I've been having this message pop-up every time I start the system, have no clue if it's some leftover from a malware or anything, also when I FRST it came up with some ATTENTION tags for some registry entries, should I be worried?
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2019
Ran by Duplat (administrator) on DESKTOP-O5SD2IS (Gigabyte Technology Co., Ltd. AB350-Gaming 3) (09-10-2019 01:42:46)
Running from C:\Users\Duplat\Desktop
Loaded Profiles: Duplat (Available Profiles: Duplat)
Platform: Windows 10 Pro Version 1809 17763.737 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\AudioSwitch\AudioSwitch.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdHelper.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdHelper.x64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdLauncher.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.301\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.301\GoogleCrashHandler64.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Martin Malik - REALiX -> REALiX) C:\Program Files\HWiNFO64\HWiNFO64.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtkAudUService] => "C:\WINDOWS\System32\RtkAudUService64.exe" -background
HKLM\...\Run: [Screen+] => C:\Program Files\Screen+\ScreenLM64.exe
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9267656 2018-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [60074328 2018-11-03] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5007408 2019-08-21] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405032 2019-09-11] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [6113328 2019-08-21] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\Run: [NoxDaemon] => C:\Users\Duplat\AppData\Roaming\NoxSrv\NoxSrv.exe [115712 2019-06-23] () [File not signed]
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\MountPoints2: {2f41768c-fc40-11e8-9567-1c1b0de53af9} - "F:\Setup.exe"
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\MountPoints2: {a2a55c41-df1a-11e8-bf1e-806e6f6e6963} - "F:\Setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-23] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\77.0.69.132\Installer\chrmstp.exe [2019-10-03] (Brave Software, Inc.) [File not signed]
AppInit_DLLs: prio.dll => No File
AppInit_DLLs-x32: prio32.dll => No File
Startup: C:\Users\Duplat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AudioSwitch.lnk [2018-11-03]
ShortcutTarget: AudioSwitch.lnk -> C:\Program Files (x86)\AudioSwitch\AudioSwitch.exe () [File not signed]
Startup: C:\Users\Duplat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-05-25]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Duplat\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\Duplat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-04-04]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0EE4A41C-DA51-487F-81EB-BCAD3C67FC6A} - System32\Tasks\GIGABYTE OC GURU => C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
Task: {127AF4B7-5E62-4FBD-9C9C-77E81BA81D52} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {217E3C54-166E-4C4D-AA94-B18EB4EB5151} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-18] (Adobe Inc. -> Adobe)
Task: {2B162AC9-E078-4FA0-884C-B39696ADBBD1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-19] (Adobe Inc. -> Adobe)
Task: {2E4F4314-9FC6-4638-A8B7-A86011B8A99B} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {3333BBBF-FBF2-488E-AABB-F2BCA0161B51} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {38A0C235-691E-4473-A72D-5D42A68E4E4B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [103472 2019-09-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {406E1DEE-87CF-4516-81D6-D701D4F58A9D} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-27] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {42EB9377-B525-4264-8F46-9394627B5C37} - System32\Tasks\HWiNFO => C:\Program Files\HWiNFO64\HWiNFO64.EXE [4447264 2019-09-25] (Martin Malik - REALiX -> REALiX)
Task: {479F5831-1144-423D-A697-DED82BFF7421} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26045560 2019-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {547B60F9-A75A-4C03-AAA9-963F0594C065} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5814EA04-05E4-45FE-B3A6-909BE63AA842} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-02] (Google Inc -> Google Inc.)
Task: {6843A9C7-3360-4A12-B36B-FA8E0C000BF4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26045560 2019-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {88C01602-4775-4E66-A1E1-B140CC394B85} - System32\Tasks\Opera scheduled Autoupdate 1547765085 => C:\Users\Duplat\AppData\Local\Programs\Opera\launcher.exe [1520152 2019-10-04] (Opera Software AS -> Opera Software)
Task: {9A82BA2C-86C3-4B19-9745-EC3A150EB840} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-02] (Google Inc -> Google Inc.)
Task: {A4F5CC86-E2A8-4520-9F9A-0AC3C17325AF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403552 2019-09-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA0670E2-13C6-4D84-BB16-0D685DFBF209} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [665848 2019-06-27] (Advanced Micro Devices INC. -> )
Task: {AAD7BB24-2C05-4929-822F-67AD9BB3A865} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C06E690B-EFA8-491B-95D5-8D287FAF1428} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1AB7A03-F336-43B7-ABC9-26A8A563170F} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {CC33F01E-1AC6-4906-ACA2-EE861428504C} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {D0372E85-E6FC-4BE6-9C21-BCB8387E9D76} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_pepper.exe [1453112 2019-09-19] (Adobe Inc. -> Adobe)
Task: {D83EEC76-F27C-44E4-AFBD-981047C3E72B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4404384 2019-09-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC355283-9CCB-4FF9-BDEA-0AC895427C64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E0047307-FC44-44C7-BC3D-5D73AC6485B2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403552 2019-09-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E8290738-A348-41C7-ABED-2BEEC483702B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [103472 2019-09-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E9ED7EA2-A92A-4CEC-8C3F-CBCC5F118F22} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [758872 2019-09-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4DC44FB-39F3-4E6D-AFC2-30193EFE8943} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4404384 2019-09-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE38D026-95A0-4757-8D13-9A613A762F1A} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-27] (Brave Software, Inc. -> BraveSoftware Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5984fe02-fac2-4287-93e1-d0498fe68b4b}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{5984fe02-fac2-4287-93e1-d0498fe68b4b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8a6cc755-5246-47af-8b80-4c257bc5341e}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2979426330-1067282791-1430516834-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-09-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll => No File
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-20] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\Duplat\Desktop
Edge Session Restore: HKU\S-1-5-21-2979426330-1067282791-1430516834-1001 -> is enabled.
Edge Extension: (uBlock Origin) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2018-12-10]
Edge Extension: (Night Eye - Dark mode on any website) -> EdgeExtension_43069RAZORdeveloperNightEye_c9kkezg6y739m => C:\Program Files\WindowsApps\43069RAZORdeveloper.NightEye_1.9.4.0_neutral__c9kkezg6y739m [2018-12-10]
FireFox:
========
FF DefaultProfile: dfwia8uo.default
FF ProfilePath: C:\Users\Duplat\AppData\Roaming\Mozilla\Firefox\Profiles\dfwia8uo.default [2019-06-22]
FF ProfilePath: C:\Users\Duplat\AppData\Roaming\Mozilla\Firefox\Profiles\wy9m7bbq.default-release-1563560216671 [2019-10-09]
FF Session Restore: Mozilla\Firefox\Profiles\wy9m7bbq.default-release-1563560216671 -> is enabled.
FF Extension: (Dark Reader) - C:\Users\Duplat\AppData\Roaming\Mozilla\Firefox\Profiles\wy9m7bbq.default-release-1563560216671\Extensions\[email protected] [2019-09-18]
FF Extension: (Better TweetDeck) - C:\Users\Duplat\AppData\Roaming\Mozilla\Firefox\Profiles\wy9m7bbq.default-release-1563560216671\Extensions\[email protected] [2019-09-22]
FF Extension: (Checker Plus for Gmail) - C:\Users\Duplat\AppData\Roaming\Mozilla\Firefox\Profiles\wy9m7bbq.default-release-1563560216671\Extensions\[email protected] [2019-07-19]
FF Extension: (BetterTTV) - C:\Users\Duplat\AppData\Roaming\Mozilla\Firefox\Profiles\wy9m7bbq.default-release-1563560216671\Extensions\[email protected] [2019-10-04]
FF Extension: (Panel View for Google™ Translate) - C:\Users\Duplat\AppData\Roaming\Mozilla\Firefox\Profiles\wy9m7bbq.default-release-1563560216671\Extensions\[email protected] [2019-07-21]
FF Extension: (Méliuz) - C:\Users\Duplat\AppData\Roaming\Mozilla\Firefox\Profiles\wy9m7bbq.default-release-1563560216671\Extensions\[email protected] [2019-07-26]
FF Extension: (uBlock Origin) - C:\Users\Duplat\AppData\Roaming\Mozilla\Firefox\Profiles\wy9m7bbq.default-release-1563560216671\Extensions\[email protected] [2019-09-27]
FF Extension: (A Light in Space by MaDonna) - C:\Users\Duplat\AppData\Roaming\Mozilla\Firefox\Profiles\wy9m7bbq.default-release-1563560216671\Extensions\{6e68ac2f-4352-427d-ae23-bf7a2b854aed}.xpi [2019-07-19]
FF Extension: (Stylus) - C:\Users\Duplat\AppData\Roaming\Mozilla\Firefox\Profiles\wy9m7bbq.default-release-1563560216671\Extensions\{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}.xpi [2019-09-18]
FF Extension: (Dark Fox) - C:\Users\Duplat\AppData\Roaming\Mozilla\Firefox\Profiles\wy9m7bbq.default-release-1563560216671\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-07-19]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-18] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-18] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [No File]
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-04-27] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-04-27] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-10-09] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-10-09] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-08-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-08-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com.br/
CHR StartupUrls: Default -> "hxxp://google.com.br/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default [2019-09-30]
CHR Extension: (Slides) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-02]
CHR Extension: (BetterTTV) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2019-09-30]
CHR Extension: (Docs) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-02]
CHR Extension: (Google Drive) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-02]
CHR Extension: (MEGA) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2019-09-30]
CHR Extension: (YouTube) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-02]
CHR Extension: (uBlock Origin) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-09-30]
CHR Extension: (Stylus) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\clngdbkpkpeebahjckkjfobafhncgmne [2019-09-30]
CHR Extension: (Dark Vibe) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj [2018-11-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-07-05]
CHR Extension: (Dark Reader) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2019-09-30]
CHR Extension: (Silver Bird) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic [2018-11-02]
CHR Extension: (Sheets) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-02]
CHR Extension: (Google Docs Offline) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-02]
CHR Extension: (The Great Suspender) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2019-09-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-11-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-02]
CHR Extension: (Gmail) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-05]
CHR Extension: (Chrome Media Router) - C:\Users\Duplat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-30]
CHR HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR DownloadDir: C:\Users\Duplat\Desktop
OPR Extension: (BetterTTV) - C:\Users\Duplat\AppData\Roaming\Opera Software\Opera Stable\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2019-06-19]
OPR Extension: (Dark Reader) - C:\Users\Duplat\AppData\Roaming\Opera Software\Opera Stable\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2019-07-18]
OPR Extension: (Stylus) - C:\Users\Duplat\AppData\Roaming\Opera Software\Opera Stable\Extensions\kdinfjomkigjcjcbigolloleeiianaif [2019-01-17]
OPR Extension: (Install Chrome Extensions) - C:\Users\Duplat\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2019-01-17]
OPR Extension: (BetterTweetDeck) - C:\Users\Duplat\AppData\Roaming\Opera Software\Opera Stable\Extensions\micblkellenpbfapmcpcfhcoeohhnpob [2019-07-18]
OPR Extension: (Checker Plus for Gmail™) - C:\Users\Duplat\AppData\Roaming\Opera Software\Opera Stable\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2019-06-16]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 ArcService; D:\Program Files (x86)\Arc\ArcService.exe [123000 2019-03-05] (Perfect World Entertainment Inc. -> Perfect World Entertainment Inc)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-06-09] (BattlEye Innovations e.K. -> )
S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-27] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-27] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11153512 2019-09-04] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [52776 2019-09-11] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803456 2019-06-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [707144 2018-12-13] (GOG Sp. z o.o. -> GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-13] (GOG Sp. z o.o. -> GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [309664 2019-07-16] (Locktime Software s.r.o. -> Locktime Software)
S4 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2347824 2019-09-04] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3222320 2019-09-04] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2019-07-09] (Even Balance, Inc. -> )
S3 Rockstar Service; D:\Program Files\Rockstar Games\Launcher\RockstarService.exe [471696 2019-09-18] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5357360 2019-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-09-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34568 2019-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24528 2019-04-18] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [32760 2019-05-29] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [138544 2019-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriverV13; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [71152 2018-11-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [20472 2019-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45968 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21904 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2019-10-09] (CPUID S.A.R.L.U. -> CPUID)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ei2c; C:\WINDOWS\system32\drivers\ei2c.sys [20784 2019-07-16] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
U5 GCSYS; C:\Users\Duplat\AppData\Local\Programs\gamers-club-anti-cheat\resources\GCSYS64.sys [2675624 2019-09-11] (Gamers Club (Gamers Club Ltda) -> )
S3 gdrv; C:\WINDOWS\gdrv.sys [26792 2019-02-01] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2019-07-13] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 GLCKIO2; C:\Program Files (x86)\GIGABYTE\RGBFusion\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
R1 HWiNFO; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [67152 2019-09-25] (Martin Malik - REALiX -> REALiX)
R2 mi2c; C:\WINDOWS\system32\drivers\mi2c.sys [20784 2019-07-16] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [178944 2019-07-15] (Locktime Software s.r.o. -> Locktime Software)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvlddmkm.sys [22370696 2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R2 SSGDIO; C:\WINDOWS\SysWOW64\DRIVERS\ssgdio64.sys [14608 2019-09-30] (ATI Technologies, Inc -> ATI Technologies Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46688 2019-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [350136 2019-09-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-09-26] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Gigabyte\RGBFusion\MODAPI.sys [14544 2019-10-05] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2019-09-27] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-06-23] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
S3 leizhveytvn; \??\C:\WINDOWS\system32\leizhveytvn.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-09 01:42 - 2019-10-09 01:45 - 000040725 _____ C:\Users\Duplat\Desktop\FRST.txt
2019-10-09 01:42 - 2019-10-09 01:44 - 000000000 ____D C:\FRST
2019-10-09 01:41 - 2019-10-09 01:41 - 001615872 _____ (Farbar) C:\Users\Duplat\Desktop\FRST64.exe
2019-10-08 03:38 - 2019-10-08 03:38 - 000000000 ____D C:\Users\Duplat\AppData\Roaming\Bungie
2019-10-07 21:01 - 2019-10-07 21:01 - 000000000 ____D C:\Users\Duplat\Documents\4A Games
2019-10-07 20:51 - 2019-10-07 20:51 - 000000000 ____D C:\Users\Duplat\AppData\Local\4A Games
2019-10-05 19:07 - 2019-10-05 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2019-10-05 19:07 - 2019-10-05 19:07 - 000000000 ____D C:\Program Files\qBittorrent
2019-10-05 06:29 - 2019-10-05 06:29 - 000000000 ____D C:\Users\Duplat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Misfortune
2019-10-05 01:30 - 2019-07-17 04:37 - 000010148 _____ C:\Users\Duplat\Desktop\CalibratedDisplayProfile-6.icc
2019-10-03 18:42 - 2019-10-04 05:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-03 05:07 - 2019-10-03 05:07 - 002587896 _____ C:\Users\Duplat\Desktop\CSGO F2P FPS Pack by Panj.zip
2019-10-03 05:07 - 2019-10-03 05:07 - 000000000 ____D C:\Users\Duplat\Desktop\New folder
2019-10-03 02:25 - 2019-10-03 05:30 - 000000000 ____D C:\Users\Duplat\AppData\Roaming\gamers-club-anti-cheat
2019-10-03 02:25 - 2019-10-03 02:25 - 000000000 ____D C:\Users\Duplat\AppData\Roaming\Gamers Club Anti-Cheat
2019-10-03 02:24 - 2019-10-03 02:24 - 000002570 _____ C:\Users\Duplat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gamers Club Anti-Cheat.lnk
2019-10-03 02:24 - 2019-10-03 02:24 - 000000000 ____D C:\Users\Duplat\AppData\Local\gamers-club-anti-cheat-updater
2019-10-02 07:10 - 2019-10-02 07:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2019-10-02 07:09 - 2019-10-02 07:09 - 000000000 ____D C:\Program Files (x86)\Corsair
2019-09-30 22:34 - 2019-09-30 22:34 - 000000000 ____D C:\Users\Duplat\AppData\Local\1usmus
2019-09-30 22:27 - 2019-09-30 22:27 - 000014608 _____ (ATI Technologies Inc.) C:\WINDOWS\SysWOW64\Drivers\ssgdio64.sys
2019-09-30 18:33 - 2019-09-30 18:33 - 000418616 _____ C:\Users\Duplat\Desktop\Laudo_200266220_8feb9f87-2ec9-45ce-a1ef-0d1776a34b3e.pdf
2019-09-30 02:09 - 2019-09-30 08:20 - 000000000 ____D C:\Users\Duplat\AppData\Roaming\FileZilla
2019-09-30 02:09 - 2019-09-30 02:37 - 000000000 ____D C:\Users\Duplat\AppData\Local\FileZilla
2019-09-30 02:09 - 2019-09-30 02:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2019-09-30 02:09 - 2019-09-30 02:09 - 007976792 _____ (Tim Kosse) C:\Users\Duplat\Downloads\FileZilla_3.45.1_win64-setup.exe
2019-09-29 19:56 - 2019-06-08 18:40 - 003441044 _____ C:\Users\Duplat\Desktop\improved-initiative.json
2019-09-29 19:56 - 2019-02-17 20:05 - 003563511 _____ C:\Users\Duplat\Desktop\improved-initiative (1).json
2019-09-29 19:55 - 2019-10-04 19:34 - 000000000 ____D C:\Users\Duplat\Desktop\BIOS updates
2019-09-27 02:52 - 2019-09-27 02:52 - 165617184 _____ (TunnelBear) C:\Users\Duplat\Desktop\TunnelBear-Installer.exe
2019-09-25 21:23 - 2019-09-25 21:23 - 000000773 _____ C:\Users\Duplat\Desktop\PUBG LITE.lnk
2019-09-25 21:23 - 2019-09-25 21:23 - 000000773 _____ C:\Users\Duplat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PUBG LITE.lnk
2019-09-25 19:28 - 2019-09-25 19:28 - 000000000 ____D C:\Users\Duplat\AppData\Local\NVIDIA
2019-09-25 13:00 - 2019-08-01 10:07 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-09-24 22:06 - 2018-01-24 17:35 - 003509168 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2019-09-24 22:06 - 2018-01-24 17:35 - 000343672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2019-09-24 22:06 - 2018-01-24 17:35 - 000192944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2019-09-24 22:06 - 2018-01-24 17:34 - 001353288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2019-09-24 22:06 - 2018-01-24 17:34 - 000691648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2019-09-24 22:06 - 2018-01-24 17:34 - 000453240 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2019-09-24 22:06 - 2018-01-24 17:34 - 000157304 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2019-09-24 22:06 - 2018-01-24 17:34 - 000139720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2019-09-24 22:06 - 2018-01-24 17:34 - 000090136 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2019-09-24 22:06 - 2018-01-24 17:33 - 003677128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2019-09-24 22:06 - 2018-01-24 17:33 - 003205576 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2019-09-24 22:06 - 2018-01-24 17:33 - 001780584 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2019-09-24 22:06 - 2018-01-24 17:33 - 001591024 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2019-09-24 22:06 - 2018-01-24 17:33 - 000727400 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2019-09-24 22:06 - 2018-01-24 17:33 - 000708280 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2019-09-24 22:06 - 2018-01-24 17:33 - 000504272 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2019-09-24 22:06 - 2018-01-24 17:33 - 000445368 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2019-09-24 22:06 - 2018-01-24 17:33 - 000253832 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2019-09-24 22:06 - 2018-01-24 17:32 - 072520680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2019-09-24 22:06 - 2018-01-24 17:32 - 007178432 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2019-09-24 22:06 - 2018-01-24 17:32 - 002922952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2019-09-24 22:06 - 2018-01-24 17:32 - 001508896 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2019-09-24 22:06 - 2018-01-24 17:32 - 000743928 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2019-09-24 22:06 - 2018-01-24 17:32 - 000441232 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2019-09-24 22:06 - 2018-01-24 17:32 - 000253864 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2019-09-24 22:06 - 2018-01-24 17:32 - 000252840 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2019-09-24 22:06 - 2018-01-24 12:59 - 015726401 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2019-09-24 22:05 - 2018-01-24 17:32 - 001971336 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2019-09-24 22:05 - 2018-01-24 17:32 - 000332976 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2019-09-24 22:05 - 2018-01-24 17:32 - 000278240 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2019-09-24 22:05 - 2018-01-24 17:31 - 007101712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2019-09-24 22:05 - 2018-01-24 17:31 - 000118552 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2019-09-24 22:05 - 2018-01-24 17:31 - 000105272 _____ C:\WINDOWS\system32\audioLibVc.dll
2019-09-24 22:00 - 2019-09-24 22:00 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-09-23 02:19 - 2019-09-05 18:19 - 001683032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-09-23 02:19 - 2019-09-05 18:19 - 000228792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2019-09-23 02:19 - 2019-09-05 18:19 - 000047272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-09-23 02:18 - 2019-09-06 15:29 - 001012432 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-09-23 02:18 - 2019-09-06 15:29 - 001012432 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-09-23 02:18 - 2019-09-06 15:29 - 000876240 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-09-23 02:18 - 2019-09-06 15:29 - 000876240 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-09-23 02:18 - 2019-09-06 15:29 - 000447368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-09-23 02:18 - 2019-09-06 15:29 - 000351944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-09-23 02:18 - 2019-09-06 15:29 - 000301264 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-09-23 02:18 - 2019-09-06 15:29 - 000301264 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-09-23 02:18 - 2019-09-06 15:29 - 000273104 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-09-23 02:18 - 2019-09-06 15:29 - 000273104 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-09-23 02:18 - 2019-09-06 15:28 - 011562376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-09-23 02:18 - 2019-09-06 15:28 - 009937104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 002051008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 001550080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 001477512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 001247432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 001140616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 000959424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 000823552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 000812800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 000676096 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 000658880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 000632768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 000544648 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-09-23 02:18 - 2019-09-06 15:27 - 000524168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-09-23 02:18 - 2019-09-06 15:26 - 040444856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-09-23 02:18 - 2019-09-06 15:26 - 035334536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-09-23 02:18 - 2019-09-06 15:26 - 017300360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-09-23 02:18 - 2019-09-06 15:26 - 014921096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-09-23 02:18 - 2019-09-06 15:26 - 005358472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-09-23 02:18 - 2019-09-06 15:26 - 004696968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-09-23 02:18 - 2019-09-06 15:26 - 001726400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443630.dll
2019-09-23 02:18 - 2019-09-06 15:26 - 001491336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443630.dll
2019-09-22 22:05 - 2019-09-22 22:05 - 000000000 ____D C:\Users\Duplat\Documents\Call of Duty Modern Warfare
2019-09-21 13:54 - 2019-09-21 13:54 - 000000000 ____D C:\Users\Duplat\AppData\Local\Rockstar Games
2019-09-21 13:37 - 2019-09-21 13:37 - 000000000 ____D C:\Users\Duplat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2019-09-21 13:36 - 2019-09-21 13:36 - 000000000 ____D C:\ProgramData\Rockstar Games
2019-09-20 23:02 - 2019-09-20 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-09-19 22:06 - 2019-09-19 19:57 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-19 22:06 - 2019-09-19 19:57 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-19 19:47 - 2019-09-19 19:47 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 023453696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 020817408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 012939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 012244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 008903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 006065664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 005597808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 004874752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 003614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 002279296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 002177336 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 002099752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-09-19 19:47 - 2019-09-19 19:47 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 002017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-09-19 19:47 - 2019-09-19 19:47 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001764352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001604760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001075832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000806024 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-09-19 19:47 - 2019-09-19 19:47 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000763392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000660544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 000522104 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000409256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000349144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-09-19 19:47 - 2019-09-19 19:47 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-09-19 19:47 - 2019-09-19 19:47 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000195224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-09-19 19:47 - 2019-09-19 19:47 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000173216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-09-19 19:47 - 2019-09-19 19:47 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 000144080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000140088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000106048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000098080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000092832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-09-19 19:47 - 2019-09-19 19:47 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-19 19:47 - 2019-09-19 19:47 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-09-19 19:47 - 2019-09-19 19:47 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-09-19 19:47 - 2019-09-19 19:47 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2019-09-19 19:46 - 2019-09-19 19:47 - 003096576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 022124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 009679672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 006925312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 006444544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 006310064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 005569024 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 004737536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 003821728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-09-19 19:46 - 2019-09-19 19:46 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-09-19 19:46 - 2019-09-19 19:46 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 002924344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-09-19 19:46 - 2019-09-19 19:46 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 002779488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 002700784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 002438576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-09-19 19:46 - 2019-09-19 19:46 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 002073240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001966096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-09-19 19:46 - 2019-09-19 19:46 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001899152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001864192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001733120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001721360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001702096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-09-19 19:46 - 2019-09-19 19:46 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001655976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001573240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001563880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001484592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001479184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001477432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 001466880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-09-19 19:46 - 2019-09-19 19:46 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 001272560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001256960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001222160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001081656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000811024 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000807760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000774968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000740904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000678680 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000622392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000606088 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000585184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000554000 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000540240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-19 19:46 - 2019-09-19 19:46 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000515960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000515440 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-09-19 19:46 - 2019-09-19 19:46 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000398928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-09-19 19:46 - 2019-09-19 19:46 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingDiagSpp.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingDiagSpp.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000330672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000279416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000262336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-09-19 19:46 - 2019-09-19 19:46 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000177176 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000168248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000152080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000130872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000120344 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000114128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
2019-09-19 19:46 - 2019-09-19 19:46 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-09-19 19:46 - 2019-09-19 19:46 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-09-19 19:46 - 2019-09-19 19:46 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2019-09-19 19:46 - 2019-09-19 19:46 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-09-19 19:45 - 2019-09-19 19:46 - 001038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 007690648 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 005573232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 004353016 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 003333984 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 002767160 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 002593032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 002415416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 002199864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 002148864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 002022096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001720120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001715000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001662264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001522704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001397048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001321784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001294280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001260560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 001205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 001183744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 001054952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 001022824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001020416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000865576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000864568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000831288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000806568 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-19 19:45 - 2019-09-19 19:45 - 000806568 _____ C:\WINDOWS\system32\locale.nls
2019-09-19 19:45 - 2019-09-19 19:45 - 000799784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000791352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000774192 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000751928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000732168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000652600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000649528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000603784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000532192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000508968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000505128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000482104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000449576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000396088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000375752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000347576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000330592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000310072 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000278624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000253256 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000248120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000230848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000200504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000193040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000189712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000164504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000141736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000125016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pmem.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-09-19 19:45 - 2019-09-19 19:45 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiskSnapshot.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-19 19:45 - 2019-09-19 19:45 - 000032784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000032568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiAcpiClient.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdcpw.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-19 19:45 - 2019-09-19 19:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-09-19 19:45 - 2019-09-19 19:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-09-19 19:45 - 2019-09-19 19:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-09-19 19:45 - 2019-09-19 19:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-09-19 19:45 - 2019-09-19 19:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-09-19 19:45 - 2019-09-19 19:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-09-19 19:45 - 2019-09-19 19:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-09-19 19:45 - 2019-09-19 19:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-09-19 19:45 - 2019-09-19 19:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-09-19 19:21 - 2019-09-19 19:21 - 021123128 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-09 01:33 - 2018-12-10 03:04 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-09 01:33 - 2018-12-10 03:04 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-09 01:33 - 2018-11-02 17:30 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-09 01:33 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-09 01:29 - 2019-06-22 05:09 - 000000000 ____D C:\Users\Duplat\AppData\LocalLow\Mozilla
2019-10-09 01:28 - 2018-12-10 03:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-09 01:28 - 2018-11-02 22:01 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-09 01:28 - 2018-09-15 04:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-08 04:33 - 2018-09-15 03:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-10-07 23:19 - 2018-11-03 00:01 - 000000000 ____D C:\Users\Duplat\AppData\Roaming\discord
2019-10-07 19:31 - 2018-11-02 23:35 - 000000000 ____D C:\Users\Duplat\AppData\Roaming\vlc
2019-10-07 19:20 - 2018-12-10 02:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-07 18:58 - 2019-01-17 19:44 - 000004214 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1547765085
2019-10-07 18:58 - 2019-01-17 19:44 - 000001416 _____ C:\Users\Duplat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-10-07 01:58 - 2018-05-16 13:39 - 000000000 ____D C:\Nova
2019-10-07 01:35 - 2018-11-03 06:36 - 000000000 ____D C:\Users\Duplat\AppData\Local\Ubisoft Game Launcher
2019-10-07 01:08 - 2019-07-09 17:57 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2019-10-07 01:08 - 2019-07-09 17:57 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2019-10-06 21:30 - 2018-11-03 06:50 - 000000000 ____D C:\Users\Duplat\AppData\Local\Battle.net
2019-10-06 20:29 - 2018-11-03 06:50 - 000000000 ____D C:\Users\Duplat\AppData\Local\Blizzard Entertainment
2019-10-06 04:40 - 2019-04-24 22:29 - 000003144 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-10-06 04:40 - 2018-11-04 05:56 - 000000000 ____D C:\Users\Duplat\AppData\Roaming\qBittorrent
2019-10-06 04:39 - 2019-05-25 08:51 - 000000000 ____D C:\TBBT
2019-10-05 23:38 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-10-05 20:20 - 2018-11-03 00:27 - 000000000 ____D C:\Users\Duplat\AppData\Local\D3DSCache
2019-10-05 19:39 - 2019-07-30 14:58 - 000000000 ____D C:\Users\Duplat\Desktop\IntelBurnTest
2019-10-05 19:37 - 2018-11-03 00:20 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-10-04 06:36 - 2018-11-03 00:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-10-04 05:52 - 2019-06-22 05:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-03 23:59 - 2018-11-03 00:20 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-10-03 23:55 - 2019-06-22 05:09 - 000001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-03 18:45 - 2019-03-19 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2019-10-03 18:30 - 2019-04-27 10:28 - 000002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2019-10-03 05:17 - 2018-11-02 23:40 - 000000000 ____D C:\Users\Duplat\AppData\Local\CrashDumps
2019-10-02 07:10 - 2018-09-15 04:31 - 000000000 ____D C:\WINDOWS\INF
2019-09-30 22:04 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-09-30 04:05 - 2018-05-16 19:26 - 000000000 ____D C:\Filmes
2019-09-27 03:57 - 2019-07-10 00:09 - 000000000 ____D C:\Users\Duplat\AppData\Roaming\Origin
2019-09-27 03:57 - 2018-11-03 06:33 - 000000000 ____D C:\ProgramData\Origin
2019-09-27 00:12 - 2019-05-28 23:36 - 000074552 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2019-09-26 17:38 - 2018-11-02 21:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-09-25 19:40 - 2018-11-02 22:19 - 000000000 ____D C:\Users\Duplat\AppData\Local\NVIDIA Corporation
2019-09-25 14:30 - 2019-08-03 11:49 - 000067152 _____ (REALiX) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS
2019-09-25 14:29 - 2019-07-19 05:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2019-09-25 14:29 - 2019-07-19 05:47 - 000000000 ____D C:\Program Files\HWiNFO64
2019-09-25 12:58 - 2018-11-02 22:01 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-09-25 12:58 - 2018-11-02 22:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-09-25 12:58 - 2018-11-02 17:36 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-09-24 22:32 - 2018-12-09 23:05 - 000000000 ____D C:\Users\Duplat\AppData\Local\ElevatedDiagnostics
2019-09-24 22:07 - 2019-07-14 12:17 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-09-24 22:07 - 2018-11-02 22:16 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-09-24 22:04 - 2018-11-03 10:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-09-23 18:37 - 2018-11-02 17:32 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-23 18:37 - 2018-11-02 17:32 - 000002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-09-23 18:37 - 2018-11-02 17:32 - 000002270 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-09-23 01:55 - 2018-12-10 03:02 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-21 13:55 - 2018-12-14 20:25 - 000000000 ____D C:\Program Files\Rockstar Games
2019-09-21 13:55 - 2018-12-14 19:24 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-09-21 13:54 - 2018-11-03 00:27 - 000000000 ____D C:\Users\Duplat\Documents\Rockstar Games
2019-09-21 13:36 - 2018-11-02 22:12 - 000000000 ____D C:\ProgramData\Package Cache
2019-09-20 23:02 - 2019-07-20 08:07 - 000002508 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-09-20 23:02 - 2019-07-20 08:07 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-09-20 23:02 - 2019-07-20 08:07 - 000002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-09-20 23:02 - 2019-07-20 08:07 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-09-20 23:02 - 2019-07-20 08:07 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-09-20 23:02 - 2019-07-20 08:07 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-09-20 23:02 - 2019-07-20 08:07 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-09-20 23:02 - 2019-07-20 08:07 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-09-20 23:01 - 2018-11-22 02:25 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-09-19 23:52 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\tracing
2019-09-19 22:07 - 2018-11-02 17:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-09-19 22:07 - 2018-11-02 17:23 - 000000000 ___RD C:\Users\Duplat\3D Objects
2019-09-19 22:06 - 2018-12-10 02:46 - 000458736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-19 22:00 - 2018-09-15 04:33 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-09-19 22:00 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-09-19 22:00 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-09-19 22:00 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-09-19 21:59 - 2018-09-15 06:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-09-19 21:59 - 2018-09-15 04:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-19 21:59 - 2018-09-15 04:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-19 21:59 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-19 21:59 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-19 21:59 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\Provisioning
2019-09-19 21:59 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-19 21:59 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-09-19 21:59 - 2018-09-15 03:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-09-19 20:06 - 2019-01-26 04:05 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-19 19:57 - 2018-09-15 04:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-19 19:55 - 2018-11-14 16:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-09-19 19:52 - 2018-11-03 00:42 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-09-19 19:21 - 2018-12-10 03:04 - 000004602 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-09-19 19:21 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-09-19 19:21 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-09-18 20:49 - 2018-12-10 03:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-09-18 20:48 - 2018-11-04 06:30 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-09-18 20:39 - 2019-07-01 07:03 - 000004548 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-18 20:18 - 2019-05-29 18:19 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2019-09-18 20:18 - 2019-05-29 18:19 - 000002124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
==================== Files in the root of some directories ================
2019-04-01 00:42 - 2019-04-01 00:42 - 000000037 _____ () C:\Users\Duplat\AppData\Roaming\prio.ini
2018-12-27 01:10 - 2018-12-29 02:10 - 000001456 _____ () C:\Users\Duplat\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-12-27 10:03 - 2018-12-27 10:03 - 000000000 _____ () C:\Users\Duplat\AppData\Local\oobelibMkey.log
2018-12-26 23:16 - 2018-12-26 23:16 - 000002201 _____ () C:\Users\Duplat\AppData\Local\recently-used.xbel
2018-11-10 19:11 - 2019-01-31 01:25 - 000007600 _____ () C:\Users\Duplat\AppData\Local\Resmon.ResmonCfg
2019-06-14 00:06 - 2019-06-23 18:13 - 000000070 _____ () C:\Users\Duplat\AppData\Local\update_progress.txt
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
Ran by Duplat (09-10-2019 01:47:27)
Running from C:\Users\Duplat\Desktop
Windows 10 Pro Version 1809 17763.737 (X64) (2018-12-10 06:05:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2979426330-1067282791-1430516834-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2979426330-1067282791-1430516834-503 - Limited - Disabled)
Duplat (S-1-5-21-2979426330-1067282791-1430516834-1001 - Administrator - Enabled) => C:\Users\Duplat
Guest (S-1-5-21-2979426330-1067282791-1430516834-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2979426330-1067282791-1430516834-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.0.0.1192 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.2.0 - Electronic Arts, Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
AudioSwitch (HKLM-x32\...\AudioSwitch_is1) (Version: 2.2.2.0 - )
Backup and Sync from Google (HKLM\...\{6DBCF61B-9281-4F9F-9022-7177D22B28A4}) (Version: 3.46.7175.2662 - Google, Inc.)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 9.5.5 - Andrew Sampson)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 77.0.69.132 - Brave Software Inc)
Call of Cthulhu (HKLM-x32\...\Call of Cthulhu_is1) (Version: - )
CORSAIR iCUE Software (HKLM-x32\...\{2CF39684-9A16-483E-897B-F92F4D64C2EF}) (Version: 3.20.80 - Corsair)
CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.)
Dauntless (HKLM\...\{03AFDFA7-7A23-41B1-AAC2-3898591127D3}) (Version: 1.00.0000 - Phoenix Labs)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Divinity - Original Sin Enhanced Edition (HKLM-x32\...\1445516929_is1) (Version: 2.5.0.12 - GOG.com)
ENE_EHD_HAL (HKLM\...\{B8140D28-2CA7-4F6A-8818-BF093C3F3225}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_HAL (HKLM-x32\...\{06ebd5ee-cb8a-487e-a83c-832dab840571}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout 4 GOTY (HKLM\...\Fallout 4 GOTY_is1) (Version: 1.10.82.0 - )
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft)
FileZilla Client 3.45.1 (HKLM-x32\...\FileZilla Client) (Version: 3.45.1 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.3.0.10826 - Foxit Software Inc.)
Gamers Club Anti-Cheat 3.0.68 (HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\5336d6e5-cfd5-580d-976b-0c07db708c28) (Version: 3.0.68 - Gamers Club Engeneering)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HWiNFO64 Version 6.12 (HKLM\...\HWiNFO64_is1) (Version: 6.12 - Martin Malik - REALiX)
i-Menu version 4.3.6 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.6 - AOC)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Little Misfortune (HKLM\...\SKIDROW - Little Misfortune) (Version: - SKIDROW)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.4 - Electronic Arts)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11328.20420 - Microsoft Corporation)
Microsoft Office 365 ProPlus - pt-br (HKLM\...\O365ProPlusRetail - pt-br) (Version: 16.0.11328.20420 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MiPony 3.0.5 (HKLM-x32\...\MiPony) (Version: 3.0.5 - )
Mozilla Firefox 69.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 69.0.2 (x64 en-US)) (Version: 69.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
MTG Arena (HKLM-x32\...\{72DCA778-E873-42AC-AE1F-B2C14DCBF54C}) (Version: 0.1.1015.0 - Wizards of the Coast) Hidden
MTG Arena (HKLM-x32\...\MTG Arena 0.1.1015.0) (Version: 0.1.1015.0 - Wizards of the Coast)
NetLimiter 4 (HKLM\...\{D8EB2152-FF07-4BA1-8361-0A64CBCFA58F}) (Version: 4.0.50.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.50.0) (Version: 4.0.50.0 - Locktime Software)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6.2 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.3.0.0 - Duodian Technology Co. Ltd.)
NVIDIA Graphics Driver 436.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20420 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20420 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20420 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11328.20420 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.11328.20420 - Microsoft Corporation) Hidden
Opera Stable 63.0.3368.107 (HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.47.29954 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Prio (HKLM\...\Prio) (Version: 2.1.0.4391 - )
PUBG Lite (HKLM-x32\...\PUBG Lite_is1) (Version: 1.0.0.6 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
qBittorrent 4.1.8 (HKLM-x32\...\qBittorrent) (Version: 4.1.8 - The qBittorrent project)
Quick CPU (HKLM-x32\...\{41F4C8EE-903D-4EB5-B6EB-75413BF496DE}) (Version: 3.0.1.0 - CoderBag)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8356 - Realtek Semiconductor Corp.)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.19.0528.1 - GIGABYTE)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.4.116 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.2.5 - Rockstar Games)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Twitch (HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VMR Connect version 1.2.3.0 (HKLM-x32\...\{A3135D26-0857-4E51-A491-B4CEDF9B1A2C}_is1) (Version: 1.2.3.0 - VLC Mobile Remote)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-06-12] (Adobe Systems Incorporated)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe [2018-11-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2018-11-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x86__8wekyb3d8bbwe [2018-11-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.27.2643.0_x64__8wekyb3d8bbwe [2018-11-02] (Microsoft Corporation) [MS Ad]
Microsoft People -> C:\Program Files\WindowsApps\Microsoft.People_10.1808.2473.0_x64__8wekyb3d8bbwe [2018-11-02] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.26.12153.0_x64__8wekyb3d8bbwe [2018-11-02] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.89.355.0_x64__mcm4njqhnhss8 [2018-12-28] (Netflix, Inc.)
Night Eye -> C:\Program Files\WindowsApps\43069RAZORdeveloper.NightEye_1.9.4.0_neutral__c9kkezg6y739m [2018-12-10] (RAZORdeveloper)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-12-13] (Adobe Systems Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.177.0_x64__dt26b99r8h8gj [2019-07-14] (Realtek Semiconductor Corp)
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_1.5.4.0_x64__t4vj0pshhgkwm [2019-01-10] (Telegram Messenger LLP)
uBlock Origin -> C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2018-12-10] (Nik Rolls)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2979426330-1067282791-1430516834-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2979426330-1067282791-1430516834-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2979426330-1067282791-1430516834-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2979426330-1067282791-1430516834-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2979426330-1067282791-1430516834-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2979426330-1067282791-1430516834-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2979426330-1067282791-1430516834-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Duplat\AppData\Local\Microsoft\OneDrive\19.002.0107.0008\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2979426330-1067282791-1430516834-1001_Classes\CLSID\{5C4D8D49-A0EE-41E0-98D5-B8E1A2A63328} -> [MEGAsync] => C:\Users\Duplat\Documents\MEGAsync [2019-05-25 08:58]
CustomCLSID: HKU\S-1-5-21-2979426330-1067282791-1430516834-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Duplat\AppData\Local\Microsoft\OneDrive\19.002.0107.0008\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2979426330-1067282791-1430516834-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Duplat\AppData\Local\Microsoft\OneDrive\19.002.0107.0008\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Duplat\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-13] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Duplat\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-13] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Duplat\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-13] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-09-28] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-09-28] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-09-28] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Duplat\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-13] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Duplat\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-13] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Duplat\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-13] (Mega Limited -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-12-31] (Notepad++ -> )
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-09-26] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-09-28] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Duplat\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-13] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Duplat\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-13] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Duplat\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-13] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-09-28] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Duplat\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-13] (Mega Limited -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-09-26] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-04-09 13:40 - 2019-04-09 13:40 - 000015872 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libEGL.DLL
2019-04-09 13:40 - 2019-04-09 13:40 - 002786816 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libGLESv2.dll
2019-09-11 17:04 - 2019-09-11 17:04 - 000204800 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2019-09-11 17:02 - 2019-09-11 17:02 - 000101376 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2019-03-05 11:06 - 2019-03-05 11:06 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-03-05 11:06 - 2019-03-05 11:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-03-05 11:07 - 2019-03-05 11:07 - 000642048 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-03-05 11:06 - 2019-03-05 11:06 - 000072704 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-03-05 11:06 - 2019-03-05 11:06 - 000364544 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-09-09 11:29 - 2019-09-09 11:29 - 000057344 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2019-09-09 11:30 - 2019-09-09 11:30 - 000074240 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2019-09-09 11:30 - 2019-09-09 11:30 - 000368640 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2018-11-03 00:00 - 2018-04-30 09:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-08-13 16:11 - 2019-08-13 16:11 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2019-08-19 08:04 - 2019-08-19 08:04 - 001298944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LIBEAY32.dll
2019-08-19 08:04 - 2019-08-19 08:04 - 000281600 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ssleay32.dll
2019-04-09 13:48 - 2019-04-09 13:48 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qgif.dll
2019-04-10 19:27 - 2019-04-10 19:27 - 000034816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qicns.dll
2019-04-09 13:48 - 2019-04-09 13:48 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qico.dll
2019-04-09 13:50 - 2019-04-09 13:50 - 000364032 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qjpeg.dll
2019-04-10 19:27 - 2019-04-10 19:27 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qsvg.dll
2019-04-10 19:27 - 2019-04-10 19:27 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qtga.dll
2019-04-10 19:27 - 2019-04-10 19:27 - 000331776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qtiff.dll
2019-04-10 19:26 - 2019-04-10 19:26 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qwbmp.dll
2019-04-10 19:27 - 2019-04-10 19:27 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qwebp.dll
2019-04-09 13:50 - 2019-04-09 13:50 - 001192960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\platforms\qwindows.dll
2019-04-09 13:42 - 2019-04-09 13:42 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Concurrent.dll
2019-09-11 17:47 - 2019-09-11 17:47 - 005087232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll
2019-04-09 13:44 - 2019-04-09 13:44 - 005353984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Gui.dll
2019-04-10 20:28 - 2019-04-10 20:28 - 000576512 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Multimedia.dll
2019-04-09 13:44 - 2019-04-09 13:44 - 001042944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Network.dll
2019-04-10 20:14 - 2019-04-10 20:14 - 003359232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Qml.dll
2019-04-10 20:09 - 2019-04-10 20:09 - 003181056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Quick.dll
2019-04-10 20:56 - 2019-04-10 20:56 - 000142336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5QuickControls2.dll
2019-04-10 20:55 - 2019-04-10 20:55 - 000849920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5QuickTemplates2.dll
2019-04-10 20:27 - 2019-04-10 20:27 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Scxml.dll
2019-04-09 13:42 - 2019-04-09 13:42 - 000156672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Sql.dll
2019-04-10 19:27 - 2019-04-10 19:27 - 000265728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Svg.dll
2019-04-09 13:47 - 2019-04-09 13:47 - 004532224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Widgets.dll
2019-04-10 20:40 - 2019-04-10 20:40 - 000444416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5WinExtras.dll
2019-04-09 13:41 - 2019-04-09 13:41 - 000147456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Xml.dll
2019-04-10 20:51 - 2019-04-10 20:51 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-04-10 20:51 - 2019-04-10 20:51 - 000056320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-04-10 20:12 - 2019-04-10 20:12 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick.2\qtquick2plugin.dll
2019-04-10 20:58 - 2019-04-10 20:58 - 000456192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-04-10 20:56 - 2019-04-10 20:56 - 000271360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-10 20:13 - 2019-04-10 20:13 - 000072192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-10 20:56 - 2019-04-10 20:56 - 000260608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-04-10 20:12 - 2019-04-10 20:12 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Window.2\windowplugin.dll
2019-04-09 13:49 - 2019-04-09 13:49 - 000122880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\Users\Duplat\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Duplat\Application Data:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Duplat\ntuser.ini:NTV [11626]
AlternateDataStreams: C:\Users\Duplat\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Duplat\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Duplat\AppData\Local\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 20:38 - 2018-04-11 20:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Duplat\Desktop\crgo8dzcxh421.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: aim_LSService => 2
MSCONFIG\Services: ArcService => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: brave => 2
MSCONFIG\Services: bravem => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: EasyTuneEngineService => 2
MSCONFIG\Services: gadjservice => 2
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: OcButtonService => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: prio_svc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: uncheater_bgl => 3
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Screen+"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "OnScreen Control"
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\StartupApproved\Run: => "TranslucentTB"
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\StartupApproved\Run: => "Actual Window Manager"
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-2979426330-1067282791-1430516834-1001\...\StartupApproved\Run: => "NoxDaemon"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{48EE09A7-D948-4CC4-A816-BC62C71B1CB0}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{51D9CE87-8C30-4EB5-B670-AF73F7671247}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [{ED9EF4D8-A6C7-457D-8CA4-225A0F50F68B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe (Gas Powered Games) [File not signed]
FirewallRules: [{BB24F7A6-0733-40F2-95D3-83102AD22D08}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe (Gas Powered Games) [File not signed]
FirewallRules: [{6EB5213B-461F-481A-9219-9B9D3CDCF9F2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rise of Nations\patriots.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{3CBD165D-6F8F-4324-B7CB-781AB2A58224}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rise of Nations\patriots.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{389504B4-126F-4F3B-9C26-1E9E927E137B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe () [File not signed]
FirewallRules: [{FFB30302-B73C-4E0E-BDE8-FEF7DCCF853A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe () [File not signed]
FirewallRules: [{7E58A9E1-2D21-41D6-9FF7-1230FE36ABDD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{77F602BD-D4B5-44E3-AB76-8A00EB81E50A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [UDP Query User{024EC3B3-9BDD-4535-94EC-B87A452A0D4C}D:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe No File
FirewallRules: [TCP Query User{66094D79-27F9-4F67-AF33-F3F8638C6F24}D:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe No File
FirewallRules: [{6878B676-809A-4930-A51E-C665491AED6F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Baldur's Gate II Enhanced Edition\Baldur.exe (Overhaul Games™) [File not signed]
FirewallRules: [{2AD5F4FF-DDDA-45A1-A952-53966001937E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Baldur's Gate II Enhanced Edition\Baldur.exe (Overhaul Games™) [File not signed]
FirewallRules: [{126F5A86-0A1E-429C-8826-E09BAD2588C8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Baldur's Gate Enhanced Edition\Baldur.exe (Overhaul Games™) [File not signed]
FirewallRules: [{1A7515D6-4701-451D-AA31-C2046CDE78A1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Baldur's Gate Enhanced Edition\Baldur.exe (Overhaul Games™) [File not signed]
FirewallRules: [UDP Query User{63BC745F-E429-47CF-BFA8-110AF37ACAA0}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{08045DFF-425A-4289-BAB0-6F2607A1ED16}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{4B5F68AA-7659-4B5D-8F80-A7FEAA7E22F0}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe No File
FirewallRules: [TCP Query User{AA257137-E7B6-4203-8A60-7428172516A6}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe No File
FirewallRules: [UDP Query User{EAD35183-9FD6-45B4-8151-FD3C59C822CD}D:\program files (x86)\heroes of the storm\versions\base70200\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base70200\heroesofthestorm_x64.exe No File
FirewallRules: [TCP Query User{CB1511C7-0206-4F1C-B73F-16876542B214}D:\program files (x86)\heroes of the storm\versions\base70200\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base70200\heroesofthestorm_x64.exe No File
FirewallRules: [UDP Query User{ABDF02FB-5E2F-4FC0-835D-80FDD3F89EAD}D:\program files (x86)\heroes of the storm\versions\base69823\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base69823\heroesofthestorm_x64.exe No File
FirewallRules: [TCP Query User{9312C455-2B28-4C45-8872-9437B33B911F}D:\program files (x86)\heroes of the storm\versions\base69823\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base69823\heroesofthestorm_x64.exe No File
FirewallRules: [{5A02FB9A-9E5D-499A-8A8D-1027BB5FEA60}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{775F7A21-A1DC-4559-8B12-7D896856A205}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{911B8861-5DA1-40B2-AD8A-966E8AB58A38}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BCB00455-2925-4A0B-BD3D-6879ECD4117A}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{5C6A6C9E-963A-4488-B58E-4A982169F96D}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{657F2683-FB75-4EA8-A7C6-DE805655988C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe No File
FirewallRules: [{A51A2661-6A97-44A6-9690-4AFC2B7D65BD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{B0C7307A-1CBD-4A43-AEB8-354430098C36}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{C2759DED-F7F6-4BB7-9C50-28A561949776}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe (Marek Ziemak -> )
FirewallRules: [{9E60AB9B-FF41-4E72-B875-6B8A593AB53D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe (Marek Ziemak -> )
FirewallRules: [{1A386060-A9F3-4F34-A1CB-DE3C4F1EA2A2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Talisman\Talisman.exe () [File not signed]
FirewallRules: [{2845A132-29B6-4CEA-9C1D-71253199E11C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Talisman\Talisman.exe () [File not signed]
FirewallRules: [{36B5B3AF-8CD1-4255-A810-3650B71FD0DC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe () [File not signed]
FirewallRules: [{A88290E8-D045-4EFD-9CE2-92206451CA98}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe () [File not signed]
FirewallRules: [{237579F2-F15A-4E57-9541-DA39A6D40AAD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Secret World Legends\ClientPatcher.exe (FUNCOM OSLO AS -> Funcom)
FirewallRules: [{66C6D667-344D-4161-88F1-CEAF157ECD4C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Secret World Legends\ClientPatcher.exe (FUNCOM OSLO AS -> Funcom)
FirewallRules: [{179CD858-E642-4FB8-92F9-F72273CC5D19}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed]
FirewallRules: [{BD2C36D7-ECFA-4BF8-B258-13082B81D645}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed]
FirewallRules: [{92A05A35-EFA2-49D9-B4D3-23E3DEC0E057}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{FA854709-E2AB-4F62-90E5-E3DE8A611F6F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{75A9F823-2B33-4D0E-8426-925236854284}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe (Valve Corp. -> Sega Corporation) [File not signed]
FirewallRules: [{B40134A3-9E88-4A18-961E-24897D245BA9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe (Valve Corp. -> Sega Corporation) [File not signed]
FirewallRules: [{8FF4A0D0-9BF1-4352-A33D-0663E2EC31E7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe (Hopoo Games, LLC ) [File not signed]
FirewallRules: [{5D222723-DA1F-463E-9526-182CDD131D43}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe (Hopoo Games, LLC ) [File not signed]
FirewallRules: [{3CEB0939-3848-4EE1-8CFA-58440D17C322}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
FirewallRules: [{5C09F0BF-080E-4691-818D-E1B68FECEE02}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
FirewallRules: [{A26CB269-4326-4FFF-A141-347BE18E55E9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Precipice Of Darkness 3\Rainslick3.exe (Zeboyd Games) [File not signed]
FirewallRules: [{3FC8FCCD-8BB6-44CF-970B-8EC11DE10474}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Precipice Of Darkness 3\Rainslick3.exe (Zeboyd Games) [File not signed]
FirewallRules: [{69088BF2-7F38-479D-9C37-A578452455C7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Magicite\Magicite.exe () [File not signed]
FirewallRules: [{B0B0F156-2A3C-4997-B2AE-4586F4C449A2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Magicite\Magicite.exe () [File not signed]
FirewallRules: [{46A16DCA-CFCB-493A-AB2E-4E9D3C7DE769}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe () [File not signed]
FirewallRules: [{0118B36B-BAFD-4989-93DC-1EB9E9A3BF59}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe () [File not signed]
FirewallRules: [{FF192F8F-53E9-45D6-BC6F-DE1E6E12589B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{046ED7E6-16EA-471F-B51C-E41602684FAF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{8792C873-7BE8-4709-8020-BD0BA205F9D9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\How to Survive\Detect.exe () [File not signed]
FirewallRules: [{6B61F6D2-1A3C-44EE-A259-FAD9D6B729D7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\How to Survive\Detect.exe () [File not signed]
FirewallRules: [{7C5A8138-5CB2-4F29-977D-5D3000D3B4E8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\How to Survive\HowToSurvive.exe () [File not signed]
FirewallRules: [{BB64C97B-CBB2-411E-92E5-5C10BABA341B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\How to Survive\HowToSurvive.exe () [File not signed]
FirewallRules: [{5CDE1D0C-D5C5-4383-B052-24B9A27A931D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe No File
FirewallRules: [{6A73D46A-5C09-46F1-A4E7-557DB658E61F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe No File
FirewallRules: [{731B77E5-130D-4EF2-B9AB-6EA9984BE555}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe (Remedy Entertainment Ltd. -> )
FirewallRules: [{3769F95D-4C01-4DE5-8253-60B3C5BC450F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe (Remedy Entertainment Ltd. -> )
FirewallRules: [UDP Query User{C9E3D405-5F7A-4463-B181-4AB9DF396258}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{C578BE65-E98E-4ED7-989B-9413FCA968F6}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe No File
FirewallRules: [{2AC3BBF3-59AA-4EE6-BD73-3C7E7D084115}] => (Allow) D:\Program Files (x86)\Mass Effect Andromeda\MassEffectAndromeda.exe (Electronic Arts - BioWare) [File not signed]
FirewallRules: [{C937EFF5-55B9-4050-AC3C-9873C35A1144}] => (Allow) D:\Program Files (x86)\Mass Effect Andromeda\MassEffectAndromeda.exe (Electronic Arts - BioWare) [File not signed]
FirewallRules: [{A4A4BC54-B8DF-4F14-A481-DCEBCC417BC9}] => (Allow) D:\Program Files (x86)\Mass Effect Andromeda\MassEffectAndromedaTrial.exe (Electronic Arts - BioWare) [File not signed]
FirewallRules: [{B461E570-F83B-4A39-8FBE-74362E7DA7F8}] => (Allow) D:\Program Files (x86)\Mass Effect Andromeda\MassEffectAndromedaTrial.exe (Electronic Arts - BioWare) [File not signed]
FirewallRules: [{D57180B9-552D-4182-9A8E-EA21BC1B0FC4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{4AA28276-A5AA-4252-8DC5-239665A76FE0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{CA004B1D-9D82-4EA9-8D41-A39B2BE77B8C}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{252AB6DF-D54F-4023-B67F-567E78C3B8EF}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E2BCB1F4-AC2A-4D35-B134-8C024B8DDCD1}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BECB06BA-25D9-4D67-AB3E-3C27CC629CF8}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{770FFEC1-8F86-4F1F-A721-85111E94B66F}D:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) D:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{9D28CFEC-4A05-4DD8-9A0B-FD0EA3286435}D:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) D:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [{4FE36C4E-D6D5-4D7B-A7C5-1BD34F782D68}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{CFC93580-4F12-419E-A9A4-5D60655CC468}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{809DBAA9-44BB-4CEE-96C1-203A52033B3C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{5363911F-7A57-46F4-8BA5-AD22B38F3C3C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{8F9DFCDB-3A43-4DAE-85A7-D39C28E23C80}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{957D0F26-E4DA-441D-854D-5A885E98649A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1FBD4D2E-FBD1-4496-8F7E-A732FB275963}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8786D9B-00CE-4077-9B69-99F0414CDE90}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ED519612-75BA-4296-A51B-984FC5556A09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B5B2738A-5D97-4992-9AED-96857596BB1F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ring of Elysium\SLauncher.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{4F6B7CF3-F9E6-437A-9DEB-A87EEFD96813}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ring of Elysium\SLauncher.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{68337F8D-33FA-441C-AA2A-6CEFC9F2BAA4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Remember Me\Binaries\Win32\RememberMe.exe No File
FirewallRules: [{1DA50655-D338-4D5C-8D69-57057BEF54B7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Remember Me\Binaries\Win32\RememberMe.exe No File
FirewallRules: [{CC0FD976-5CCD-4E86-B4CE-EA15DBDB1763}] => (Allow) LPort=9009
FirewallRules: [{E2B70FD8-11A0-482C-99F4-0574F20DF05A}] => (Allow) LPort=9009
FirewallRules: [{2E89958C-AC5C-4729-BD66-91B74331D3D3}] => (Allow) LPort=9009
FirewallRules: [{9D2E2E61-126D-42C5-AE02-173FEE95C2B0}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{EC6CA6D3-2ACE-4B6D-9A47-0D9D62D5D65F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{EDDF1ECE-5D94-4326-B6A1-82A186A006F3}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{87687B6B-F8E3-443E-94BB-9CB751570C31}] => (Allow) LPort=9009
FirewallRules: [{4946F1EE-88E0-4786-AC2F-84B89696F55E}] => (Allow) LPort=9009
FirewallRules: [{04414CC0-E465-4FF8-AA48-C223F7B6773E}] => (Allow) LPort=9009
FirewallRules: [{8A5C1187-1155-4D48-B3B5-0ADFB121D367}] => (Allow) LPort=9009
FirewallRules: [{AAF48710-05BF-42D3-B53D-5028A7FA8772}] => (Allow) LPort=9009
FirewallRules: [{6F763511-82FC-4EDB-BB37-9D51E42EBC9F}] => (Allow) LPort=9009
FirewallRules: [{AFB78C3F-B0ED-42BB-9C4D-A1D6A34E00AF}] => (Allow) LPort=9009
FirewallRules: [{E39F510A-08EA-4887-BC11-4046C9044B90}] => (Allow) LPort=9009
FirewallRules: [{B1A42D65-4874-48B9-81BE-E497D9F51990}] => (Allow) LPort=9009
FirewallRules: [{7C1DDFD8-C7AC-4CCB-BB7B-F4AE4822EFB8}] => (Allow) LPort=9009
FirewallRules: [{22DFED0C-AC9B-4E88-829B-6FD1960B0CAA}] => (Allow) LPort=9009
FirewallRules: [{6A8400FA-4192-4DB4-BC2F-8D5B49E2221D}] => (Allow) LPort=9009
FirewallRules: [{0B1BED5C-A7F3-4D29-B5E3-2B9636969664}] => (Allow) LPort=9009
FirewallRules: [{99D9DB0A-53A8-4AA7-9F98-CF41F8B3C411}] => (Allow) LPort=9009
FirewallRules: [{0507CB8B-6C35-4F1A-ACA7-E98BE0E2806D}] => (Allow) LPort=9009
FirewallRules: [{9955FA05-55EF-4B07-B1AE-1E6859992B25}] => (Allow) LPort=9009
FirewallRules: [{00488E9E-3EBF-42DC-BD63-C8FA16BC241B}] => (Allow) LPort=9009
FirewallRules: [{9618C31C-0D73-4563-AAD8-91004E4DCD93}] => (Allow) LPort=9009
FirewallRules: [{16B823F0-65CD-41DA-B651-6E7B7AE2B959}] => (Allow) LPort=9009
FirewallRules: [{74443F33-8DC4-44E7-8395-8EDA40740504}] => (Allow) LPort=9009
FirewallRules: [{F8312CB7-3F18-4B4C-85F6-61E6754B584C}] => (Allow) LPort=9009
FirewallRules: [{1BAF156F-65FC-4A6D-BD5E-826B3119C00A}] => (Allow) LPort=9009
FirewallRules: [{416D088D-2CAB-4E41-A79D-8108988A2EA2}] => (Allow) LPort=9009
FirewallRules: [{B8EAD117-7C88-490D-B76C-941BF578F2EC}] => (Allow) LPort=9009
FirewallRules: [{44B89C3B-9721-4090-B6CC-2214CD716BF7}] => (Allow) LPort=9009
FirewallRules: [{4B78F361-AF8D-4C36-A574-81578BDADB1C}] => (Allow) LPort=9009
FirewallRules: [{45AE23A9-A05A-490D-A003-6D81807B98C3}] => (Allow) LPort=9009
FirewallRules: [{5D0361D5-A309-45EB-9F95-7C5DF28A5F59}] => (Allow) LPort=9009
FirewallRules: [{DD1F0D3E-09DC-42C8-B207-E7DB208F41C5}] => (Allow) LPort=9009
FirewallRules: [{1CA6B0E2-28BB-4334-8055-16F7C254869F}] => (Allow) LPort=9009
FirewallRules: [{2B918E9B-A3B2-445F-B173-97DDF3BDE95C}] => (Allow) LPort=9009
FirewallRules: [{CA4A7291-70CC-4354-9B01-4D88007D3D02}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{C5862EBE-2648-48D0-87D2-03EFE3725B70}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe (NVIDIA GameStream Server -> Respawn Entertainment) [File not signed]
FirewallRules: [UDP Query User{6119E4A7-C9F1-4974-A807-6A1C309CAFD8}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe (NVIDIA GameStream Server -> Respawn Entertainment) [File not signed]
FirewallRules: [{02735B30-75E6-440B-B692-65C99DC03478}] => (Allow) LPort=9009
FirewallRules: [{7F7E2EBD-2CF1-4A4F-A378-00FB50051AFB}] => (Allow) LPort=9009
FirewallRules: [{AD100F57-1AF8-4881-B115-4B991AB2177D}] => (Allow) LPort=9009
FirewallRules: [{E6852746-E88E-405A-A40E-C4DF74DCE009}] => (Allow) LPort=9009
FirewallRules: [{D7690D02-DBC1-4B96-B9C1-0CC9C8297B1A}] => (Allow) LPort=9009
FirewallRules: [{87774665-37E3-4892-A10F-CFCA4F58D44D}] => (Allow) LPort=9009
FirewallRules: [{28D6206D-737C-4110-AF2F-33E761E2BBA4}] => (Allow) LPort=9009
FirewallRules: [{009ECC04-6D3A-4144-A8A0-1DBA4520A5BE}] => (Allow) LPort=9009
FirewallRules: [{84AD50DF-59AA-433D-A7B8-5FAAA17A0339}] => (Allow) LPort=9009
FirewallRules: [{2267C91F-BD87-46F2-B26D-A04783E61F4D}] => (Allow) LPort=9009
FirewallRules: [{EE100B6D-AE18-4246-B77C-7FF4F9861746}] => (Allow) LPort=9009
FirewallRules: [{409585FD-641F-406D-83E4-C5B5FC110B59}] => (Allow) LPort=9009
FirewallRules: [{A7C56AE0-27FE-43A4-AC76-6F5AAF8756F5}] => (Allow) LPort=9009
FirewallRules: [{490F7E01-C273-4BA2-926E-F90BEBC7B2A9}] => (Allow) LPort=9009
FirewallRules: [{5A13C48C-A378-41D0-8475-1631DB5EAFB0}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{EFC991C9-F605-4020-B4E9-8DC9E96A51EA}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FA5CA709-1A55-4489-9910-E6FCBB4428D4}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{EB329487-2172-4BE9-ABB5-4ED072C74C7E}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{DB70C80D-65D8-4B47-B7A9-ECDBBCA3B183}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{3E1FFB83-F922-4991-9928-3EAD9FC32C67}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{6F560A4F-A34E-4130-A0AB-1C7E3E547640}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [TCP Query User{C1128FA0-59A4-487F-9BA1-877A609B159A}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{37923856-069E-4282-8469-71FD2001BB17}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{3185A879-556A-464C-8D48-21C12A9840F5}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{F9EAC156-57B7-4CC7-B0C0-2F8618EAD81E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{802DBCEC-68B3-49FD-98A4-9C8597CB570A}D:\program files (x86)\torchlight frontiers_en\frontiers\binaries\win64\frontiers.exe] => (Allow) D:\program files (x86)\torchlight frontiers_en\frontiers\binaries\win64\frontiers.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{E66C4917-B0E6-4EF8-9F71-8DBE0C684BD7}D:\program files (x86)\torchlight frontiers_en\frontiers\binaries\win64\frontiers.exe] => (Allow) D:\program files (x86)\torchlight frontiers_en\frontiers\binaries\win64\frontiers.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{6B908A39-D9A8-4FB9-A611-3C9A238510CF}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1393D183-A4A6-4867-80E5-0BDE81ABB8D2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{7D55F9DF-292A-477E-A65B-A2738693DA32}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A55F06B1-90DF-4451-8558-C181529C567B}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{2141CA7F-17B0-4328-9CAE-A1FEF2B271A8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A35F7A67-BCC4-497D-8F89-7D7F0095F4AD}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F211D123-5F20-422D-BB65-75578E045647}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{882688C5-1FA6-4338-8C5E-3B630CDC353C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{CF252B37-4F48-47E0-9CC2-6649165F74E6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe (FromSoftware,Inc. -> NAMCO BANDAI Games)
FirewallRules: [{48113EAA-67C9-4772-AB9C-100E93FD3E9C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe (FromSoftware,Inc. -> NAMCO BANDAI Games)
FirewallRules: [TCP Query User{6863AF9B-F452-4D3D-A6F1-165102F2123E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{D1DF1264-0A8C-4312-A614-290675E3904D}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{92656738-4617-4BA7-9822-C44CDC20CD8D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Pandemic Express\Bin\win_x64\PandemicExpress.exe No File
FirewallRules: [{F2F0060D-ECBE-436A-A902-8A189D8E6430}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Pandemic Express\Bin\win_x64\PandemicExpress.exe No File
FirewallRules: [{2B59489B-C086-40FA-B119-AAA58B3A93D2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe No File
FirewallRules: [{D89F5046-9381-46E2-95AE-E22BA22F8A9D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe No File
FirewallRules: [TCP Query User{3A73C1F1-ADD1-42F3-8073-DB16654F52AC}D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [UDP Query User{5E65FFCA-51A1-4B3E-BC6A-F0E5A34E4636}D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{F3748818-C038-4476-8EED-594BC64A7072}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe (Frontier Developments Ltd) [File not signed]
FirewallRules: [{815EB672-817E-4D67-83CA-7CF837ACF337}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe (Frontier Developments Ltd) [File not signed]
FirewallRules: [TCP Query User{FB81BAFF-9926-4B5E-8C71-C2274E40D471}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
FirewallRules: [UDP Query User{ED5BF280-82A6-4689-871A-BAA671D02C5D}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
FirewallRules: [TCP Query User{BA6D6B51-B868-4C73-982E-7C94BB3AF6F8}D:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) D:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe No File
FirewallRules: [UDP Query User{A9BFB6C8-B746-4830-9E54-B2BA512BC117}D:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) D:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe No File
FirewallRules: [TCP Query User{D9BCD5EB-CBDE-4046-A179-E8062A51CB22}D:\gog games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Allow) D:\gog games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{5BFF66A7-9C1B-4633-80C3-5C6C6EF3E2F2}D:\gog games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Allow) D:\gog games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [{774338CE-78DF-4E92-A4FE-BA94C1DAABD4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6A92BAD2-E852-4516-B096-9C87093882FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3BF3106C-6B56-4611-9AAF-75669E491FF7}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{8910EA05-16E6-478D-912D-B1E67C834E23}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [{F0AE905B-5BE9-4D0E-9EC9-9F8A227EF4D0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B7467F85-6D38-4C45-BD54-6DBC9709A495}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{6EBAEB3B-9327-4440-9014-11217CC0A0CA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{C41FC74F-76D3-496E-9593-B9687C8C6157}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{A2171132-43E4-4859-9C3C-22238241170C}D:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => (Allow) D:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{6F5B7542-9E52-46D1-A76F-F2E592C6BFE6}D:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => (Allow) D:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{D654BAA4-DD25-4514-8BDD-4EBDD3C71C24}D:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{2D0D1DFA-5347-4BD2-8175-71C8783EB500}D:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{95A67440-F63F-432F-9E0E-98624F3231AE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{94F18F66-5FDB-4C8B-AC31-CFCC244FC00C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [TCP Query User{7D7C17E4-8F68-43CE-8385-9ED59F72ECF7}C:\program files (x86)\vmr connect\vmrhub.exe] => (Allow) C:\program files (x86)\vmr connect\vmrhub.exe (VLC Mobile Remote) [File not signed]
FirewallRules: [UDP Query User{264EFBD2-CC58-4332-AC0F-0AE9184DB11F}C:\program files (x86)\vmr connect\vmrhub.exe] => (Allow) C:\program files (x86)\vmr connect\vmrhub.exe (VLC Mobile Remote) [File not signed]
FirewallRules: [TCP Query User{242DFB03-7FA7-409A-9B7E-32F8C3018961}D:\program files (x86)\heroes of newerth\hon.exe] => (Allow) D:\program files (x86)\heroes of newerth\hon.exe No File
FirewallRules: [UDP Query User{A808E717-6840-4DAA-97F1-DA48FB531937}D:\program files (x86)\heroes of newerth\hon.exe] => (Allow) D:\program files (x86)\heroes of newerth\hon.exe No File
FirewallRules: [{C3A204AD-B983-4975-8CC4-3B98D7CC6328}] => (Allow) D:\Program Files\Epic Games\TheCycleAlpha\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe (YAGER Development GmbH -> YAGER Development GmbH)
FirewallRules: [{36C19CFF-DB02-4B2A-A8D0-6561DDF6E1A5}] => (Allow) D:\Program Files\Epic Games\TheCycleAlpha\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe (YAGER Development GmbH -> YAGER Development GmbH)
FirewallRules: [{05A7B4FA-153F-47A1-B8C9-B4D52C76AE58}] => (Allow) D:\Program Files\Epic Games\TheCycleAlpha\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe (YAGER Development GmbH -> YAGER Development GmbH)
FirewallRules: [{5FD0D9C0-63B9-49F0-8F52-AA7978BFE503}] => (Allow) D:\Program Files\Epic Games\TheCycleAlpha\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe (YAGER Development GmbH -> YAGER Development GmbH)
FirewallRules: [TCP Query User{94EBBAFA-CE2F-482C-BEF2-1338CEB0687F}C:\program files (x86)\mipony\mipony.exe] => (Allow) C:\program files (x86)\mipony\mipony.exe (www.mipony.net -> ) [File not signed]
FirewallRules: [UDP Query User{3ADEFA27-50FE-4BEA-8572-C8952728EAF9}C:\program files (x86)\mipony\mipony.exe] => (Allow) C:\program files (x86)\mipony\mipony.exe (www.mipony.net -> ) [File not signed]
FirewallRules: [{42F34E8E-831C-45AB-A21F-58EEA284694F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed]
FirewallRules: [{97EB6E38-75F3-4AC2-B37A-C6566FA0552C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed]
FirewallRules: [{22421E47-F02D-4A04-A9F7-140F5D54819B}] => (Allow) C:\Program Files (x86)\SteamLibrary\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
FirewallRules: [{ABBE715B-9E7F-4FE7-BD0D-A0767862F77D}] => (Allow) C:\Program Files (x86)\SteamLibrary\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
FirewallRules: [TCP Query User{19D68C8E-D3F2-41ED-8529-DCFA96C1BD6C}D:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe] => (Allow) D:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe No File
FirewallRules: [UDP Query User{2A6FEE49-59CC-4ECA-A718-7534A277BF7D}D:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe] => (Allow) D:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe No File
FirewallRules: [{1FEA261F-E5BA-43CE-B3EF-334016D81252}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6925456E-79C9-412E-B7B4-857BD4656993}] => (Allow) D:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{5A3A50C7-E0CD-4298-A540-38FF40BE42BD}] => (Allow) D:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C5E483FD-8CDC-4A6A-9B7C-E757606759AA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
FirewallRules: [{4928633F-6240-480A-A2A3-D8CD33FE693B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
FirewallRules: [{3FB82226-05E3-4E12-B36E-41BA6A274E63}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [{2391B1D4-4692-4744-8DB9-BC3F6F2215B0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [TCP Query User{6A444315-DB10-4979-994F-6772B5F76059}D:\program files\filezilla ftp client\filezilla.exe] => (Allow) D:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [UDP Query User{D68FA08D-D7BC-4706-8312-C6A43039C84C}D:\program files\filezilla ftp client\filezilla.exe] => (Allow) D:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [TCP Query User{56694041-2190-4525-8E31-0AE35878F4D3}D:\program files\filezilla ftp client\filezilla.exe] => (Allow) D:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [UDP Query User{12195111-69A8-4BDE-80C5-E5ED9C91BCDE}D:\program files\filezilla ftp client\filezilla.exe] => (Allow) D:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{3815C04C-0E05-4357-A9DD-1D5B9281164D}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{E15207E5-D614-402F-9EB1-CB1B5CB916F9}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{63E35652-AA1F-49DA-8075-4B3ADBA87BF1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{A8DC18A8-14B3-4F22-8390-EF61C6FA1A99}D:\program files (x86)\heroes of the storm\versions\base76517\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base76517\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{FED66F0E-4FBB-4EEA-AE05-518FA6995FF4}D:\program files (x86)\heroes of the storm\versions\base76517\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base76517\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{B436417E-8817-4F6B-929E-14F2A32E0B0F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{E044FC5D-9A63-424E-8308-BEA4562B411C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
==================== Codecs (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Restore Points =========================
02-10-2019 07:06:13 Installed CORSAIR iCUE Software
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/09/2019 01:34:03 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/07/2019 11:21:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SkypeApp.exe version 8.34.0.81 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: cc
Start Time: 01d57d5f4de82754
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Report Id: 8a13237e-d934-4751-bd8d-fd150d45494a
Faulting package full name: Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Hang type: Quiesce
Error: (10/07/2019 07:17:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SkypeApp.exe version 8.34.0.81 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 225c
Start Time: 01d57d58d8e49435
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Report Id: bbdd3fdb-232d-45b2-a269-da462a905a17
Faulting package full name: Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Hang type: Quiesce
Error: (10/07/2019 06:56:32 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/06/2019 08:09:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Europa_Client.exe version 0.2.537.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 7bc
Start Time: 01d57c9a9d95beae
Termination Time: 8
Application Path: D:\Program Files (x86)\Steam\steamapps\common\Ring of Elysium\Xversion\Europa_Client.exe
Report Id: 59c12abc-c30a-4d21-85e8-b2dfec261dea
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (10/06/2019 05:29:07 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/05/2019 05:29:22 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/05/2019 01:22:11 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
System errors:
=============
Error: (10/09/2019 01:32:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/09/2019 01:32:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/09/2019 01:29:28 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-O5SD2IS)
Description: Unable to start a DCOM Server: ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r!App.AppX0kb1wv51yacfv58jnrprgtyj3c0t775x.mca as Unavailable/Unavailable. The error:
"0"
Happened while starting this command:
"C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe" -ServerName:App.AppX9n879r3et3x3b24eqasexpgc3412rn2m.mca
Error: (10/09/2019 01:29:19 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-O5SD2IS)
Description: Unable to start a DCOM Server: AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r!App.AppXgrtg5zk0qzd58y4kdyd4g0wpzdp7rhmf.mca as Unavailable/Unavailable. The error:
"0"
Happened while starting this command:
"C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe" -ServerName:App.AppXj7d2pwbjt1by8j1s5wak729xa46cf4br.mca
Error: (10/09/2019 01:28:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/09/2019 01:28:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
Error: (10/08/2019 04:33:30 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024001e: Security Intelligence Update for Windows Defender Antivirus - KB2267602 (Version 1.303.1174.0).
Error: (10/08/2019 01:54:57 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-O5SD2IS)
Description: Unable to start a DCOM Server: AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r!App.AppXgrtg5zk0qzd58y4kdyd4g0wpzdp7rhmf.mca as Unavailable/Unavailable. The error:
"0"
Happened while starting this command:
"C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe" -ServerName:App.AppXj7d2pwbjt1by8j1s5wak729xa46cf4br.mca
Windows Defender:
===================================
Date: 2019-10-07 00:32:43.553
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...26&enterprise=0
Name: Trojan:Win32/Tiggre!plock
ID: 2147723626
Severity: Severe
Category: Trojan
Path: file:_C:\WINDOWS\system32\StartupCheckLibrary.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.303.1042.0, AS: 1.303.1042.0, NIS: 1.303.1042.0
Engine Version: AM: 1.1.16400.2, NIS: 1.1.16400.2
Date: 2019-10-05 19:30:58.658
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3C9A005D-01D5-4901-9DB3-79F121EC0EBA}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-05 17:05:07.285
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {569D6F41-A00F-48EB-9BC5-68150799A7A6}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-05 06:14:00.373
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {90806FF2-5A45-4879-83BB-BD40F3DD15B8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-02 06:25:42.325
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6C6FAB3B-152A-47B9-BF5F-CB060DAFAABD}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-08 04:33:41.839
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 1.303.1174.0
Previous Signature Version: 1.303.1146.0
Update Source: User
Signature Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.16400.2
Previous Engine Version: 1.1.16400.2
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Date: 2019-10-08 04:33:41.839
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 1.303.1174.0
Previous Signature Version: 1.303.1146.0
Update Source: User
Signature Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.16400.2
Previous Engine Version: 1.1.16400.2
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Date: 2019-09-18 20:37:16.753
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.299.1519.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16300.1
Error code: 0x80246007
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2019-09-18 20:00:28.270
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.299.1519.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16200.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-09-18 20:00:28.269
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.299.1519.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16200.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-08-01 14:58:18.127
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-08-01 14:42:59.895
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-08-01 03:11:50.215
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-31 19:19:14.518
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-31 13:31:21.299
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-31 02:48:24.224
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-09 21:16:32.345
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume1\Program Files\Prio\prio.dll that did not meet the Microsoft signing level requirements.
Date: 2019-07-09 17:52:47.092
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume1\Program Files\Prio\prio.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F42a 07/31/2019
Motherboard: Gigabyte Technology Co., Ltd. AB350-Gaming 3-CF
Processor: AMD Ryzen 5 1600X Six-Core Processor
Percentage of memory in use: 61%
Total physical RAM: 8143.37 MB
Available physical RAM: 3100.68 MB
Total Virtual: 16143.37 MB
Available Virtual: 9223.9 MB
==================== Drives ================================
Drive c: (Local Disk) (Fixed) (Total:930.7 GB) (Free:103.55 GB) NTFS
Drive d: (Local Disk) (Fixed) (Total:1862.42 GB) (Free:402.44 GB) NTFS
Drive e: () (Fixed) (Total:232.88 GB) (Free:104.49 GB) NTFS
\\?\Volume{26c4f6e3-ae76-402e-924e-64c06f594455}\ () (Fixed) (Total:0.81 GB) (Free:0.34 GB) NTFS
\\?\Volume{3b8a238f-2f3a-4784-8545-56c16e5e4cfe}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{c8899f10-cbea-4cf6-a976-76024a3ea4ac}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 60B170B4)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 2 (Size: 232.9 GB) (Disk ID: A0329484)
Partition: GPT.
==================== End of Addition.txt ============================
Attached Files
Edited by XmutanoX, 08 October 2019 - 11:04 PM.