I downloaded something infested with malware and ran malwarebytes which fixed most of the problem but I'd like to confirm that it's gone. I ran a frst scan and here is what came up:
frst.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.10.2018
Ran by Evan (administrator) on LAPTOP-9VM6RJT (04-10-2018 17:01:58)
Running from C:\Users\Evan\Downloads
Loaded Profiles: Evan & (Available Profiles: Evan)
Platform: Windows 10 Home Version 1803 17134.285 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(McAfee LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\IntelCpHeciSvc.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee LLC) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(McAfee LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_8\mcapexe.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.178\DADUpdater.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\McCSPServiceHost.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\OobeHook.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igfxEM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10827.20110.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Overwolf Ltd.) C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
(Blitz Esports) C:\Program Files\Blitz\Blitz.exe
(Twitch Interactive, Inc.) C:\Users\Evan\AppData\Roaming\Twitch\Bin\Twitch.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Overwolf Ltd.) C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Farbar) C:\Users\Evan\Downloads\FRST64 (2).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8903176 2016-10-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1467400 2016-10-14] (Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [LeagueDisplays] => C:\Riot Games\LeagueDisplays\assistant\LeagueDisplaysAssistant.exe [406016 2018-01-31] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Winlogon: [Userinit] userinit.exe,,C:\Users\Evan\AppData\Local\toaqatuv\crrdkwem.exe
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,,C:\Users\Evan\AppData\Local\toaqatuv\crrdkwem.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165643807\...\Run: [WinResSync] => C:\WINDOWS\system32\regsvr32.exe /s "C:\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs" <==== ATTENTION
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165643807\...\RunOnce: [WinResSync] => C:\WINDOWS\system32\regsvr32.exe /s "C:\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs" <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165644416\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165644963\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [MurGee.com Auto Keyboard] => C:\ProgramData\Auto Keyboard\AutoKeyboard.exe [83440 2015-03-27] (MurGee.com)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [Steam] => C:\Program Files (x86)\RealRealSteam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [665216 2018-03-01] ()
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1504584 2018-09-18] (Overwolf Ltd.)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [com.blitz.app] => C:\Program Files\Blitz\Blitz.exe [67603384 2018-07-03] (Blitz Esports)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [CrrDkwem] => C:\Users\Evan\AppData\Local\toaqatuv\crrdkwem.exe [146160 2018-10-04] ()
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\MountPoints2: {50332a61-4e60-11e8-94aa-10f00552b9de} - "F:\Autorun.exe"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\SysWOW64\launcher.scr [2417936 2018-01-31] ()
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [MurGee.com Auto Keyboard] => C:\ProgramData\Auto Keyboard\AutoKeyboard.exe [83440 2015-03-27] (MurGee.com)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [Steam] => C:\Program Files (x86)\RealRealSteam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [665216 2018-03-01] ()
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1504584 2018-09-18] (Overwolf Ltd.)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [com.blitz.app] => C:\Program Files\Blitz\Blitz.exe [67603384 2018-07-03] (Blitz Esports)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [CrrDkwem] => :\Users\Evan\AppData\Local\toaqatuv\crrdkwem.ex
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\MountPoints2: {50332a61-4e60-11e8-94aa-10f00552b9de} - "F:\Autorun.exe"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\SysWOW64\launcher.scr [2417936 2018-01-31] ()
HKU\S-1-5-18\...\Run: [WinResSync] => C:\WINDOWS\system32\regsvr32.exe /s "C:\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs" <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [WinResSync] => C:\WINDOWS\system32\regsvr32.exe /s "C:\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs" <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-03-23]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico ()
Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crrdkwem.exe [2018-10-04] ()
Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2018-09-12]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited)
Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-09-01]
ShortcutTarget: Twitch.lnk -> C:\Users\Evan\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3eb67c16-5ee4-42e1-937c-1c5246fc58f6}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{42efc9c9-0843-433b-95da-54a36e0e3bde}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{6019da40-3b6e-43e8-b0a6-f1c7f8013900}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{6019da40-3b6e-43e8-b0a6-f1c7f8013900}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{645a08f7-d26d-11e7-b9df-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{9d106ced-10c2-4ac3-a956-faab85e48f62}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{a59731b4-a3e0-412d-be16-275f506bbeac}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ab90e9d2-f3f7-4690-970c-1dc6b67546a3}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{da96d4e7-83a6-4cbc-8dd8-f721e0a20217}: [DhcpNameServer] 172.18.13.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {B9628EA4-831C-4CA0-AC93-1E57CA26985D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {B9628EA4-831C-4CA0-AC93-1E57CA26985D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001 -> {1711FC25-F05A-40CE-B859-A0C1CF01FD18} URL =
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001 -> {B9628EA4-831C-4CA0-AC93-1E57CA26985D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322 -> {1711FC25-F05A-40CE-B859-A0C1CF01FD18} URL =
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322 -> {B9628EA4-831C-4CA0-AC93-1E57CA26985D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-27] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-08-05] (HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-09-10] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-29] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-29] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-08-05] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2018-01-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2018-01-25] (McAfee, Inc.)
FireFox:
========
FF DefaultProfile: o33qc0vs.default
FF ProfilePath: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\o33qc0vs.default [2018-09-27]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-03-01] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-01-25] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-29] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-01-25] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-09-01] ()
Chrome:
=======
CHR HomePage: Default -> homepage.ssoextension.com
CHR DefaultSearchURL: Default -> hxxp://search.ssoextension.com/s?q={searchTerms}
CHR DefaultSearchKeyword: Default -> ssoextension.com
CHR DefaultSuggestURL: Default -> hxxp://suggest.ssoextension.com/suggest?q={searchTerms}
CHR Profile: C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default [2018-10-04]
CHR Extension: (Slides) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-05]
CHR Extension: (YouTube) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-05]
CHR Extension: (Video Downloader professional) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-04-12]
CHR Extension: (Google Play Music) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-09-27]
CHR Extension: (Sheets) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (AdBlock) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-09-20]
CHR Extension: (Drumpfinator) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcimhbfpiofdihhdnofbdlhjcmjopilp [2017-09-25]
CHR Extension: (Violentmonkey) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinjaccalgkegednnccohejagnlnfdag [2018-09-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-05]
CHR Extension: (Chrome Media Router) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-27]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-02-02] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9680472 2018-09-26] (Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-13] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2018-05-02] (EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2208888 2016-10-04] (Intel Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-09-01] (WildTangent)
S2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [136352 2018-04-09] (eVenture Limited)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1268736 2016-10-05] (HP Inc.) [File not signed]
R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3421616 2017-06-20] (HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-04] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-24] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [53680 2018-02-05] (AnchorFree Inc.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [542320 2017-12-06] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe [728296 2018-01-31] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [419096 2016-04-01] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe [2140888 2017-12-14] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-01-26] (McAfee LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [512976 2018-01-26] (McAfee LLC)
R3 mfevtp; C:\windows\system32\mfevtps.exe [475600 2018-01-26] (McAfee LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1666224 2017-12-19] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268928 2017-12-20] ()
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-03-01] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-03-01] (The OpenVPN Project)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2308424 2018-09-18] (Overwolf LTD)
R2 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [900840 2017-08-14] ()
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1045360 2018-01-30] (McAfee, Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2018-09-12] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2018-09-12] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [317960 2016-10-14] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [37248 2017-09-06] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-02] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758720 2017-12-20] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AFTrafMgr1.4; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [56840 2018-01-03] (AnchorFree Inc.)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-21] (Bluestack System Inc. )
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77216 2018-01-31] (McAfee LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66624 2016-10-04] (Intel Corporation)
R1 epp; C:\EEK\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-10-04] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218336 2017-10-10] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel Corporation)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [259360 2018-10-04] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [496544 2018-01-31] (McAfee LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [357792 2018-01-31] (McAfee LLC)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83952 2018-01-31] (McAfee LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [528288 2018-01-31] (McAfee LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [948128 2018-01-31] (McAfee LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [521128 2017-11-21] (McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108464 2017-11-21] (McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115104 2018-01-31] (McAfee LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252832 2018-01-31] (McAfee LLC)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-11] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623040 2018-02-05] (Intel Corporation)
S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2018-02-02] ()
R3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2016-06-15] (The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-26] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2017-09-06] (The OpenVPN Project)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-08-23] (Anchorfree Inc.)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [84432 2017-03-27] (The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [46040 2017-08-24] (The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34960 2018-02-02] (HP)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2018-01-05] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-12-25] (Zemana Ltd.)
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-04 16:59 - 2018-10-04 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-10-04 16:55 - 2018-10-04 16:55 - 000000000 ___HD C:\ProgramData\temp
2018-10-04 16:24 - 2018-10-04 16:24 - 002414080 _____ (Farbar) C:\Users\Evan\Downloads\FRST64 (2).exe
2018-10-04 16:03 - 2018-10-04 16:58 - 000000000 ____D C:\Users\Evan\AppData\Local\toaqatuv
2018-10-04 16:03 - 2018-10-04 16:03 - 000000095 _____ C:\WINDOWS\wininit.ini
2018-10-04 15:59 - 2018-10-04 17:01 - 000000000 ____D C:\Users\Evan\Downloads\VST Plugins Pack Ultimate Collection
2018-10-04 15:23 - 2018-10-04 15:23 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-10-04 01:19 - 2018-10-04 02:06 - 000000000 ____D C:\Users\Evan\Downloads\Nexus Content
2018-10-04 01:15 - 2018-10-04 01:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX
2018-10-04 01:15 - 2018-10-04 01:15 - 000000000 ____D C:\Program Files (x86)\Uninstall Nexus
2018-10-04 01:15 - 2018-10-04 01:15 - 000000000 ____D C:\Program Files (x86)\Manual
2018-10-04 01:15 - 2009-10-24 21:15 - 001332224 _____ (AD © 2009) C:\WINDOWS\SysWOW64\SYNSOEMU.DLL
2018-10-04 00:50 - 2018-10-04 01:05 - 000000000 ____D C:\Users\Evan\Downloads\ReFX Nexus v2.2 VSTi RTAS DVDR - AiRISO [deepstatus]
2018-10-03 09:26 - 2018-10-03 09:26 - 000098234 _____ C:\WINDOWS\uninstaller.dat
2018-10-01 16:06 - 2018-10-01 16:06 - 000000000 ____D C:\Users\Evan\Downloads\Farming.Simulator.17.v1.2.0.0
2018-10-01 15:43 - 2018-10-01 15:59 - 159114917 _____ C:\Users\Evan\Downloads\Farming.Simulator.17.v1.2.0.0.zip
2018-09-30 16:40 - 2018-10-03 07:19 - 000000000 ____D C:\Users\Evan\Documents\Euro Truck Simulator 2
2018-09-30 16:34 - 2018-09-30 16:34 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 - Krone Trailer Pack
2018-09-30 16:14 - 2018-09-18 10:07 - 000000000 ____D C:\Users\Evan\Downloads\Euro.Truck.Simulator.2.Krone.Trailer.Pack
2018-09-30 15:46 - 2018-09-30 16:13 - 907066883 _____ C:\Users\Evan\Downloads\Euro.Truck.Simulator.2.Krone.Trailer.Pack.rar
2018-09-30 13:48 - 2018-09-30 13:48 - 000000982 _____ C:\Users\Public\Desktop\League of Legends.lnk
2018-09-29 23:02 - 2018-09-29 23:02 - 000002045 _____ C:\Users\Evan\Downloads\animelist_1538276537_-_7406724.xml.gz
2018-09-29 22:59 - 2018-09-29 22:59 - 000004729 _____ C:\Users\Evan\Downloads\animelist_1538276397_-_6752577.xml.gz
2018-09-29 00:59 - 2018-09-29 00:59 - 000789048 _____ (Roblox Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (3).exe
2018-09-28 21:03 - 2018-09-06 17:12 - 000000000 ____D C:\Users\Evan\Downloads\Europa.Universalis.IV.Dharma
2018-09-28 20:37 - 2018-09-28 20:48 - 2706411504 _____ C:\Users\Evan\Downloads\Europa.Universalis.IV.Dharma.rar
2018-09-27 19:17 - 2018-09-27 19:19 - 000000000 ____D C:\Users\Evan\AppData\Roaming\.technic
2018-09-27 19:17 - 2018-09-27 19:17 - 004734928 _____ () C:\Users\Evan\Downloads\TechnicLauncher.exe
2018-09-27 17:22 - 2018-10-04 16:55 - 000000000 ____D C:\Program Files (x86)\ProxyGate
2018-09-27 17:22 - 2018-09-27 17:22 - 000000000 _____ C:\Users\Evan\AppData\Roaming\FC29FA0894FE.ini
2018-09-27 15:33 - 2018-09-27 15:33 - 000576894 _____ C:\Users\Evan\Downloads\download.html
2018-09-26 19:24 - 2018-09-26 19:24 - 000000000 ____D C:\Users\Evan\AppData\Roaming\SEMC
2018-09-26 19:21 - 2018-09-26 19:21 - 000001311 _____ C:\Users\Public\Desktop\Vainglory.lnk
2018-09-26 19:21 - 2018-09-26 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vainglory
2018-09-26 19:02 - 2018-09-26 19:02 - 000000000 ____D C:\Program Files (x86)\Super Evil Megacorp
2018-09-26 18:57 - 2018-09-26 19:00 - 1287846320 _____ (Super Evil Megacorp) C:\Users\Evan\Downloads\VainglorySetup.83651.exe
2018-09-26 18:31 - 2018-09-26 18:31 - 001507328 _____ (Adobe Systems Incorporated) C:\Users\Evan\Downloads\flash_player.exe
2018-09-26 18:18 - 2018-09-26 18:21 - 943293743 _____ (Super Evil Megacorp) C:\Users\Evan\Downloads\Unconfirmed 781250.crdownload
2018-09-26 17:26 - 2018-09-26 17:47 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Tropico 5
2018-09-26 17:26 - 2018-09-26 17:26 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Kalypso Media
2018-09-26 17:25 - 2018-09-26 17:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tropico 5
2018-09-26 17:21 - 2018-09-27 17:22 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Tropico.5.v1.10.Inc.All.DLC.Eng.Repack
2018-09-26 17:21 - 2018-09-26 17:22 - 000000000 ____D C:\Program Files (x86)\Tropico 5
2018-09-26 17:19 - 2018-09-26 17:19 - 000000860 _____ C:\Users\Evan\Desktop\Cities Skylines Parklife.lnk
2018-09-26 17:19 - 2018-09-26 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines Parklife
2018-09-25 00:34 - 2018-09-25 00:34 - 000000000 ____D C:\Users\Evan\AppData\Local\TekkenGame
2018-09-25 00:32 - 2018-09-25 00:33 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-09-25 00:28 - 2018-09-25 00:28 - 000002187 _____ C:\Users\Evan\Desktop\TEKKEN 7.lnk
2018-09-25 00:28 - 2018-09-25 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMT-MAX.ORG
2018-09-24 23:09 - 2018-09-24 23:09 - 000000000 ____D C:\Program Files (x86)\GMT-MAX.ORG
2018-09-24 15:46 - 2018-09-24 15:46 - 000000000 ____D C:\Users\Evan\AppData\Local\mbam
2018-09-23 16:38 - 2018-09-24 23:08 - 000000000 ____D C:\Users\Evan\Downloads\TEKKEN_7_DDE_RePack_MAXAGENT
2018-09-23 12:14 - 2018-09-23 12:28 - 000000000 ____D C:\Users\Evan\Downloads\Tropico.5.v1.10.Inc.All.DLC.Eng.Repack
2018-09-17 22:07 - 2018-05-24 13:52 - 000000000 ____D C:\Users\Evan\Downloads\Cities.Skylines.Parklife
2018-09-17 21:50 - 2018-09-17 22:05 - 1063004405 _____ C:\Users\Evan\Downloads\Cities.Skylines.Parklife.part1.rar
2018-09-17 21:50 - 2018-09-17 21:51 - 183525939 _____ C:\Users\Evan\Downloads\Cities.Skylines.Parklife.part2.rar
2018-09-17 16:05 - 2018-09-17 16:05 - 000000023 _____ C:\WINDOWS\BlendSettings.ini
2018-09-17 16:01 - 2018-09-17 16:01 - 000005842 _____ C:\Users\Evan\Downloads\DCF_plugin-36125-1-3.zip
2018-09-17 16:01 - 2018-09-17 16:01 - 000000000 ____D C:\Users\Evan\Downloads\DCF_plugin-36125-1-3
2018-09-17 15:53 - 2018-09-17 15:53 - 000001710 _____ C:\Users\Public\Desktop\The Elder Scrolls IV - Oblivion.lnk
2018-09-17 15:53 - 2018-09-17 15:53 - 000000000 ____D C:\Users\Evan\AppData\Local\Oblivion
2018-09-17 15:53 - 2018-09-17 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls IV - Oblivion [GOG.com]
2018-09-17 15:53 - 2018-09-17 15:53 - 000000000 ____D C:\ProgramData\GOG.com
2018-09-17 15:43 - 2018-09-17 15:43 - 000000000 ____D C:\GOG Games
2018-09-16 23:25 - 2018-09-16 23:25 - 000000000 ____D C:\Users\Evan\AppData\LocalLow\Squeaky Wheel
2018-09-16 23:23 - 2018-08-30 08:59 - 000000000 ____D C:\Users\Evan\Downloads\Academia.School.Simulator.v0.2.49
2018-09-16 22:58 - 2018-09-16 22:58 - 169310482 _____ C:\Users\Evan\Downloads\Academia.School.Simulator.v0.2.49.rar
2018-09-16 21:10 - 2018-09-16 21:10 - 000000000 ____D C:\ProgramData\Undefined game
2018-09-15 19:19 - 2018-09-15 19:42 - 000000000 ____D C:\Users\Evan\Downloads\The Elder Scrolls IV- Oblivion GOTY - GOG
2018-09-15 14:45 - 2018-09-04 18:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-09-14 16:11 - 2018-08-30 23:42 - 007520064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-09-14 16:11 - 2018-08-30 23:28 - 006570040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-09-14 16:11 - 2018-08-30 23:26 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-09-14 16:10 - 2018-08-30 23:44 - 001222440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-09-14 16:10 - 2018-08-30 23:44 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-09-14 16:10 - 2018-08-30 23:42 - 009090016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-09-14 16:10 - 2018-08-30 23:42 - 007436192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-09-14 16:10 - 2018-08-30 23:42 - 002824672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-09-14 16:10 - 2018-08-30 23:28 - 006043680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-09-14 16:10 - 2018-08-30 23:21 - 022008320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-09-14 16:10 - 2018-08-30 23:20 - 022715904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-09-14 16:10 - 2018-08-30 23:18 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-09-14 16:10 - 2018-08-30 23:16 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-09-14 16:10 - 2018-08-30 23:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-09-14 16:10 - 2018-08-30 23:16 - 004382720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-09-14 16:10 - 2018-08-30 23:15 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-09-14 16:10 - 2018-08-30 23:15 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-09-14 16:10 - 2018-08-30 23:15 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-14 16:10 - 2018-08-30 23:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-09-14 16:10 - 2018-08-30 23:13 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-14 16:10 - 2018-08-30 23:10 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-09-14 16:10 - 2018-08-30 23:10 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-09-14 16:10 - 2018-08-28 03:17 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-09-14 16:10 - 2018-08-09 05:32 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-09-14 16:10 - 2018-08-09 05:31 - 001617728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-14 16:10 - 2018-08-09 05:16 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-09-14 16:10 - 2018-08-09 05:14 - 012709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-14 16:10 - 2018-08-09 05:11 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-09-14 16:10 - 2018-08-09 04:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-09-14 16:10 - 2018-08-09 01:02 - 001035144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-14 16:10 - 2018-08-09 00:53 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-09-14 16:10 - 2018-08-09 00:29 - 002253584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-09-14 16:10 - 2018-08-09 00:28 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-14 16:10 - 2018-08-09 00:24 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-09-14 16:10 - 2018-08-09 00:23 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-14 16:10 - 2018-08-09 00:22 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-09-14 16:10 - 2018-08-09 00:09 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-09-14 16:09 - 2018-08-31 03:46 - 000542504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-09-14 16:09 - 2018-08-31 03:45 - 000348328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-09-14 16:09 - 2018-08-31 03:43 - 001524152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-09-14 16:09 - 2018-08-31 03:42 - 001636232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-09-14 16:09 - 2018-08-31 03:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-14 16:09 - 2018-08-31 03:27 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-14 16:09 - 2018-08-31 03:26 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-14 16:09 - 2018-08-31 03:25 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-14 16:09 - 2018-08-31 03:24 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-14 16:09 - 2018-08-31 03:24 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-14 16:09 - 2018-08-31 03:24 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-09-14 16:09 - 2018-08-31 03:23 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-09-14 16:09 - 2018-08-31 03:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-14 16:09 - 2018-08-31 03:22 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-09-14 16:09 - 2018-08-31 03:22 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-14 16:09 - 2018-08-31 02:55 - 001455960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-09-14 16:09 - 2018-08-31 02:53 - 001327504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-09-14 16:09 - 2018-08-31 02:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-09-14 16:09 - 2018-08-31 02:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2018-09-14 16:09 - 2018-08-31 02:37 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-09-14 16:09 - 2018-08-31 02:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-09-14 16:09 - 2018-08-31 02:37 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-09-14 16:09 - 2018-08-31 02:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-09-14 16:09 - 2018-08-30 23:50 - 000273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-09-14 16:09 - 2018-08-30 23:50 - 000270648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-09-14 16:09 - 2018-08-30 23:44 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-09-14 16:09 - 2018-08-30 23:44 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-09-14 16:09 - 2018-08-30 23:44 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-09-14 16:09 - 2018-08-30 23:44 - 000076256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-09-14 16:09 - 2018-08-30 23:43 - 002719216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-09-14 16:09 - 2018-08-30 23:43 - 000722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 002461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 001767064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 001458552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-14 16:09 - 2018-08-30 23:42 - 001258352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-14 16:09 - 2018-08-30 23:42 - 001142000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-14 16:09 - 2018-08-30 23:42 - 001097720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 000983080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-14 16:09 - 2018-08-30 23:42 - 000885928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 000632296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 000604640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-09-14 16:09 - 2018-08-30 23:42 - 000527328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 000494472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 000155112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-14 16:09 - 2018-08-30 23:28 - 001989496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-09-14 16:09 - 2018-08-30 23:28 - 001514352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-09-14 16:09 - 2018-08-30 23:28 - 001129728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-09-14 16:09 - 2018-08-30 23:28 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-09-14 16:09 - 2018-08-30 23:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2018-09-14 16:09 - 2018-08-30 23:28 - 000134936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-09-14 16:09 - 2018-08-30 23:15 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-09-14 16:09 - 2018-08-30 23:15 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-14 16:09 - 2018-08-30 23:15 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-14 16:09 - 2018-08-30 23:14 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-14 16:09 - 2018-08-30 23:14 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-09-14 16:09 - 2018-08-30 23:13 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-09-14 16:09 - 2018-08-30 23:13 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-14 16:09 - 2018-08-30 23:12 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-14 16:09 - 2018-08-30 23:11 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-09-14 16:09 - 2018-08-30 23:11 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-14 16:09 - 2018-08-30 23:11 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-09-14 16:09 - 2018-08-30 23:11 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-14 16:09 - 2018-08-30 23:11 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-14 16:09 - 2018-08-30 23:11 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-09-14 16:09 - 2018-08-30 23:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-14 16:09 - 2018-08-30 23:10 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-14 16:09 - 2018-08-30 23:10 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-14 16:09 - 2018-08-30 23:10 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-09-14 16:09 - 2018-08-30 23:10 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-09-14 16:09 - 2018-08-30 23:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-09-14 16:09 - 2018-08-30 23:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-09-14 16:09 - 2018-08-30 23:07 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-09-14 16:09 - 2018-08-30 23:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-09-14 16:09 - 2018-08-30 23:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-09-14 16:09 - 2018-08-30 23:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-09-14 16:09 - 2018-08-28 02:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-09-14 16:09 - 2018-08-28 02:48 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-14 16:09 - 2018-08-28 02:45 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-14 16:09 - 2018-08-28 01:51 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-09-14 16:09 - 2018-08-13 22:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-09-14 16:09 - 2018-08-09 05:31 - 000766872 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-14 16:09 - 2018-08-09 05:31 - 000253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-14 16:09 - 2018-08-09 05:31 - 000236624 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-14 16:09 - 2018-08-09 05:14 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-14 16:09 - 2018-08-09 05:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-14 16:09 - 2018-08-09 05:13 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-09-14 16:09 - 2018-08-09 05:13 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-14 16:09 - 2018-08-09 05:13 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-14 16:09 - 2018-08-09 05:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-14 16:09 - 2018-08-09 05:12 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-09-14 16:09 - 2018-08-09 05:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-14 16:09 - 2018-08-09 05:11 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-09-14 16:09 - 2018-08-09 05:11 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-09-14 16:09 - 2018-08-09 05:11 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-09-14 16:09 - 2018-08-09 05:10 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-14 16:09 - 2018-08-09 05:10 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-09-14 16:09 - 2018-08-09 05:10 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-14 16:09 - 2018-08-09 05:09 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-14 16:09 - 2018-08-09 05:09 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-09-14 16:09 - 2018-08-09 04:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-09-14 16:09 - 2018-08-09 04:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-09-14 16:09 - 2018-08-09 04:23 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-09-14 16:09 - 2018-08-09 04:23 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-09-14 16:09 - 2018-08-09 04:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2018-09-14 16:09 - 2018-08-09 04:22 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-09-14 16:09 - 2018-08-09 04:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-09-14 16:09 - 2018-08-09 04:22 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-09-14 16:09 - 2018-08-09 04:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2018-09-14 16:09 - 2018-08-09 04:21 - 002894848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-09-14 16:09 - 2018-08-09 04:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-09-14 16:09 - 2018-08-09 04:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-09-14 16:09 - 2018-08-09 04:21 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-09-14 16:09 - 2018-08-09 04:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-09-14 16:09 - 2018-08-09 04:20 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-09-14 16:09 - 2018-08-09 04:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-09-14 16:09 - 2018-08-09 01:01 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-14 16:09 - 2018-08-09 00:55 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-14 16:09 - 2018-08-09 00:54 - 001019016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-09-14 16:09 - 2018-08-09 00:54 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-09-14 16:09 - 2018-08-09 00:54 - 000375704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-14 16:09 - 2018-08-09 00:54 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-14 16:09 - 2018-08-09 00:54 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-09-14 16:09 - 2018-08-09 00:53 - 001947720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-14 16:09 - 2018-08-09 00:53 - 001026456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-14 16:09 - 2018-08-09 00:53 - 000932136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-09-14 16:09 - 2018-08-09 00:53 - 000714792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-09-14 16:09 - 2018-08-09 00:53 - 000482480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-09-14 16:09 - 2018-08-09 00:53 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-09-14 16:09 - 2018-08-09 00:53 - 000125600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-14 16:09 - 2018-08-09 00:30 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-09-14 16:09 - 2018-08-09 00:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-09-14 16:09 - 2018-08-09 00:29 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-09-14 16:09 - 2018-08-09 00:29 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-09-14 16:09 - 2018-08-09 00:29 - 000581696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-09-14 16:09 - 2018-08-09 00:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2018-09-14 16:09 - 2018-08-09 00:28 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-14 16:09 - 2018-08-09 00:27 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-14 16:09 - 2018-08-09 00:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-14 16:09 - 2018-08-09 00:26 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-14 16:09 - 2018-08-09 00:26 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-14 16:09 - 2018-08-09 00:26 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-14 16:09 - 2018-08-09 00:26 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-09-14 16:09 - 2018-08-09 00:26 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-14 16:09 - 2018-08-09 00:24 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-09-14 16:09 - 2018-08-09 00:23 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-14 16:09 - 2018-08-09 00:23 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-14 16:09 - 2018-08-09 00:23 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-14 16:09 - 2018-08-09 00:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-14 16:09 - 2018-08-09 00:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-14 16:09 - 2018-08-09 00:21 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-09-14 16:09 - 2018-08-09 00:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-09-14 16:09 - 2018-08-09 00:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-09-14 16:09 - 2018-08-09 00:11 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-09-14 16:09 - 2018-08-09 00:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-09-14 16:09 - 2018-08-09 00:11 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-09-14 16:09 - 2018-08-09 00:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll
2018-09-14 16:09 - 2018-08-09 00:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-09-14 16:09 - 2018-08-09 00:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-09-14 16:09 - 2018-08-09 00:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-09-14 16:09 - 2018-08-09 00:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-09-14 16:09 - 2018-08-08 23:08 - 000806416 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-09-14 16:09 - 2018-08-08 23:08 - 000806416 _____ C:\WINDOWS\system32\locale.nls
2018-09-14 16:08 - 2018-08-31 03:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-09-14 16:08 - 2018-08-31 02:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-09-14 16:08 - 2018-08-30 23:17 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-09-14 16:08 - 2018-08-30 23:17 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-14 16:08 - 2018-08-30 23:14 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-09-14 16:08 - 2018-08-30 23:14 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-09-14 16:08 - 2018-08-30 23:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll
2018-09-14 16:08 - 2018-08-30 23:10 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-09-14 16:08 - 2018-08-30 23:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-14 16:08 - 2018-08-30 23:10 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-09-14 16:08 - 2018-08-30 23:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-09-14 16:08 - 2018-08-30 21:57 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2018-09-14 16:08 - 2018-08-28 02:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-14 16:08 - 2018-08-13 22:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-09-14 16:08 - 2018-08-09 05:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-09-14 16:08 - 2018-08-09 05:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-14 16:08 - 2018-08-09 05:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-14 16:08 - 2018-08-09 05:11 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-14 16:08 - 2018-08-09 05:09 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-14 16:08 - 2018-08-09 04:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2018-09-14 16:08 - 2018-08-09 04:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-09-14 16:08 - 2018-08-09 04:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-09-14 16:08 - 2018-08-09 00:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-14 16:08 - 2018-08-09 00:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-14 16:08 - 2018-08-09 00:26 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-09-14 16:08 - 2018-08-09 00:22 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-14 16:08 - 2018-08-09 00:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2018-09-14 16:08 - 2018-08-09 00:11 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-09-14 16:08 - 2018-08-09 00:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-09-14 16:08 - 2018-08-09 00:10 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-09-14 16:08 - 2018-08-09 00:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-09-13 00:28 - 2018-09-13 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Rainbow Six Vegas 2
2018-09-12 20:28 - 2018-09-12 21:08 - 000000000 ____D C:\Users\Evan\Downloads\Rainbow Six Vegas 2
2018-09-12 20:14 - 2018-09-12 20:14 - 000000000 ____D C:\ProgramData\Ubisoft
2018-09-12 20:13 - 2018-09-12 20:14 - 000107832 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2018-09-12 20:13 - 2018-09-12 20:13 - 002337865 _____ C:\WINDOWS\SysWOW64\pbsvc.exe
2018-09-12 20:13 - 2018-09-12 20:13 - 000066872 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-09-12 19:53 - 2018-09-13 00:16 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2018-09-12 19:23 - 2018-09-12 19:45 - 000000000 ____D C:\Users\Evan\Downloads\www.alt.bitworld.to...Tom.Clancys.Rainbow.Six.Vegas.2-RELOADED
2018-09-11 23:37 - 2018-09-11 23:37 - 000000000 ____D C:\Users\Evan\Downloads\Native Instruments FM8 v1.4.0 Update-R2R [deepstatus]
2018-09-10 17:59 - 2018-09-10 17:59 - 000379481 _____ C:\Users\Evan\Downloads\watch (1).html
2018-09-10 16:02 - 2018-09-10 16:02 - 000004585 _____ C:\Users\Evan\Downloads\FLRegKey.reg
2018-09-10 16:00 - 2018-10-04 01:29 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2018-09-10 16:00 - 2018-09-10 16:00 - 000002128 _____ C:\Users\Evan\Desktop\FL Studio 12 (64bit).lnk
2018-09-10 16:00 - 2018-09-10 16:00 - 000002112 _____ C:\Users\Evan\Desktop\FL Studio 12.lnk
2018-09-10 16:00 - 2018-09-10 16:00 - 000001218 _____ C:\Users\Evan\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2018-09-10 16:00 - 2018-09-10 16:00 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2018-09-10 16:00 - 2018-09-10 16:00 - 000000000 ____D C:\Program Files\Common Files\VST2
2018-09-10 16:00 - 2018-09-10 16:00 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2018-09-10 16:00 - 2018-09-10 16:00 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2018-09-10 15:58 - 2018-09-10 15:58 - 000000000 ____D C:\Users\Evan\Documents\Image-Line
2018-09-10 15:58 - 2018-09-10 15:58 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-09-10 15:58 - 2018-09-10 15:58 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Image-Line
2018-09-10 15:58 - 2018-09-10 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-09-10 15:58 - 2018-09-10 15:58 - 000000000 ____D C:\Program Files\Image-Line
2018-09-10 15:46 - 2018-09-10 16:00 - 000000000 ____D C:\Program Files (x86)\Image-Line
2018-09-10 15:39 - 2018-09-10 15:43 - 000000000 ____D C:\Users\Evan\Downloads\FL STUDIO 12 Producer Edition v12.2 [build3] 32Bit & 64Bit + Crack
2018-09-08 01:20 - 2018-09-20 02:19 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Taiga
2018-09-08 01:20 - 2018-09-08 01:20 - 001203581 _____ (erengy) C:\Users\Evan\Downloads\TaigaSetup.exe
2018-09-08 01:20 - 2018-09-08 01:20 - 000001011 _____ C:\Users\Evan\Desktop\Taiga.lnk
2018-09-08 01:20 - 2018-09-08 01:20 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Taiga
2018-09-08 00:01 - 2018-09-27 19:05 - 000000393 _____ C:\Users\Evan\Documents\Multihack4.ini
2018-09-08 00:01 - 2018-09-08 00:01 - 000001129 _____ C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multihack.lnk
2018-09-08 00:01 - 2018-09-08 00:01 - 000000000 ____D C:\Users\Evan\Downloads\Multihack v4.0_mpgh.net
2018-09-08 00:00 - 2018-09-08 00:00 - 001322651 _____ C:\Users\Evan\Downloads\Multihack v4.0_mpgh.net.zip
2018-09-06 00:39 - 2018-09-06 00:39 - 000003652 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-04 17:12 - 2018-01-05 13:30 - 000088933 _____ C:\WINDOWS\ZAM.krnl.trace
2018-10-04 17:12 - 2017-12-27 13:31 - 000034811 _____ C:\Users\Evan\Downloads\FRST.txt
2018-10-04 17:12 - 2017-12-25 17:21 - 000052676 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-10-04 17:07 - 2018-09-01 17:04 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Twitch
2018-10-04 17:04 - 2018-06-19 04:14 - 000000000 ____D C:\Users\Evan\AppData\Local\Overwolf
2018-10-04 17:01 - 2018-07-03 13:17 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Blitz
2018-10-04 17:01 - 2018-06-19 04:15 - 000000000 ____D C:\Program Files (x86)\Overwolf
2018-10-04 16:57 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-04 16:57 - 2017-07-13 19:51 - 000000000 __SHD C:\Users\Evan\IntelGraphicsProfiles
2018-10-04 16:55 - 2018-05-17 02:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-04 16:54 - 2018-04-11 17:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-10-04 16:24 - 2017-12-27 13:31 - 000000000 ____D C:\FRST
2018-10-04 16:24 - 2017-12-26 19:42 - 000002332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-04 16:07 - 2018-05-17 16:55 - 000000000 ____D C:\Users\Evan\AppData\Local\D3DSCache
2018-10-04 16:06 - 2018-09-01 20:24 - 000259360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-10-04 16:06 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-04 16:04 - 2018-03-30 10:30 - 000000358 _____ C:\WINDOWS\Tasks\HPCeeScheduleForEvan.job
2018-10-04 16:00 - 2017-12-24 18:02 - 000000000 ____D C:\Users\Evan\AppData\Local\transmission
2018-10-04 15:54 - 2018-05-17 02:53 - 000003246 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForEvan
2018-10-04 15:24 - 2018-05-17 02:53 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01B21D24-031A-4188-BA33-533CE41FA0CB}
2018-10-04 15:21 - 2018-05-17 02:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-04 07:44 - 2016-10-21 11:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-03 15:43 - 2017-10-08 16:19 - 000000000 ____D C:\Program Files (x86)\RealRealSteam
2018-10-02 07:46 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-01 18:01 - 2017-07-17 19:22 - 000000000 ____D C:\Users\Evan\Documents\My Games
2018-10-01 00:24 - 2017-07-28 15:53 - 000000000 ____D C:\Users\Evan\AppData\Local\Battle.net
2018-09-30 23:24 - 2017-07-28 15:54 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2018-09-30 16:40 - 2018-06-28 15:05 - 000000000 ____D C:\Users\Evan\Documents\SkidRow
2018-09-30 16:31 - 2018-05-02 17:40 - 000000000 ____D C:\Games
2018-09-30 13:48 - 2018-01-09 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2018-09-29 23:03 - 2018-08-14 01:59 - 000000000 ____D C:\Users\Evan\Downloads\memes
2018-09-29 02:04 - 2017-09-03 16:04 - 000000000 ____D C:\Program Files (x86)\Arena
2018-09-27 22:50 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-09-27 20:11 - 2017-11-26 01:56 - 000000000 ____D C:\Users\Evan\AppData\Local\Packages
2018-09-27 17:35 - 2018-05-17 02:25 - 000000000 ____D C:\Users\Evan
2018-09-27 17:32 - 2017-10-08 11:13 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2018-09-27 17:31 - 2016-10-21 11:51 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-09-27 17:31 - 2016-10-21 11:51 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-09-27 17:29 - 2018-04-11 17:04 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2018-09-26 21:55 - 2018-02-26 23:25 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-09-26 17:08 - 2018-07-04 04:36 - 000000000 ____D C:\ProgramData\Packages
2018-09-25 00:43 - 2017-12-25 17:33 - 000000000 ____D C:\Program Files\Unlocker
2018-09-25 00:34 - 2018-02-02 18:53 - 000000000 ____D C:\Users\Evan\AppData\Local\UnrealEngine
2018-09-25 00:32 - 2018-04-04 17:52 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2018-09-22 01:59 - 2018-05-17 02:53 - 000004008 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-09-22 01:59 - 2018-05-17 02:53 - 000003776 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-09-21 15:45 - 2018-05-17 02:53 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2198813628-2402096551-3996786398-1001
2018-09-21 15:45 - 2018-05-17 02:25 - 000002416 _____ C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-21 15:45 - 2017-07-13 19:55 - 000000000 ___RD C:\Users\Evan\OneDrive
2018-09-19 21:38 - 2018-04-14 00:46 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2018-09-19 21:38 - 2018-04-14 00:45 - 000000000 ____D C:\Users\Evan\AppData\Local\HearthstoneDeckTracker
2018-09-19 21:38 - 2017-07-15 11:31 - 000000000 ____D C:\Users\Evan\AppData\Local\SquirrelTemp
2018-09-19 21:32 - 2017-10-17 22:18 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2018-09-17 16:43 - 2018-05-17 02:53 - 000003446 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2018-09-17 16:07 - 2018-02-11 23:51 - 000000000 ____D C:\Users\Evan\.grasp_settings
2018-09-17 15:43 - 2017-03-23 00:31 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-09-16 21:23 - 2018-06-12 20:04 - 000000000 ____D C:\Users\Evan\AppData\Roaming\StardewValley
2018-09-15 21:47 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-15 21:45 - 2018-05-17 02:17 - 000290976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-15 21:41 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-09-15 21:41 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-09-15 21:41 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-15 21:41 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-09-15 21:41 - 2018-04-11 17:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-15 21:28 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-15 13:52 - 2018-05-17 02:53 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-09-12 19:53 - 2016-10-21 11:49 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-09-12 02:16 - 2018-05-17 02:24 - 000931512 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-11 22:28 - 2017-12-26 19:42 - 000000000 ____D C:\Program Files\CCleaner
2018-09-11 16:07 - 2017-07-13 19:52 - 000000000 ____D C:\Users\Evan\AppData\Local\Publishers
2018-09-10 08:15 - 2017-12-22 12:29 - 000000000 ____D C:\Users\Evan\AppData\Local\ElevatedDiagnostics
2018-09-09 17:54 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-09-04 19:04 - 2018-04-11 19:41 - 000835144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-09-04 19:04 - 2018-04-11 19:41 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2018-02-10 13:47 - 2018-02-09 13:46 - 000038678 _____ () C:\Users\Evan\AppData\Roaming\dhgfhgferr.png
2018-09-27 17:22 - 2018-09-27 17:22 - 000000000 _____ () C:\Users\Evan\AppData\Roaming\FC29FA0894FE.ini
2018-06-21 17:52 - 2018-06-21 18:03 - 000000084 _____ () C:\Users\Evan\AppData\Local\Autosofted License.txt
2018-10-04 16:06 - 2018-10-04 16:06 - 000000066 _____ () C:\Users\Evan\AppData\Local\dxmtbtov.log
2018-10-04 16:06 - 2018-10-04 16:06 - 000076587 _____ () C:\Users\Evan\AppData\Local\fqgqnssy.log
2018-10-04 16:06 - 2018-10-04 16:53 - 000000004 _____ () C:\Users\Evan\AppData\Local\gtlhvkjj.log
2018-10-04 16:06 - 2018-10-04 16:06 - 000000000 _____ () C:\Users\Evan\AppData\Local\rraftxqi.log
2018-10-04 16:05 - 2018-10-04 17:17 - 000000028 _____ () C:\Users\Evan\AppData\Local\vrwgfbko.log
2018-10-04 16:05 - 2018-10-04 16:06 - 000393442 _____ () C:\Users\Evan\AppData\Local\wibtbxol.log
2018-10-04 16:06 - 2018-10-04 17:09 - 001357073 _____ () C:\Users\Evan\AppData\Local\xfqjyfrc.log
Some files in TEMP:
====================
2018-09-27 19:24 - 2018-09-27 19:24 - 000017408 ____N (Red Hat®, Inc.) C:\Users\Evan\AppData\Local\Temp\jansi-32-5951740665947102899.dll
2018-09-27 18:55 - 2018-09-27 18:55 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Evan\AppData\Local\Temp\jansi-64-1380607797332911364.dll
2018-09-27 16:00 - 2018-09-27 16:00 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Evan\AppData\Local\Temp\jansi-64-3152145344091471539.dll
2018-09-27 19:06 - 2018-09-27 19:06 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Evan\AppData\Local\Temp\jansi-64-4146885892808842387.dll
2018-09-27 16:14 - 2018-09-27 16:14 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Evan\AppData\Local\Temp\jansi-64-5643878827776892051.dll
2018-10-04 16:05 - 2018-10-04 20:20 - 000146160 ____S (Microsoft Corporation) C:\Users\Evan\AppData\Local\Temp\lngirfyq.exe
2018-10-04 06:21 - 2018-10-04 06:21 - 007069348 _____ () C:\Users\Evan\AppData\Local\Temp\setup.dll
2018-10-04 16:05 - 2018-10-04 20:20 - 000146160 ____S (Microsoft Corporation) C:\Users\Evan\AppData\Local\Temp\swnwecbe.exe
2018-10-04 16:11 - 2018-10-04 17:03 - 000146160 _____ (Microsoft Corporation) C:\Users\Evan\AppData\Local\Temp\taqvmqha.exe
2018-10-04 16:16 - 2018-10-04 16:03 - 000099887 _____ () C:\Users\Evan\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-17 02:17
==================== End of FRST.txt ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.10.2018
Ran by Evan (administrator) on LAPTOP-9VM6RJT (04-10-2018 17:01:58)
Running from C:\Users\Evan\Downloads
Loaded Profiles: Evan & (Available Profiles: Evan)
Platform: Windows 10 Home Version 1803 17134.285 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(McAfee LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\IntelCpHeciSvc.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee LLC) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(McAfee LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_8\mcapexe.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.178\DADUpdater.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\McCSPServiceHost.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\OobeHook.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igfxEM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10827.20110.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Overwolf Ltd.) C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
(Blitz Esports) C:\Program Files\Blitz\Blitz.exe
(Twitch Interactive, Inc.) C:\Users\Evan\AppData\Roaming\Twitch\Bin\Twitch.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Overwolf Ltd.) C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Farbar) C:\Users\Evan\Downloads\FRST64 (2).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8903176 2016-10-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1467400 2016-10-14] (Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [LeagueDisplays] => C:\Riot Games\LeagueDisplays\assistant\LeagueDisplaysAssistant.exe [406016 2018-01-31] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Winlogon: [Userinit] userinit.exe,,C:\Users\Evan\AppData\Local\toaqatuv\crrdkwem.exe
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,,C:\Users\Evan\AppData\Local\toaqatuv\crrdkwem.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165643807\...\Run: [WinResSync] => C:\WINDOWS\system32\regsvr32.exe /s "C:\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs" <==== ATTENTION
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165643807\...\RunOnce: [WinResSync] => C:\WINDOWS\system32\regsvr32.exe /s "C:\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs" <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165644416\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165644963\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [MurGee.com Auto Keyboard] => C:\ProgramData\Auto Keyboard\AutoKeyboard.exe [83440 2015-03-27] (MurGee.com)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [Steam] => C:\Program Files (x86)\RealRealSteam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [665216 2018-03-01] ()
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1504584 2018-09-18] (Overwolf Ltd.)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [com.blitz.app] => C:\Program Files\Blitz\Blitz.exe [67603384 2018-07-03] (Blitz Esports)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Run: [CrrDkwem] => C:\Users\Evan\AppData\Local\toaqatuv\crrdkwem.exe [146160 2018-10-04] ()
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\MountPoints2: {50332a61-4e60-11e8-94aa-10f00552b9de} - "F:\Autorun.exe"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\SysWOW64\launcher.scr [2417936 2018-01-31] ()
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [MurGee.com Auto Keyboard] => C:\ProgramData\Auto Keyboard\AutoKeyboard.exe [83440 2015-03-27] (MurGee.com)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [Steam] => C:\Program Files (x86)\RealRealSteam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [665216 2018-03-01] ()
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1504584 2018-09-18] (Overwolf Ltd.)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [com.blitz.app] => C:\Program Files\Blitz\Blitz.exe [67603384 2018-07-03] (Blitz Esports)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Run: [CrrDkwem] => :\Users\Evan\AppData\Local\toaqatuv\crrdkwem.ex
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\MountPoints2: {50332a61-4e60-11e8-94aa-10f00552b9de} - "F:\Autorun.exe"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\SysWOW64\launcher.scr [2417936 2018-01-31] ()
HKU\S-1-5-18\...\Run: [WinResSync] => C:\WINDOWS\system32\regsvr32.exe /s "C:\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs" <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [WinResSync] => C:\WINDOWS\system32\regsvr32.exe /s "C:\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs" <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-03-23]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico ()
Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crrdkwem.exe [2018-10-04] ()
Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2018-09-12]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited)
Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-09-01]
ShortcutTarget: Twitch.lnk -> C:\Users\Evan\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3eb67c16-5ee4-42e1-937c-1c5246fc58f6}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{42efc9c9-0843-433b-95da-54a36e0e3bde}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{6019da40-3b6e-43e8-b0a6-f1c7f8013900}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{6019da40-3b6e-43e8-b0a6-f1c7f8013900}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{645a08f7-d26d-11e7-b9df-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{9d106ced-10c2-4ac3-a956-faab85e48f62}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{a59731b4-a3e0-412d-be16-275f506bbeac}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ab90e9d2-f3f7-4690-970c-1dc6b67546a3}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{da96d4e7-83a6-4cbc-8dd8-f721e0a20217}: [DhcpNameServer] 172.18.13.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {B9628EA4-831C-4CA0-AC93-1E57CA26985D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {B9628EA4-831C-4CA0-AC93-1E57CA26985D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001 -> {1711FC25-F05A-40CE-B859-A0C1CF01FD18} URL =
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001 -> {B9628EA4-831C-4CA0-AC93-1E57CA26985D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322 -> {1711FC25-F05A-40CE-B859-A0C1CF01FD18} URL =
SearchScopes: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322 -> {B9628EA4-831C-4CA0-AC93-1E57CA26985D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-27] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-08-05] (HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-09-10] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-29] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-29] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-08-05] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2018-01-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2018-01-25] (McAfee, Inc.)
FireFox:
========
FF DefaultProfile: o33qc0vs.default
FF ProfilePath: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\o33qc0vs.default [2018-09-27]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-03-01] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-01-25] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-29] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-01-25] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-09-01] ()
Chrome:
=======
CHR HomePage: Default -> homepage.ssoextension.com
CHR DefaultSearchURL: Default -> hxxp://search.ssoextension.com/s?q={searchTerms}
CHR DefaultSearchKeyword: Default -> ssoextension.com
CHR DefaultSuggestURL: Default -> hxxp://suggest.ssoextension.com/suggest?q={searchTerms}
CHR Profile: C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default [2018-10-04]
CHR Extension: (Slides) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-05]
CHR Extension: (YouTube) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-05]
CHR Extension: (Video Downloader professional) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-04-12]
CHR Extension: (Google Play Music) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-09-27]
CHR Extension: (Sheets) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (AdBlock) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-09-20]
CHR Extension: (Drumpfinator) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcimhbfpiofdihhdnofbdlhjcmjopilp [2017-09-25]
CHR Extension: (Violentmonkey) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinjaccalgkegednnccohejagnlnfdag [2018-09-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-05]
CHR Extension: (Chrome Media Router) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-27]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-02-02] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9680472 2018-09-26] (Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-13] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2018-05-02] (EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2208888 2016-10-04] (Intel Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-09-01] (WildTangent)
S2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [136352 2018-04-09] (eVenture Limited)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1268736 2016-10-05] (HP Inc.) [File not signed]
R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3421616 2017-06-20] (HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-04] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-24] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [53680 2018-02-05] (AnchorFree Inc.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [542320 2017-12-06] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe [728296 2018-01-31] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [419096 2016-04-01] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe [2140888 2017-12-14] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-01-26] (McAfee LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [512976 2018-01-26] (McAfee LLC)
R3 mfevtp; C:\windows\system32\mfevtps.exe [475600 2018-01-26] (McAfee LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1666224 2017-12-19] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268928 2017-12-20] ()
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-03-01] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-03-01] (The OpenVPN Project)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2308424 2018-09-18] (Overwolf LTD)
R2 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [900840 2017-08-14] ()
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1045360 2018-01-30] (McAfee, Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2018-09-12] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2018-09-12] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [317960 2016-10-14] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [37248 2017-09-06] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-02] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758720 2017-12-20] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AFTrafMgr1.4; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [56840 2018-01-03] (AnchorFree Inc.)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-21] (Bluestack System Inc. )
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77216 2018-01-31] (McAfee LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66624 2016-10-04] (Intel Corporation)
R1 epp; C:\EEK\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-10-04] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218336 2017-10-10] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel Corporation)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [259360 2018-10-04] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [496544 2018-01-31] (McAfee LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [357792 2018-01-31] (McAfee LLC)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83952 2018-01-31] (McAfee LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [528288 2018-01-31] (McAfee LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [948128 2018-01-31] (McAfee LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [521128 2017-11-21] (McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108464 2017-11-21] (McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115104 2018-01-31] (McAfee LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252832 2018-01-31] (McAfee LLC)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-11] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623040 2018-02-05] (Intel Corporation)
S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2018-02-02] ()
R3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2016-06-15] (The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-26] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2017-09-06] (The OpenVPN Project)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-08-23] (Anchorfree Inc.)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [84432 2017-03-27] (The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [46040 2017-08-24] (The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34960 2018-02-02] (HP)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2018-01-05] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-12-25] (Zemana Ltd.)
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-04 16:59 - 2018-10-04 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-10-04 16:55 - 2018-10-04 16:55 - 000000000 ___HD C:\ProgramData\temp
2018-10-04 16:24 - 2018-10-04 16:24 - 002414080 _____ (Farbar) C:\Users\Evan\Downloads\FRST64 (2).exe
2018-10-04 16:03 - 2018-10-04 16:58 - 000000000 ____D C:\Users\Evan\AppData\Local\toaqatuv
2018-10-04 16:03 - 2018-10-04 16:03 - 000000095 _____ C:\WINDOWS\wininit.ini
2018-10-04 15:59 - 2018-10-04 17:01 - 000000000 ____D C:\Users\Evan\Downloads\VST Plugins Pack Ultimate Collection
2018-10-04 15:23 - 2018-10-04 15:23 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-10-04 15:23 - 2018-10-04 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-10-04 01:19 - 2018-10-04 02:06 - 000000000 ____D C:\Users\Evan\Downloads\Nexus Content
2018-10-04 01:15 - 2018-10-04 01:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX
2018-10-04 01:15 - 2018-10-04 01:15 - 000000000 ____D C:\Program Files (x86)\Uninstall Nexus
2018-10-04 01:15 - 2018-10-04 01:15 - 000000000 ____D C:\Program Files (x86)\Manual
2018-10-04 01:15 - 2009-10-24 21:15 - 001332224 _____ (AD © 2009) C:\WINDOWS\SysWOW64\SYNSOEMU.DLL
2018-10-04 00:50 - 2018-10-04 01:05 - 000000000 ____D C:\Users\Evan\Downloads\ReFX Nexus v2.2 VSTi RTAS DVDR - AiRISO [deepstatus]
2018-10-03 09:26 - 2018-10-03 09:26 - 000098234 _____ C:\WINDOWS\uninstaller.dat
2018-10-01 16:06 - 2018-10-01 16:06 - 000000000 ____D C:\Users\Evan\Downloads\Farming.Simulator.17.v1.2.0.0
2018-10-01 15:43 - 2018-10-01 15:59 - 159114917 _____ C:\Users\Evan\Downloads\Farming.Simulator.17.v1.2.0.0.zip
2018-09-30 16:40 - 2018-10-03 07:19 - 000000000 ____D C:\Users\Evan\Documents\Euro Truck Simulator 2
2018-09-30 16:34 - 2018-09-30 16:34 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 - Krone Trailer Pack
2018-09-30 16:14 - 2018-09-18 10:07 - 000000000 ____D C:\Users\Evan\Downloads\Euro.Truck.Simulator.2.Krone.Trailer.Pack
2018-09-30 15:46 - 2018-09-30 16:13 - 907066883 _____ C:\Users\Evan\Downloads\Euro.Truck.Simulator.2.Krone.Trailer.Pack.rar
2018-09-30 13:48 - 2018-09-30 13:48 - 000000982 _____ C:\Users\Public\Desktop\League of Legends.lnk
2018-09-29 23:02 - 2018-09-29 23:02 - 000002045 _____ C:\Users\Evan\Downloads\animelist_1538276537_-_7406724.xml.gz
2018-09-29 22:59 - 2018-09-29 22:59 - 000004729 _____ C:\Users\Evan\Downloads\animelist_1538276397_-_6752577.xml.gz
2018-09-29 00:59 - 2018-09-29 00:59 - 000789048 _____ (Roblox Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (3).exe
2018-09-28 21:03 - 2018-09-06 17:12 - 000000000 ____D C:\Users\Evan\Downloads\Europa.Universalis.IV.Dharma
2018-09-28 20:37 - 2018-09-28 20:48 - 2706411504 _____ C:\Users\Evan\Downloads\Europa.Universalis.IV.Dharma.rar
2018-09-27 19:17 - 2018-09-27 19:19 - 000000000 ____D C:\Users\Evan\AppData\Roaming\.technic
2018-09-27 19:17 - 2018-09-27 19:17 - 004734928 _____ () C:\Users\Evan\Downloads\TechnicLauncher.exe
2018-09-27 17:22 - 2018-10-04 16:55 - 000000000 ____D C:\Program Files (x86)\ProxyGate
2018-09-27 17:22 - 2018-09-27 17:22 - 000000000 _____ C:\Users\Evan\AppData\Roaming\FC29FA0894FE.ini
2018-09-27 15:33 - 2018-09-27 15:33 - 000576894 _____ C:\Users\Evan\Downloads\download.html
2018-09-26 19:24 - 2018-09-26 19:24 - 000000000 ____D C:\Users\Evan\AppData\Roaming\SEMC
2018-09-26 19:21 - 2018-09-26 19:21 - 000001311 _____ C:\Users\Public\Desktop\Vainglory.lnk
2018-09-26 19:21 - 2018-09-26 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vainglory
2018-09-26 19:02 - 2018-09-26 19:02 - 000000000 ____D C:\Program Files (x86)\Super Evil Megacorp
2018-09-26 18:57 - 2018-09-26 19:00 - 1287846320 _____ (Super Evil Megacorp) C:\Users\Evan\Downloads\VainglorySetup.83651.exe
2018-09-26 18:31 - 2018-09-26 18:31 - 001507328 _____ (Adobe Systems Incorporated) C:\Users\Evan\Downloads\flash_player.exe
2018-09-26 18:18 - 2018-09-26 18:21 - 943293743 _____ (Super Evil Megacorp) C:\Users\Evan\Downloads\Unconfirmed 781250.crdownload
2018-09-26 17:26 - 2018-09-26 17:47 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Tropico 5
2018-09-26 17:26 - 2018-09-26 17:26 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Kalypso Media
2018-09-26 17:25 - 2018-09-26 17:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tropico 5
2018-09-26 17:21 - 2018-09-27 17:22 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Tropico.5.v1.10.Inc.All.DLC.Eng.Repack
2018-09-26 17:21 - 2018-09-26 17:22 - 000000000 ____D C:\Program Files (x86)\Tropico 5
2018-09-26 17:19 - 2018-09-26 17:19 - 000000860 _____ C:\Users\Evan\Desktop\Cities Skylines Parklife.lnk
2018-09-26 17:19 - 2018-09-26 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines Parklife
2018-09-25 00:34 - 2018-09-25 00:34 - 000000000 ____D C:\Users\Evan\AppData\Local\TekkenGame
2018-09-25 00:32 - 2018-09-25 00:33 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-09-25 00:28 - 2018-09-25 00:28 - 000002187 _____ C:\Users\Evan\Desktop\TEKKEN 7.lnk
2018-09-25 00:28 - 2018-09-25 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMT-MAX.ORG
2018-09-24 23:09 - 2018-09-24 23:09 - 000000000 ____D C:\Program Files (x86)\GMT-MAX.ORG
2018-09-24 15:46 - 2018-09-24 15:46 - 000000000 ____D C:\Users\Evan\AppData\Local\mbam
2018-09-23 16:38 - 2018-09-24 23:08 - 000000000 ____D C:\Users\Evan\Downloads\TEKKEN_7_DDE_RePack_MAXAGENT
2018-09-23 12:14 - 2018-09-23 12:28 - 000000000 ____D C:\Users\Evan\Downloads\Tropico.5.v1.10.Inc.All.DLC.Eng.Repack
2018-09-17 22:07 - 2018-05-24 13:52 - 000000000 ____D C:\Users\Evan\Downloads\Cities.Skylines.Parklife
2018-09-17 21:50 - 2018-09-17 22:05 - 1063004405 _____ C:\Users\Evan\Downloads\Cities.Skylines.Parklife.part1.rar
2018-09-17 21:50 - 2018-09-17 21:51 - 183525939 _____ C:\Users\Evan\Downloads\Cities.Skylines.Parklife.part2.rar
2018-09-17 16:05 - 2018-09-17 16:05 - 000000023 _____ C:\WINDOWS\BlendSettings.ini
2018-09-17 16:01 - 2018-09-17 16:01 - 000005842 _____ C:\Users\Evan\Downloads\DCF_plugin-36125-1-3.zip
2018-09-17 16:01 - 2018-09-17 16:01 - 000000000 ____D C:\Users\Evan\Downloads\DCF_plugin-36125-1-3
2018-09-17 15:53 - 2018-09-17 15:53 - 000001710 _____ C:\Users\Public\Desktop\The Elder Scrolls IV - Oblivion.lnk
2018-09-17 15:53 - 2018-09-17 15:53 - 000000000 ____D C:\Users\Evan\AppData\Local\Oblivion
2018-09-17 15:53 - 2018-09-17 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls IV - Oblivion [GOG.com]
2018-09-17 15:53 - 2018-09-17 15:53 - 000000000 ____D C:\ProgramData\GOG.com
2018-09-17 15:43 - 2018-09-17 15:43 - 000000000 ____D C:\GOG Games
2018-09-16 23:25 - 2018-09-16 23:25 - 000000000 ____D C:\Users\Evan\AppData\LocalLow\Squeaky Wheel
2018-09-16 23:23 - 2018-08-30 08:59 - 000000000 ____D C:\Users\Evan\Downloads\Academia.School.Simulator.v0.2.49
2018-09-16 22:58 - 2018-09-16 22:58 - 169310482 _____ C:\Users\Evan\Downloads\Academia.School.Simulator.v0.2.49.rar
2018-09-16 21:10 - 2018-09-16 21:10 - 000000000 ____D C:\ProgramData\Undefined game
2018-09-15 19:19 - 2018-09-15 19:42 - 000000000 ____D C:\Users\Evan\Downloads\The Elder Scrolls IV- Oblivion GOTY - GOG
2018-09-15 14:45 - 2018-09-04 18:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-09-14 16:11 - 2018-08-30 23:42 - 007520064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-09-14 16:11 - 2018-08-30 23:28 - 006570040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-09-14 16:11 - 2018-08-30 23:26 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-09-14 16:10 - 2018-08-30 23:44 - 001222440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-09-14 16:10 - 2018-08-30 23:44 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-09-14 16:10 - 2018-08-30 23:42 - 009090016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-09-14 16:10 - 2018-08-30 23:42 - 007436192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-09-14 16:10 - 2018-08-30 23:42 - 002824672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-09-14 16:10 - 2018-08-30 23:28 - 006043680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-09-14 16:10 - 2018-08-30 23:21 - 022008320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-09-14 16:10 - 2018-08-30 23:20 - 022715904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-09-14 16:10 - 2018-08-30 23:18 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-09-14 16:10 - 2018-08-30 23:16 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-09-14 16:10 - 2018-08-30 23:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-09-14 16:10 - 2018-08-30 23:16 - 004382720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-09-14 16:10 - 2018-08-30 23:15 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-09-14 16:10 - 2018-08-30 23:15 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-09-14 16:10 - 2018-08-30 23:15 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-14 16:10 - 2018-08-30 23:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-09-14 16:10 - 2018-08-30 23:13 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-14 16:10 - 2018-08-30 23:10 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-09-14 16:10 - 2018-08-30 23:10 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-09-14 16:10 - 2018-08-28 03:17 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-09-14 16:10 - 2018-08-09 05:32 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-09-14 16:10 - 2018-08-09 05:31 - 001617728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-14 16:10 - 2018-08-09 05:16 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-09-14 16:10 - 2018-08-09 05:14 - 012709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-14 16:10 - 2018-08-09 05:11 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-09-14 16:10 - 2018-08-09 04:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-09-14 16:10 - 2018-08-09 01:02 - 001035144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-14 16:10 - 2018-08-09 00:53 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-09-14 16:10 - 2018-08-09 00:29 - 002253584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-09-14 16:10 - 2018-08-09 00:28 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-14 16:10 - 2018-08-09 00:24 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-09-14 16:10 - 2018-08-09 00:23 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-14 16:10 - 2018-08-09 00:22 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-09-14 16:10 - 2018-08-09 00:09 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-09-14 16:09 - 2018-08-31 03:46 - 000542504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-09-14 16:09 - 2018-08-31 03:45 - 000348328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-09-14 16:09 - 2018-08-31 03:43 - 001524152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-09-14 16:09 - 2018-08-31 03:42 - 001636232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-09-14 16:09 - 2018-08-31 03:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-14 16:09 - 2018-08-31 03:27 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-14 16:09 - 2018-08-31 03:26 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-14 16:09 - 2018-08-31 03:25 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-14 16:09 - 2018-08-31 03:24 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-14 16:09 - 2018-08-31 03:24 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-14 16:09 - 2018-08-31 03:24 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-09-14 16:09 - 2018-08-31 03:23 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-09-14 16:09 - 2018-08-31 03:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-14 16:09 - 2018-08-31 03:22 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-09-14 16:09 - 2018-08-31 03:22 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-14 16:09 - 2018-08-31 02:55 - 001455960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-09-14 16:09 - 2018-08-31 02:53 - 001327504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-09-14 16:09 - 2018-08-31 02:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-09-14 16:09 - 2018-08-31 02:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2018-09-14 16:09 - 2018-08-31 02:37 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-09-14 16:09 - 2018-08-31 02:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-09-14 16:09 - 2018-08-31 02:37 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-09-14 16:09 - 2018-08-31 02:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-09-14 16:09 - 2018-08-30 23:50 - 000273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-09-14 16:09 - 2018-08-30 23:50 - 000270648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-09-14 16:09 - 2018-08-30 23:44 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-09-14 16:09 - 2018-08-30 23:44 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-09-14 16:09 - 2018-08-30 23:44 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-09-14 16:09 - 2018-08-30 23:44 - 000076256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-09-14 16:09 - 2018-08-30 23:43 - 002719216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-09-14 16:09 - 2018-08-30 23:43 - 000722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 002461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 001767064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 001458552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-14 16:09 - 2018-08-30 23:42 - 001258352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-14 16:09 - 2018-08-30 23:42 - 001142000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-14 16:09 - 2018-08-30 23:42 - 001097720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 000983080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-14 16:09 - 2018-08-30 23:42 - 000885928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 000632296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 000604640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-09-14 16:09 - 2018-08-30 23:42 - 000527328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 000494472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-09-14 16:09 - 2018-08-30 23:42 - 000155112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-14 16:09 - 2018-08-30 23:28 - 001989496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-09-14 16:09 - 2018-08-30 23:28 - 001514352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-09-14 16:09 - 2018-08-30 23:28 - 001129728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-09-14 16:09 - 2018-08-30 23:28 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-09-14 16:09 - 2018-08-30 23:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2018-09-14 16:09 - 2018-08-30 23:28 - 000134936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-09-14 16:09 - 2018-08-30 23:15 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-09-14 16:09 - 2018-08-30 23:15 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-14 16:09 - 2018-08-30 23:15 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-14 16:09 - 2018-08-30 23:14 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-14 16:09 - 2018-08-30 23:14 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-09-14 16:09 - 2018-08-30 23:13 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-09-14 16:09 - 2018-08-30 23:13 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-14 16:09 - 2018-08-30 23:12 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-14 16:09 - 2018-08-30 23:11 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-09-14 16:09 - 2018-08-30 23:11 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-14 16:09 - 2018-08-30 23:11 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-09-14 16:09 - 2018-08-30 23:11 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-14 16:09 - 2018-08-30 23:11 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-14 16:09 - 2018-08-30 23:11 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-09-14 16:09 - 2018-08-30 23:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-14 16:09 - 2018-08-30 23:10 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-14 16:09 - 2018-08-30 23:10 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-14 16:09 - 2018-08-30 23:10 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-09-14 16:09 - 2018-08-30 23:10 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-09-14 16:09 - 2018-08-30 23:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-09-14 16:09 - 2018-08-30 23:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-09-14 16:09 - 2018-08-30 23:07 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-09-14 16:09 - 2018-08-30 23:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-09-14 16:09 - 2018-08-30 23:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-09-14 16:09 - 2018-08-30 23:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-09-14 16:09 - 2018-08-28 02:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-09-14 16:09 - 2018-08-28 02:48 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-14 16:09 - 2018-08-28 02:45 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-14 16:09 - 2018-08-28 01:51 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-09-14 16:09 - 2018-08-13 22:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-09-14 16:09 - 2018-08-09 05:31 - 000766872 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-14 16:09 - 2018-08-09 05:31 - 000253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-14 16:09 - 2018-08-09 05:31 - 000236624 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-14 16:09 - 2018-08-09 05:14 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-14 16:09 - 2018-08-09 05:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-14 16:09 - 2018-08-09 05:13 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-09-14 16:09 - 2018-08-09 05:13 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-14 16:09 - 2018-08-09 05:13 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-14 16:09 - 2018-08-09 05:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-14 16:09 - 2018-08-09 05:12 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-09-14 16:09 - 2018-08-09 05:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-14 16:09 - 2018-08-09 05:11 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-09-14 16:09 - 2018-08-09 05:11 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-09-14 16:09 - 2018-08-09 05:11 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-09-14 16:09 - 2018-08-09 05:10 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-14 16:09 - 2018-08-09 05:10 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-09-14 16:09 - 2018-08-09 05:10 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-14 16:09 - 2018-08-09 05:09 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-14 16:09 - 2018-08-09 05:09 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-09-14 16:09 - 2018-08-09 04:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-09-14 16:09 - 2018-08-09 04:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-09-14 16:09 - 2018-08-09 04:23 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-09-14 16:09 - 2018-08-09 04:23 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-09-14 16:09 - 2018-08-09 04:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2018-09-14 16:09 - 2018-08-09 04:22 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-09-14 16:09 - 2018-08-09 04:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-09-14 16:09 - 2018-08-09 04:22 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-09-14 16:09 - 2018-08-09 04:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2018-09-14 16:09 - 2018-08-09 04:21 - 002894848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-09-14 16:09 - 2018-08-09 04:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-09-14 16:09 - 2018-08-09 04:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-09-14 16:09 - 2018-08-09 04:21 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-09-14 16:09 - 2018-08-09 04:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-09-14 16:09 - 2018-08-09 04:20 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-09-14 16:09 - 2018-08-09 04:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-09-14 16:09 - 2018-08-09 01:01 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-14 16:09 - 2018-08-09 00:55 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-14 16:09 - 2018-08-09 00:54 - 001019016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-09-14 16:09 - 2018-08-09 00:54 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-09-14 16:09 - 2018-08-09 00:54 - 000375704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-14 16:09 - 2018-08-09 00:54 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-14 16:09 - 2018-08-09 00:54 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-09-14 16:09 - 2018-08-09 00:53 - 001947720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-14 16:09 - 2018-08-09 00:53 - 001026456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-14 16:09 - 2018-08-09 00:53 - 000932136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-09-14 16:09 - 2018-08-09 00:53 - 000714792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-09-14 16:09 - 2018-08-09 00:53 - 000482480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-09-14 16:09 - 2018-08-09 00:53 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-09-14 16:09 - 2018-08-09 00:53 - 000125600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-14 16:09 - 2018-08-09 00:30 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-09-14 16:09 - 2018-08-09 00:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-09-14 16:09 - 2018-08-09 00:29 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-09-14 16:09 - 2018-08-09 00:29 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-09-14 16:09 - 2018-08-09 00:29 - 000581696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-09-14 16:09 - 2018-08-09 00:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2018-09-14 16:09 - 2018-08-09 00:28 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-14 16:09 - 2018-08-09 00:27 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-14 16:09 - 2018-08-09 00:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-14 16:09 - 2018-08-09 00:26 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-14 16:09 - 2018-08-09 00:26 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-14 16:09 - 2018-08-09 00:26 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-14 16:09 - 2018-08-09 00:26 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-09-14 16:09 - 2018-08-09 00:26 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-14 16:09 - 2018-08-09 00:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-14 16:09 - 2018-08-09 00:24 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-09-14 16:09 - 2018-08-09 00:23 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-14 16:09 - 2018-08-09 00:23 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-14 16:09 - 2018-08-09 00:23 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-14 16:09 - 2018-08-09 00:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-14 16:09 - 2018-08-09 00:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-14 16:09 - 2018-08-09 00:21 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-09-14 16:09 - 2018-08-09 00:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-09-14 16:09 - 2018-08-09 00:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-09-14 16:09 - 2018-08-09 00:11 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-09-14 16:09 - 2018-08-09 00:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-09-14 16:09 - 2018-08-09 00:11 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-09-14 16:09 - 2018-08-09 00:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll
2018-09-14 16:09 - 2018-08-09 00:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-09-14 16:09 - 2018-08-09 00:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-09-14 16:09 - 2018-08-09 00:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-09-14 16:09 - 2018-08-09 00:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-09-14 16:09 - 2018-08-08 23:08 - 000806416 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-09-14 16:09 - 2018-08-08 23:08 - 000806416 _____ C:\WINDOWS\system32\locale.nls
2018-09-14 16:08 - 2018-08-31 03:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-09-14 16:08 - 2018-08-31 02:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-09-14 16:08 - 2018-08-30 23:17 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-09-14 16:08 - 2018-08-30 23:17 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-14 16:08 - 2018-08-30 23:14 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-09-14 16:08 - 2018-08-30 23:14 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-09-14 16:08 - 2018-08-30 23:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll
2018-09-14 16:08 - 2018-08-30 23:10 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-09-14 16:08 - 2018-08-30 23:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-14 16:08 - 2018-08-30 23:10 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-09-14 16:08 - 2018-08-30 23:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-09-14 16:08 - 2018-08-30 21:57 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2018-09-14 16:08 - 2018-08-28 02:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-14 16:08 - 2018-08-13 22:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-09-14 16:08 - 2018-08-09 05:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-09-14 16:08 - 2018-08-09 05:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-14 16:08 - 2018-08-09 05:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-14 16:08 - 2018-08-09 05:11 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-14 16:08 - 2018-08-09 05:09 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-14 16:08 - 2018-08-09 04:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2018-09-14 16:08 - 2018-08-09 04:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-09-14 16:08 - 2018-08-09 04:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-09-14 16:08 - 2018-08-09 00:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-14 16:08 - 2018-08-09 00:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-14 16:08 - 2018-08-09 00:26 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-09-14 16:08 - 2018-08-09 00:22 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-14 16:08 - 2018-08-09 00:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2018-09-14 16:08 - 2018-08-09 00:11 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-09-14 16:08 - 2018-08-09 00:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-09-14 16:08 - 2018-08-09 00:10 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-09-14 16:08 - 2018-08-09 00:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-09-13 00:28 - 2018-09-13 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Rainbow Six Vegas 2
2018-09-12 20:28 - 2018-09-12 21:08 - 000000000 ____D C:\Users\Evan\Downloads\Rainbow Six Vegas 2
2018-09-12 20:14 - 2018-09-12 20:14 - 000000000 ____D C:\ProgramData\Ubisoft
2018-09-12 20:13 - 2018-09-12 20:14 - 000107832 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2018-09-12 20:13 - 2018-09-12 20:13 - 002337865 _____ C:\WINDOWS\SysWOW64\pbsvc.exe
2018-09-12 20:13 - 2018-09-12 20:13 - 000066872 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-09-12 19:53 - 2018-09-13 00:16 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2018-09-12 19:23 - 2018-09-12 19:45 - 000000000 ____D C:\Users\Evan\Downloads\www.alt.bitworld.to...Tom.Clancys.Rainbow.Six.Vegas.2-RELOADED
2018-09-11 23:37 - 2018-09-11 23:37 - 000000000 ____D C:\Users\Evan\Downloads\Native Instruments FM8 v1.4.0 Update-R2R [deepstatus]
2018-09-10 17:59 - 2018-09-10 17:59 - 000379481 _____ C:\Users\Evan\Downloads\watch (1).html
2018-09-10 16:02 - 2018-09-10 16:02 - 000004585 _____ C:\Users\Evan\Downloads\FLRegKey.reg
2018-09-10 16:00 - 2018-10-04 01:29 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2018-09-10 16:00 - 2018-09-10 16:00 - 000002128 _____ C:\Users\Evan\Desktop\FL Studio 12 (64bit).lnk
2018-09-10 16:00 - 2018-09-10 16:00 - 000002112 _____ C:\Users\Evan\Desktop\FL Studio 12.lnk
2018-09-10 16:00 - 2018-09-10 16:00 - 000001218 _____ C:\Users\Evan\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2018-09-10 16:00 - 2018-09-10 16:00 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2018-09-10 16:00 - 2018-09-10 16:00 - 000000000 ____D C:\Program Files\Common Files\VST2
2018-09-10 16:00 - 2018-09-10 16:00 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2018-09-10 16:00 - 2018-09-10 16:00 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2018-09-10 15:58 - 2018-09-10 15:58 - 000000000 ____D C:\Users\Evan\Documents\Image-Line
2018-09-10 15:58 - 2018-09-10 15:58 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-09-10 15:58 - 2018-09-10 15:58 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Image-Line
2018-09-10 15:58 - 2018-09-10 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-09-10 15:58 - 2018-09-10 15:58 - 000000000 ____D C:\Program Files\Image-Line
2018-09-10 15:46 - 2018-09-10 16:00 - 000000000 ____D C:\Program Files (x86)\Image-Line
2018-09-10 15:39 - 2018-09-10 15:43 - 000000000 ____D C:\Users\Evan\Downloads\FL STUDIO 12 Producer Edition v12.2 [build3] 32Bit & 64Bit + Crack
2018-09-08 01:20 - 2018-09-20 02:19 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Taiga
2018-09-08 01:20 - 2018-09-08 01:20 - 001203581 _____ (erengy) C:\Users\Evan\Downloads\TaigaSetup.exe
2018-09-08 01:20 - 2018-09-08 01:20 - 000001011 _____ C:\Users\Evan\Desktop\Taiga.lnk
2018-09-08 01:20 - 2018-09-08 01:20 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Taiga
2018-09-08 00:01 - 2018-09-27 19:05 - 000000393 _____ C:\Users\Evan\Documents\Multihack4.ini
2018-09-08 00:01 - 2018-09-08 00:01 - 000001129 _____ C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multihack.lnk
2018-09-08 00:01 - 2018-09-08 00:01 - 000000000 ____D C:\Users\Evan\Downloads\Multihack v4.0_mpgh.net
2018-09-08 00:00 - 2018-09-08 00:00 - 001322651 _____ C:\Users\Evan\Downloads\Multihack v4.0_mpgh.net.zip
2018-09-06 00:39 - 2018-09-06 00:39 - 000003652 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-04 17:12 - 2018-01-05 13:30 - 000088933 _____ C:\WINDOWS\ZAM.krnl.trace
2018-10-04 17:12 - 2017-12-27 13:31 - 000034811 _____ C:\Users\Evan\Downloads\FRST.txt
2018-10-04 17:12 - 2017-12-25 17:21 - 000052676 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-10-04 17:07 - 2018-09-01 17:04 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Twitch
2018-10-04 17:04 - 2018-06-19 04:14 - 000000000 ____D C:\Users\Evan\AppData\Local\Overwolf
2018-10-04 17:01 - 2018-07-03 13:17 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Blitz
2018-10-04 17:01 - 2018-06-19 04:15 - 000000000 ____D C:\Program Files (x86)\Overwolf
2018-10-04 16:57 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-04 16:57 - 2017-07-13 19:51 - 000000000 __SHD C:\Users\Evan\IntelGraphicsProfiles
2018-10-04 16:55 - 2018-05-17 02:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-04 16:54 - 2018-04-11 17:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-10-04 16:24 - 2017-12-27 13:31 - 000000000 ____D C:\FRST
2018-10-04 16:24 - 2017-12-26 19:42 - 000002332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-04 16:07 - 2018-05-17 16:55 - 000000000 ____D C:\Users\Evan\AppData\Local\D3DSCache
2018-10-04 16:06 - 2018-09-01 20:24 - 000259360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-10-04 16:06 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-04 16:04 - 2018-03-30 10:30 - 000000358 _____ C:\WINDOWS\Tasks\HPCeeScheduleForEvan.job
2018-10-04 16:00 - 2017-12-24 18:02 - 000000000 ____D C:\Users\Evan\AppData\Local\transmission
2018-10-04 15:54 - 2018-05-17 02:53 - 000003246 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForEvan
2018-10-04 15:24 - 2018-05-17 02:53 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01B21D24-031A-4188-BA33-533CE41FA0CB}
2018-10-04 15:21 - 2018-05-17 02:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-04 07:44 - 2016-10-21 11:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-03 15:43 - 2017-10-08 16:19 - 000000000 ____D C:\Program Files (x86)\RealRealSteam
2018-10-02 07:46 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-01 18:01 - 2017-07-17 19:22 - 000000000 ____D C:\Users\Evan\Documents\My Games
2018-10-01 00:24 - 2017-07-28 15:53 - 000000000 ____D C:\Users\Evan\AppData\Local\Battle.net
2018-09-30 23:24 - 2017-07-28 15:54 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2018-09-30 16:40 - 2018-06-28 15:05 - 000000000 ____D C:\Users\Evan\Documents\SkidRow
2018-09-30 16:31 - 2018-05-02 17:40 - 000000000 ____D C:\Games
2018-09-30 13:48 - 2018-01-09 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2018-09-29 23:03 - 2018-08-14 01:59 - 000000000 ____D C:\Users\Evan\Downloads\memes
2018-09-29 02:04 - 2017-09-03 16:04 - 000000000 ____D C:\Program Files (x86)\Arena
2018-09-27 22:50 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-09-27 20:11 - 2017-11-26 01:56 - 000000000 ____D C:\Users\Evan\AppData\Local\Packages
2018-09-27 17:35 - 2018-05-17 02:25 - 000000000 ____D C:\Users\Evan
2018-09-27 17:32 - 2017-10-08 11:13 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2018-09-27 17:31 - 2016-10-21 11:51 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-09-27 17:31 - 2016-10-21 11:51 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-09-27 17:29 - 2018-04-11 17:04 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2018-09-26 21:55 - 2018-02-26 23:25 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-09-26 17:08 - 2018-07-04 04:36 - 000000000 ____D C:\ProgramData\Packages
2018-09-25 00:43 - 2017-12-25 17:33 - 000000000 ____D C:\Program Files\Unlocker
2018-09-25 00:34 - 2018-02-02 18:53 - 000000000 ____D C:\Users\Evan\AppData\Local\UnrealEngine
2018-09-25 00:32 - 2018-04-04 17:52 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2018-09-22 01:59 - 2018-05-17 02:53 - 000004008 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-09-22 01:59 - 2018-05-17 02:53 - 000003776 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-09-21 15:45 - 2018-05-17 02:53 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2198813628-2402096551-3996786398-1001
2018-09-21 15:45 - 2018-05-17 02:25 - 000002416 _____ C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-21 15:45 - 2017-07-13 19:55 - 000000000 ___RD C:\Users\Evan\OneDrive
2018-09-19 21:38 - 2018-04-14 00:46 - 000000000 ____D C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2018-09-19 21:38 - 2018-04-14 00:45 - 000000000 ____D C:\Users\Evan\AppData\Local\HearthstoneDeckTracker
2018-09-19 21:38 - 2017-07-15 11:31 - 000000000 ____D C:\Users\Evan\AppData\Local\SquirrelTemp
2018-09-19 21:32 - 2017-10-17 22:18 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2018-09-17 16:43 - 2018-05-17 02:53 - 000003446 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2018-09-17 16:07 - 2018-02-11 23:51 - 000000000 ____D C:\Users\Evan\.grasp_settings
2018-09-17 15:43 - 2017-03-23 00:31 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-09-16 21:23 - 2018-06-12 20:04 - 000000000 ____D C:\Users\Evan\AppData\Roaming\StardewValley
2018-09-15 21:47 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-15 21:45 - 2018-05-17 02:17 - 000290976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-15 21:41 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-09-15 21:41 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-09-15 21:41 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-15 21:41 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-09-15 21:41 - 2018-04-11 17:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-15 21:28 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-15 13:52 - 2018-05-17 02:53 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-09-12 19:53 - 2016-10-21 11:49 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-09-12 02:16 - 2018-05-17 02:24 - 000931512 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-11 22:28 - 2017-12-26 19:42 - 000000000 ____D C:\Program Files\CCleaner
2018-09-11 16:07 - 2017-07-13 19:52 - 000000000 ____D C:\Users\Evan\AppData\Local\Publishers
2018-09-10 08:15 - 2017-12-22 12:29 - 000000000 ____D C:\Users\Evan\AppData\Local\ElevatedDiagnostics
2018-09-09 17:54 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-09-04 19:04 - 2018-04-11 19:41 - 000835144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-09-04 19:04 - 2018-04-11 19:41 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2018-02-10 13:47 - 2018-02-09 13:46 - 000038678 _____ () C:\Users\Evan\AppData\Roaming\dhgfhgferr.png
2018-09-27 17:22 - 2018-09-27 17:22 - 000000000 _____ () C:\Users\Evan\AppData\Roaming\FC29FA0894FE.ini
2018-06-21 17:52 - 2018-06-21 18:03 - 000000084 _____ () C:\Users\Evan\AppData\Local\Autosofted License.txt
2018-10-04 16:06 - 2018-10-04 16:06 - 000000066 _____ () C:\Users\Evan\AppData\Local\dxmtbtov.log
2018-10-04 16:06 - 2018-10-04 16:06 - 000076587 _____ () C:\Users\Evan\AppData\Local\fqgqnssy.log
2018-10-04 16:06 - 2018-10-04 16:53 - 000000004 _____ () C:\Users\Evan\AppData\Local\gtlhvkjj.log
2018-10-04 16:06 - 2018-10-04 16:06 - 000000000 _____ () C:\Users\Evan\AppData\Local\rraftxqi.log
2018-10-04 16:05 - 2018-10-04 17:17 - 000000028 _____ () C:\Users\Evan\AppData\Local\vrwgfbko.log
2018-10-04 16:05 - 2018-10-04 16:06 - 000393442 _____ () C:\Users\Evan\AppData\Local\wibtbxol.log
2018-10-04 16:06 - 2018-10-04 17:09 - 001357073 _____ () C:\Users\Evan\AppData\Local\xfqjyfrc.log
Some files in TEMP:
====================
2018-09-27 19:24 - 2018-09-27 19:24 - 000017408 ____N (Red Hat®, Inc.) C:\Users\Evan\AppData\Local\Temp\jansi-32-5951740665947102899.dll
2018-09-27 18:55 - 2018-09-27 18:55 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Evan\AppData\Local\Temp\jansi-64-1380607797332911364.dll
2018-09-27 16:00 - 2018-09-27 16:00 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Evan\AppData\Local\Temp\jansi-64-3152145344091471539.dll
2018-09-27 19:06 - 2018-09-27 19:06 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Evan\AppData\Local\Temp\jansi-64-4146885892808842387.dll
2018-09-27 16:14 - 2018-09-27 16:14 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Evan\AppData\Local\Temp\jansi-64-5643878827776892051.dll
2018-10-04 16:05 - 2018-10-04 20:20 - 000146160 ____S (Microsoft Corporation) C:\Users\Evan\AppData\Local\Temp\lngirfyq.exe
2018-10-04 06:21 - 2018-10-04 06:21 - 007069348 _____ () C:\Users\Evan\AppData\Local\Temp\setup.dll
2018-10-04 16:05 - 2018-10-04 20:20 - 000146160 ____S (Microsoft Corporation) C:\Users\Evan\AppData\Local\Temp\swnwecbe.exe
2018-10-04 16:11 - 2018-10-04 17:03 - 000146160 _____ (Microsoft Corporation) C:\Users\Evan\AppData\Local\Temp\taqvmqha.exe
2018-10-04 16:16 - 2018-10-04 16:03 - 000099887 _____ () C:\Users\Evan\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-17 02:17
==================== End of FRST.txt ============================
addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.10.2018
Ran by Evan (04-10-2018 17:18:35)
Running from C:\Users\Evan\Downloads
Windows 10 Home Version 1803 17134.285 (X64) (2018-05-17 06:55:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2198813628-2402096551-3996786398-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2198813628-2402096551-3996786398-503 - Limited - Disabled)
Evan (S-1-5-21-2198813628-2402096551-3996786398-1001 - Administrator - Enabled) => C:\Users\Evan
Guest (S-1-5-21-2198813628-2402096551-3996786398-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2198813628-2402096551-3996786398-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Arena 3.5.1 (HKLM-x32\...\Arena 3.5.1_is1) (Version: - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Auto Keyboard v1.6 (HKLM-x32\...\{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1) (Version: 1.6 - MurGee.com)
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-018150a6-0d9b-4ea1-8a0e-7f26ca8bd492) (Version: 3.0.2.48 - WildTangent) Hidden
Betternet (HKLM-x32\...\Betternet) (Version: - )
Betternet for Windows 3.11.1 (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF7C205999}) (Version: 3.11.1 - Betternet Technologies Inc.)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.10 - Kakao Games Europe B.V.)
Blitz 0.7.10 (HKLM\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 0.7.10 - Blitz Esports)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.56.74.1828 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cities Skylines Parklife (HKLM-x32\...\Cities Skylines Parklife_is1) (Version: - )
Darkest Dungeon The Color of Madness (HKLM-x32\...\Darkest Dungeon The Color of Madness_is1) (Version: - )
Divinity Original Sin 2 (HKLM-x32\...\Divinity Original Sin 2_is1) (Version: - )
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Dont Starve Together A New Reign (HKLM-x32\...\Dont Starve Together A New Reign_is1) (Version: - )
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epic Games Launcher (HKLM-x32\...\{FE3CD7B8-14D4-46E9-A206-2C8F2C0E6F1F}) (Version: 1.1.139.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 - Krone Trailer Pack (HKLM\...\SKIDROW - Euro Truck Simulator 2 - Krone Trailer Pack) (Version: - SKIDROW)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Floris Mod Pack 2.54 (HKLM-x32\...\Floris Mod Pack_is1) (Version: - )
Football Manager 2017 (HKLM\...\Football Manager 2017_is1) (Version: 1.0 - )
Football, Tactics & Glory (HKLM\...\SKIDROW - Football, Tactics & Glory) (Version: - SKIDROW)
FreeMouseAutoClicker 3.8.3 (HKLM-x32\...\{292F00C5-25EF-4FBE-9873-13EF1F69DEED}_is1) (Version: - Advanced Mouse Auto Clicker ltd.)
Game Summary (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 118.1.4 - Overwolf app)
Game Summary (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 118.1.4 - Overwolf app)
Game Summary (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170715942\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 118.1.4 - Overwolf app)
Game Summary (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170749362\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 118.1.4 - Overwolf app)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HearthArena Companion (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Overwolf_eldaohcjmecjpkpdhhoiolhhaeapcldppbdgbnbc) (Version: 1.5.0.1 - Overwolf app)
HearthArena Companion (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Overwolf_eldaohcjmecjpkpdhhoiolhhaeapcldppbdgbnbc) (Version: 1.5.0.1 - Overwolf app)
HearthArena Companion (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170715942\...\Overwolf_eldaohcjmecjpkpdhhoiolhhaeapcldppbdgbnbc) (Version: 1.5.0.1 - Overwolf app)
HearthArena Companion (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170749362\...\Overwolf_eldaohcjmecjpkpdhhoiolhhaeapcldppbdgbnbc) (Version: 1.5.0.1 - Overwolf app)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\HearthstoneDeckTracker) (Version: 1.7.5 - HearthSim)
Hearthstone Deck Tracker (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\HearthstoneDeckTracker) (Version: 1.7.5 - HearthSim)
Hearthstone Deck Tracker (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170715942\...\HearthstoneDeckTracker) (Version: 1.7.5 - HearthSim)
Hearthstone Deck Tracker (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170749362\...\HearthstoneDeckTracker) (Version: 1.7.5 - HearthSim)
hide.me VPN 1.3.4 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.3.4 - eVenture Limited)
Hotspot Shield 7.4.6 (HKLM-x32\...\{65ed84d7-2bc2-4663-9b41-4681aa85be92}) (Version: 7.4.6.10822 - AnchorFree Inc.)
Hotspot Shield 7.4.6 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925C1670D69}) (Version: 7.4.6.10822 - AnchorFree Inc.) Hidden
Hotspot Shield 7.4.6 (HKLM-x32\...\HotspotShield) (Version: 7.4.6 - AnchorFree Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{0C5D69BD-B518-46DB-8471-506CD27F9478}) (Version: 1.0.138.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP Orbit (HKLM-x32\...\{82b971c1-85fa-4c53-ada1-4ec6be0c0c8a}) (Version: 3.5.171.271 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.6.18.11 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{C85AC2ED-2305-4137-A8BA-CC628F635C82}) (Version: 12.9.24.3 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
ibVPN All-In-One (HKLM-x32\...\ibVPN All-In-One) (Version: 2.3.4.1534 - AmplusNet SRL)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel® Chipset Device Software (HKLM-x32\...\{5f5c7829-a6ba-4fc6-9f47-d068f51ed99b}) (Version: 10.1.1.35 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{3A55D9C8-17B6-41F9-B9C2-4B1532DCD016}) (Version: 19.10.1635.0483 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ed4a5da7-ac62-4aa5-9502-7b4de55e8cb5}) (Version: 20.20.2 - Intel Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
JCleaner 1.8.4 (HKLM-x32\...\JCleaner 1.8.4) (Version: 1.8.4 - VITSoft)
jGRASP (HKLM-x32\...\jGRASP) (Version: 2.0.4_03 - Auburn University)
KCleaner 3.6.0 (HKLM-x32\...\KCleaner 3.6.0) (Version: 3.6.0 - KC-SOFTWARES)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League Displays (HKLM-x32\...\LolScreenSaver) (Version: W1.0.992-beta - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
League Of Memories (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\leagueofmemories) (Version: 0.6.2 - LeagueOfMemories)
League Of Memories (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\leagueofmemories) (Version: 0.6.2 - LeagueOfMemories)
League Of Memories (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170715942\...\leagueofmemories) (Version: 0.6.2 - LeagueOfMemories)
League Of Memories (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170749362\...\leagueofmemories) (Version: 0.6.2 - LeagueOfMemories)
Letter Quest - Grimm's Journey (HKLM-x32\...\WTA-8e53addf-f209-4ed7-94b6-52317cac87d9) (Version: 3.0.2.118 - WildTangent) Hidden
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R8 - McAfee, Inc.)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.1.250.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.10827.20138 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170715942\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170749362\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version: - )
Mystika 2 (HKLM-x32\...\WTA-012ad41f-4cb0-410d-93fe-cce0c10c4ca7) (Version: 1.1.2.4 - WildTangent) Hidden
NextUp-ScanSoft Daniel British Voice (HKLM-x32\...\{BE916006-E144-44CF-B467-F733D0F86200}) (Version: 4.0.0 - NextUp.com)
Niche - a genetics survival game (HKLM\...\bmljaGVhZ2VuZXRpY3NzdXJ2aXZhbGdhbWU_is1) (Version: 1 - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
OP.GG (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Overwolf_bhefjlijbpddfjbpokonlhdneiljfghigipgaijd) (Version: 1.5.0 - Overwolf app)
OP.GG (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Overwolf_bhefjlijbpddfjbpokonlhdneiljfghigipgaijd) (Version: 1.5.0 - Overwolf app)
OP.GG (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170715942\...\Overwolf_bhefjlijbpddfjbpokonlhdneiljfghigipgaijd) (Version: 1.5.0 - Overwolf app)
OP.GG (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170749362\...\Overwolf_bhefjlijbpddfjbpokonlhdneiljfghigipgaijd) (Version: 1.5.0 - Overwolf app)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenGL Extensions Viewer 5.1 (HKLM-x32\...\GLVIEW3) (Version: 513 - )
OpenVPN 2.3.6-I001 (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I001 - )
OpenVPN 2.4.5-I601 (HKLM\...\OpenVPN) (Version: 2.4.5-I601 - OpenVPN Technologies, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.118.2.33 - Overwolf Ltd.)
Path of Exile (HKLM-x32\...\{189c8173-084a-44d5-908d-c3881009d5aa}) (Version: 3.3.0.34126 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.3.0.34126 - Grinding Gear Games) Hidden
PlayVIG (HKLM-x32\...\{6C7CAF7C-51B1-40C0-BD84-9B7445BFE015}) (Version: 103.03.08.09 - PlayVIG)
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.8.4.0 - OpenVPN Technologies)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Roblox Player for Evan (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for Evan (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for Evan (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170715942\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for Evan (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170749362\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Runefall (HKLM-x32\...\WTA-1e75b8cf-14bf-48bc-abc5-1158fa9fd873) (Version: 3.0.2.126 - WildTangent) Hidden
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
Sparkle 2 (HKLM-x32\...\WTA-2d2ef3dd-0b0d-41bf-bbac-6382ff10fe81) (Version: 3.0.2.51 - WildTangent) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Taiga (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\Taiga) (Version: 1.3.1 - erengy)
Taiga (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\Taiga) (Version: 1.3.1 - erengy)
Taiga (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170715942\...\Taiga) (Version: 1.3.1 - erengy)
Taiga (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170749362\...\Taiga) (Version: 1.3.1 - erengy)
TEKKEN 7 version 1.0 (HKLM-x32\...\TEKKEN 7_is1) (Version: 1.0 - GMT-MAX.ORG)
The Elder Scrolls IV: Oblivion (HKLM-x32\...\1458058109_is1) (Version: 1.2.0416 - GOG.com)
TI Connect™ CE (HKLM-x32\...\{30258E3F-5B74-4450-8188-3221682375F4}) (Version: 5.2.0.51 - Texas Instruments Inc.)
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{7AA77536-7DC2-4831-A0CF-B46C49C2D4DF}_is1) (Version: 1.03 - Ubisoft)
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.03 - Ubisoft)
Transmission 2.92 (14714) (x64) (HKLM\...\{E2B281FA-6236-4F0D-B710-ECDB6B60EB5E}) (Version: 2.92.0 - Transmission Project)
Tropico.5.v1.10.Inc.All.DLC.Eng.Repack version 1.10 (HKLM-x32\...\{1FF6E821-EEEC-4CED-BFF3-9DF85FFE7BEB}}_is1) (Version: 1.10 - Ali213.net)
TunnelBear (HKLM-x32\...\{8092fbe5-9e59-4729-a5de-5bb6a64873cc}) (Version: 3.0.37.12 - TunnelBear)
TunnelBear (HKLM-x32\...\{ABC9BE61-B890-4100-BCA4-5AC3BF1F3CB5}) (Version: 3.0.37.12 - TunnelBear) Hidden
Twitch (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Twitch (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Twitch (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170715942\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Twitch (HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018170749362\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UnZipper 1.0.0 (HKLM-x32\...\UnZipper) (Version: 1.0.0 - UnZipper)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Vainglory 3.7 (HKLM-x32\...\Vainglory) (Version: 3.7 - Super Evil Megacorp)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.28 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.14 - WildTangent) Hidden
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-01-05] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2018-01-25] (McAfee, Inc.)
ContextMenuHandlers1-x32: [UnZipper] -> {73950f91-2061-4ea3-8bd5-49ec4bf08ac2} => C:\Program Files (x86)\UnZipper\UnZipper.dll [2015-11-04] (Tightrope Interactive)
ContextMenuHandlers1-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4-x32: [UnZipper] -> {73950f91-2061-4ea3-8bd5-49ec4bf08ac2} => C:\Program Files (x86)\UnZipper\UnZipper.dll [2015-11-04] (Tightrope Interactive)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igfxDTCM.dll [2016-12-06] (Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-01-05] ()
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2018-01-25] (McAfee, Inc.)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {074E5D21-8C6B-41CD-B1AB-E78E0EAD989E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-04] (Microsoft Corporation)
Task: {0AA62996-B05B-43A2-86DB-AD9A3E13137D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2017-09-15] (Microsoft Corporation)
Task: {0F606C80-D9C9-433F-8CB8-171223121E9A} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2016-10-04] (HP Inc.)
Task: {1410DDF2-9122-42F9-9DDB-DB21589670A7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-04] (Microsoft Corporation)
Task: {299CD121-4EB8-4955-A531-CB799E364335} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-26] (Microsoft Corporation)
Task: {2F0999DD-65C2-43E8-ADA0-678ED4B1CA5D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {35D8B312-D4EC-4537-A73D-06B846316DC4} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [2017-09-15] (Microsoft)
Task: {39EFAE66-7434-40BA-8804-85CF470553D0} - System32\Tasks\HPCeeScheduleForEvan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {44399526-5706-48FE-8E44-522FF3B76027} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-10-04] (Microsoft Corporation)
Task: {49229FE4-3797-498A-9EA0-7C590D0E1783} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-26] (Microsoft Corporation)
Task: {4EE09D7F-3B5A-4D5F-8E5A-72956D2F2F1E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-26] (Google Inc.)
Task: {4FFFB024-1484-4C78-84ED-779162CC0D8A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2017-09-15] (Microsoft Corporation)
Task: {54FD613E-45C7-4C5A-8110-BF733BC61A84} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {5643D652-D2CD-4C65-8D76-BF05DBAB8C34} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-09-18] (Overwolf LTD)
Task: {5796304F-C61A-4285-8DC9-4722DC4C89D5} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {661008FB-5C24-45C8-88F5-A76DDFE3E276} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN38E1W1BK => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-09-06] (HP Inc.)
Task: {67D67830-8272-4419-8804-E32B3B96AA61} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2017-09-15] (Microsoft)
Task: {6C7A5DB7-DD8B-485E-A01A-AD17DA20E28D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-08-21] (HP Inc.)
Task: {7E78CD9E-FBF1-4FFA-A8F4-7C30BC89AD76} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {82B51764-1F96-4E1C-8CE1-AE1E52F6F7D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {8B9FB1E1-D099-4E35-8C4F-0660251DF4F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-26] (Google Inc.)
Task: {8F7F0B37-DAA4-412E-9B02-C54492F78C3B} - System32\Tasks\ibVPN-NewService => C:\Program Files (x86)\ibVPN_2.x\ibVPN.exe [2018-03-21] ()
Task: {9D3298BC-607E-4E5D-9FAA-E56F9C097B87} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-07-13] (Dropbox, Inc.)
Task: {A16EC950-3D91-4AB2-B206-90A6DE4A43D2} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2017-09-15] (Microsoft Corporation)
Task: {A18229D4-977F-4DF5-9BF8-DDA031842F1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
Task: {A646456C-5064-48E6-ADDC-9F0401321172} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN6A83Q5Q9 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-09-06] (HP Inc.)
Task: {ACD8237C-2838-4D53-9180-738DA7D6324D} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B1A83A08-D736-4815-AC20-44B6FE79B762} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-04] (Microsoft Corporation)
Task: {B45CB9D2-9F46-48DE-86DF-FABCDA39DBBB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {B85B22DC-C87F-4AD2-BC01-AF2864F4B2C8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BD0DD682-4AE9-47CE-BE90-E66E70405D61} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-06-11] (McAfee, Inc.)
Task: {BE889667-6269-4869-A634-A75547BA3B94} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2017-10-04] (McAfee, Inc.)
Task: {C5BE5C07-4157-41FD-9D5C-901F90C6D19E} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] ()
Task: {C67205F1-1158-49D0-8BBC-8FEEA8B10803} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-04] (Microsoft Corporation)
Task: {CC6A7E62-F548-4330-8797-C88187583F43} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-24] ()
Task: {D2A5B1D7-BDDB-4B34-8BF9-0A975EEE349C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {D4BD32CA-7DA8-43EA-ABF0-BD32389B6A3C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-10-11] (Intel® Corporation)
Task: {D528E985-0960-4137-8794-97A2F873D815} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.178\DADUpdater.exe [2018-06-08] (McAfee, Inc.)
Task: {DABC5DFB-0B49-4609-8176-F8B1584D1D06} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {DF17BCD0-79CE-48A7-8064-21E479A33566} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-09-06] (HP Inc.)
Task: {DFE134DE-2BA7-44DA-B819-6A2AAC7468F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-04] (Microsoft Corporation)
Task: {E66D4C7C-D6CE-4A5A-8FF3-5E2DF8DCB1E9} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2017-09-15] (Microsoft Corporation)
Task: {E873358B-6B36-4477-98AE-E21A6BAF0E7A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-09-06] (HP Inc.)
Task: {E97B3EAD-25EE-4CC9-B9B1-FDD0E261235C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {EFA4C9E8-B8CB-4674-9027-76CB418DAEE8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-07-13] (Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForEvan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 5.1\OpenGL Extensions Viewer 5.1 Home Page.lnk -> hxxp://www.realtech-vr.com/glview
Shortcut: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 5.1\realtech VR Home Page.lnk -> hxxp://www.realtech-vr.com
ShortcutWithArgument: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi --disable-quic
ShortcutWithArgument: C:\Users\Evan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Evan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=priceline&refclickid=square
==================== Loaded Modules (Whitelisted) ==============
2018-04-11 19:34 - 2018-04-11 19:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2017-08-14 17:43 - 2017-08-14 17:43 - 000900840 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
2018-09-12 20:13 - 2018-09-12 20:13 - 000066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-09-12 20:13 - 2018-09-12 20:14 - 000107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2018-06-09 16:27 - 2018-09-01 20:23 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-07-17 13:58 - 2018-01-05 18:39 - 001707032 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll
2017-07-17 13:58 - 2018-01-05 18:39 - 000572776 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-09-21 13:14 - 2016-09-21 13:14 - 000584488 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
2018-09-14 16:10 - 2018-08-30 23:12 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-30 10:59 - 2018-09-30 11:00 - 000066048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.1001.10.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-09-26 17:07 - 2018-09-26 17:07 - 000875520 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1808.2461.0_x64__8wekyb3d8bbwe\TimeBackground.dll
2018-06-28 18:26 - 2018-06-28 18:26 - 008725504 _____ () C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t\WindowsShoppingApp.dll
2018-07-26 18:16 - 2018-07-26 18:16 - 004383232 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1807.1991.0_x64__8wekyb3d8bbwe\OneConnect.dll
2018-03-01 04:51 - 2018-03-01 04:51 - 000665216 _____ () C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2018-07-03 13:16 - 2018-07-03 13:16 - 001955328 ____N () C:\Program Files\Blitz\ffmpeg.dll
2018-09-19 22:46 - 2018-09-15 04:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-19 22:46 - 2018-09-15 04:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2016-09-21 13:14 - 2016-09-21 13:14 - 000211240 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\Ledger.dll
2016-09-21 13:15 - 2016-09-21 13:15 - 000121128 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\zlib1.dll
2018-09-01 17:04 - 2018-09-01 17:04 - 000393608 _____ () C:\Users\Evan\AppData\Roaming\Twitch\Bin\opus.dll
2018-09-01 17:04 - 2018-09-27 15:28 - 000535872 _____ () C:\Users\Evan\AppData\Roaming\Twitch\Bin\Curse.Presto.Interface.dll
2018-09-16 23:22 - 2018-09-16 23:22 - 000156672 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\f77a8da0f42a5cf2d452575166262fff\BRIDGECommon.ni.dll
2018-09-27 20:06 - 2018-09-27 20:06 - 000329728 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\7fc2a0b2f826155ac6f65d731b550c13\CleanStartController.ni.dll
2018-09-27 20:06 - 2018-09-27 20:06 - 000116736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\aa6365bd76179a7e51d4b449eeae9393\BridgeExtension.ni.dll
2017-11-09 01:44 - 2017-11-09 01:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 004883480 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\blitz_helper.exe
2018-07-03 13:16 - 2018-07-03 13:16 - 000103424 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\win32api.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 000111616 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\pywintypes36.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 000405504 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\pythoncom36.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 000011264 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\markupsafe._speedups.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 000023040 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\greenlet.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 039731712 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\cv2.cv2.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 001240064 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\numpy.core.multiarray.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 027268791 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\libopenblas.UWVN3XTD2LSS7SFIFK6TIQ5GONFDBJKU.gfortran-win32.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 000648192 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\numpy.core.umath.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 000015872 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\numpy.linalg.lapack_lite.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 000087040 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\numpy.linalg._umath_linalg.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 000044544 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\numpy.fft.fftpack_lite.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 000673280 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\numpy.random.mtrand.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 001247232 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\PIL._imaging.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 000309248 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\tesserocr._tesserocr.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 002480640 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\pvt.cppan.demo.google.tesseract.libtesseract-3.5.1.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 001948672 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\pvt.cppan.demo.danbloomberg.leptonica-1.74.4.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 000159232 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\pvt.cppan.demo.png-1.6.30.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 000387584 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\pvt.cppan.demo.tiff-4.0.8.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 000253440 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\pvt.cppan.demo.jpeg-9.2.0.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 000429568 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\pvt.cppan.demo.webp-0.6.0.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 000074752 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\pvt.cppan.demo.madler.zlib-1.2.11.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 000160768 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\pvt.cppan.demo.openjpeg.openjp2-2.1.2.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 000130560 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\pvt.cppan.demo.xz_utils.lzma-5.2.3.dll
2018-07-03 13:16 - 2018-07-03 13:16 - 000173568 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\win32gui.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 001149952 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\win32ui.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 000041984 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\win32process.pyd
2018-07-03 13:16 - 2018-07-03 13:16 - 000114176 _____ () C:\Program Files\Blitz\resources\blitz_helper\blitz_helper\win32security.pyd
2018-09-01 17:04 - 2018-09-27 15:28 - 001705792 _____ () C:\Users\Evan\AppData\Roaming\Twitch\Bin\Electron\ffmpeg.dll
2018-09-01 17:04 - 2018-09-27 15:28 - 002551104 _____ () C:\Users\Evan\AppData\Roaming\Twitch\Bin\Electron\libglesv2.dll
2018-09-01 17:04 - 2018-09-27 15:28 - 000023360 _____ () C:\Users\Evan\AppData\Roaming\Twitch\Bin\Electron\libegl.dll
2018-09-01 17:04 - 2018-09-27 15:28 - 000400384 _____ () \\?\C:\Users\Evan\AppData\Roaming\Twitch\Bin\Electron\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-09-01 17:04 - 2018-09-27 15:28 - 000129536 _____ () \\?\C:\Users\Evan\AppData\Roaming\Twitch\Bin\Electron\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [462]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\sharepoint.com -> hxxps://fcps-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\sharepoint.com -> hxxps://fcps-files.sharepoint.com
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 07:47 - 2018-09-15 21:38 - 000001055 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.mefeedia.com
127.0.0.2 mefeedia.com
127.0.0.1 delivery.anchorfree.us/land.php
127.0.0.2 mefeedia.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165644416\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165644963\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\Control Panel\Desktop\\Wallpaper -> C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "ZAM"
HKLM\...\StartupApproved\Run32: => "LeagueDisplays"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\StartupApproved\Run: => "MurGee.com Auto Keyboard"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001\...\StartupApproved\Run: => "VPN Unlimited"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\StartupApproved\Run: => "MurGee.com Auto Keyboard"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2198813628-2402096551-3996786398-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10042018165645322\...\StartupApproved\Run: => "VPN Unlimited"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{C3D67EE2-B5DB-4AA8-9F47-CAC4CA945DF3}C:\divinity original sin 2\bin\eocapp.exe] => (Allow) C:\divinity original sin 2\bin\eocapp.exe
FirewallRules: [TCP Query User{F62AF028-31B6-48CC-BF70-1CBD600B97DC}C:\divinity original sin 2\bin\eocapp.exe] => (Allow) C:\divinity original sin 2\bin\eocapp.exe
FirewallRules: [{F82D524B-9ED8-4BE7-B049-7D5EF2693483}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Prison Architect\Prison Architect64.exe
FirewallRules: [{987DA36D-DF8B-4D61-B74D-98E34A8C05EC}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Prison Architect\Prison Architect64.exe
FirewallRules: [{43DC4A02-2AC4-48E1-BF43-C3266ADB4468}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Conflict of Nations\Conflict of Nations.exe
FirewallRules: [{48CAE3C5-7A01-4C3C-A6A1-24EE8EAC0A5A}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Conflict of Nations\Conflict of Nations.exe
FirewallRules: [{2B326389-5C31-4210-B586-AF380E97CE8A}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{726DAE7E-26C6-4240-8F37-FAED556CE042}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{7F88CBB1-875A-43DF-8420-46DB96D25007}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{094EE9D0-A3F7-4CA9-9AC5-1F9938926123}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{6FEF23E8-1F8A-4DA8-962E-2B447833ADE1}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Victory and Glory Napoleon\autorun.exe
FirewallRules: [{A46B2873-CEEC-4F22-A9A7-8886901F04C4}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Victory and Glory Napoleon\autorun.exe
FirewallRules: [UDP Query User{B08F4BE0-937E-444D-824E-F4EA1DD2C41F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{5F6F06AD-1275-46FE-9CF9-BC352B3FC4CB}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0488B2C4-9012-499B-B029-0AD3CFB75095}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{B574450A-20F3-4BFE-89B2-18CFD4073B78}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{4DED5F90-7C51-4345-8BAF-3F666B20EF66}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
FirewallRules: [{08030685-FB25-4E8D-8324-F39B0CB08EB9}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Duelyst\Duelyst.exe
FirewallRules: [{6B6C99C2-27C8-4DED-AA5A-9E5326929722}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Duelyst\Duelyst.exe
FirewallRules: [{5D284A61-BC75-44AC-AF85-47EF87DFEE10}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [UDP Query User{79AE8039-989D-41D8-97F0-E600E806EAD5}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{8D073D1B-C5F0-44D4-B6E8-32DDFB46F66A}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{AF0F02E3-1520-4DB8-8048-46391D1D5246}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{472D0456-796A-4218-B40C-808EFF184361}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{D0CE3830-CC41-45B5-8D36-FB6964B1EE76}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{4A51C092-B767-431C-AFE5-C7A8E9063DBE}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{96EB9ADA-BB2E-4DCB-A654-D43EEA1E201D}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Faeria\Faeria.exe
FirewallRules: [{2024F237-6695-4275-AF37-C3E912068F1E}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Faeria\Faeria.exe
FirewallRules: [{50BEE865-C87A-4DAE-BBBA-A9A24C63E126}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{EA714BCC-C2D1-4869-8A91-546BA154A276}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{281BA4EF-34BC-44FB-A820-6CA3CCAE8A06}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Star Trek Online\Star Trek Online.exe
FirewallRules: [{39C46536-0CF1-4865-9671-B92F88512213}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Star Trek Online\Star Trek Online.exe
FirewallRules: [UDP Query User{91090AD0-8030-4E72-9E90-AC2FD553F6CA}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe
FirewallRules: [TCP Query User{B7324503-A7AB-46A7-AC92-1B294064F0C2}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe
FirewallRules: [{52BA4B14-081F-46ED-9E48-A365D7017A35}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{FA996130-17A0-4F1F-9C55-7BD60825A7F3}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [UDP Query User{DA6F5706-FB8E-4BCA-90F9-38289C50CF14}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{BAF63F8C-E6C1-4020-8111-B44BCF6583B9}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{F8D6A6A9-8EFD-45C5-8812-B249F10E084E}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe
FirewallRules: [TCP Query User{E6378CFB-1205-4ABB-B029-C7AFCB09BE38}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe
FirewallRules: [UDP Query User{1243EEB5-8AEA-4CA2-9C8A-AB10A23200E4}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{C20BCE66-C32F-4EE7-8238-E1E945B01328}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{CBBB4416-47CE-434C-9777-4A2EB1867A93}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\The Great War\MHTGW.exe
FirewallRules: [{D2F94D59-4ED0-4188-A8C3-A258CBD42AE5}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\The Great War\MHTGW.exe
FirewallRules: [{1E6B5AC3-7FBE-4780-8C6E-5F955ED05F0D}] => (Allow) LPort=13148
FirewallRules: [{47B4E1F8-B243-4911-8D06-BA995B66358D}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
FirewallRules: [{EB9A15AF-434F-4AF7-90EF-431E7AA18CC0}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{AD88F79B-262B-4CD4-8FAD-DC43615EE0D1}] => (Allow) C:\Program Files (x86)\RealRealSteam\Steam.exe
FirewallRules: [{46799E6F-2054-4A03-8C49-1B2AC6936F1C}] => (Allow) C:\Program Files (x86)\RealRealSteam\Steam.exe
FirewallRules: [{36CEAA1C-3BC8-4F6F-8EA3-02548308ACB4}] => (Allow) C:\Program Files (x86)\RealRealSteam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B0FEC6AD-A296-48FC-AE18-947B589A425E}] => (Allow) C:\Program Files (x86)\RealRealSteam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{52BC5E9B-4315-43DB-9343-AAF6817A16F7}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{7D2C2E68-73BE-48BF-9266-754B69D2071F}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{9713DD79-AC54-4B5E-97BA-F0A1A34FE6BC}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{F97EB3BE-A6DD-4159-B2FD-93CFEB4B0C44}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{B45C717E-9A46-41ED-8359-F7BDA416A5CD}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{D0D66E8A-BA84-4EB0-B0A3-64041A0C164B}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{D88F1A4C-FADD-4FC9-8828-2C847BB729C8}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Eternal Card Game\Eternal.exe
FirewallRules: [{43C37F40-FC44-4C67-8D63-BEB71852B043}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Eternal Card Game\Eternal.exe
FirewallRules: [TCP Query User{94A4AD52-EEF7-43F9-AB33-317E5BF9BECC}C:\users\evan\downloads\house.flipper.beta\house flipper - beta\houseflipper.exe] => (Allow) C:\users\evan\downloads\house.flipper.beta\house flipper - beta\houseflipper.exe
FirewallRules: [UDP Query User{12DF0914-01DD-4ADD-9B53-ABD81E7812F1}C:\users\evan\downloads\house.flipper.beta\house flipper - beta\houseflipper.exe] => (Allow) C:\users\evan\downloads\house.flipper.beta\house flipper - beta\houseflipper.exe
FirewallRules: [TCP Query User{A140B056-2855-4A87-88C5-2D8030EE8701}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [UDP Query User{49A737BA-9AF0-44F7-9B18-505B6000CCBB}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [{9319D054-1598-477A-BFF1-CF9F927F8EDF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{DF5D22EF-0E7E-47F6-B2CD-11911C78A21B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{4FA55EB1-C527-4914-99E9-D034284FEADF}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe
FirewallRules: [UDP Query User{760FC215-D804-4177-A572-E270B596411A}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe
FirewallRules: [{582A5252-A262-4AE5-A2AE-CC3CF511F71F}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe
FirewallRules: [{2BA570B1-FB64-4EE5-A275-EDA933C7C6E8}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe
FirewallRules: [{493EAF1E-A218-4312-99C4-DD324D0FE892}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Total Tank Simulator Demo\TotalTankSim.exe
FirewallRules: [{66338E94-769D-4817-BA49-365216C684E0}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\Total Tank Simulator Demo\TotalTankSim.exe
FirewallRules: [TCP Query User{19E52F01-3054-4BE4-9AE3-94B27CECD56B}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [UDP Query User{862BB8AD-8E60-4BE6-9A5B-3B6377E0F56E}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [{102A5D9F-E0D6-4699-AD83-12258079A3FD}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5895D2EA-2F3B-4BE2-AC48-60E5932F4069}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6A84CEFE-F2EA-44E3-AD82-9A7FE753ECC4}] => (Allow) C:\Users\Evan\Downloads\bin\BlackDesert32.exe
FirewallRules: [{6EF8CC4E-6453-41BE-B54E-B05D10949668}] => (Allow) C:\Users\Evan\Downloads\bin64\BlackDesert64.exe
FirewallRules: [{B7B2B0DE-143B-420D-A2A4-29A70A756790}] => (Allow) C:\Users\Evan\Downloads\BlackDesert_Launcher.exe
FirewallRules: [{4E52EE20-1D9B-4C34-8341-1CF71A24C67B}] => (Allow) C:\Users\Evan\Downloads\BlackDesert_Downloader.exe
FirewallRules: [TCP Query User{AEA2E3F8-A3CD-4015-8A25-EBC8D520442B}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
FirewallRules: [UDP Query User{97097924-A266-4F4D-8F4A-682AA8289A5F}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
FirewallRules: [TCP Query User{B9691E1E-915E-4F9F-A23B-427BECE1CBAC}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [UDP Query User{3B6F41FF-BF48-4711-8011-DD096E7F2177}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [{9BDD265B-C8AC-4E87-99F2-9AE7BA1BCC35}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\BrainOut\bin\javaw.exe
FirewallRules: [{24CA6FE8-6841-4CF3-A07A-663CAE6271C2}] => (Allow) C:\Program Files (x86)\RealRealSteam\steamapps\common\BrainOut\bin\javaw.exe
FirewallRules: [TCP Query User{24ED8502-D53F-4E3D-9EC9-6E8063CAC85B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [UDP Query User{843BF2F6-4DE3-48EA-8F43-43B289DFBA78}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [TCP Query User{C8777703-9D29-4960-941D-044E2C498110}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe
FirewallRules: [UDP Query User{2251D4E3-DF41-4702-BE6F-CE1FE4C44CF9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe
FirewallRules: [TCP Query User{B1C11A9E-3011-49DC-BC50-BA3148D7D398}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [UDP Query User{63DC5E3A-8D9F-4CC8-B32A-6589E680E182}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [TCP Query User{DDE6811C-F154-42D2-8AB3-B12ECD202EDC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe
FirewallRules: [UDP Query User{B3D30B5C-E608-4062-A5D8-3BA19D71D15F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe
FirewallRules: [TCP Query User{E6CB8968-60FD-4BC5-BAA2-177011A8E0F8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [UDP Query User{E5530401-90D9-42BE-ABD7-4AD15BDDA2B6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [TCP Query User{A47CE09A-96B0-41B2-9988-918E66C58E3A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [UDP Query User{24A3CCC9-DB98-4D1D-87CD-5EB2155ABE08}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [TCP Query User{CD298629-DE8F-45CC-8192-97A639504D4C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [UDP Query User{336AC67B-DEE1-464A-A5A4-DC6A2DB34007}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [{C3042CBC-944B-4DDE-926D-7339A347D68D}] => (Allow) C:\Program Files (x86)\RealRealSteam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{D2D39677-5B31-4939-8F78-B5E42C0618ED}] => (Allow) C:\Program Files (x86)\RealRealSteam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [TCP Query User{E7E2365F-33D9-40BA-9EC3-21ACB6F15DF1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [UDP Query User{2DB367CF-C06D-4155-85F7-6E193C699665}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [TCP Query User{351B9873-EDE5-4767-BBDD-3A41927CED34}C:\program files (x86)\minecraft\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{2C1F1655-D473-43AD-A3FB-05F9E978E930}C:\program files (x86)\minecraft\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [{A846A506-C18E-409A-8778-AD006374D038}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{E834BAB8-D4D2-4C4B-8954-E7EA0905CF20}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6629FDF5-7F46-433E-A7A5-CF12681C414F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{D0825621-4B68-49FD-87AE-C8206F195388}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{87283A47-B2EC-4C0F-A264-429130FEF96B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F324E812-62A5-4399-937C-6B0308E7D8E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0FF531EF-E5FA-45A6-8847-D16D89C67A05}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D56B4A66-A651-40C6-B704-394121C412F4}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{D3B6DE63-601C-49AA-8524-0DBDEB0FF638}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{8C8EB074-CC7E-43B6-B597-E68110643CE0}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
FirewallRules: [{199E2909-36FA-4638-92A4-8510B303B5DA}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
FirewallRules: [TCP Query User{10AA3358-AC3C-4888-AE52-CBBCB91DCB81}C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [UDP Query User{87507681-CC6A-46BE-BE73-735531405CA6}C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [TCP Query User{C5C5771D-9481-4F9B-9C0A-8BCD00B20E1F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
FirewallRules: [UDP Query User{476A2196-F82F-446F-822D-1FC2343C1585}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
FirewallRules: [{E2ADC2E0-66B8-4050-B16D-1447974B69FB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{FC1657DC-7CBC-4D12-95B8-A2C10C5458D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{B05DA637-FBAF-447C-BAE4-EBABF9AE2CBB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
FirewallRules: [UDP Query User{3F9402C2-2105-44D6-9B0D-E5E3EADC4C9F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
FirewallRules: [{C3713F0B-A4FA-4347-BA5B-DDC75B8D40D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{DC3A0031-9B97-4B8D-8EC8-75ED1998B40E}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [UDP Query User{59415173-CB91-4A18-9822-BB6E7542B751}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [TCP Query User{47E1C834-558D-46CA-B418-C1AD0B6E9085}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe
FirewallRules: [UDP Query User{888D2DEC-8741-4752-8B9C-E8D19A535A5D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe
FirewallRules: [TCP Query User{79D518DE-AFFF-478F-990F-BD61E02117D3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
FirewallRules: [UDP Query User{0D5712F1-84F5-475F-B96A-6F9E33B58875}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
FirewallRules: [TCP Query User{D9D1EAC9-CB0D-45BC-9CB2-47FA87FBCE5D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe
FirewallRules: [UDP Query User{46E592ED-ACAB-4B45-9C6D-3A6F4D26ED7A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/04/2018 04:38:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64 (2).exe version 4.10.2018.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2c7c
Start Time: 01d45c2042c3718b
Termination Time: 4294967295
Application Path: C:\Users\Evan\Downloads\FRST64 (2).exe
Report Id: d73e6d58-75bc-418f-921a-289ed099e31b
Faulting package full name:
Faulting package-relative application ID:
Error: (10/04/2018 03:24:30 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/03/2018 03:27:49 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/02/2018 08:47:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program eurotrucks2.exe version 1.32.2.49 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 97c
Start Time: 01d45ab2051190b5
Termination Time: 4294967295
Application Path: C:\Games\Euro Truck Simulator 2 - Krone Trailer Pack\bin\win_x86\eurotrucks2.exe
Report Id: cb66a77b-822c-4fa2-97fe-bc8a49ce69e3
Faulting package full name:
Faulting package-relative application ID:
Error: (10/02/2018 07:46:54 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/01/2018 07:57:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program eurotrucks2.exe version 1.32.2.49 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 486c
Start Time: 01d459e1eb2f10c5
Termination Time: 4294967295
Application Path: C:\Games\Euro Truck Simulator 2 - Krone Trailer Pack\bin\win_x86\eurotrucks2.exe
Report Id: e807cf9d-4222-4097-b3f0-8853c5022bd6
Faulting package full name:
Faulting package-relative application ID:
Error: (10/01/2018 03:34:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/01/2018 07:26:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 2018.18081.14710.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 369c
Start Time: 01d456be79b6478b
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Report Id: b1c874b2-2908-45ec-b657-2287c70240fe
Faulting package full name: Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
System errors:
=============
Error: (10/04/2018 05:26:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-9VM6RJT)
Description: The server {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} did not register with DCOM within the required timeout.
Error: (10/04/2018 05:24:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-9VM6RJT)
Description: The server {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} did not register with DCOM within the required timeout.
Error: (10/04/2018 05:22:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-9VM6RJT)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout.
Error: (10/04/2018 05:20:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-9VM6RJT)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout.
Error: (10/04/2018 05:18:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-9VM6RJT)
Description: The server {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} did not register with DCOM within the required timeout.
Error: (10/04/2018 05:16:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-9VM6RJT)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout.
Error: (10/04/2018 05:14:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-9VM6RJT)
Description: The server {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} did not register with DCOM within the required timeout.
Error: (10/04/2018 05:12:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-9VM6RJT)
Description: The server {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} did not register with DCOM within the required timeout.
CodeIntegrity:
===================================
Date: 2018-10-04 16:54:07.642
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs that did not meet the Microsoft signing level requirements.
Date: 2018-10-04 16:08:40.641
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs that did not meet the Microsoft signing level requirements.
Date: 2018-10-04 16:08:39.876
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs that did not meet the Microsoft signing level requirements.
Date: 2018-10-04 16:08:38.387
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs that did not meet the Microsoft signing level requirements.
Date: 2018-10-04 16:02:52.572
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs that did not meet the Microsoft signing level requirements.
Date: 2018-10-04 16:02:51.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs that did not meet the Microsoft signing level requirements.
Date: 2018-10-04 16:02:48.072
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Users\Evan\AppData\Roaming\Microsoft\Protect\c65561-c81ad1-fed19360-eba3e0-8bb0.rs that did not meet the Microsoft signing level requirements.
Date: 2018-10-04 16:02:32.868
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\NmM2NGE0MzF because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core™ i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 50%
Total physical RAM: 8107.91 MB
Available physical RAM: 4027.21 MB
Total Virtual: 11563.91 MB
Available Virtual: 6928.91 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:916.59 GB) (Free:197.42 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.69 GB) (Free:1.73 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{5398533d-34e3-4e60-a945-be5c265f5bcd}\ () (Fixed) (Total:0.96 GB) (Free:0.45 GB) NTFS
\\?\Volume{fb5f6249-4564-4dac-a2e5-d6ccf6075441}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DEFADD61)
Partition: GPT.
==================== End of Addition.txt ============================
?Úè<t ÔpE3È¡u"0¥T²Äïg¦±ÄE/¬šslB|ö|…bG .â, ÷1
š‹×¹s›”ˆ0/¹}§]¸$üo¤£Ü(AÜE‚ˆ!œÝú²iá”,.?;×Ð
þ!éO¬}‹É!ZK”’ø€ëÊêG›6cG…x1H
Sign In
Create Account
