Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

startupchecklibrary.dll [Closed]

startupchecklibrary.dll

  • This topic is locked This topic is locked

#1
joesg2

joesg2

    New Member

  • Member
  • Pip
  • 3 posts

Hi, every time i start up my PC i see this. any help any one?

 

FRST logs

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-11-2019
Ran by User (administrator) on DESKTOP-66N4BGC (05-11-2019 18:20:24)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 10 Pro Version 1903 18362.418 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files (x86)\Kinoni\EpocCam\KinoniSvc.exe
() [File not signed] C:\Program Files\Ugreen Audio Center\CPL\FaceLift_x64.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346940.inf_amd64_0108ab6308500962\B346681\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346940.inf_amd64_0108ab6308500962\B346681\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Chaos Software Ltd. -> ) [File not signed] C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
(Chaos Software Ltd.) [File not signed] C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.301\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.301\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel® Extreme Tuning Utility -> Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\Creative.UWPRPCService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Open Source Developer, Florian Höch -> ) C:\Program Files (x86)\DisplayCAL\DisplayCAL-apply-profiles.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tencent Technology(Shenzhen) Company Limited -> Sogou) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYUserCenter.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-10-25] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [1789552 2019-08-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\Run: [Spotify] => C:\Users\User\AppData\Roaming\Spotify\Spotify.exe [25828256 2019-08-06] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\Run: [ECigStats] => C:\Users\User\AppData\Roaming\Evolv\ECigStats\ECigStats.exe [159368 2019-04-18] (Dimension Engineering LLC -> Evolv LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.120\Installer\chrmstp.exe [2019-10-11] (Google LLC -> Google LLC)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ASRRGBLED.lnk [2019-08-25]
ShortcutTarget: ASRRGBLED.lnk -> C:\Program Files (x86)\ASRock Utility\ASRRGBLED\Bin\AsrPolychromeRGB.exe (ASRock Incorporation -> )
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Backup and Sync from Google.lnk [2019-06-09]
ShortcutTarget: Backup and Sync from Google.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe (Google LLC -> )
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FaceLift_x64.exe - Shortcut.lnk [2019-06-22]
ShortcutTarget: FaceLift_x64.exe - Shortcut.lnk -> C:\Program Files\Ugreen Audio Center\CPL\FaceLift_x64.exe () [File not signed]
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LCore.exe - Shortcut.lnk [2019-06-22]
ShortcutTarget: LCore.exe - Shortcut.lnk -> C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc -> Logitech Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-06-30]
ShortcutTarget: MEGAsync.lnk -> C:\Users\User\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSIAfterburner.exe - Shortcut.lnk [2019-06-22]
ShortcutTarget: MSIAfterburner.exe - Shortcut.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive.lnk [2019-06-09]
ShortcutTarget: OneDrive.lnk -> C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {103F832B-9A9C-4320-9A8E-911FB1CD151E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6260640 2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {130D008D-298B-4821-8D21-BF4AE30244AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3A37E9CD-A459-4A19-8DF5-32DEB57391F8} - System32\Tasks\Opera scheduled Autoupdate 1550505542 => C:\Users\User\AppData\Local\Programs\Opera\launcher.exe
Task: {3CBC5DF3-ABBC-4033-A0D7-EF4D88D5C61B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {467E2FBA-105D-44D2-8B4F-FA82D302306C} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4B5C5607-A24F-41DA-BADC-079C7CF6D55D} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe
Task: {5A4CBE70-6DD3-4A24-83BF-6A3085784AE6} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [781808 2019-04-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {6EF0F1A7-D90B-414B-9B07-40ADEA0C0ED3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2169960 2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {71D98BFD-0FFD-4C43-B6E7-5F49F3DA17AB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6260640 2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {77CF38DC-ADA6-4C37-991F-9340C6C574FB} - System32\Tasks\DisplayCAL Profile Loader Launcher => C:\Program Files (x86)\DisplayCAL\DisplayCAL-apply-profiles-launcher.exe [175576 2019-01-24] (Open Source Developer, Florian Höch -> )
Task: {86312163-13C9-4D30-BADD-961F9FCD875B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-01] (Google Inc -> Google Inc.)
Task: {905A4D24-59B0-46DE-8B03-800E928FA4DD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2169960 2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {90738C2C-FECD-4A1B-93DF-94DD542F2DCF} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {9ADE7FB2-F473-4606-95CC-EB6C85D37682} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {A2F76EE0-254F-40E2-983E-0756FF7A9D8D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [156504 2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {B657BDC9-7F7D-4FA8-9708-F91C82C7272F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-01] (Google Inc -> Google Inc.)
Task: {B7F565FA-438E-422F-BCE1-CECB50AAFD2B} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-09-11] (Advanced Micro Devices, Inc.) [File not signed]
Task: {BC9E4716-86B6-43CD-B86B-4C3F9BCAA592} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2378024 2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEAF5983-4C16-4681-8156-A81EF6DE1908} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-09-11] (Advanced Micro Devices, Inc.) [File not signed]
Task: {C640AEB9-77CC-4397-98E9-FAA913931938} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {CACEEF7E-3CFF-4475-B458-19B381CA29C4} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D0B84268-A525-4CC9-AA02-F366A56B2738} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367496 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {D53004A5-7E2F-40E9-8E96-D6CC9BD19BE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D60CCC01-EEF7-4BDE-B97B-E04E42AE829E} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {E35AC9F9-FCBC-407E-BE64-F68B6263A3FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EED08680-DD13-4B8A-A0D3-416D2304F72F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [156504 2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F334E842-7851-49F2-B828-EBD7763ED171} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367496 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8B83D5C-1EBF-44FF-A91D-4EE533C2AF78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F9FB1C8F-8D63-4787-BE58-AED3EED6E226} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [891576 2019-09-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2510e2c3-248b-4eda-a9e1-4746439ccec8}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{2510e2c3-248b-4eda-a9e1-4746439ccec8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{826138a9-c5a1-4b9d-a318-af8369c2d338}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{f5818dff-4d6f-4870-91cd-301f110784c2}: [DhcpNameServer] 8.8.8.8
 
Internet Explorer:
==================
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: No Name -> {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} -> No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-06-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ѸÀ×ÏÂÔØÖ§³Ö×é¼þ -> {DE05CF4A-7B0A-4775-B5E5-396244938679} -> C:\Program Files (x86)\Thunder Network\Thunder\Thunder BHO Platform\np_tdieplat.dll => No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-05] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @baidu.com/YunWebDetectPlugin -> D:\Users\User\AppData\Roaming\baidu\BaiduNetdisk\npYunWebDetect.dll [2019-03-06] (Beijing Baidu Netcom Science and Technology Co.,Ltd -> Baidu.com, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-10-10] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-10-10] (Google Inc -> Google LLC)
FF Plugin-x32: @xunlei.com/npaplayer -> C:\Users\Public\Thunder Network\APlayer\codecs\npaplayer.dll [2013-07-06] (ShenZhen Thunder Networking Technologies, LTD) [File not signed]
FF Plugin-x32: @xunlei.com/npxluser -> C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.3.dll [2019-06-22] (ShenZhen Thunder Networking Technologies Ltd. -> Thunder Networking Technologies,LTD)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3081099449-2374384075-4149456581-1001: @xunlei.com/npxluser -> C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.3.dll [2019-06-22] (ShenZhen Thunder Networking Technologies Ltd. -> Thunder Networking Technologies,LTD)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "","hxxps://www.google.com/","hxxp://www.hohosearch.com/?mode=nnnb&ptid=amz&uid=24A28B905309A0B07CDE8D94AF72771C&v=20160329&ts=AHEpCHUtAXUmA0.."
CHR Notifications: Default -> hxxps://web.whatsapp.com
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-11-05]
CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-01]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-01]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-01]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-01]
CHR Extension: (Samsung Internet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\epejdmjgfibjaffbmojllapapjejipkh [2019-05-08]
CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-01]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-01]
CHR Extension: (Vysor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2019-05-16]
CHR Extension: (Video Adblocker for Youtube™ Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2019-07-29]
CHR Extension: (Carbon Blackout) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ialnhggmaghopmhanfnjjneegopfpbdj [2019-02-03]
CHR Extension: (Drive Speed Test) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\khceghjhgmmikckgnmnjedpnbmbfehjd [2019-02-01]
CHR Extension: (Google Play) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2019-02-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-02-01]
CHR Extension: (Google Maps) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2019-02-01]
CHR Extension: (Merge PDF - Smallpdf.com) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbhibnjbbdkflfklbdpgbifkhcielgcm [2019-02-01]
CHR Extension: (Spread3D Review for SketchUp) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjkndlllagaajogioiailncjbmbalci [2019-02-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-10]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-29]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-05]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-11-01]
CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-13]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-13]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-13]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-13]
CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-13]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-02-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-10]
CHR Extension: (Smallpdf - Edit, Compress and Convert PDF) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2019-10-20]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-29]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-09-05]
CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-05]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-05]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-09-05]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-05]
CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-05]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-05]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-09-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-05]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-05]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-05]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-05]
CHR HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0346940.inf_amd64_0108ab6308500962\B346681\atiesrxx.exe [508008 2019-09-23] (Advanced Micro Devices, Inc. -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-03-28] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11642744 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803456 2019-07-04] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam\KinoniSvc.exe [743936 2019-01-26] () [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [8134144 2018-10-09] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 QMEmulatorService; D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [342776 2019-01-17] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 QQPYService; C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYService.exe [141672 2019-09-17] (Tencent Technology(Shenzhen) Company Limited -> Sogou)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [445568 2018-04-02] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943752 2018-04-02] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-02-19] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R2 UWPService; C:\WINDOWS\SysWOW64\Creative.UWPRPCService.exe [363968 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe [90176 2019-02-03] (Chaos Software Ltd. -> ) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [18264 2017-09-27] (Intel® Extreme Tuning Utility -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0346940.inf_amd64_0108ab6308500962\B346681\atikmdag.sys [60634216 2019-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0346940.inf_amd64_0108ab6308500962\B346681\atikmpag.sys [597608 2019-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103672 2019-06-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R2 aow_drv; D:\Program Files\TxGameAssistant\UI\2.0.7967.123\aow_drv_x64_ev.sys [861800 2019-01-23] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AsrDrv102; C:\Windows\SysWOW64\Drivers\AsrDrv102.sys [22248 2019-02-02] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv103; C:\Windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2019-02-02] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv104n; C:\WINDOWS\SysWOW64\Drivers\AsrDrv104n.sys [33000 2019-08-25] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 DESerialPort; C:\WINDOWS\system32\DRIVERS\DimensionSerialPort.sys [24576 2016-11-12] (Dimension Engineering LLC -> )
R1 EneIo; C:\WINDOWS\system32\drivers\ene.sys [16320 2018-03-20] (Ptolemy Tech Co., Ltd -> )
R3 EuMusDesignVirtualAudioCableWdm; C:\WINDOWS\System32\drivers\vrtaucbl.sys [90624 2012-04-01] (NTONYX Ltd. -> Eugene V. Muzychenko)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation -> Intel Corporation)
S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1087120 2019-01-23] (Shanghai Yitu Information Technology Co.,Ltd. -> e2eSoft)
R3 kinonivd; C:\WINDOWS\System32\drivers\kinonivd.sys [283120 2019-01-31] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R3 KINONI_Wave; C:\WINDOWS\system32\drivers\kinonivad.sys [23040 2019-01-04] (Kinoni Oy -> Windows ® Win 7 DDK provider)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-22] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)
S3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2019-02-26] (Logitech Inc -> Logitech)
S3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2019-02-26] (Logitech Inc -> Logitech)
R3 LULIAN108B; C:\WINDOWS\System32\drivers\LULIAN108B.sys [3794920 2018-04-10] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA Inc.)
R3 MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [43456 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2019-02-02] (Realtek Semiconductor Corp. -> Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 TBoxDrv; C:\Program Files\AndroidTbox\TBoxDrv.sys [271600 2017-09-11] (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
S3 TESMON; C:\WINDOWS\system32\drivers\TesMon.sys [2360040 2019-07-28] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
R3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [431200 2019-07-28] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [1053600 2019-07-28] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [235832 2019-01-28] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [351968 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2019-10-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-02-02] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 VGAOCTool; \??\C:\Users\User\AppData\Local\Temp\VGAOCTool.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-11-05 18:21 - 2019-11-05 18:21 - 000004962 _____ C:\Users\User\Desktop\xpost-428652-0-29293300-1555697370.png.pagespeed.ic.JRIX6kFeSa.webp
2019-11-05 18:20 - 2019-11-05 18:20 - 000040863 _____ C:\Users\User\Desktop\FRST.txt
2019-11-05 18:19 - 2019-11-05 18:20 - 000000000 ____D C:\FRST
2019-11-05 18:18 - 2019-11-05 18:18 - 001619456 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2019-11-01 23:16 - 2019-11-01 23:16 - 000000000 ____D C:\Users\User\Downloads\AMD_MARS_01-11-19
2019-11-01 23:15 - 2019-11-01 23:15 - 001424717 _____ C:\Users\User\Downloads\AMD_MARS_01-11-19.zip
2019-11-01 23:14 - 2019-11-01 23:14 - 001518843 _____ C:\Users\User\Downloads\Authorized Printer Service Centre Up Computing Sales &Services_OLCS6.ai
2019-11-01 23:14 - 2019-11-01 23:14 - 000082928 _____ C:\Users\User\Downloads\CrystalReportViewer1upcom.pdf
2019-11-01 23:14 - 2019-11-01 23:14 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsigna78932945ac73723
2019-11-01 23:14 - 2019-11-01 23:14 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign5edcffcf4d82268b
2019-10-30 12:27 - 2019-10-30 12:27 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-10-30 12:27 - 2019-10-30 12:27 - 000001816 _____ C:\ProgramData\Desktop\iTunes.lnk
2019-10-30 12:27 - 2019-10-30 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-10-30 12:27 - 2019-10-30 12:27 - 000000000 ____D C:\Program Files\iTunes
2019-10-30 12:27 - 2019-10-30 12:27 - 000000000 ____D C:\Program Files\iPod
2019-10-29 13:08 - 2019-10-29 13:08 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsigne5b2466ee74b6f7a
2019-10-29 13:08 - 2019-10-29 13:08 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignad3ad35ba1681ff5
2019-10-29 11:58 - 2019-10-29 11:59 - 004395427 _____ C:\Users\User\Downloads\10994-A_AMD_RYZEN_RADEON_LOCKUP.zip
2019-10-29 11:58 - 2019-10-29 11:58 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsigne9fb8efb4cb68096
2019-10-29 11:58 - 2019-10-29 11:58 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign5117149f79a0e79f
2019-10-29 10:54 - 2019-10-29 10:55 - 000000000 ____D C:\Users\User\Desktop\shirt sample
2019-10-23 05:23 - 2019-10-23 05:23 - 000000000 ____D C:\Users\User\AppData\Local\cache
2019-10-23 05:17 - 2019-10-23 05:17 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2019-10-23 05:17 - 2019-10-23 05:17 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2019-10-23 05:17 - 2019-10-23 05:17 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-10-23 05:17 - 2019-10-23 05:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2019-10-23 05:17 - 2019-10-23 05:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2019-10-23 05:17 - 2019-10-23 05:17 - 000000000 ____D C:\Program Files (x86)\AMD
2019-10-23 05:16 - 2019-10-26 01:13 - 000000000 ____D C:\Users\User\AppData\LocalLow\AMD
2019-10-23 05:10 - 2019-10-23 05:10 - 028290000 _____ (AMD Inc.) C:\Users\User\Downloads\radeon-software-adrenalin-2019-19.9.2-minimalsetup-190923_64bit.exe
2019-10-21 07:48 - 2019-10-21 07:48 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignb0d5d81a00ec7089
2019-10-21 07:48 - 2019-10-21 07:48 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignaa41fb80f3d16246
2019-10-20 23:24 - 2019-10-20 23:24 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignd252f75d62b8353d
2019-10-20 23:24 - 2019-10-20 23:24 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign752d12ecf15312cd
2019-10-20 23:16 - 2019-10-20 23:16 - 003357940 _____ C:\Users\User\Downloads\Cabinet+6cm+Wheel.skp
2019-10-20 14:07 - 2019-10-05 18:23 - 425585950 _____ C:\Users\User\Desktop\20191005_181943.mp4
2019-10-20 14:07 - 2019-09-11 00:22 - 031955063 _____ C:\Users\User\Desktop\20190911_002206.mp4
2019-10-12 02:06 - 2019-10-12 02:06 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign7deaa7289b896e73
2019-10-12 02:06 - 2019-10-12 02:06 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign05f181eda7e4199f
2019-10-12 01:29 - 2019-10-12 01:29 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignac1c9fb6e8b4777f
2019-10-12 01:29 - 2019-10-12 01:29 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign471bddc71c1b4c28
2019-10-12 01:26 - 2019-10-12 01:26 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignaec5cd53e5765cda
2019-10-12 01:26 - 2019-10-12 01:26 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign84c607592d21c486
2019-10-10 23:27 - 2019-10-10 23:27 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 022628352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 019811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 018019840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 017787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 009928504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 007848192 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 006517640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 006425600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 006232064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 006227624 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 006164480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 006084048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 005915648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 005865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 005764872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 005105152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 004612520 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 004129616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 004046336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 004012544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 003964056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 003947008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 003742032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 003701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 003386880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 003184128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 003105280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002821120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 002772032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002762504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-10-10 23:27 - 2019-10-10 23:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-10-10 23:27 - 2019-10-10 23:27 - 002723328 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 002703360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002456064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002422592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-10 23:27 - 2019-10-10 23:27 - 002314648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002258856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002236144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002190864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002160640 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-10 23:27 - 2019-10-10 23:27 - 002132280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002120272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002069504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 002000168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001957008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001913296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001845408 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001788728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-10 23:27 - 2019-10-10 23:27 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001730560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001716752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001664928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001664376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001616784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001611792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 001510752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001501712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001439744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001394488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 001386000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001383856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-10 23:27 - 2019-10-10 23:27 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001297936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001261800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001244944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001217904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 001178816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001152016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001150240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001054872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001047968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001043984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001036800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000957240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000944664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000904704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000890472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000880088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000856576 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-10 23:27 - 2019-10-10 23:27 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000833312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000829536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000827408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000816648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000792296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000774672 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000759488 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000758584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000732176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000666128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000656960 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000649016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000551952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000541480 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000516408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000502784 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-10 23:27 - 2019-10-10 23:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000495120 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000487576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000466416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11on12.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000449888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000442704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-10 23:27 - 2019-10-10 23:27 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000412152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000398728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000394256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000342896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000334936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000293344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000258064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgmgr32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000231440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000228880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-10 23:27 - 2019-10-10 23:27 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000223032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-10 23:27 - 2019-10-10 23:27 - 000181776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000176152 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000173072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000145208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000140496 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000119840 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000100664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000092624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000079376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devrtl.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000052752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000037904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-10-10 23:27 - 2019-10-10 23:27 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000021544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-10-10 23:27 - 2019-10-10 23:27 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSErrRedir.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-10-10 23:27 - 2019-10-10 23:27 - 000011576 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-10-10 23:27 - 2019-10-10 23:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2019-10-10 23:27 - 2019-10-10 23:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-10 23:27 - 2019-10-10 23:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-10 23:27 - 2019-10-10 23:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-10 23:27 - 2019-10-10 23:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-10 23:27 - 2019-10-10 23:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-10 23:27 - 2019-10-10 23:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-10 23:27 - 2019-10-10 23:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-10 23:27 - 2019-10-10 23:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2019-10-10 23:27 - 2019-10-10 23:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2019-10-10 23:27 - 2019-10-10 23:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2019-10-10 23:27 - 2019-10-10 23:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-10 23:22 - 2019-09-20 12:36 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-10-10 23:22 - 2019-09-20 12:14 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-10-10 13:34 - 2019-10-10 13:34 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign4ac31d105a697f67
2019-10-10 13:32 - 2019-10-10 13:32 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignaacf66e8baa8fb68
2019-10-10 13:32 - 2019-10-10 13:32 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsigna8f77c0dec629e4d
2019-10-10 13:32 - 2019-10-10 13:32 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign02ea3961e8787b6a
2019-10-10 13:31 - 2019-10-10 13:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2019-10-10 13:31 - 2019-10-10 13:31 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2019-10-10 13:21 - 2019-11-05 18:13 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-10-10 13:21 - 2019-11-05 18:13 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-10-10 13:21 - 2019-10-26 01:07 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-11-05 18:19 - 2019-02-01 22:40 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2019-11-05 18:18 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-05 18:18 - 2019-03-19 12:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-11-05 18:17 - 2019-02-02 00:36 - 000000000 ____D C:\Program Files\Microsoft Office
2019-11-05 18:16 - 2019-05-27 16:50 - 001392922 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-05 18:16 - 2019-05-27 16:09 - 000427148 _____ C:\WINDOWS\system32\prfh0804.dat
2019-11-05 18:16 - 2019-05-27 16:09 - 000133692 _____ C:\WINDOWS\system32\prfc0804.dat
2019-11-05 18:16 - 2019-03-19 12:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-05 18:14 - 2019-05-27 16:47 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E0A6C85E-C7A7-4302-A0A4-7E5DA77A2FC6}
2019-11-05 18:14 - 2019-05-27 16:47 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3081099449-2374384075-4149456581-1001
2019-11-05 18:14 - 2019-05-27 16:14 - 000002364 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-05 18:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-05 18:11 - 2019-02-02 12:50 - 000000000 ____D C:\Users\User\AppData\Roaming\DisplayCAL
2019-11-05 18:10 - 2019-05-27 16:47 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2019-11-05 18:10 - 2019-05-27 16:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-05 18:10 - 2019-02-03 20:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-11-01 23:32 - 2019-05-27 16:47 - 000003140 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-11-01 23:32 - 2019-03-19 12:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-11-01 23:32 - 2019-02-01 22:37 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-11-01 23:21 - 2019-03-19 12:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-01 23:14 - 2019-02-03 18:38 - 000000034 _____ C:\Users\User\AppData\Roaming\AdobeWLCMCache.dat
2019-10-30 13:04 - 2019-08-25 18:06 - 000000000 ____D C:\Users\User\AppData\Roaming\Deezloader Remix
2019-10-29 14:29 - 2019-05-27 16:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-29 09:46 - 2018-06-19 00:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-10-26 10:34 - 2019-05-27 16:42 - 005218888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-26 03:35 - 2019-07-29 00:40 - 000000000 ____D C:\Users\User\AppData\Local\Spotify
2019-10-26 01:54 - 2019-07-29 00:39 - 000000000 ____D C:\Users\User\AppData\Roaming\Spotify
2019-10-26 01:08 - 2019-02-01 22:33 - 000000000 ____D C:\ProgramData\Packages
2019-10-26 01:08 - 2019-02-01 19:29 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2019-10-26 01:08 - 2019-02-01 19:28 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2019-10-26 01:07 - 2019-02-04 04:11 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-10-26 01:07 - 2019-02-04 04:10 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-10-23 05:17 - 2019-02-01 22:37 - 000000000 ____D C:\Program Files\AMD
2019-10-23 05:16 - 2019-02-01 22:38 - 000000000 ____D C:\Users\User\AppData\Local\AMD
2019-10-23 05:11 - 2019-02-17 13:55 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2019-10-23 05:10 - 2019-02-01 22:37 - 000000000 ____D C:\AMD
2019-10-23 04:42 - 2019-06-22 22:57 - 000007602 _____ C:\Users\User\AppData\Local\Resmon.ResmonCfg
2019-10-15 23:51 - 2019-02-02 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-10-13 15:52 - 2019-02-05 14:09 - 000000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2019-10-13 15:32 - 2019-02-01 23:16 - 000000000 ____D C:\Program Files (x86)\Steam
2019-10-12 10:28 - 2019-02-19 00:58 - 000074552 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2019-10-12 10:26 - 2019-04-12 21:50 - 000000000 ____D C:\Program Files (x86)\PUBGLite
2019-10-12 02:31 - 2019-02-03 00:05 - 000000297 _____ C:\Users\User\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2019-10-12 02:31 - 2019-02-02 13:09 - 000000000 ____D C:\Users\User\AppData\Local\Nox
2019-10-12 02:19 - 2019-02-02 13:10 - 000000000 ____D C:\Users\User\.android
2019-10-12 02:18 - 2019-02-02 13:09 - 000000000 ____D C:\Users\User\vmlogs
2019-10-12 02:18 - 2019-02-02 13:09 - 000000000 ____D C:\Users\User\.BigNox
2019-10-12 02:05 - 2019-08-25 15:04 - 000000000 ____D C:\Users\User\Documents\teiron
2019-10-12 02:04 - 2019-02-03 18:31 - 000000000 ____D C:\Program Files (x86)\Betternet
2019-10-11 13:46 - 2019-02-01 22:36 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-10 23:38 - 2019-02-01 19:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-10 23:38 - 2019-02-01 19:28 - 000000000 ___RD C:\Users\User\3D Objects
2019-10-10 23:36 - 2019-03-19 14:23 - 000000000 ___SD C:\WINDOWS\system32\AppV
2019-10-10 23:36 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-10-10 23:36 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-10-10 23:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-10 23:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-10 23:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-10-10 23:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-10-10 23:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-10 23:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-10 23:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-10-10 23:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-10 23:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-10 23:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-10 23:32 - 2019-03-19 12:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-10 23:31 - 2019-02-01 23:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-10 23:29 - 2019-02-01 23:05 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-10 13:31 - 2019-02-05 03:59 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2019-10-10 13:27 - 2019-05-27 16:47 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-10 13:27 - 2019-05-27 16:47 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-10 13:27 - 2019-02-01 22:35 - 000000000 ____D C:\Program Files (x86)\Google
 
==================== Files in the root of some directories ========
 
2019-02-03 18:38 - 2019-11-01 23:14 - 000000034 _____ () C:\Users\User\AppData\Roaming\AdobeWLCMCache.dat
2019-02-07 00:17 - 2019-02-07 00:17 - 000000000 _____ () C:\Users\User\AppData\Local\oobelibMkey.log
2019-06-22 22:57 - 2019-10-23 04:42 - 000007602 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 
 
 
 
 
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2019
Ran by User (05-11-2019 18:21:26)
Running from C:\Users\User\Desktop
Windows 10 Pro Version 1903 18362.418 (X64) (2019-05-27 08:47:29)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3081099449-2374384075-4149456581-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3081099449-2374384075-4149456581-503 - Limited - Disabled)
Guest (S-1-5-21-3081099449-2374384075-4149456581-501 - Limited - Disabled)
User (S-1-5-21-3081099449-2374384075-4149456581-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-3081099449-2374384075-4149456581-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AC Tool (HKLM-x32\...\AC Tool) (Version:  - )
Adobe Audition CC 2019 (HKLM-x32\...\AUDT_12_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.9.2 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{BED24701-751B-41C5-8888-A8EABAB9FE8C}) (Version: 8.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{88F21C94-88AF-4665-AF4F-FECB1FA059B9}) (Version: 8.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASRRGBLED v1.0.57 (HKLM-x32\...\ASRock RGB LED_is1) (Version: 1.0.57 - ASRock Inc.)
ASUS DRAM_LIB (HKLM\...\{2F0D3D1A-1B75-4DFC-8C0E-C55C4EAB67F8}) (Version: 1.0.22 - ASUS COMPUTER INC.) Hidden
ASUS DRAM_LIB (HKLM-x32\...\{6bd55e2a-f475-4183-b862-1dd70c1ce699}) (Version: 1.0.22 - ASUS COMPUTER INC.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
Backup and Sync from Google (HKLM\...\{04F8741C-2F6C-4324-BBAB-0CEB1E59FE67}) (Version: 3.46.7395.1225 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Deezloader Remix 4.2.2 (HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\5eed4b40-1ed5-51be-ab52-56cdb94a998f) (Version: 4.2.2 - RemixDevs)
Discord (HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
ECigStats (HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\ECigStats) (Version:  - Evolv)
ENE IO Driver (HKLM-x32\...\{D0512FF6-6194-4D2E-967E-25B82A3322FF}) (Version: 1.0.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{2914DF72-932B-4DF2-9696-C2821EDA1CA9}) (Version: 1.00.09 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{546469ee-3f9d-4fe4-bf1c-893f79cf7327}) (Version: 1.00.09 - Ene Tech.) Hidden
ENE_EHD_HAL (HKLM\...\{F56EC5A0-3A93-492E-882A-E036F5897CC7}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_HAL (HKLM-x32\...\{cc33eebd-777b-4177-8cd7-6ab9fd06ceed}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EScribe Suite (HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\EScribe) (Version:  - Evolv)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.120 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Grand Theft Auto V (HKLM\...\Grand Theft Auto V_is1) (Version: 1.0.877.1 - )
HeavyLoad V3.4 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.4 - JAM Software)
iTunes (HKLM\...\{38749252-C55E-44D9-9CB6-52199D0173AB}) (Version: 12.10.2.3 - Apple Inc.)
KinoniDrivers 2.9.4 (HKLM-x32\...\KinoniDrivers) (Version: 2.9.4 - Kinoni)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.12130.20272 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.6.3 - Duodian Technology Co. Ltd.)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Pro Evolution Soccer 2019 (HKLM-x32\...\{879B9B7F-6AAF-4686-A7FC-E937EE6BE37B}_is1) (Version:  - KONAMI)
PUBG Lite (HKLM-x32\...\PUBG Lite_is1) (Version: 1.0.0.4 - )
QQ拼音输入法6.4 (HKLM\...\QQ拼音输入法) (Version: 6.4 - 搜狗公司)
Razer Chroma Broadcast SDK Core Components (HKLM-x32\...\Razer Chroma Broadcast SDK) (Version: 0.2.2 - Razer Inc.)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.12.2 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder)
Sapphire TRIXX 6.4.0 (HKLM-x32\...\{54CE6A44-8553-4B78-9B07-AC88A9D581E8}_is1) (Version: 6.4.0 - Sapphire Technology)
SketchUp 2017 (HKLM\...\{BCA90A4C-9C6A-49D1-91F9-594A0BE02432}) (Version: 17.1.174 - Trimble, Inc.)
Skype version 8.37 (HKLM-x32\...\Skype_is1) (Version: 8.37 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\Spotify) (Version: 1.1.12.449.g4109e645 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.9025 - TeamViewer)
Tencent Gaming Buddy (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
Ugreen Audio Center (HKLM-x32\...\{CF55622E-2983-41F1-959E-DCEF33F8108B}) (Version: 1.04 - Ugreen Electronics, Inc.)
Uninstall DisplayCAL (HKLM-x32\...\{4714199A-0D66-4E69-97FF-7B54BFF80B88}_is1) (Version: 3.7.1.4 - Florian Höch)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Virtual Audio Cable 4.12 (HKLM\...\Virtual Audio Cable 4.12) (Version:  - )
VNC Viewer 6.19.325 (HKLM\...\{8412A26E-0F1A-47B2-9C61-4738C5864645}) (Version: 6.19.325.40889 - RealVNC Ltd)
V-Ray 3.4 for SketchUp (HKLM\...\V-Ray 3.4 for SketchUp) (Version: 3.40.02 - Chaos Software Ltd)
V-Ray Online License Server (HKLM\...\V-Ray Online License Server) (Version: 4.3.1 - Chaos Software Ltd)
V-Ray Swarm (HKLM\...\V-Ray Swarm) (Version: 1.3.5 - Chaos Software Ltd)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22749 - Microsoft Corporation)
Windows Driver Package - Dimension Engineering USB Serial Converter (11/11/2016 1.0.3.21) (HKLM\...\377DE9679F7155ADE94AA4BCBF4CA02472B49707) (Version: 11/11/2016 1.0.3.21 - Dimension Engineering)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
百度网盘 (HKLM-x32\...\百度云管家) (Version: 6.7.0 - 百度在线网络技术北京有限公司)
 
Packages:
=========
ACG Player -> C:\Program Files\WindowsApps\41038AXILESOFT.ACGMEDIAPLAYER_1.15.17502.0_x64__wxjjre7dryqb6 [2019-05-27] (Axilesoft) [MS Ad]
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.23.7.0_x86__kgqvnymyfvs32 [2019-10-26] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-11] (Dolby Laboratories)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-12] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.3.22883.0_x64__8wekyb3d8bbwe [2019-11-01] (Microsoft Corporation)
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-20] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-30] (Thumbmunkeys Ltd) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-03-02] (Plex)
RSS Media Player -> C:\Program Files\WindowsApps\48405AmbientSoftware.RssVideoPlayer_1.4.37.0_x64__agy8jafheqhng [2019-05-27] (Ambient Software) [MS Ad]
Samsung Flow -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy [2019-10-26] (Samsung Electronics Co, Ltd.)
Sound Blaster Connect -> C:\Program Files\WindowsApps\CreativeTechnologyLtd.SoundBlasterConnect_2.2.10.0_x86__13fcda18mhdz2 [2019-06-07] (Creative Technology Ltd.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\CLSID\{04271989-C4D2-F1B8-950F-0916E3F69B3E} -> [OneDrive - Ministere de l'Enseignement Superieur et de la Recherche Scientifique] => D:\One Drive\OneDrive - Ministere de l'Enseignement Superieur et de la Recherche Scientifique [2019-02-28 12:12]
CustomCLSID: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\CLSID\{3CA1B8A7-376B-465E-9D6D-F02B77067627} -> [MEGA] => D:\MEGA [2019-06-30 18:10]
CustomCLSID: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64}\Shell\Open\Command -> D:\Users\User\AppData\Roaming\baidu\BaiduNetdisk\BaiduNetdisk.exe (Beijing Baidu Netcom Science and Technology Co.,Ltd -> )
CustomCLSID: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64} -> [百度网盘] => D:\Users\User\AppData\Roaming\baidu\BaiduNetdisk\ [0000-00-00 00:00]
CustomCLSID: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-10] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-10] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-10] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-10] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-10-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-10-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => D:\Users\User\AppData\Roaming\baidu\BaiduNetdisk\YunShellExt64.dll [2019-03-06] (Beijing Baidu Netcom Science and Technology Co.,Ltd -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-10] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ContextMenuHandlers4: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => D:\Users\User\AppData\Roaming\baidu\BaiduNetdisk\YunShellExt64.dll [2019-03-06] (Beijing Baidu Netcom Science and Technology Co.,Ltd -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-10-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-10-01] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-29] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2018-09-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-29] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-26] (Beepa P/L) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
 
==================== Loaded Modules (Whitelisted) =============
 
2019-02-03 18:30 - 2019-02-03 18:30 - 000174592 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\ffi\build\Release\ffi_bindings.node
2019-02-03 18:30 - 2019-02-03 18:30 - 000163328 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\ref\build\Release\binding.node
2019-02-03 18:30 - 2019-02-03 18:30 - 000204800 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\v8-profiler\build\profiler\v5.6.5\node-v48-win32-x64\profiler.node
2019-02-02 12:50 - 2018-04-30 15:23 - 000092672 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_ctypes.pyd
2019-02-02 12:50 - 2018-04-30 15:26 - 001093632 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_hashlib.pyd
2019-02-02 12:50 - 2018-04-30 15:23 - 000027648 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_multiprocessing.pyd
2019-02-02 12:50 - 2018-04-30 15:25 - 000046592 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_socket.pyd
2019-02-02 12:50 - 2018-04-30 15:25 - 001412608 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_ssl.pyd
2019-02-02 12:50 - 2016-01-11 21:45 - 000016384 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_winxptheme.pyd
2019-02-02 12:50 - 2018-04-30 15:24 - 000071168 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\bz2.pyd
2019-02-02 12:50 - 2017-11-03 13:27 - 000014336 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\faulthandler.pyd
2019-02-02 12:50 - 2018-08-04 16:26 - 000104448 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.core._multiarray_tests.pyd
2019-02-02 12:50 - 2018-08-04 16:26 - 001220608 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.core.multiarray.pyd
2019-02-02 12:50 - 2018-08-04 16:26 - 000717312 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.core.umath.pyd
2019-02-02 12:50 - 2018-08-04 16:26 - 000066560 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.fft.fftpack_lite.pyd
2019-02-02 12:50 - 2018-08-04 16:26 - 001478144 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.linalg._umath_linalg.pyd
2019-02-02 12:50 - 2018-08-04 16:26 - 001382912 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.linalg.lapack_lite.pyd
2019-02-02 12:50 - 2018-08-04 16:26 - 000664576 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.random.mtrand.pyd
2019-02-02 12:50 - 2018-04-30 15:24 - 000144384 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\pyexpat.pyd
2019-02-02 12:50 - 2016-01-11 21:46 - 000396800 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\pythoncom27.dll
2019-02-02 12:50 - 2016-01-11 21:44 - 000110080 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\pywintypes27.dll
2019-02-02 12:50 - 2018-04-30 15:24 - 000010240 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\select.pyd
2019-02-02 12:50 - 2018-04-30 15:24 - 000687104 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\unicodedata.pyd
2019-02-02 12:50 - 2016-01-11 21:45 - 000100864 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32api.pyd
2019-02-02 12:50 - 2016-01-11 21:48 - 000381952 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32com.shell.shell.pyd
2019-02-02 12:50 - 2016-01-11 21:45 - 000045568 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32console.pyd
2019-02-02 12:50 - 2016-01-11 21:44 - 000018432 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32event.pyd
2019-02-02 12:50 - 2016-01-11 21:44 - 000119808 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32file.pyd
2019-02-02 12:50 - 2016-01-11 21:45 - 000167936 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32gui.pyd
2019-02-02 12:50 - 2016-01-11 21:45 - 000036864 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32process.pyd
2019-02-02 12:50 - 2018-07-25 14:27 - 000861184 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._adv.pyd
2019-02-02 12:50 - 2018-07-25 14:27 - 005654016 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._core.pyd
2019-02-02 12:50 - 2018-07-25 14:27 - 000431104 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._grid.pyd
2019-02-02 12:50 - 2018-07-25 14:27 - 000501760 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._html.pyd
2019-02-02 12:50 - 2018-07-25 14:27 - 000067584 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._xml.pyd
2019-02-02 12:50 - 2018-07-25 14:27 - 000093184 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._xrc.pyd
2019-02-02 12:50 - 2018-07-25 14:27 - 000088064 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx.siplib.pyd
2018-08-16 20:54 - 2018-08-16 20:54 - 001484800 _____ () [File not signed] C:\Program Files (x86)\Kinoni\EpocCam\avcodec-58.dll
2018-08-16 20:52 - 2018-08-16 20:52 - 000556544 _____ () [File not signed] C:\Program Files (x86)\Kinoni\EpocCam\avutil-56.dll
2018-08-16 20:54 - 2018-08-16 20:54 - 000190464 _____ () [File not signed] C:\Program Files (x86)\Kinoni\EpocCam\swresample-3.dll
2018-08-16 20:55 - 2018-08-16 20:55 - 000514048 _____ () [File not signed] C:\Program Files (x86)\Kinoni\EpocCam\swscale-5.dll
2019-04-21 16:33 - 2019-04-21 16:33 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-04-21 16:32 - 2019-04-21 16:32 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-04-21 16:33 - 2019-04-21 16:33 - 000649216 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-04-21 16:32 - 2019-04-21 16:32 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-04-21 16:33 - 2019-04-21 16:33 - 000367104 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-03-09 15:50 - 2019-03-09 15:50 - 000057344 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2019-03-09 15:51 - 2019-03-09 15:51 - 000072704 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2019-03-09 15:50 - 2019-03-09 15:50 - 000364544 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-09-10 17:38 - 2019-09-10 17:38 - 000258048 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\WirelessVR-windesktop64.dll
2019-11-05 18:11 - 2019-11-05 18:11 - 000114176 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\_ctypes.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000173056 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\_elementtree.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 001803776 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\_hashlib.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000032256 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\_multiprocessing.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000046080 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\_psutil_windows.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000047616 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\_socket.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 002235904 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\_ssl.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000026112 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\_yappi.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000080896 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\bz2.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000016384 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\common.time34.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000007680 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\hashobjs_ext.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000301568 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\PIL._imaging.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000169472 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\pyexpat.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 001084416 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\pysqlite2._sqlite.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000548864 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\pythoncom27.dll
2019-11-05 18:11 - 2019-11-05 18:11 - 000137728 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\pywintypes27.dll
2019-11-05 18:11 - 2019-11-05 18:11 - 000010752 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\select.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000020992 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\thumbnails_ext.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000689664 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\unicodedata.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000119808 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\usb_ext.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000128512 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32api.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000438784 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32com.shell.shell.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000011776 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32crypt.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000023040 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32event.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000149504 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32file.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000223232 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32gui.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000048128 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32inet.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000029696 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32pdh.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000027648 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32pipe.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000044032 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32process.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000020480 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32profile.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000136192 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32security.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000026624 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\win32ts.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000034816 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\windows.conditional.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000038400 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\windows.connectivity.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000071680 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\windows.device_monitor.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000109056 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\windows.volumes.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000020480 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\windows.winwrap.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 001325056 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\wx._controls_.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 001489408 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\wx._core_.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 001007104 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\wx._gdi_.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000103424 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\wx._html2.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 000916992 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\wx._misc_.pyd
2019-11-05 18:11 - 2019-11-05 18:11 - 001039872 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\wx._windows_.pyd
2019-06-12 10:15 - 2019-06-12 10:15 - 000158208 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\amdihk64.dll
2019-03-18 22:55 - 2018-01-30 15:07 - 000256000 ____N (C-MEDIA Electronics INC.) [File not signed] C:\Program Files\Ugreen Audio Center\CPL\Driver\x64\vista\osConfLib.dll
2019-02-02 12:50 - 2018-04-30 15:23 - 002647552 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\DisplayCAL\PYTHON27.DLL
2019-11-05 18:11 - 2019-11-05 18:11 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\python27.dll
2018-04-07 02:29 - 2018-04-07 02:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-07 02:29 - 2018-04-07 02:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2019-01-08 12:55 - 2019-01-08 12:55 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-09-10 17:47 - 2019-09-10 17:47 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 12:54 - 2019-01-08 12:54 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 12:55 - 2019-01-08 12:55 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 12:55 - 2019-01-08 12:55 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 12:55 - 2019-01-08 12:55 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 12:55 - 2019-01-08 12:55 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 12:55 - 2019-01-08 12:55 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 12:55 - 2019-01-08 12:55 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 12:55 - 2019-01-08 12:55 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-03-18 22:55 - 2018-02-08 11:57 - 000229888 ____N (TODO: <Company name>) [File not signed] C:\Program Files\Ugreen Audio Center\CPL\Driver\HIDDLL\ConfHIDDLL_X64.dll
2019-02-02 12:50 - 2018-07-25 14:27 - 000155136 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxbase30u_net_vc90.dll
2019-02-02 12:50 - 2018-07-25 14:27 - 002036224 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxbase30u_vc90.dll
2019-02-02 12:50 - 2018-07-25 14:27 - 000136192 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxbase30u_xml_vc90.dll
2019-02-02 12:50 - 2018-07-25 14:27 - 001253376 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_adv_vc90.dll
2019-02-02 12:50 - 2018-07-25 14:27 - 004818432 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_core_vc90.dll
2019-02-02 12:50 - 2018-07-25 14:27 - 000601600 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_html_vc90.dll
2019-02-02 12:50 - 2018-07-25 14:27 - 000687104 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_xrc_vc90.dll
2019-11-05 18:11 - 2019-11-05 18:11 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\wxbase30u_net_vc90_x64.dll
2019-11-05 18:11 - 2019-11-05 18:11 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\wxbase30u_vc90_x64.dll
2019-11-05 18:11 - 2019-11-05 18:11 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\wxmsw30u_adv_vc90_x64.dll
2019-11-05 18:11 - 2019-11-05 18:11 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\wxmsw30u_core_vc90_x64.dll
2019-11-05 18:11 - 2019-11-05 18:11 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\wxmsw30u_html_vc90_x64.dll
2019-11-05 18:11 - 2019-11-05 18:11 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\User\AppData\Local\Temp\_MEI85602\wxmsw30u_webview_vc90_x64.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\WINDOWS\System32:tdsrset.gfc [6346]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\User\Application Data:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\User\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\sharepoint.com -> hxxps://mohetn-files.sharepoint.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-21 03:37 - 2019-08-25 16:41 - 000001113 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\User\AppData\Local\Microsoft\WindowsApps;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\StartupFolder: => "OneDrive.lnk"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\Run: => "CAM"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\Run: => "BaiduYunGuanjia"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\Run: => "BaiduYunDetect"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\Run: => "LGHUB"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\Run: => "Thunder"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\...\StartupApproved\Run: => "ECigStats"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{7D6444CB-6EA9-40C9-8DCB-CB983550BE74}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{5BB66E5D-8709-4E19-B953-AA3086C42AC7}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{967FCDE3-8760-4DCF-8C7C-40ED84C6A0D7}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{714902BD-996E-457F-BAA7-F35ACBC9D8E7}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{8AAA6876-9580-4A50-A5FA-E106F5450664}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{E72476FC-C34D-4F26-B83F-408C67DD4A02}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [UDP Query User{B23B8D4F-4E7D-4972-A6B6-C431AD839BDA}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe] => (Allow) C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe No File
FirewallRules: [TCP Query User{7D148CA6-AB68-4498-B755-9E2C0BD2C27B}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe] => (Allow) C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe No File
FirewallRules: [{B6DFAA81-E50E-4CE6-9FF1-985FDD569DEB}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{545095C7-3ABB-4F50-9C21-0155DBBA4FB2}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{60B4BA78-15F8-4FB8-866F-B773B0AA97E1}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{261C3055-2907-4E9B-B4DE-B61574831F35}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{37773C78-973E-4583-881F-BB33DDBE42BB}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{463287C1-5E3D-4D49-9E24-21605CFCA091}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{88C8C5B3-0BE1-4B2A-90A3-593F98C0B517}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.10.348\XLLiveUD.exe No File
FirewallRules: [{7000D817-BCDD-4A7F-9049-31C2570A86F4}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{3DBA5366-06D9-4399-B629-B9F4EB871A5F}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [UDP Query User{11E993E5-5D49-4578-9818-E804240CBCAD}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [TCP Query User{AB1CD9ED-EEF4-4DC1-B0A6-3CA729653BB5}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{0F0A7CDD-8532-4A29-95F1-EF48DBEEB97D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39CD1C10-09E7-4F00-86E2-8A4C814EDEBA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC11AEEB-8C53-49CA-8C92-558A902CA080}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9892D491-E483-4719-BEA0-E0BABA74F328}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B295E413-9D0C-4F5F-A486-026C2B2A626E}D:\game\ranonlinegs\ranonlinegs.exe] => (Allow) D:\game\ranonlinegs\ranonlinegs.exe No File
FirewallRules: [TCP Query User{5FA9FAE9-7C24-41A5-83CD-45046FD9B9CD}D:\game\ranonlinegs\ranonlinegs.exe] => (Allow) D:\game\ranonlinegs\ranonlinegs.exe No File
FirewallRules: [UDP Query User{B0498ED5-084D-41CD-BCD3-A20EF01FE9BD}C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe] => (Allow) C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [TCP Query User{C7EA72B8-C0B0-4C30-93C6-0B40B29177BF}C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe] => (Allow) C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [UDP Query User{FED3D9CD-0C95-4DFA-B3B3-890B0096DA96}C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe] => (Allow) C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe No File
FirewallRules: [TCP Query User{9A994ACA-5519-4A62-982C-FFEAC61176AC}C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe] => (Allow) C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe No File
FirewallRules: [{7F3096AF-CE95-4906-9AA8-1F9D841F6E6C}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.10.348\XLLiveUD.exe No File
FirewallRules: [{44E4EE1E-D67C-40F8-9A5B-599158E0F876}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{E0C02E97-C028-4F21-96CD-5DA562C2EB6C}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{C7A24E15-D5F5-4ED5-B8C0-A085ED949B91}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.10.348\XLLiveUD.exe No File
FirewallRules: [{1ED46EBE-0D7D-4781-B0B8-06E1EBB08E80}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{F0A26AD0-9FC2-4401-83CA-4FB43604FD5B}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{2C4E42EF-1521-4FF2-B832-154D5545E465}] => (Allow) C:\Users\User\AppData\Local\Temp\OnlineInstall\10.1.10.348\SDK\DownloadSDKServer.exe No File
FirewallRules: [{E449C383-3376-4BA2-86E9-BAEE38FF06BE}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.8.286\XLLiveUD.exe No File
FirewallRules: [{726C9D55-C777-4EE5-BE70-D087009411F1}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{04B09832-E211-46F5-BF1B-114FEDDB0087}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [UDP Query User{BAE08A11-2D24-4813-B583-494735E3A44F}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe] => (Allow) C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe No File
FirewallRules: [TCP Query User{F8B351DC-D9C2-480E-BAD0-9BE037CAACB9}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe] => (Allow) C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe No File
FirewallRules: [{F600DC1E-7A19-43CB-8C9E-4D59112237F5}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.10.348\XLLiveUD.exe No File
FirewallRules: [{3701D932-1E66-4AF8-833F-38AE71F60759}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{7AF4E2BC-AC70-4C71-B13F-F7C12354DB82}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{0681AFF9-F225-4B90-8AE1-17805F69A216}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.9.326\XLLiveUD.exe No File
FirewallRules: [{45E4A8B8-A66E-4C19-8267-26082FA78874}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{EDCC7A3C-A91A-4963-A0F3-5E74BF14F1D9}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{43318A6F-804D-4B42-9CF5-B56730DB2090}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{1475A2C6-6F67-4A05-B4B5-C7441D213030}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{B68456A6-C90A-4404-B313-EF7112C5E0BD}D:\installer\pandownload_v2.0.4\pandownload\pandata\aria2c.exe] => (Allow) D:\installer\pandownload_v2.0.4\pandownload\pandata\aria2c.exe (Changsha Luojin Information Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{99CF4994-5500-4A36-BEC1-544D9613CB66}D:\installer\pandownload_v2.0.4\pandownload\pandata\aria2c.exe] => (Allow) D:\installer\pandownload_v2.0.4\pandownload\pandata\aria2c.exe (Changsha Luojin Information Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{D0B61475-77F3-42F0-BF73-D2139D3132A1}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe No File
FirewallRules: [TCP Query User{5B15ABDD-97CA-41FF-A358-447933443925}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe No File
FirewallRules: [UDP Query User{546DCA11-16C3-4207-8E83-2830A690945E}D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File
FirewallRules: [TCP Query User{EFD95E02-404E-437E-A26B-EE5A672CAEDB}D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File
FirewallRules: [{D239986A-8A11-42BF-BE1A-843456477541}] => (Allow) C:\Users\User\AppData\Local\Programs\Opera\58.0.3135.65\opera.exe No File
FirewallRules: [UDP Query User{DC5F493A-74EE-4BAC-8EF3-426BFCDCF9BF}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe (Rockstar Games) [File not signed]
FirewallRules: [TCP Query User{788E36DD-BFF1-4E96-A0F9-8855B26E8169}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe (Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{DD0BA349-7024-4049-AF87-C4540A22D07E}D:\games\the sims 4 seasons\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 seasons\game\bin\ts4_x64.exe No File
FirewallRules: [TCP Query User{852662AD-A650-4BD8-A499-3DEA15282894}D:\games\the sims 4 seasons\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 seasons\game\bin\ts4_x64.exe No File
FirewallRules: [UDP Query User{28BB315D-89EB-4812-9BBC-64176B067C4F}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [TCP Query User{C46BE4C4-015E-466D-91BC-F39AAE36A474}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [UDP Query User{4C3EBA72-D053-4D1E-A2C8-659D3F19C4CD}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [TCP Query User{A0510B0F-9F11-4148-9537-FA8C31B0DAAF}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [{225D6F24-5B26-4789-9E39-2B4A4AF5900B}] => (Allow) D:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{E6FCC77F-E7BD-44D1-8D50-02AA336A4C15}] => (Allow) D:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{5E7EDE01-C9A5-4872-AD3A-FEA177F271E9}] => (Allow) D:\Program Files\TxGameAssistant\UI\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{7485B773-A03F-4CBB-A145-21C2FCCE935D}] => (Allow) D:\Program Files\TxGameAssistant\UI\adb.exe () [File not signed]
FirewallRules: [{AF6D98D9-3FFC-42F2-8E91-61760B449ED8}] => (Allow) D:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{65CCDBBE-8C76-4BAB-8381-195125E8B0CF}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{1FCB8BBA-6E14-491B-BB04-AF0380074674}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{DE36AEE8-7CCF-41A6-A33C-15265D7503D4}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{6527AD56-B7B8-48D9-A36F-BAD95018FFBB}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{A331A0E2-D7E4-4798-B37C-F58633A7CF89}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{1C64573B-9D41-431A-AACD-97AA8FFA6667}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{E671F7E2-5AE8-4960-B03A-668DDAD6CE99}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe No File
FirewallRules: [{14080839-98DB-473E-BB13-3502B0504A58}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe No File
FirewallRules: [{0951366F-3778-483C-A02B-86EB344D275B}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe No File
FirewallRules: [{59C4B7BD-15B0-4CAE-A315-30B3A9C42307}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe No File
FirewallRules: [UDP Query User{1C391747-90B6-4716-9D93-FE5CFDEB15ED}D:\users\user\appdata\roaming\baidu\baidunetdisk\baidunetdisk.exe] => (Allow) D:\users\user\appdata\roaming\baidu\baidunetdisk\baidunetdisk.exe (Beijing Baidu Netcom Science and Technology Co.,Ltd -> )
FirewallRules: [TCP Query User{C85E48A7-94AB-455B-824F-F3ECD5367502}D:\users\user\appdata\roaming\baidu\baidunetdisk\baidunetdisk.exe] => (Allow) D:\users\user\appdata\roaming\baidu\baidunetdisk\baidunetdisk.exe (Beijing Baidu Netcom Science and Technology Co.,Ltd -> )
FirewallRules: [UDP Query User{47C95662-E780-4445-AA3E-99C80D4C4971}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe No File
FirewallRules: [TCP Query User{BEE9E3AC-F868-488B-A073-2437C094B1E1}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe No File
FirewallRules: [UDP Query User{3B29B487-DE53-491A-9AB9-82AECEC7813C}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe No File
FirewallRules: [TCP Query User{A2F773CF-5198-474F-926B-11FAD1F2899B}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe No File
FirewallRules: [{33B9F8C3-7EC6-4627-B6C4-AD621633B69A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C193E9BC-C3DB-483F-B9EC-72FCE95767C9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5025507D-D1FD-420E-817B-13B3B34839E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2917D144-7764-46CA-8B50-B7973F6E851E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{73685478-F0B1-4C9F-AB7C-B546FFA32736}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6924DDDA-0EF8-40DB-AD99-F96FA99905C0}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{9AA836A4-B382-4E79-B1D7-D77A8EF4A446}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{DED3CD91-47B2-44F4-8188-54AEF0A1F90E}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{00DBFA08-BCFC-48BD-9E99-887E7240D936}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [UDP Query User{A4C915E8-A385-4DF8-B910-92007D5BD7F7}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{60DBEAC0-AC1B-458C-8082-FDB5405EBD3F}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{47E70156-6F10-4F47-92BE-50064D64983B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{49736954-9D3C-4126-BFC6-7314B28F3A2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{2BE6FE78-1712-4613-B2B7-A303EDDA45D5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{28647900-643A-44A2-9142-1C09B4FD20B6}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [{2AA265D1-D725-4EA0-B4D3-D1455B3395BA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{063A30DF-F301-47FF-A906-3E7AF12A9CBF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{9E60B2DB-2C18-462B-88DB-C14F3462FB3E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8848A2A3-CB7F-4604-9577-FC3F13D4E34A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BEC06408-58AC-45E9-9232-CF3F8DE3163E}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{1C8B0AC9-BA59-4580-83D7-C71D997AF240}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [TCP Query User{F7FE99B2-86B2-4FBC-AFD0-E192FCDD6A5F}C:\users\user\downloads\argyll_v2.0.1\bin\dispcal.exe] => (Allow) C:\users\user\downloads\argyll_v2.0.1\bin\dispcal.exe () [File not signed]
FirewallRules: [UDP Query User{51C2A332-4AD3-4AE1-9AFA-A0E405896F0F}C:\users\user\downloads\argyll_v2.0.1\bin\dispcal.exe] => (Allow) C:\users\user\downloads\argyll_v2.0.1\bin\dispcal.exe () [File not signed]
FirewallRules: [{86E1EF1D-ADCD-4F83-BC48-DD17E3CFD9EF}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{F3786D6B-DFBC-49BB-B9B2-F270D5F73B34}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [{417549BE-D8A8-41C8-8799-69BE00740696}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1504E5A-6C41-4A6B-BAFC-E9D933DE6E59}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EABD356B-4BF4-4FCB-853A-24C6D7ED8ADA}] => (Allow) C:\Program Files (x86)\e2eSoft\iVCam\iVCam.exe No File
FirewallRules: [{920C675D-8251-4A30-A8CB-E7AEFC9572CE}] => (Allow) C:\Program Files (x86)\e2eSoft\iVCam\iVCam.exe No File
FirewallRules: [TCP Query User{E1BB97DC-9AAA-4173-96C3-8344D5C7737F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{24407A3C-DC63-4612-BC5C-7722686AE78C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{EF684294-7ED6-44CF-B06F-F33D47ECE466}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{B0EE7543-DFA0-4501-A942-90B9159D47DC}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{E53D67A4-62B3-4A64-84FC-18735CCED005}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{50693969-070E-4C2A-B0E4-9F946A4E871A}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{839252FF-14D6-4531-85BD-923EA28EBB72}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{D6C15244-7F6F-4C7F-9C6D-184E3B8E7E00}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{25FDADD3-3C26-4CE7-B0F0-08F574652379}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{7BA8E200-4352-4FE9-959F-D7D805C112BF}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{D73F3A04-C8C8-46B7-974A-35DFA2EF4D30}] => (Allow) C:\Users\User\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{6DD4F402-EE5D-4CA0-9ED8-914A7536BF74}] => (Allow) C:\Users\User\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9980BFC8-A00B-4E73-99CD-F013753B9ED4}] => (Allow) C:\Users\User\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{ED74B94F-FE10-42BC-8FEA-88E1B1E9DE77}] => (Allow) C:\Users\User\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{BF7922EA-A358-4F38-B01B-177D33AC64ED}] => (Allow) C:\Users\User\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{E6B71555-0B8F-4A86-BAFF-D8E23257D452}] => (Allow) C:\Users\User\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{580EFDB9-1ECE-41DB-9847-9748934EE48A}] => (Allow) D:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F32A874D-361E-4FD7-8CB8-8F8E93B85413}] => (Allow) D:\Program Files\TxGameAssistant\UI\adb.exe () [File not signed]
FirewallRules: [{FED69C25-2407-4D9F-A202-7851D3A8A678}] => (Allow) D:\Program Files\TxGameAssistant\UI\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{7D0101E3-F9E9-45CE-9D23-97759823FF79}] => (Allow) D:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{908059E3-3B42-4C2F-9D17-42C4815AE53B}] => (Allow) D:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{2D122589-3001-4445-B00E-570CCF54D682}] => (Allow) C:\Program Files\AndroidTbox\THypervBox.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{709AAF65-9704-4915-81AD-3428181063E7}] => (Allow) C:\Program Files\AndroidTbox\TBoxHeadless.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{142630E6-D2FC-403B-BF26-822099BD1027}] => (Allow) C:\Program Files\AndroidTbox\TBoxNetNAT.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{2524918D-48EF-4FA8-AFD5-45F454378179}] => (Allow) C:\Program Files\AndroidTbox\TBoxSDL.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{D41547B5-16AE-4A43-9033-BB5E533117FC}] => (Allow) C:\Program Files\AndroidTbox\TBoxExtPackHelperApp.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{A93315AC-F372-40FE-9C30-7EF4D5D67749}] => (Allow) C:\Program Files\AndroidTbox\USBInstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{7BF5B09A-91FF-45BD-A375-42EC758F8B05}] => (Allow) C:\Program Files\AndroidTbox\TBoxNetDHCP.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{7673AED6-F1DD-4019-ADEF-DDD7A4961824}] => (Allow) C:\Program Files\AndroidTbox\TBoxManage.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{0A2CA880-5B7A-40AD-AC8F-FD07C21FE5B6}] => (Allow) C:\Program Files\AndroidTbox\USBUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{DB9D4DAD-EA98-4B95-A74D-811FB9F7A1CB}] => (Allow) C:\Program Files\AndroidTbox\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{C21313F9-4A60-4A60-A006-65283BBE8AAF}] => (Allow) C:\Program Files\AndroidTbox\SUPLoggerCtl.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{F49A6627-0419-43CE-95E5-8A4CCF716EFF}] => (Allow) C:\Program Files\AndroidTbox\NetFltUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{9383D462-3929-403A-AAF8-3D2888A86CD6}] => (Allow) C:\Program Files\AndroidTbox\NetFltInstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{0EA14313-863B-47E9-872C-87759BE64A22}] => (Allow) C:\Program Files\AndroidTbox\SUPUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{A1E6867C-2F6D-463A-8F92-CBDE709EC96E}] => (Allow) C:\Program Files\AndroidTbox\TBoxBalloonCtrl.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{49C329B6-28BC-4D65-A2E2-F73EF73C950C}] => (Allow) C:\Program Files\AndroidTbox\SUPInstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{BDC27F7A-4BD2-48EB-9CEF-8CAA88576BD4}] => (Allow) C:\Program Files\AndroidTbox\TBoxSVC.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{C6B2D3B0-20EC-4B6E-AF81-938824FBB95B}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{CCE9DFB6-5440-410B-8B60-812AF4F2D370}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{5995A61C-5037-4FC6-9F52-81A4DDA87F8B}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{55D4A622-51F0-4E11-A4C2-585A658235F0}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{B8A35600-CC2E-4AAB-B770-3C00C0E44F9D}] => (Allow) LPort=20208
FirewallRules: [{3B76DA01-B4E3-4EC7-924B-09EDA70FF236}] => (Allow) LPort=20208
FirewallRules: [{5FF0B670-9D4C-46BB-A949-9B88174002FA}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{39FAAB5D-0816-4CCA-A00E-5E6C60D753D6}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{9E7320E0-7F93-4F16-81D6-AE4787E248F0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{535DA906-28A8-4FEF-BA65-9F788EBF1AA2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{EC9449EF-7050-44D8-A037-E10C38300519}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{27ECA859-1F54-4ED8-819B-15D4A3ACA5E5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{613B93F6-5A01-418A-8C62-E6AE6E883BCC}C:\program files (x86)\icamsource\icamsource.exe] => (Allow) C:\program files (x86)\icamsource\icamsource.exe No File
FirewallRules: [UDP Query User{445F4B1C-6691-49B1-8E85-2A8726AFC6F9}C:\program files (x86)\icamsource\icamsource.exe] => (Allow) C:\program files (x86)\icamsource\icamsource.exe No File
FirewallRules: [TCP Query User{777B6945-BAA1-4820-8C47-C65837BA2A79}C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe] => (Allow) C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe No File
FirewallRules: [UDP Query User{0BAE64B5-60DA-4ECC-9E36-0533AA359B39}C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe] => (Allow) C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe No File
FirewallRules: [{A0D07646-C5B3-40F4-AD8B-DA5801CF5C73}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{D0030D2C-D821-415E-AA3C-76C646DBA65D}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{923C909D-5097-42EE-A4F3-93782F8A192A}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.9.326\XLLiveUD.exe No File
FirewallRules: [{948DD00C-7CBA-4E96-B289-3FE641596384}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QyClient.exe No File
FirewallRules: [{798CAA7E-FAF5-4295-8F4E-689BE09F318D}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QyKernel.exe No File
FirewallRules: [{F7618C7A-3ED4-4EF6-AC33-661263C57AF3}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QyPlayer.exe No File
FirewallRules: [{F4BA7929-98AE-4BD4-8521-02DD6E8A4FAE}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QyFragment.exe No File
FirewallRules: [{32398D19-7E7F-4E65-8EC9-1EA35ED7A9EF}] => (Allow) C:\Users\User\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe No File
FirewallRules: [{31362B21-EEE2-404F-B077-AE5DB324CECB}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QYAppPlugin\qixiu\QXClient.exe No File
FirewallRules: [{60F4F7D8-D24C-44F2-AF06-B2697D105734}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{70113ADF-3924-4083-B102-A13F339962FE}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{4814337A-1310-47ED-9193-A8B083C0F3AE}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.12.400\XLLiveUD.exe No File
FirewallRules: [TCP Query User{4EFB4456-5589-4A23-A3FD-062D8F1EA5D4}C:\users\user\desktop\迅雷x v10.1.12.400 去广告版\迅雷x v10.1.12.400 去广告版\program\resources\bin\sdk\downloadsdkserver.exe] => (Allow) C:\users\user\desktop\迅雷x v10.1.12.400 去广告版\迅雷x v10.1.12.400 去广告版\program\resources\bin\sdk\downloadsdkserver.exe No File
FirewallRules: [UDP Query User{21222752-EF90-4BD3-977D-2778CF9CE826}C:\users\user\desktop\迅雷x v10.1.12.400 去广告版\迅雷x v10.1.12.400 去广告版\program\resources\bin\sdk\downloadsdkserver.exe] => (Allow) C:\users\user\desktop\迅雷x v10.1.12.400 去广告版\迅雷x v10.1.12.400 去广告版\program\resources\bin\sdk\downloadsdkserver.exe No File
FirewallRules: [TCP Query User{7ABA5FDE-3C32-4856-899E-C7CC8B06A82D}D:\迅雷x v10.1.12.400 去广告版\迅雷x v10.1.12.400 去广告版\program\resources\bin\sdk\downloadsdkserver.exe] => (Allow) D:\迅雷x v10.1.12.400 去广告版\迅雷x v10.1.12.400 去广告版\program\resources\bin\sdk\downloadsdkserver.exe (ShenZhen Xunlei Networking Technologies,LTD) [File not signed]
FirewallRules: [UDP Query User{68C310CE-5754-4DD9-A234-7D3840FFF3E5}D:\迅雷x v10.1.12.400 去广告版\迅雷x v10.1.12.400 去广告版\program\resources\bin\sdk\downloadsdkserver.exe] => (Allow) D:\迅雷x v10.1.12.400 去广告版\迅雷x v10.1.12.400 去广告版\program\resources\bin\sdk\downloadsdkserver.exe (ShenZhen Xunlei Networking Technologies,LTD) [File not signed]
FirewallRules: [{5026B982-01FC-4CDF-BB49-68FF9BACD3AE}] => (Allow) LPort=5055
FirewallRules: [{ED05BD37-77A4-43D7-B981-885362C26CF6}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{EC022B5F-2710-4034-8B4A-631C218173A1}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{75C87E5D-6E09-41EB-8911-9268DBA93D53}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{CFA79EEB-73E6-495C-9D40-D2DC94A622B1}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{07C133A0-BC50-4425-8AB3-577870BCBA75}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{A9BA6E9C-EFF9-40C8-BEA2-2EB0F52B1CE5}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{95F8DD0B-D935-4C2B-8EA0-01FAFF376866}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{C966418D-404C-4EF3-80AF-9DCA46D0E930}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [TCP Query User{E5E71559-5457-434F-B83F-EFE91CC4A374}C:\program files (x86)\pp助手5.0\pphelper5.exe] => (Allow) C:\program files (x86)\pp助手5.0\pphelper5.exe No File
FirewallRules: [UDP Query User{CA7C0502-009A-45D2-8481-507A94E168D0}C:\program files (x86)\pp助手5.0\pphelper5.exe] => (Allow) C:\program files (x86)\pp助手5.0\pphelper5.exe No File
FirewallRules: [TCP Query User{2D4660BE-5C65-4CD4-9795-922AE5C5B586}C:\users\user\appdata\local\programs\deezloader remix\deezloader remix.exe] => (Allow) C:\users\user\appdata\local\programs\deezloader remix\deezloader remix.exe (RemixDevs) [File not signed]
FirewallRules: [UDP Query User{F76B3AA0-BEFA-4F9D-BEAA-8B7120B3725E}C:\users\user\appdata\local\programs\deezloader remix\deezloader remix.exe] => (Allow) C:\users\user\appdata\local\programs\deezloader remix\deezloader remix.exe (RemixDevs) [File not signed]
FirewallRules: [{16AB0B15-5FE8-4D6E-9A8B-3B5336927DFB}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{AD39F326-726D-4E8C-B0FD-3C9FDBBD9A14}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{0EBB08F9-C07D-4791-8220-F4582570023C}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{267B9127-8EF5-4BD8-9960-94E6BD4B4315}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{98FBCEE0-DE05-439C-A1B2-C6CEE03D7D0C}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{0DAB76C4-A3AC-42DE-9AAC-65C225289465}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{151444BB-4BB2-4214-A926-96440ABE604B}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYClipMonitor.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{1E422233-9666-4FF4-8540-BEA51F2B875F}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYClipMonitor.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{A982FB3C-189E-4258-A70D-49952920B624}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYClipMonitor.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{96A3DCFA-99D0-40AF-8C1C-3C4B305F98C5}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYClipMonitor.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{EA028691-162C-4639-8392-28F97F6E862A}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYClipMonitor.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{EBFA3C41-4EE2-481F-B12E-A356554FC6D4}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYClipMonitor.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{A2F42D97-3995-475E-98FD-C06CE6D9EA36}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYConfig.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{F684C9DE-CE77-4E2F-8DBB-23D88E55BF56}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYConfig.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{F5E6968A-D9F8-478F-A196-56791A3C4DD0}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYConfig.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{520C3225-243A-4B64-86A0-A2E970541199}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYConfig.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{FF72D570-CC89-4DCA-B03D-9C1E4345CD7C}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYConfig.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{B32F676E-34A1-42A5-A12F-25E8B4FD577F}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYConfig.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{DF49A0C1-AFD9-4BB5-A73B-9972046F6D3F}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYLiveup.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{BCDAB8A3-8C6A-46B8-918A-4D4DE028F25D}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYLiveup.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{5B35DA37-FFDA-4627-B8A7-BC41A5C20C3D}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYLiveup.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{A0867BE2-6F43-4F91-AE9C-94B7416DA9B6}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYLiveup.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{AC7E7BBC-4450-4225-89AB-2F71DBC4054F}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYLiveup.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{FCBEAB9B-8D9B-42E7-BB40-4803AD97AE18}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYLiveup.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{1B25C9B2-CE52-42D8-AFB0-3C6703152FE3}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQImeRegDict.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{50EBB67A-C3D5-4EBF-986A-18E1539ED321}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQImeRegDict.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{B68ACC9F-8E33-4062-B4AB-CEB26BBD514C}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQImeRegDict.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{ED42C23D-9989-4BA4-A03E-E72380825CFF}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQImeRegDict.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{20F56B2F-00DC-4DAC-BC89-E3C8439A37C5}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQImeRegDict.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{62697114-530D-440E-9CED-083ED4F26CA5}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQImeRegDict.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{C10B569D-F485-4FC4-9ABC-CE0AA40C5316}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQImeRegSkin.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{CE957585-9A07-4441-BF18-5CBC7885A442}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQImeRegSkin.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{55A61EF3-C773-422E-A7B2-8A2D57F46E78}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQImeRegSkin.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{2A29B0D3-3C95-4A10-9C5C-645F9D2E595E}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQImeRegSkin.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{A9C208B3-BCEC-498D-8FCF-2DF43073EFBC}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQImeRegSkin.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{5B38A9AC-C78A-47CB-8E27-5F072EE1B471}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQImeRegSkin.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{2D9B4972-BEA9-4C02-A9D4-E07FEAA4BA18}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYHandInput.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{BC902244-2DF3-43E0-85CB-AD1AAF645ECB}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYHandInput.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{8A7B2A43-B46F-4E10-A3BC-E872411B1FDE}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYHandInput.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{8B0FB8C4-A6D6-4A8B-A88C-B44F392ACF73}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYHandInput.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{30B558A8-AA17-4A05-9F7C-01D2E292C399}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYHandInput.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{496501C9-D41B-4141-9FD0-660E48A84DD8}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYHandInput.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{180DE549-9DC2-45EE-9CAF-458A6092B198}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYCloud.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{5C1C021C-4901-4225-8292-F022E509B1F0}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYCloud.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{B232FB10-AB09-48E6-8D7A-1A42C68D6C66}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYCloud.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{7A28E2EB-8D11-4BFC-80DB-7A0B9ECC2011}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYCloud.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{1CF753B3-2C9A-4354-AC59-8369468E7506}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYCloud.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{806437F1-55CB-42C6-9543-94BDF10472B9}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYCloud.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{53177A0E-7D7B-481F-8ACC-D1226D2D08FE}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYUserCenter.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{87DB9CED-6331-4D52-983B-AB878E97DF5D}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYUserCenter.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{0344CAAD-00A7-4026-93C7-8D6BA894B677}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYUserCenter.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{FF282D09-ECB5-47FA-8684-CAE433846905}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYUserCenter.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{4477846D-592F-400A-BB02-7E818ACAD138}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYUserCenter.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{F8DD4680-1C09-40ED-A04A-12F2F08A7B46}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYUserCenter.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{41133976-E146-4C7B-9933-2E2BA0D9C975}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYService.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{965A64F6-EE0A-4BED-BF57-BA8CD3A54BFA}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYService.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{243754FC-00CE-4C29-8C3B-94FFCC9C1DB9}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYService.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{068C7361-4405-4D68-8FE6-FEEACD11C8A7}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYService.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{C1043026-3C7F-4D6B-8A90-E4E173FD2FB1}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYService.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{893AE389-C5A1-4AD3-9D00-3A8A2DD19971}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5804.400\QQPYService.exe (Tencent Technology(Shenzhen) Company Limited -> Sogou)
FirewallRules: [{CA27E335-B0AC-404A-A34A-10AC5C3D00FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CD3FB57F-24B3-4363-8BB2-A0D24116C736}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> )
FirewallRules: [{D809D97D-AAA2-4B64-A238-48E0BD708183}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> )
FirewallRules: [{A5310BB9-9C77-4F7A-8A3D-DCCA9B8E9AB3}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> )
FirewallRules: [{53C5B0B0-0D21-4886-A955-B9EE98EDBB55}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> )
FirewallRules: [{1AF6A3C2-87FD-4501-BD04-84C061EF80E1}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> )
FirewallRules: [{DE478904-7046-4792-92A8-323AB89A484D}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> )
FirewallRules: [{A53017E3-48F0-45BA-9CB2-BDB75F5018A6}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> )
FirewallRules: [{AECCDA28-C1D1-4194-A140-572DAF2098BE}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.3.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> )
FirewallRules: [{476E6B68-4E54-45FD-BD0F-0E87D18CAD23}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{86716D16-B26B-43F7-B835-1B82909C6E83}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
12-10-2019 02:04:23 Removed Betternet for Windows 4.1.1
16-10-2019 00:07:04 Windows Update
23-10-2019 07:25:38 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (11/05/2019 06:19:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.18362.387, time stamp: 0x0e377b6c
Faulting module name: ntdll.dll, version: 10.0.18362.418, time stamp: 0x99ca0526
Exception code: 0xc0000374
Fault offset: 0x00000000000f9269
Faulting process id: 0x1bbc
Faulting application start time: 0x01d593c151ae980f
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 65ab8feb-1bb9-44e3-87ba-b6a84fa90b37
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/05/2019 06:13:56 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (11/05/2019 06:10:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-66N4BGC.local already in use; will try DESKTOP-66N4BGC-2.local instead
 
Error: (11/05/2019 06:10:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister   16 DESKTOP-66N4BGC.local. AAAA 2001:0E68:5427:5B0A:00CB:A6A0:9437:3B24
 
Error: (11/05/2019 06:10:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000:91E9:2F6D:C056:37DD:5353   16 DESKTOP-66N4BGC.local. AAAA 2001:0E68:5427:5B0A:91E9:2F6D:C056:37DD
 
Error: (11/01/2019 11:29:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2928,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (11/01/2019 11:12:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-66N4BGC.local already in use; will try DESKTOP-66N4BGC-2.local instead
 
Error: (11/01/2019 11:12:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 DESKTOP-66N4BGC.local. AAAA FE80:0000:0000:0000:91E9:2F6D:C056:37DD
 
 
System errors:
=============
Error: (10/29/2019 02:29:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.
 
Error: (10/29/2019 02:29:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.
 
Error: (10/29/2019 02:29:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.
 
Error: (10/29/2019 02:29:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.
 
Error: (10/29/2019 02:29:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.
 
Error: (10/29/2019 02:29:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.
 
Error: (10/29/2019 02:29:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.
 
Error: (10/29/2019 02:29:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.
 
 
Windows Defender:
===================================
Date: 2019-10-30 12:39:56.964
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A0E7499B-A46E-44E7-8D4B-37D73FFCE922}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-10-26 01:33:24.342
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8F08BE14-99A1-4768-B036-C7E6DD4DA368}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-10-23 05:08:08.693
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C2633290-DA38-4394-8382-63657166EC56}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-10-13 20:00:40.293
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5E8551B8-0A15-464A-8D27-5BBE3730C489}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-10-11 00:29:03.774
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Exploit:iPhoneOS/Kappotoma.A
ID: 2147743475
Severity: Severe
Category: Exploit
Path: containerfile:_C:\Users\User\Downloads\Undecimus-v3.7.0.b1.ipa; file:_C:\Users\User\Downloads\Undecimus-v3.7.0.b1.ipa->Payload/Undecimus.app/Undecimus->(MachO-UniBin-0000); file:_C:\Users\User\Downloads\Undecimus-v3.7.0.b1.ipa->Payload/Undecimus.app/Undecimus->(MachO-UniBin-0001)
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.303.1333.0, AS: 1.303.1333.0, NIS: 1.303.1333.0
Engine Version: AM: 1.1.16400.2, NIS: 1.1.16400.2
 
Date: 2019-10-10 23:24:01.622
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.303.1333.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16400.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. P1.10 06/19/2018
Motherboard: ASRock B450 Gaming K4
Processor: AMD Ryzen 5 2600 Six-Core Processor 
Percentage of memory in use: 30%
Total physical RAM: 16319.75 MB
Available physical RAM: 11307.17 MB
Total Virtual: 22463.75 MB
Available Virtual: 13923.95 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.29 GB) (Free:141.51 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:536.82 GB) NTFS
 
\\?\Volume{1c297fcc-c74f-4282-b067-20b704cc3934}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{6bfd7332-ff25-45a9-9385-a5d716d07ea3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 11E7A46F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================

Attached Files


  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,246 posts

Hi

Welcome :)

I'll be helping you with your computer.

Please read this post completely before beginning. If there's anything that you do not understand, please don't hesitate to ask before proceeding.

Please take note of the guidelines for this fix:

  • Please note that I am a volunteer. I do have a family, a career, and other endeavors that may prevent immediate responses that meet your schedule. Do note that the differences in time zones could present a problem as well. Your patience and understanding will be greatly appreciated.
  • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
  • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
  • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
  • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
  • Continue to read and follow my instructions until I tell you that your machine is clean.
  • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you, and please wait for my reply before you proceed.
  • Scanning with programs and reading the logs do take a fair amount of time. Again, your patience will be necessary. :)

Let's begin... :)
 

  • Highlight the entire content of the quote box below.

Start::
CloseProcesses:
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 VGAOCTool; \??\C:\Users\User\AppData\Local\Temp\VGAOCTool.sys [X] <==== ATTENTION
FirewallRules: [{B8A35600-CC2E-4AAB-B770-3C00C0E44F9D}] => (Allow) LPort=20208
FirewallRules: [{3B76DA01-B4E3-4EC7-924B-09EDA70FF236}] => (Allow) LPort=20208
FirewallRules: [{5026B982-01FC-4CDF-BB49-68FF9BACD3AE}] => (Allow) LPort=5055
Task: {D60CCC01-EEF7-4BDE-B97B-E04E42AE829E} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
S3 VGAOCTool; \??\C:\Users\User\AppData\Local\Temp\VGAOCTool.sys [X] <==== ATTENTION
BHO: No Name -> {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} -> No File
BHO-x32: ¥,AxIAOO™3™x‚¬_ -> {DE05CF4A-7B0A-4775-B5E5-396244938679} -> C:\Program Files (x86)\Thunder Network\Thunder\Thunder BHO Platform\np_tdieplat.dll => No File
FirewallRules: [{7D6444CB-6EA9-40C9-8DCB-CB983550BE74}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{5BB66E5D-8709-4E19-B953-AA3086C42AC7}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{967FCDE3-8760-4DCF-8C7C-40ED84C6A0D7}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{714902BD-996E-457F-BAA7-F35ACBC9D8E7}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{8AAA6876-9580-4A50-A5FA-E106F5450664}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{E72476FC-C34D-4F26-B83F-408C67DD4A02}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [UDP Query User{B23B8D4F-4E7D-4972-A6B6-C431AD839BDA}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe] => (Allow) C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe No File
FirewallRules: [TCP Query User{7D148CA6-AB68-4498-B755-9E2C0BD2C27B}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe] => (Allow) C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe No File
FirewallRules: [{B6DFAA81-E50E-4CE6-9FF1-985FDD569DEB}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{545095C7-3ABB-4F50-9C21-0155DBBA4FB2}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{60B4BA78-15F8-4FB8-866F-B773B0AA97E1}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{261C3055-2907-4E9B-B4DE-B61574831F35}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{37773C78-973E-4583-881F-BB33DDBE42BB}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{463287C1-5E3D-4D49-9E24-21605CFCA091}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{88C8C5B3-0BE1-4B2A-90A3-593F98C0B517}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.10.348\XLLiveUD.exe No File
FirewallRules: [{7000D817-BCDD-4A7F-9049-31C2570A86F4}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{3DBA5366-06D9-4399-B629-B9F4EB871A5F}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [UDP Query User{B295E413-9D0C-4F5F-A486-026C2B2A626E}D:\game\ranonlinegs\ranonlinegs.exe] => (Allow) D:\game\ranonlinegs\ranonlinegs.exe No File
FirewallRules: [TCP Query User{5FA9FAE9-7C24-41A5-83CD-45046FD9B9CD}D:\game\ranonlinegs\ranonlinegs.exe] => (Allow) D:\game\ranonlinegs\ranonlinegs.exe No File
FirewallRules: [UDP Query User{B0498ED5-084D-41CD-BCD3-A20EF01FE9BD}C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe] => (Allow) C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [TCP Query User{C7EA72B8-C0B0-4C30-93C6-0B40B29177BF}C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe] => (Allow) C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [UDP Query User{FED3D9CD-0C95-4DFA-B3B3-890B0096DA96}C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe] => (Allow) C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe No File
FirewallRules: [TCP Query User{9A994ACA-5519-4A62-982C-FFEAC61176AC}C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe] => (Allow) C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe No File
FirewallRules: [{7F3096AF-CE95-4906-9AA8-1F9D841F6E6C}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.10.348\XLLiveUD.exe No File
FirewallRules: [{44E4EE1E-D67C-40F8-9A5B-599158E0F876}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{E0C02E97-C028-4F21-96CD-5DA562C2EB6C}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{C7A24E15-D5F5-4ED5-B8C0-A085ED949B91}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.10.348\XLLiveUD.exe No File
FirewallRules: [{1ED46EBE-0D7D-4781-B0B8-06E1EBB08E80}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{F0A26AD0-9FC2-4401-83CA-4FB43604FD5B}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{2C4E42EF-1521-4FF2-B832-154D5545E465}] => (Allow) C:\Users\User\AppData\Local\Temp\OnlineInstall\10.1.10.348\SDK\DownloadSDKServer.exe No File
FirewallRules: [{E449C383-3376-4BA2-86E9-BAEE38FF06BE}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.8.286\XLLiveUD.exe No File
FirewallRules: [{726C9D55-C777-4EE5-BE70-D087009411F1}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{04B09832-E211-46F5-BF1B-114FEDDB0087}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [UDP Query User{BAE08A11-2D24-4813-B583-494735E3A44F}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe] => (Allow) C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe No File
FirewallRules: [TCP Query User{F8B351DC-D9C2-480E-BAD0-9BE037CAACB9}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe] => (Allow) C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe No File
FirewallRules: [{F600DC1E-7A19-43CB-8C9E-4D59112237F5}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.10.348\XLLiveUD.exe No File
FirewallRules: [{3701D932-1E66-4AF8-833F-38AE71F60759}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{7AF4E2BC-AC70-4C71-B13F-F7C12354DB82}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{0681AFF9-F225-4B90-8AE1-17805F69A216}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.9.326\XLLiveUD.exe No File
FirewallRules: [{45E4A8B8-A66E-4C19-8267-26082FA78874}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{EDCC7A3C-A91A-4963-A0F3-5E74BF14F1D9}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [UDP Query User{D0B61475-77F3-42F0-BF73-D2139D3132A1}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe No File
FirewallRules: [TCP Query User{5B15ABDD-97CA-41FF-A358-447933443925}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe No File
FirewallRules: [UDP Query User{546DCA11-16C3-4207-8E83-2830A690945E}D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File
FirewallRules: [TCP Query User{EFD95E02-404E-437E-A26B-EE5A672CAEDB}D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File
FirewallRules: [{D239986A-8A11-42BF-BE1A-843456477541}] => (Allow) C:\Users\User\AppData\Local\Programs\Opera\58.0.3135.65\opera.exe No File
FirewallRules: [UDP Query User{DD0BA349-7024-4049-AF87-C4540A22D07E}D:\games\the sims 4 seasons\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 seasons\game\bin\ts4_x64.exe No File
FirewallRules: [TCP Query User{852662AD-A650-4BD8-A499-3DEA15282894}D:\games\the sims 4 seasons\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 seasons\game\bin\ts4_x64.exe No File
FirewallRules: [UDP Query User{28BB315D-89EB-4812-9BBC-64176B067C4F}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [TCP Query User{C46BE4C4-015E-466D-91BC-F39AAE36A474}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [{E671F7E2-5AE8-4960-B03A-668DDAD6CE99}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe No File
FirewallRules: [{14080839-98DB-473E-BB13-3502B0504A58}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe No File
FirewallRules: [{0951366F-3778-483C-A02B-86EB344D275B}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe No File
FirewallRules: [{59C4B7BD-15B0-4CAE-A315-30B3A9C42307}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe No File
FirewallRules: [UDP Query User{47C95662-E780-4445-AA3E-99C80D4C4971}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe No File
FirewallRules: [TCP Query User{BEE9E3AC-F868-488B-A073-2437C094B1E1}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe No File
FirewallRules: [UDP Query User{3B29B487-DE53-491A-9AB9-82AECEC7813C}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe No File
FirewallRules: [TCP Query User{A2F773CF-5198-474F-926B-11FAD1F2899B}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe No File
FirewallRules: [{6924DDDA-0EF8-40DB-AD99-F96FA99905C0}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{9AA836A4-B382-4E79-B1D7-D77A8EF4A446}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{DED3CD91-47B2-44F4-8188-54AEF0A1F90E}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{00DBFA08-BCFC-48BD-9E99-887E7240D936}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [TCP Query User{2BE6FE78-1712-4613-B2B7-A303EDDA45D5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{28647900-643A-44A2-9142-1C09B4FD20B6}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [{2AA265D1-D725-4EA0-B4D3-D1455B3395BA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{063A30DF-F301-47FF-A906-3E7AF12A9CBF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{EABD356B-4BF4-4FCB-853A-24C6D7ED8ADA}] => (Allow) C:\Program Files (x86)\e2eSoft\iVCam\iVCam.exe No File
FirewallRules: [{920C675D-8251-4A30-A8CB-E7AEFC9572CE}] => (Allow) C:\Program Files (x86)\e2eSoft\iVCam\iVCam.exe No File
FirewallRules: [TCP Query User{613B93F6-5A01-418A-8C62-E6AE6E883BCC}C:\program files (x86)\icamsource\icamsource.exe] => (Allow) C:\program files (x86)\icamsource\icamsource.exe No File
FirewallRules: [UDP Query User{445F4B1C-6691-49B1-8E85-2A8726AFC6F9}C:\program files (x86)\icamsource\icamsource.exe] => (Allow) C:\program files (x86)\icamsource\icamsource.exe No File
FirewallRules: [TCP Query User{777B6945-BAA1-4820-8C47-C65837BA2A79}C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe] => (Allow) C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe No File
FirewallRules: [UDP Query User{0BAE64B5-60DA-4ECC-9E36-0533AA359B39}C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe] => (Allow) C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe No File
FirewallRules: [{A0D07646-C5B3-40F4-AD8B-DA5801CF5C73}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{D0030D2C-D821-415E-AA3C-76C646DBA65D}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{923C909D-5097-42EE-A4F3-93782F8A192A}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.9.326\XLLiveUD.exe No File
FirewallRules: [{948DD00C-7CBA-4E96-B289-3FE641596384}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QyClient.exe No File
FirewallRules: [{798CAA7E-FAF5-4295-8F4E-689BE09F318D}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QyKernel.exe No File
FirewallRules: [{F7618C7A-3ED4-4EF6-AC33-661263C57AF3}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QyPlayer.exe No File
FirewallRules: [{F4BA7929-98AE-4BD4-8521-02DD6E8A4FAE}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QyFragment.exe No File
FirewallRules: [{32398D19-7E7F-4E65-8EC9-1EA35ED7A9EF}] => (Allow) C:\Users\User\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe No File
FirewallRules: [{31362B21-EEE2-404F-B077-AE5DB324CECB}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QYAppPlugin\qixiu\QXClient.exe No File
FirewallRules: [{60F4F7D8-D24C-44F2-AF06-B2697D105734}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{70113ADF-3924-4083-B102-A13F339962FE}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{4814337A-1310-47ED-9193-A8B083C0F3AE}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.12.400\XLLiveUD.exe No File
FirewallRules: [TCP Query User{4EFB4456-5589-4A23-A3FD-062D8F1EA5D4}C:\users\user\desktop\??x v10.1.12.400 ????\??x v10.1.12.400 ????\program\resources\bin\sdk\downloadsdkserver.exe] => (Allow) C:\users\user\desktop\??x v10.1.12.400 ????\??x v10.1.12.400 ????\program\resources\bin\sdk\downloadsdkserver.exe No File
FirewallRules: [UDP Query User{21222752-EF90-4BD3-977D-2778CF9CE826}C:\users\user\desktop\??x v10.1.12.400 ????\??x v10.1.12.400 ????\program\resources\bin\sdk\downloadsdkserver.exe] => (Allow) C:\users\user\desktop\??x v10.1.12.400 ????\??x v10.1.12.400 ????\program\resources\bin\sdk\downloadsdkserver.exe No File
FirewallRules: [{75C87E5D-6E09-41EB-8911-9268DBA93D53}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{CFA79EEB-73E6-495C-9D40-D2DC94A622B1}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{07C133A0-BC50-4425-8AB3-577870BCBA75}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{A9BA6E9C-EFF9-40C8-BEA2-2EB0F52B1CE5}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{95F8DD0B-D935-4C2B-8EA0-01FAFF376866}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{C966418D-404C-4EF3-80AF-9DCA46D0E930}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [TCP Query User{E5E71559-5457-434F-B83F-EFE91CC4A374}C:\program files (x86)\pp??5.0\pphelper5.exe] => (Allow) C:\program files (x86)\pp??5.0\pphelper5.exe No File
FirewallRules: [UDP Query User{CA7C0502-009A-45D2-8481-507A94E168D0}C:\program files (x86)\pp??5.0\pphelper5.exe] => (Allow) C:\program files (x86)\pp??5.0\pphelper5.exe No File
FirewallRules: [{16AB0B15-5FE8-4D6E-9A8B-3B5336927DFB}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{AD39F326-726D-4E8C-B0FD-3C9FDBBD9A14}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{0EBB08F9-C07D-4791-8220-F4582570023C}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{267B9127-8EF5-4BD8-9960-94E6BD4B4315}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{98FBCEE0-DE05-439C-A1B2-C6CEE03D7D0C}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{0DAB76C4-A3AC-42DE-9AAC-65C225289465}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
2019-11-01 23:14 - 2019-11-01 23:14 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsigna78932945ac73723
2019-11-01 23:14 - 2019-11-01 23:14 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign5edcffcf4d82268b
2019-10-29 13:08 - 2019-10-29 13:08 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsigne5b2466ee74b6f7a
2019-10-29 13:08 - 2019-10-29 13:08 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignad3ad35ba1681ff5
2019-10-29 11:58 - 2019-10-29 11:58 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsigne9fb8efb4cb68096
2019-10-29 11:58 - 2019-10-29 11:58 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign5117149f79a0e79f
2019-10-21 07:48 - 2019-10-21 07:48 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignb0d5d81a00ec7089
2019-10-21 07:48 - 2019-10-21 07:48 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignaa41fb80f3d16246
2019-10-20 23:24 - 2019-10-20 23:24 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignd252f75d62b8353d
2019-10-20 23:24 - 2019-10-20 23:24 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign752d12ecf15312cd
2019-10-12 02:06 - 2019-10-12 02:06 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign7deaa7289b896e73
2019-10-12 02:06 - 2019-10-12 02:06 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign05f181eda7e4199f
2019-10-12 01:29 - 2019-10-12 01:29 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignac1c9fb6e8b4777f
2019-10-12 01:29 - 2019-10-12 01:29 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign471bddc71c1b4c28
2019-10-12 01:26 - 2019-10-12 01:26 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignaec5cd53e5765cda
2019-10-12 01:26 - 2019-10-12 01:26 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign84c607592d21c486
2019-10-10 13:34 - 2019-10-10 13:34 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign4ac31d105a697f67
2019-10-10 13:32 - 2019-10-10 13:32 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignaacf66e8baa8fb68
2019-10-10 13:32 - 2019-10-10 13:32 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsigna8f77c0dec629e4d
2019-10-10 13:32 - 2019-10-10 13:32 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign02ea3961e8787b6a
EMPTYTEMP:
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.
 

  • Download AdwCleaner and move it to your Desktop
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan Now
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Repair and restart button. This will kill all active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply

 


  • 0

#3
joesg2

joesg2

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

thanks for your fast respond !

 

fixlog.txt

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-11-2019
Ran by User (06-11-2019 23:22:31) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 VGAOCTool; \??\C:\Users\User\AppData\Local\Temp\VGAOCTool.sys [X] <==== ATTENTION
FirewallRules: [{B8A35600-CC2E-4AAB-B770-3C00C0E44F9D}] => (Allow) LPort=20208
FirewallRules: [{3B76DA01-B4E3-4EC7-924B-09EDA70FF236}] => (Allow) LPort=20208
FirewallRules: [{5026B982-01FC-4CDF-BB49-68FF9BACD3AE}] => (Allow) LPort=5055
Task: {D60CCC01-EEF7-4BDE-B97B-E04E42AE829E} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
S3 VGAOCTool; \??\C:\Users\User\AppData\Local\Temp\VGAOCTool.sys [X] <==== ATTENTION
BHO: No Name -> {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} -> No File
BHO-x32: ¥,AxIAOO™3™x‚¬_ -> {DE05CF4A-7B0A-4775-B5E5-396244938679} -> C:\Program Files (x86)\Thunder Network\Thunder\Thunder BHO Platform\np_tdieplat.dll => No File
FirewallRules: [{7D6444CB-6EA9-40C9-8DCB-CB983550BE74}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{5BB66E5D-8709-4E19-B953-AA3086C42AC7}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{967FCDE3-8760-4DCF-8C7C-40ED84C6A0D7}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{714902BD-996E-457F-BAA7-F35ACBC9D8E7}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{8AAA6876-9580-4A50-A5FA-E106F5450664}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [{E72476FC-C34D-4F26-B83F-408C67DD4A02}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.2.5507.400\QQPYClipMonitor.exe No File
FirewallRules: [UDP Query User{B23B8D4F-4E7D-4972-A6B6-C431AD839BDA}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe] => (Allow) C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe No File
FirewallRules: [TCP Query User{7D148CA6-AB68-4498-B755-9E2C0BD2C27B}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe] => (Allow) C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe No File
FirewallRules: [{B6DFAA81-E50E-4CE6-9FF1-985FDD569DEB}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{545095C7-3ABB-4F50-9C21-0155DBBA4FB2}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{60B4BA78-15F8-4FB8-866F-B773B0AA97E1}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{261C3055-2907-4E9B-B4DE-B61574831F35}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{37773C78-973E-4583-881F-BB33DDBE42BB}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{463287C1-5E3D-4D49-9E24-21605CFCA091}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.1.5306.400\QQPYClipMonitor.exe No File
FirewallRules: [{88C8C5B3-0BE1-4B2A-90A3-593F98C0B517}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.10.348\XLLiveUD.exe No File
FirewallRules: [{7000D817-BCDD-4A7F-9049-31C2570A86F4}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{3DBA5366-06D9-4399-B629-B9F4EB871A5F}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [UDP Query User{B295E413-9D0C-4F5F-A486-026C2B2A626E}D:\game\ranonlinegs\ranonlinegs.exe] => (Allow) D:\game\ranonlinegs\ranonlinegs.exe No File
FirewallRules: [TCP Query User{5FA9FAE9-7C24-41A5-83CD-45046FD9B9CD}D:\game\ranonlinegs\ranonlinegs.exe] => (Allow) D:\game\ranonlinegs\ranonlinegs.exe No File
FirewallRules: [UDP Query User{B0498ED5-084D-41CD-BCD3-A20EF01FE9BD}C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe] => (Allow) C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [TCP Query User{C7EA72B8-C0B0-4C30-93C6-0B40B29177BF}C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe] => (Allow) C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [UDP Query User{FED3D9CD-0C95-4DFA-B3B3-890B0096DA96}C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe] => (Allow) C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe No File
FirewallRules: [TCP Query User{9A994ACA-5519-4A62-982C-FFEAC61176AC}C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe] => (Allow) C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe No File
FirewallRules: [{7F3096AF-CE95-4906-9AA8-1F9D841F6E6C}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.10.348\XLLiveUD.exe No File
FirewallRules: [{44E4EE1E-D67C-40F8-9A5B-599158E0F876}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{E0C02E97-C028-4F21-96CD-5DA562C2EB6C}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{C7A24E15-D5F5-4ED5-B8C0-A085ED949B91}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.10.348\XLLiveUD.exe No File
FirewallRules: [{1ED46EBE-0D7D-4781-B0B8-06E1EBB08E80}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{F0A26AD0-9FC2-4401-83CA-4FB43604FD5B}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{2C4E42EF-1521-4FF2-B832-154D5545E465}] => (Allow) C:\Users\User\AppData\Local\Temp\OnlineInstall\10.1.10.348\SDK\DownloadSDKServer.exe No File
FirewallRules: [{E449C383-3376-4BA2-86E9-BAEE38FF06BE}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.8.286\XLLiveUD.exe No File
FirewallRules: [{726C9D55-C777-4EE5-BE70-D087009411F1}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{04B09832-E211-46F5-BF1B-114FEDDB0087}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [UDP Query User{BAE08A11-2D24-4813-B583-494735E3A44F}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe] => (Allow) C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe No File
FirewallRules: [TCP Query User{F8B351DC-D9C2-480E-BAD0-9BE037CAACB9}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe] => (Allow) C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe No File
FirewallRules: [{F600DC1E-7A19-43CB-8C9E-4D59112237F5}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.10.348\XLLiveUD.exe No File
FirewallRules: [{3701D932-1E66-4AF8-833F-38AE71F60759}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{7AF4E2BC-AC70-4C71-B13F-F7C12354DB82}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{0681AFF9-F225-4B90-8AE1-17805F69A216}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.9.326\XLLiveUD.exe No File
FirewallRules: [{45E4A8B8-A66E-4C19-8267-26082FA78874}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{EDCC7A3C-A91A-4963-A0F3-5E74BF14F1D9}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [UDP Query User{D0B61475-77F3-42F0-BF73-D2139D3132A1}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe No File
FirewallRules: [TCP Query User{5B15ABDD-97CA-41FF-A358-447933443925}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe No File
FirewallRules: [UDP Query User{546DCA11-16C3-4207-8E83-2830A690945E}D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File
FirewallRules: [TCP Query User{EFD95E02-404E-437E-A26B-EE5A672CAEDB}D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File
FirewallRules: [{D239986A-8A11-42BF-BE1A-843456477541}] => (Allow) C:\Users\User\AppData\Local\Programs\Opera\58.0.3135.65\opera.exe No File
FirewallRules: [UDP Query User{DD0BA349-7024-4049-AF87-C4540A22D07E}D:\games\the sims 4 seasons\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 seasons\game\bin\ts4_x64.exe No File
FirewallRules: [TCP Query User{852662AD-A650-4BD8-A499-3DEA15282894}D:\games\the sims 4 seasons\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 seasons\game\bin\ts4_x64.exe No File
FirewallRules: [UDP Query User{28BB315D-89EB-4812-9BBC-64176B067C4F}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [TCP Query User{C46BE4C4-015E-466D-91BC-F39AAE36A474}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [{E671F7E2-5AE8-4960-B03A-668DDAD6CE99}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe No File
FirewallRules: [{14080839-98DB-473E-BB13-3502B0504A58}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe No File
FirewallRules: [{0951366F-3778-483C-A02B-86EB344D275B}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe No File
FirewallRules: [{59C4B7BD-15B0-4CAE-A315-30B3A9C42307}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe No File
FirewallRules: [UDP Query User{47C95662-E780-4445-AA3E-99C80D4C4971}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe No File
FirewallRules: [TCP Query User{BEE9E3AC-F868-488B-A073-2437C094B1E1}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe No File
FirewallRules: [UDP Query User{3B29B487-DE53-491A-9AB9-82AECEC7813C}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe No File
FirewallRules: [TCP Query User{A2F773CF-5198-474F-926B-11FAD1F2899B}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe No File
FirewallRules: [{6924DDDA-0EF8-40DB-AD99-F96FA99905C0}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{9AA836A4-B382-4E79-B1D7-D77A8EF4A446}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{DED3CD91-47B2-44F4-8188-54AEF0A1F90E}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{00DBFA08-BCFC-48BD-9E99-887E7240D936}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [TCP Query User{2BE6FE78-1712-4613-B2B7-A303EDDA45D5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{28647900-643A-44A2-9142-1C09B4FD20B6}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [{2AA265D1-D725-4EA0-B4D3-D1455B3395BA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{063A30DF-F301-47FF-A906-3E7AF12A9CBF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{EABD356B-4BF4-4FCB-853A-24C6D7ED8ADA}] => (Allow) C:\Program Files (x86)\e2eSoft\iVCam\iVCam.exe No File
FirewallRules: [{920C675D-8251-4A30-A8CB-E7AEFC9572CE}] => (Allow) C:\Program Files (x86)\e2eSoft\iVCam\iVCam.exe No File
FirewallRules: [TCP Query User{613B93F6-5A01-418A-8C62-E6AE6E883BCC}C:\program files (x86)\icamsource\icamsource.exe] => (Allow) C:\program files (x86)\icamsource\icamsource.exe No File
FirewallRules: [UDP Query User{445F4B1C-6691-49B1-8E85-2A8726AFC6F9}C:\program files (x86)\icamsource\icamsource.exe] => (Allow) C:\program files (x86)\icamsource\icamsource.exe No File
FirewallRules: [TCP Query User{777B6945-BAA1-4820-8C47-C65837BA2A79}C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe] => (Allow) C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe No File
FirewallRules: [UDP Query User{0BAE64B5-60DA-4ECC-9E36-0533AA359B39}C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe] => (Allow) C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe No File
FirewallRules: [{A0D07646-C5B3-40F4-AD8B-DA5801CF5C73}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{D0030D2C-D821-415E-AA3C-76C646DBA65D}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{923C909D-5097-42EE-A4F3-93782F8A192A}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.9.326\XLLiveUD.exe No File
FirewallRules: [{948DD00C-7CBA-4E96-B289-3FE641596384}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QyClient.exe No File
FirewallRules: [{798CAA7E-FAF5-4295-8F4E-689BE09F318D}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QyKernel.exe No File
FirewallRules: [{F7618C7A-3ED4-4EF6-AC33-661263C57AF3}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QyPlayer.exe No File
FirewallRules: [{F4BA7929-98AE-4BD4-8521-02DD6E8A4FAE}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QyFragment.exe No File
FirewallRules: [{32398D19-7E7F-4E65-8EC9-1EA35ED7A9EF}] => (Allow) C:\Users\User\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe No File
FirewallRules: [{31362B21-EEE2-404F-B077-AE5DB324CECB}] => (Allow) C:\Program Files (x86)\IQIYI Video\LStyle\6.7.82.6548\QYAppPlugin\qixiu\QXClient.exe No File
FirewallRules: [{60F4F7D8-D24C-44F2-AF06-B2697D105734}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\resources\bin\SDK\DownloadSDKServer.exe No File
FirewallRules: [{70113ADF-3924-4083-B102-A13F339962FE}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\Program\XMP\SDK\DownloadSDKServer.exe No File
FirewallRules: [{4814337A-1310-47ED-9193-A8B083C0F3AE}] => (Allow) C:\Users\User\AppData\Local\Temp\XLLiveUD\Thunder8_10.1.12.400\XLLiveUD.exe No File
FirewallRules: [TCP Query User{4EFB4456-5589-4A23-A3FD-062D8F1EA5D4}C:\users\user\desktop\??x v10.1.12.400 ????\??x v10.1.12.400 ????\program\resources\bin\sdk\downloadsdkserver.exe] => (Allow) C:\users\user\desktop\??x v10.1.12.400 ????\??x v10.1.12.400 ????\program\resources\bin\sdk\downloadsdkserver.exe No File
FirewallRules: [UDP Query User{21222752-EF90-4BD3-977D-2778CF9CE826}C:\users\user\desktop\??x v10.1.12.400 ????\??x v10.1.12.400 ????\program\resources\bin\sdk\downloadsdkserver.exe] => (Allow) C:\users\user\desktop\??x v10.1.12.400 ????\??x v10.1.12.400 ????\program\resources\bin\sdk\downloadsdkserver.exe No File
FirewallRules: [{75C87E5D-6E09-41EB-8911-9268DBA93D53}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{CFA79EEB-73E6-495C-9D40-D2DC94A622B1}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{07C133A0-BC50-4425-8AB3-577870BCBA75}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{A9BA6E9C-EFF9-40C8-BEA2-2EB0F52B1CE5}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{95F8DD0B-D935-4C2B-8EA0-01FAFF376866}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [{C966418D-404C-4EF3-80AF-9DCA46D0E930}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.3.5705.400\QQPYClipMonitor.exe No File
FirewallRules: [TCP Query User{E5E71559-5457-434F-B83F-EFE91CC4A374}C:\program files (x86)\pp??5.0\pphelper5.exe] => (Allow) C:\program files (x86)\pp??5.0\pphelper5.exe No File
FirewallRules: [UDP Query User{CA7C0502-009A-45D2-8481-507A94E168D0}C:\program files (x86)\pp??5.0\pphelper5.exe] => (Allow) C:\program files (x86)\pp??5.0\pphelper5.exe No File
FirewallRules: [{16AB0B15-5FE8-4D6E-9A8B-3B5336927DFB}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{AD39F326-726D-4E8C-B0FD-3C9FDBBD9A14}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{0EBB08F9-C07D-4791-8220-F4582570023C}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{267B9127-8EF5-4BD8-9960-94E6BD4B4315}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{98FBCEE0-DE05-439C-A1B2-C6CEE03D7D0C}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
FirewallRules: [{0DAB76C4-A3AC-42DE-9AAC-65C225289465}] => (Allow) C:\Program Files (x86)\Tencent\QQPinyin\6.4.5800.400\QQPYClipMonitor.exe No File
2019-11-01 23:14 - 2019-11-01 23:14 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsigna78932945ac73723
2019-11-01 23:14 - 2019-11-01 23:14 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign5edcffcf4d82268b
2019-10-29 13:08 - 2019-10-29 13:08 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsigne5b2466ee74b6f7a
2019-10-29 13:08 - 2019-10-29 13:08 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignad3ad35ba1681ff5
2019-10-29 11:58 - 2019-10-29 11:58 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsigne9fb8efb4cb68096
2019-10-29 11:58 - 2019-10-29 11:58 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign5117149f79a0e79f
2019-10-21 07:48 - 2019-10-21 07:48 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignb0d5d81a00ec7089
2019-10-21 07:48 - 2019-10-21 07:48 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignaa41fb80f3d16246
2019-10-20 23:24 - 2019-10-20 23:24 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignd252f75d62b8353d
2019-10-20 23:24 - 2019-10-20 23:24 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign752d12ecf15312cd
2019-10-12 02:06 - 2019-10-12 02:06 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign7deaa7289b896e73
2019-10-12 02:06 - 2019-10-12 02:06 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign05f181eda7e4199f
2019-10-12 01:29 - 2019-10-12 01:29 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignac1c9fb6e8b4777f
2019-10-12 01:29 - 2019-10-12 01:29 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign471bddc71c1b4c28
2019-10-12 01:26 - 2019-10-12 01:26 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignaec5cd53e5765cda
2019-10-12 01:26 - 2019-10-12 01:26 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign84c607592d21c486
2019-10-10 13:34 - 2019-10-10 13:34 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign4ac31d105a697f67
2019-10-10 13:32 - 2019-10-10 13:32 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsignaacf66e8baa8fb68
2019-10-10 13:32 - 2019-10-10 13:32 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsigna8f77c0dec629e4d
2019-10-10 13:32 - 2019-10-10 13:32 - 000000000 ____D C:\Users\User\AppData\Local\Tempzxpsign02ea3961e8787b6a
EMPTYTEMP:
 
*****************
 
Processes closed successfully.
HKLM\System\CurrentControlSet\Services\EagleX64 => removed successfully
EagleX64 => service removed successfully
HKLM\System\CurrentControlSet\Services\VGAOCTool => removed successfully
VGAOCTool => service removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B8A35600-CC2E-4AAB-B770-3C00C0E44F9D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B76DA01-B4E3-4EC7-924B-09EDA70FF236}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5026B982-01FC-4CDF-BB49-68FF9BACD3AE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D60CCC01-EEF7-4BDE-B97B-E04E42AE829E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D60CCC01-EEF7-4BDE-B97B-E04E42AE829E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary" => removed successfully
VGAOCTool => service not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE05CF4A-7B0A-4775-B5E5-396244938679} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{DE05CF4A-7B0A-4775-B5E5-396244938679} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D6444CB-6EA9-40C9-8DCB-CB983550BE74}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5BB66E5D-8709-4E19-B953-AA3086C42AC7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{967FCDE3-8760-4DCF-8C7C-40ED84C6A0D7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{714902BD-996E-457F-BAA7-F35ACBC9D8E7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8AAA6876-9580-4A50-A5FA-E106F5450664}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E72476FC-C34D-4F26-B83F-408C67DD4A02}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B23B8D4F-4E7D-4972-A6B6-C431AD839BDA}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7D148CA6-AB68-4498-B755-9E2C0BD2C27B}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.12.400\xlliveud.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B6DFAA81-E50E-4CE6-9FF1-985FDD569DEB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{545095C7-3ABB-4F50-9C21-0155DBBA4FB2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60B4BA78-15F8-4FB8-866F-B773B0AA97E1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{261C3055-2907-4E9B-B4DE-B61574831F35}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{37773C78-973E-4583-881F-BB33DDBE42BB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{463287C1-5E3D-4D49-9E24-21605CFCA091}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{88C8C5B3-0BE1-4B2A-90A3-593F98C0B517}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7000D817-BCDD-4A7F-9049-31C2570A86F4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3DBA5366-06D9-4399-B629-B9F4EB871A5F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B295E413-9D0C-4F5F-A486-026C2B2A626E}D:\game\ranonlinegs\ranonlinegs.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5FA9FAE9-7C24-41A5-83CD-45046FD9B9CD}D:\game\ranonlinegs\ranonlinegs.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B0498ED5-084D-41CD-BCD3-A20EF01FE9BD}C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C7EA72B8-C0B0-4C30-93C6-0B40B29177BF}C:\users\user\appdata\local\vysor\app-1.8.3\vysor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FED3D9CD-0C95-4DFA-B3B3-890B0096DA96}C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9A994ACA-5519-4A62-982C-FFEAC61176AC}C:\users\user\appdata\local\vysor\app-2.1.2\vysor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7F3096AF-CE95-4906-9AA8-1F9D841F6E6C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44E4EE1E-D67C-40F8-9A5B-599158E0F876}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0C02E97-C028-4F21-96CD-5DA562C2EB6C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C7A24E15-D5F5-4ED5-B8C0-A085ED949B91}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1ED46EBE-0D7D-4781-B0B8-06E1EBB08E80}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F0A26AD0-9FC2-4401-83CA-4FB43604FD5B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C4E42EF-1521-4FF2-B832-154D5545E465}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E449C383-3376-4BA2-86E9-BAEE38FF06BE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{726C9D55-C777-4EE5-BE70-D087009411F1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04B09832-E211-46F5-BF1B-114FEDDB0087}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BAE08A11-2D24-4813-B583-494735E3A44F}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F8B351DC-D9C2-480E-BAD0-9BE037CAACB9}C:\users\user\appdata\local\temp\xlliveud\thunder8_10.1.8.286\xlliveud.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F600DC1E-7A19-43CB-8C9E-4D59112237F5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3701D932-1E66-4AF8-833F-38AE71F60759}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7AF4E2BC-AC70-4C71-B13F-F7C12354DB82}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0681AFF9-F225-4B90-8AE1-17805F69A216}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45E4A8B8-A66E-4C19-8267-26082FA78874}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDCC7A3C-A91A-4963-A0F3-5E74BF14F1D9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D0B61475-77F3-42F0-BF73-D2139D3132A1}C:\program files\lghub\lghub_agent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5B15ABDD-97CA-41FF-A358-447933443925}C:\program files\lghub\lghub_agent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{546DCA11-16C3-4207-8E83-2830A690945E}D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EFD95E02-404E-437E-A26B-EE5A672CAEDB}D:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D239986A-8A11-42BF-BE1A-843456477541}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DD0BA349-7024-4049-AF87-C4540A22D07E}D:\games\the sims 4 seasons\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{852662AD-A650-4BD8-A499-3DEA15282894}D:\games\the sims 4 seasons\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{28BB315D-89EB-4812-9BBC-64176B067C4F}D:\program files (x86)\origin games\apex\r5apex.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C46BE4C4-015E-466D-91BC-F39AAE36A474}D:\program files (x86)\origin games\apex\r5apex.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E671F7E2-5AE8-4960-B03A-668DDAD6CE99}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14080839-98DB-473E-BB13-3502B0504A58}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0951366F-3778-483C-A02B-86EB344D275B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{59C4B7BD-15B0-4CAE-A315-30B3A9C42307}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{47C95662-E780-4445-AA3E-99C80D4C4971}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BEE9E3AC-F868-488B-A073-2437C094B1E1}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3B29B487-DE53-491A-9AB9-82AECEC7813C}C:\program files (x86)\lonelyscreen\lonelyscreen.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A2F773CF-5198-474F-926B-11FAD1F2899B}C:\program files (x86)\lonelyscreen\lonelyscreen.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6924DDDA-0EF8-40DB-AD99-F96FA99905C0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9AA836A4-B382-4E79-B1D7-D77A8EF4A446}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DED3CD91-47B2-44F4-8188-54AEF0A1F90E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00DBFA08-BCFC-48BD-9E99-887E7240D936}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2BE6FE78-1712-4613-B2B7-A303EDDA45D5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{28647900-643A-44A2-9142-1C09B4FD20B6}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2AA265D1-D725-4EA0-B4D3-D1455B3395BA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{063A30DF-F301-47FF-A906-3E7AF12A9CBF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EABD356B-4BF4-4FCB-853A-24C6D7ED8ADA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{920C675D-8251-4A30-A8CB-E7AEFC9572CE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{613B93F6-5A01-418A-8C62-E6AE6E883BCC}C:\program files (x86)\icamsource\icamsource.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{445F4B1C-6691-49B1-8E85-2A8726AFC6F9}C:\program files (x86)\icamsource\icamsource.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{777B6945-BAA1-4820-8C47-C65837BA2A79}C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0BAE64B5-60DA-4ECC-9E36-0533AA359B39}C:\program files (x86)\mobiola webcamera for iphone\webcamforiphone.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A0D07646-C5B3-40F4-AD8B-DA5801CF5C73}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D0030D2C-D821-415E-AA3C-76C646DBA65D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{923C909D-5097-42EE-A4F3-93782F8A192A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{948DD00C-7CBA-4E96-B289-3FE641596384}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{798CAA7E-FAF5-4295-8F4E-689BE09F318D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7618C7A-3ED4-4EF6-AC33-661263C57AF3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F4BA7929-98AE-4BD4-8521-02DD6E8A4FAE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32398D19-7E7F-4E65-8EC9-1EA35ED7A9EF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{31362B21-EEE2-404F-B077-AE5DB324CECB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60F4F7D8-D24C-44F2-AF06-B2697D105734}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70113ADF-3924-4083-B102-A13F339962FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4814337A-1310-47ED-9193-A8B083C0F3AE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4EFB4456-5589-4A23-A3FD-062D8F1EA5D4}C:\users\user\desktop\??x v10.1.12.400 ????\??x v10.1.12.400 ????\program\resources\bin\sdk\downloadsdkserver.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{21222752-EF90-4BD3-977D-2778CF9CE826}C:\users\user\desktop\??x v10.1.12.400 ????\??x v10.1.12.400 ????\program\resources\bin\sdk\downloadsdkserver.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75C87E5D-6E09-41EB-8911-9268DBA93D53}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CFA79EEB-73E6-495C-9D40-D2DC94A622B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{07C133A0-BC50-4425-8AB3-577870BCBA75}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A9BA6E9C-EFF9-40C8-BEA2-2EB0F52B1CE5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{95F8DD0B-D935-4C2B-8EA0-01FAFF376866}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C966418D-404C-4EF3-80AF-9DCA46D0E930}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E5E71559-5457-434F-B83F-EFE91CC4A374}C:\program files (x86)\pp??5.0\pphelper5.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CA7C0502-009A-45D2-8481-507A94E168D0}C:\program files (x86)\pp??5.0\pphelper5.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16AB0B15-5FE8-4D6E-9A8B-3B5336927DFB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD39F326-726D-4E8C-B0FD-3C9FDBBD9A14}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0EBB08F9-C07D-4791-8220-F4582570023C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{267B9127-8EF5-4BD8-9960-94E6BD4B4315}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{98FBCEE0-DE05-439C-A1B2-C6CEE03D7D0C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0DAB76C4-A3AC-42DE-9AAC-65C225289465}" => removed successfully
C:\Users\User\AppData\Local\Tempzxpsigna78932945ac73723 => moved successfully
C:\Users\User\AppData\Local\Tempzxpsign5edcffcf4d82268b => moved successfully
C:\Users\User\AppData\Local\Tempzxpsigne5b2466ee74b6f7a => moved successfully
C:\Users\User\AppData\Local\Tempzxpsignad3ad35ba1681ff5 => moved successfully
C:\Users\User\AppData\Local\Tempzxpsigne9fb8efb4cb68096 => moved successfully
C:\Users\User\AppData\Local\Tempzxpsign5117149f79a0e79f => moved successfully
C:\Users\User\AppData\Local\Tempzxpsignb0d5d81a00ec7089 => moved successfully
C:\Users\User\AppData\Local\Tempzxpsignaa41fb80f3d16246 => moved successfully
C:\Users\User\AppData\Local\Tempzxpsignd252f75d62b8353d => moved successfully
C:\Users\User\AppData\Local\Tempzxpsign752d12ecf15312cd => moved successfully
C:\Users\User\AppData\Local\Tempzxpsign7deaa7289b896e73 => moved successfully
C:\Users\User\AppData\Local\Tempzxpsign05f181eda7e4199f => moved successfully
C:\Users\User\AppData\Local\Tempzxpsignac1c9fb6e8b4777f => moved successfully
C:\Users\User\AppData\Local\Tempzxpsign471bddc71c1b4c28 => moved successfully
C:\Users\User\AppData\Local\Tempzxpsignaec5cd53e5765cda => moved successfully
C:\Users\User\AppData\Local\Tempzxpsign84c607592d21c486 => moved successfully
C:\Users\User\AppData\Local\Tempzxpsign4ac31d105a697f67 => moved successfully
C:\Users\User\AppData\Local\Tempzxpsignaacf66e8baa8fb68 => moved successfully
C:\Users\User\AppData\Local\Tempzxpsigna8f77c0dec629e4d => moved successfully
C:\Users\User\AppData\Local\Tempzxpsign02ea3961e8787b6a => moved successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 12083200 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 393923865 B
Java, Flash, Steam htmlcache => 367427990 B
Windows/system/drivers => 11440519 B
Edge => 1715406 B
Chrome => 1199323450 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2400 B
NetworkService => 374538 B
User => 154841393 B
 
RecycleBin => 2166958260 B
EmptyTemp: => 4 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 23:25:47 ====
 
Malwarebyte log
 
Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 11/6/19
Scan Time: 11:32 PM
Log File: a0185628-00aa-11ea-bda9-7085c28cefc2.json
 
-Software Information-
Version: 4.0.4.49
Components Version: 1.0.717
Update Package Version: 1.0.14596
License: Free
 
-System Information-
OS: Windows 10 (Build 18362.418)
CPU: x64
File System: NTFS
User: DESKTOP-66N4BGC\User
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 305646
Threats Detected: 73
Threats Quarantined: 73
Time Elapsed: 1 min, 58 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 25
Trojan.Agent, HKU\S-1-5-21-3081099449-2374384075-4149456581-1001_Classes\thunder, Quarantined, 462, 208540, 1.0.14596, , ame, 
Trojan.Agent.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EBEB87A4-E151-4054-AB45-A6E094C5334B}, Quarantined, 7, 251733, , , , 
Trojan.Agent.BHO, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EBEB87A4-E151-4054-AB45-A6E094C5334B}, Quarantined, 7, 251733, , , , 
Trojan.Agent.BHO, HKLM\SOFTWARE\CLASSES\QMDispatch.QMFunction, Quarantined, 7, 251733, 1.0.14596, , ame, 
Adware.VRBrothers, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EBEB87A5-E151-4054-AB45-A6E094C5334B}, Quarantined, 6231, 342982, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EBEB87A5-E151-4054-AB45-A6E094C5334B}, Quarantined, 6231, 342982, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\CLASSES\QMDispatch.QMLibrary.Inner, Quarantined, 6231, 342982, 1.0.14596, , ame, 
PUP.Optional.InstallCore, HKU\S-1-5-21-3081099449-2374384075-4149456581-1001\SOFTWARE\CSASTATS\ic, Quarantined, 466, 586068, 1.0.14596, , ame, 
Adware.ChinAd, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@xunlei.com/npaplayer, Quarantined, 509, 375036, 1.0.14596, , ame, 
Adware.ChinAd, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@xunlei.com/npxluser, Quarantined, 509, 375036, 1.0.14596, , ame, 
Adware.VRBrothers, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{241D7F03-9232-4024-8373-149860BE27C0}, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\CLASSES\QMDispatch.QMVBSRoutine, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{241D7F03-9232-4024-8373-149860BE27C0}\InprocServer32, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C07DB6A3-34FC-4084-BE2E-76BB9203B049}, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\CLASSES\QMDispatch.QMRoutine, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C07DB6A3-34FC-4084-BE2E-76BB9203B049}, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C07DB6A3-34FC-4084-BE2E-76BB9203B049}\InprocServer32, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EBEB87A6-E151-4054-AB45-A6E094C5334B}, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\CLASSES\QMDispatch.QMLibrary, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EBEB87A6-E151-4054-AB45-A6E094C5334B}, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EBEB87A6-E151-4054-AB45-A6E094C5334B}\InprocServer32, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{241D7F03-9232-4024-8373-149860BE27C0}\InprocServer32, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C07DB6A3-34FC-4084-BE2E-76BB9203B049}\InprocServer32, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EBEB87A6-E151-4054-AB45-A6E094C5334B}\InprocServer32, Quarantined, 6231, 342028, , , , 
Adware.VRBrothers, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{241D7F03-9232-4024-8373-149860BE27C0}, Quarantined, 6231, 342028, 1.0.14596, , ame, 
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 5
PUP.Optional.Funshion, C:\USERS\USER\FUNSHION, Quarantined, 1147, 172990, 1.0.14596, , ame, 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\USERS\USER\APPDATA\LOCAL\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}, Quarantined, 836, 542290, 1.0.14596, , ame, 
Adware.Elex.ShrtCln, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Sync Data\LevelDB, Quarantined, 282, 454688, , , , 
 
File: 43
PUP.Optional.Funshion, C:\Users\User\Funshion\Funshion.ini, Quarantined, 1147, 172990, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\USERS\USER\APPDATA\LOCAL\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HOWTOREMOVE\HOWTOREMOVE.HTML, Quarantined, 836, 542290, 1.0.14596, , ame, 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove\chromium-min.jpg, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove\control panel-min-min.JPG, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove\down.png, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove\ff menu.JPG, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove\ff search engine-min.png, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove\hp-min ff.png, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove\hp-min ie.png, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove\search engine.gif, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove\setup pages.gif, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove\sp-min.png, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove\start-min.jpg, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\HowToRemove\up.png, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\tariri, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\terati, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\uninst.exe, Quarantined, 836, 542290, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\Users\User\AppData\Local\{A9E29FBE-8D4A-F306-E0D2-D6EEC4BA2A76}\uninstp.dat, Quarantined, 836, 542290, , , , 
Adware.VRBrothers, C:\USERS\USER\APPDATA\ROAMING\QMACRO\QDISP.DLL, Quarantined, 6231, 342028, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001221.ldb, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001224.ldb, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001226.ldb, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001228.log, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001229.ldb, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\000005.ldb, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\000021.ldb, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\000024.ldb, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\000027.ldb, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\000029.log, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\000030.ldb, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\CURRENT, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\LOCK, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\LOG, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\LOG.old, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\MANIFEST-000001, Quarantined, 282, 454688, , , , 
Adware.Elex.ShrtCln, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 282, 454688, 1.0.14596, , ame, 
Adware.Elex.ShrtCln, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Replaced, 282, 454688, 1.0.14596, , ame, 
 
Physical Sector: 0
(No malicious items detected)
 
WMI: 0
(No malicious items detected)
 
 
(end)

  • 0

#4
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,246 posts

How is the computer doing?


  • 0

#5
joesg2

joesg2

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

startupchecklibrary.dll warning gone.

not sure about other stuff, didn't spend much time with PC lately.

Will update again soon.

Thank You! 


  • 0

#6
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,246 posts

Very well. Let me know soon how is it doing.


  • 0

#7
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,246 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics


Also tagged with one or more of these keywords: startupchecklibrary.dll

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP