASE.dll, version: 10.0.15063.674, time stamp: 0x93d2100b
Exception code: 0x40000015
Fault offset: 0x0000000000069e08
Faulting process id: 0x818
Faulting application start time: 0x01d356f079dae061
Faulting application path: C:\Program Files\Intel\Intel® Online Connect Access\LegacyCsLoaderService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 50dd138e-bda2-4553-88ee-b88988900d24
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/06/2017 07:15:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IntelTechnologyAccessService.exe, version: 1.9.5.68, time stamp: 0x57f550f5
Faulting module name: KERNELBASE.dll, version: 10.0.15063.674, time stamp: 0x93d2100b
Exception code: 0x40000015
Fault offset: 0x0000000000069e08
Faulting process id: 0x1b18
Faulting application start time: 0x01d356f07a466d5a
Faulting application path: C:\Program Files\Intel\Intel® Online Connect Access\IntelTechnologyAccessService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: b3207a19-827b-4ab6-b98f-e12d8177ed77
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/06/2017 05:14:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IntelTechnologyAccessService.exe, version: 1.9.5.68, time stamp: 0x57f550f5
Faulting module name: KERNELBASE.dll, version: 10.0.15063.674, time stamp: 0x93d2100b
Exception code: 0x40000015
Fault offset: 0x0000000000069e08
Faulting process id: 0x5f4
Faulting application start time: 0x01d356dfae17dd81
Faulting application path: C:\Program Files\Intel\Intel® Online Connect Access\IntelTechnologyAccessService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: cfcee80a-fba5-42fd-aeb9-62f9322712b0
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/06/2017 05:14:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LegacyCsLoaderService.exe, version: 1.9.5.68, time stamp: 0x57f5510a
Faulting module name: KERNELBASE.dll, version: 10.0.15063.674, time stamp: 0x93d2100b
Exception code: 0x40000015
Fault offset: 0x0000000000069e08
Faulting process id: 0x1f58
Faulting application start time: 0x01d356dfa2c2f71c
Faulting application path: C:\Program Files\Intel\Intel® Online Connect Access\LegacyCsLoaderService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 911311ad-8a87-4d12-9989-42fd79783bc3
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (11/06/2017 02:19:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: 9WZDNCRFJ26J-GAMELOFTSA.Asphalt8Airborne.
 
Error: (11/06/2017 02:19:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: 9WZDNCRFJ26J-GAMELOFTSA.Asphalt8Airborne.
 
Error: (11/06/2017 02:18:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: 9WZDNCRFJ26J-GAMELOFTSA.Asphalt8Airborne.
 
Error: (11/06/2017 02:17:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: 9WZDNCRFJ26J-GAMELOFTSA.Asphalt8Airborne.
 
Error: (11/06/2017 02:17:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: 9WZDNCRFJ26J-GAMELOFTSA.Asphalt8Airborne.
 
Error: (11/06/2017 02:16:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: 9WZDNCRFJ26J-GAMELOFTSA.Asphalt8Airborne.
 
Error: (11/06/2017 01:16:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® Online Connect Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (11/06/2017 01:16:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® Online Connect Access Legacy CS Loader service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (11/06/2017 11:15:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® Online Connect Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (11/06/2017 11:15:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® Online Connect Access Legacy CS Loader service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
 
CodeIntegrity:
===================================
  Date: 2017-11-05 18:30:18.559
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.256.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-11-05 18:30:18.552
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.256.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-11-05 18:30:18.545
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.256.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-11-05 18:30:18.539
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.256.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-11-05 18:30:18.533
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.256.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-11-05 18:30:18.526
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.256.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-11-05 18:30:13.494
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.256.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-11-05 18:30:13.480
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.256.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-11-05 18:30:13.455
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.256.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-11-05 18:30:13.448
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.256.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 59%
Total physical RAM: 8093.61 MB
Available physical RAM: 3295.99 MB
Total Virtual: 25501.61 MB
Available Virtual: 18763.3 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:920.85 GB) (Free:380.25 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 713ACF5D)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

  • 0

#4
LiquidTension
Posted 07 November 2017 - 04:49 AM

LiquidTension

    Expert

  • Expert
  • 1,151 posts

Hello,
 
This computer is badly compromised. Please refer to the warning below.
 

Backdoor Warning
 
One or more of the identified malware is known to use a backdoor, that allows attackers to remotely control your computer, download/execute files and steal critical system, financial and personal information.

It is strongly recommended to disconnect the computer from the Internet immediately. If your computer was used for online banking, has credit card information or other sensitive data, using a non-compromised computer/device you should immediately change all account information (including those used for banking, email, eBay, PayPal, online forums, etc). Consider these accounts likely compromised.

If you have used a router, you will need to reset it with a strong logon/password to ensure the malware cannot gain control before connecting again. Banking and credit card institutions should be notified of the possible security breach immediately. Please read the following for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Whilst the identified malware can be removed, there is no way to guarantee that your computer will be trustworthy again. This is due to the nature of the malware, which allows the attacker complete control over the computer. Many experts in the security community believe that once compromised with this type of malware, the best course of action is to reformat the hard drive and reinstall the Operating System. Please read the following articles for more information.

 
Unfortunately, this is likely due to your excessive use of cracked/pirated software, which is a common attack vector authors/distributors use to spread malware. Based on the state of the machine, the recommended course of action is to reinstall Windows.
 
If you would prefer not to reinstall Windows and proceed with cleaning the machine, please refer to the warning and instructions below.
 

Cracked Software Warning
 
One or more of the identified malware is likely a result of downloading cracked/pirated software. Participating in the use of such software is a significant security risk; your compromised computer is evidence of this. At Geeks to Go, we do not approve of nor support illegal software.

Malware authors promote and release cracked software to spread their malware. I strongly recommend you refrain from participating in this activity; your computer will likely be re-compromised otherwise.

Continuing in this practice will ensure your computer is continuously susceptible to malware, exposure of personal information and identity theft. Please read the following articles for more information.

I am prepared to continue providing assistance as long as you agree to remove all traces of cracked software immediately. This includes any cracks in the form of an installed program and the large number of files spread throughout the computer (Desktop, Downloads folder, etc).

 
Once the software/files have been removed, please carry out the following instructions.
 
XrDFflh.png CKScanner

  • Please download CKScanner and save the file to your Desktop.
  • Right-Click CKScanner.exe and select AVOiBNU.jpg Run as administrator to run the program.
  • Note: Please run this program only once.
  • Click Search For Files.
  • Upon completion, click Save List To File.
  • A message box will verify the file saved.
  • A log (ckfiles.txt) will be created on your DesktopCopy the contents of the log and paste in your next reply.
     

Afterwards, please rerun the FRST64.exe file found on your Desktop. Ensure the Addition.txt checkbox is left as checked and click the Scan button. This will generate fresh diagnostic logs named FRST.txt and Addition.txt on your Desktop. Please copy and paste both into your reply as well.


  • 0

#5
TheMonkeyKingYT
Posted 07 November 2017 - 05:15 PM

TheMonkeyKingYT

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Hello,
 
This computer is badly compromised. Please refer to the warning below.
 

Backdoor Warning
 
One or more of the identified malware is known to use a backdoor, that allows attackers to remotely control your computer, download/execute files and steal critical system, financial and personal information.

It is strongly recommended to disconnect the computer from the Internet immediately. If your computer was used for online banking, has credit card information or other sensitive data, using a non-compromised computer/device you should immediately change all account information (including those used for banking, email, eBay, PayPal, online forums, etc). Consider these accounts likely compromised.

If you have used a router, you will need to reset it with a strong logon/password to ensure the malware cannot gain control before connecting again. Banking and credit card institutions should be notified of the possible security breach immediately. Please read the following for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Whilst the identified malware can be removed, there is no way to guarantee that your computer will be trustworthy again. This is due to the nature of the malware, which allows the attacker complete control over the computer. Many experts in the security community believe that once compromised with this type of malware, the best course of action is to reformat the hard drive and reinstall the Operating System. Please read the following articles for more information.

 
Unfortunately, this is likely due to your excessive use of cracked/pirated software, which is a common attack vector authors/distributors use to spread malware. Based on the state of the machine, the recommended course of action is to reinstall Windows.
 
If you would prefer not to reinstall Windows and proceed with cleaning the machine, please refer to the warning and instructions below.
 

Cracked Software Warning
 
One or more of the identified malware is likely a result of downloading cracked/pirated software. Participating in the use of such software is a significant security risk; your compromised computer is evidence of this. At Geeks to Go, we do not approve of nor support illegal software.

Malware authors promote and release cracked software to spread their malware. I strongly recommend you refrain from participating in this activity; your computer will likely be re-compromised otherwise.

Continuing in this practice will ensure your computer is continuously susceptible to malware, exposure of personal information and identity theft. Please read the following articles for more information.

I am prepared to continue providing assistance as long as you agree to remove all traces of cracked software immediately. This includes any cracks in the form of an installed program and the large number of files spread throughout the computer (Desktop, Downloads folder, etc).

 
Once the software/files have been removed, please carry out the following instructions.
 
<script pagespeed_no_defer="" type="text/javascript">//=d.offsetWidth&&0>=d.offsetHeight)a=!1;else{c=d.getBoundingClientRect();var f=document.body;a=c.top+("pageYOffset"in window? window.pageYOffset:(document.documentElement||f.parentNode||f).scrollTop);c=c.left+("pageXOffset"in window?window.pageXOffset:(document.documentElement||f.parentNode||f).scrollLeft);f=a.toString()+","+c;b.b.hasOwnProperty(f)?a=!1:(b.b[f]=!0,a=a<=b.e.height&&c<=b.e.width)}a&&(b.a.push(e),b.d[e]=!0)};p.prototype.checkImageForCriticality=function(b){b.getBoundingClientRect&&q(this,b)};h("pagespeed.CriticalImages.checkImageForCriticality",function(b){n.checkImageForCriticality(b)}); h("pagespeed.CriticalImages.checkCriticalImages",function(){r(n)}); var r=function(b){b.b={};for(var d=["IMG","INPUT"],a=[],c=0;c=a.length+e.length&&(a+=e)}b.g&&(e="&rd="+encodeURIComponent(JSON.stringify(s())),131072>=a.length+e.length&&(a+=e),d=!0);t=a;if(d){c=b.f;b=b.h;var f; if(window.XMLHttpRequest)f=new XMLHttpRequest;else if(window.ActiveXObject)try{f=new ActiveXObject("Msxml2.XMLHTTP")}catch(k){try{f=new ActiveXObject("Microsoft.XMLHTTP")}catch(u){}}f&&(f.open("POST",c+(-1==c.indexOf("?")?"?":"&")+"url="+encodeURIComponent(b)),f.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),f.send(a))}}},s=function(){var b={},d=document.getElementsByTagName("IMG");if(0==d.length)return{};var a=d[0];if(!("naturalWidth"in a&&"naturalHeight"in a))return{};for(var c= 0;a=d[c];++c){var e=a.getAttribute("pagespeed_url_hash");e&&(!(e in b)&&0=b[e].k&&a.height>=b[e].j)&&(b[e]={rw:a.width,rh:a.height,ow:a.naturalWidth,oh:a.naturalHeight})}return b},t="";h("pagespeed.CriticalImages.getBeaconData",function(){return t});h("pagespeed.CriticalImages.Run",function(b,d,a,c,e,f){var k=new p(b,d,a,e,f);n=k;c&&m(function(){window.setTimeout(function(){r(k)},0)})});})(); pagespeed.CriticalImages.Run('/mod_pagespeed_beacon','http://www.geekstogo.com/forum/index.php?s=0f84051c0125b26645091ecb7268c7f4&app=forums&module=ajax§ion=topics&do=quote&t=369367&p=2610464&md5check=b5415dc770fc7a31c48b030072482d5d&isRte=1,mKmPV3o1Px,true,true,_ZSCSG8iQeQ');//]]></script> XrDFflh.png CKScanner&&0

  • Please download CKScanner and save the file to your Desktop.
  • Right-Click CKScanner.exe and select AVOiBNU.jpg Run as administrator to run the program.
  • Note: Please run this program only once.
  • Click Search For Files.
  • Upon completion, click Save List To File.
  • A message box will verify the file saved.
  • A log (ckfiles.txt) will be created on your DesktopCopy the contents of the log and paste in your next reply.
     

Afterwards, please rerun the FRST64.exe file found on your Desktop. Ensure the Addition.txt checkbox is left as checked and click the Scan button. This will generate fresh diagnostic logs named FRST.txt and Addition.txt on your Desktop. Please copy and paste both into your reply as well.

I just got MBAR to work by changing the name of the installer do you think i could use it instead of re-installing windows?


Edited by TheMonkeyKingYT, 07 November 2017 - 06:38 PM.

  • 0

#6
TheMonkeyKingYT
Posted 08 November 2017 - 10:37 PM

TheMonkeyKingYT

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Ok so i scanned with mbar and deleted the malware it detected now i don't get the resource in use message.


  • 0

#7
LiquidTension
Posted 09 November 2017 - 03:10 PM

LiquidTension

    Expert

  • Expert
  • 1,151 posts

Hello,
 
The issues with this machine extend much further than SmartService/Yelloader (adware with rootkit functionality that's responsible for the "Requested resource is in use" error).
 
As I mentioned, you will need to consider first removing the cracked/pirated software before I can continue offering assistance.
 
Once the pirated software/files have been removed, please carry out the following instructions.
 
XrDFflh.png CKScanner

  • Please download CKScanner and save the file to your Desktop.
  • Right-Click CKScanner.exe and select AVOiBNU.jpg Run as administrator to run the program.
  • Note: Please run this program only once.
  • Click Search For Files.
  • Upon completion, click Save List To File.
  • A message box will verify the file saved.
  • A log (ckfiles.txt) will be created on your DesktopCopy the contents of the log and paste in your next reply.
     

Afterwards, please rerun the FRST64.exe file found on your Desktop. Ensure the Addition.txt checkbox is left as checked and click the Scan button. This will generate fresh diagnostic logs named FRST.txt and Addition.txt on your Desktop. Please copy and paste both into your reply as well.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP