Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Internet usage extremely high, virus?

Started by isullivan , Jul 26 2018 08:21 AM

  • Please log in to reply

#1
isullivan
Posted 26 July 2018 - 08:21 AM

isullivan

    New Member

  • Member
  • Pip
  • 1 posts

I just received an email from comcast saying i am over 1024g of data, the next day i received another email saying i was at 1300g of data, thats over 200g in one day. i was at work all day. I think i have a virus.  

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018
Ran by Ian (administrator) on IAN-DESKTOP (26-07-2018 10:14:27)
Running from C:\Users\Ian\Downloads
Loaded Profiles: Ian (Available Profiles: Ian & not me)
Platform: Windows 10 Home Version 1803 17134.165 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\jmesoft\Service.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Pokki) C:\Users\Ian\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Pokki) C:\Users\Ian\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\Ian\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\Ian\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\Music.UI.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.12711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\Ian\Downloads\FRST64 (1).exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-17] ()
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-04-22] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\Run: [Discord] => C:\Users\Ian\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2518392 2018-07-23] (Wargaming.net)
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\RunOnce: [Application Restart #1] => C:\Users\Ian\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8616656 2018-03-20] (Pokki)
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\RunOnce: [Uninstall 18.091.0506.0007\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ian\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64"
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\RunOnce: [Uninstall 18.091.0506.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ian\AppData\Local\Microsoft\OneDrive\18.091.0506.0007"
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\MountPoints2: {04538d7b-b3df-11e4-826e-d8cb8a287dbd} - "D:\VZW_Software_upgrade_assistant.exe" 
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [148480 2018-04-11] (Microsoft Corporation)
Startup: C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Content Anywhere.lnk [2015-03-13]
ShortcutTarget: Content Anywhere.lnk -> C:\Users\Ian\AppData\Local\F-Secure\Content Anywhere\Application\Content Anywhere.exe (F-Secure Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{802d263e-c40b-4c61-a9b5-c757593bcdaf}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{933b3cb7-fff1-4fe6-9497-8702b2caaa36}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{ac76f7cc-f32e-4199-a9c7-4660f49d2661}: [DhcpNameServer] 8.8.8.8
 
Internet Explorer:
==================
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://home.lenovo.com
SearchScopes: HKU\S-1-5-21-3235607453-2435032520-3054460784-1001 -> {8F4F9A61-E480-11E4-8273-3010B39305D9} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=lenovo&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3235607453-2435032520-3054460784-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={C9765CB4-0500-421D-920B-A285F2A60CA7}&mid=08489e78f00047ccb9fae159f577ec2a-a5a61e8b45cb05cc868f54e67c4b0ffd597fc6f1&lang=en&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-01-18 11:52:21&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-19] (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-08] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-08] (Oracle Corporation)
DPF: HKLM-x32 {8569D715-FF88-44BA-8D1D-AD3E59543DDE} hxxps://traxsolutions.nfocus.com/AppSupport/arview2.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-30] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: vtm729xn.default
FF ProfilePath: C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\vtm729xn.default [2016-12-14]
FF Homepage: Mozilla\Firefox\Profiles\vtm729xn.default -> hxxp://homepage-web.com/?s=lenovo&m=start
FF Extension: (Firefox Hotfix) - C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\vtm729xn.default\Extensions\[email protected] [2016-09-30] [Legacy]
FF Extension: (Youtube Unblocker Remediation) - C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\vtm729xn.default\features\{c4adf8c7-535b-4481-96cf-19c33a670e18}\[email protected] [2016-09-30] [Legacy]
FF SearchPlugin: C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\vtm729xn.default\searchplugins\Web Search.xml [2016-04-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-04] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-02-14] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default [2018-07-26]
CHR Extension: (Slides) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Docs) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-07-17]
CHR Extension: (Google Search) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-09]
CHR Extension: (Adobe Acrobat) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-13]
CHR Extension: (Sheets) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Google Docs Offline) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (SearchLock) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\madakpajlmcpaodhfbekojajlhbdklol [2017-05-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-19]
CHR Extension: (Gmail) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-11]
CHR Profile: C:\Users\Ian\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-08]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-02-25] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-12-19] (BitRaider, LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8765104 2018-07-13] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-17] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [532224 2014-04-22] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2014-02-14] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2013-05-14] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-26] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-26] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [103656 2013-10-21] (GenesysLogic)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Realtek )
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6320640 2018-04-11] (Realtek Semiconductor Corporation )
R3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [27816 2014-12-30] (Razer Inc)
R3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [33448 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\windows\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)
R2 rzpnk; C:\windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-26] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-26] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-26] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-26 10:14 - 2018-07-26 10:15 - 000026999 _____ C:\Users\Ian\Downloads\FRST.txt
2018-07-26 10:11 - 2018-07-26 10:14 - 000000000 ____D C:\FRST
2018-07-26 10:10 - 2018-07-26 10:10 - 002412544 _____ (Farbar) C:\Users\Ian\Downloads\FRST64.exe
2018-07-26 10:10 - 2018-07-26 10:10 - 002412544 _____ (Farbar) C:\Users\Ian\Downloads\FRST64 (1).exe
2018-07-24 21:51 - 2018-07-24 21:51 - 000137111 _____ C:\Users\Ian\Downloads\age_of_sigmar_disciples_of_tzeentch_errata_en-1.pdf
2018-07-24 21:51 - 2018-07-24 21:51 - 000112574 _____ C:\Users\Ian\Downloads\age_of_sigmar_grand_alliance_chaos_errata_en (1).pdf
2018-07-24 21:51 - 2018-07-24 21:51 - 000101587 _____ C:\Users\Ian\Downloads\age_of_sigmar_everchosen_errata_en (1).pdf
2018-07-19 21:50 - 2018-07-19 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-07-19 14:36 - 2018-07-19 14:36 - 000563695 _____ C:\Users\Ian\Downloads\aos-warscroll-deathlords-nagash-en.pdf
2018-07-18 19:53 - 2018-07-18 19:53 - 000844590 _____ C:\Users\Ian\Downloads\aos-warscroll-stonehorn-beastriders-en.pdf
2018-07-18 17:16 - 2018-07-18 17:16 - 004972509 _____ C:\Users\Ian\Downloads\aos-warscroll-mutalith-vortex-beast-en (2).pdf
2018-07-18 17:13 - 2018-07-18 17:13 - 000406167 _____ C:\Users\Ian\Downloads\age_of_sigmar_disciples_of_tzeentch_errata_en.pdf
2018-07-18 17:13 - 2018-07-18 17:13 - 000397237 _____ C:\Users\Ian\Downloads\age_of_sigmar_blades_of_khorne_errata_en.pdf
2018-07-18 17:13 - 2018-07-18 17:13 - 000376874 _____ C:\Users\Ian\Downloads\age_of_sigmar_grand_alliance_chaos_errata_en.pdf
2018-07-18 17:13 - 2018-07-18 17:13 - 000369153 _____ C:\Users\Ian\Downloads\age_of_sigmar_generals_handbook_errata_en.pdf
2018-07-18 17:13 - 2018-07-18 17:13 - 000364846 _____ C:\Users\Ian\Downloads\age_of_sigmar_everchosen_errata_en.pdf
2018-07-18 17:13 - 2018-07-18 17:13 - 000357037 _____ C:\Users\Ian\Downloads\age_of_sigmar_maggotkin_errata_en.pdf
2018-07-18 16:36 - 2018-07-18 16:36 - 000635790 _____ C:\Users\Ian\Downloads\aos-warscroll-chaos-warshrine-en.pdf
2018-07-17 11:48 - 2018-07-17 11:48 - 001120231 _____ C:\Users\Ian\Downloads\aos-balefulrealmgate-en.pdf
2018-07-17 11:44 - 2018-07-17 11:44 - 005347888 _____ C:\Users\Ian\Downloads\aos-warscroll-slaughterbrute-en (1).pdf
2018-07-17 11:43 - 2018-07-17 11:43 - 004972509 _____ C:\Users\Ian\Downloads\aos-warscroll-mutalith-vortex-beast-en (1).pdf
2018-07-17 11:40 - 2018-07-17 11:40 - 000479290 _____ C:\Users\Ian\Downloads\aos-warscroll-pink-horrors-en.pdf
2018-07-17 10:28 - 2018-07-17 10:28 - 000716283 _____ C:\Users\Ian\Downloads\aos-warscroll-sayl-and-nightmaw.pdf
2018-07-17 10:26 - 2018-07-17 10:26 - 000720732 _____ C:\Users\Ian\Downloads\aos-warscroll-deathshrieker-rocket-launcher (1).pdf
2018-07-17 10:21 - 2018-07-17 10:21 - 000710057 _____ C:\Users\Ian\Downloads\aos-warscroll-dread-maw.pdf
2018-07-17 10:21 - 2018-07-17 10:21 - 000709473 _____ C:\Users\Ian\Downloads\aos-warscroll-warpfire-dragon.pdf
2018-07-17 10:21 - 2018-07-17 10:21 - 000709250 _____ C:\Users\Ian\Downloads\aos-warscroll-gigantic-chaos-spawn.pdf
2018-07-17 10:20 - 2018-07-17 10:20 - 000920548 _____ C:\Users\Ian\Downloads\warhammer-aos-skaarac.pdf
2018-07-17 10:20 - 2018-07-17 10:20 - 000712389 _____ C:\Users\Ian\Downloads\aos-warscroll-Mazarall-The-Butcher.pdf
2018-07-17 10:20 - 2018-07-17 10:20 - 000709630 _____ C:\Users\Ian\Downloads\aos-warscroll-carmine-dragon.pdf
2018-07-17 10:17 - 2018-07-17 10:17 - 000702724 _____ C:\Users\Ian\Downloads\aos-warscroll-magma-cannon.pdf
2018-07-17 10:16 - 2018-07-17 10:16 - 000720732 _____ C:\Users\Ian\Downloads\aos-warscroll-deathshrieker-rocket-launcher.pdf
2018-07-17 10:16 - 2018-07-17 10:16 - 000703638 _____ C:\Users\Ian\Downloads\aos-warscroll-dreadquake-mortar.pdf
2018-07-17 10:15 - 2018-07-17 10:15 - 000707172 _____ C:\Users\Ian\Downloads\aos-warscroll-iron-daemon.pdf
2018-07-14 22:30 - 2018-07-14 22:30 - 000046328 _____ C:\Users\Ian\Downloads\ajax (6).pdf
2018-07-12 21:26 - 2018-07-12 21:26 - 000378558 _____ C:\Users\Ian\Downloads\LEARNet_Self-service_Password_Reset.pdf
2018-07-11 22:25 - 2018-07-11 22:25 - 000673144 _____ C:\Users\Ian\Downloads\aos-warscroll-stormfiends-en.pdf
2018-07-11 17:41 - 2018-06-28 21:13 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-07-11 17:41 - 2018-06-28 21:13 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-11 08:25 - 2018-07-06 10:20 - 002868640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-07-11 08:25 - 2018-07-06 10:20 - 001610648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-07-11 08:25 - 2018-07-06 10:20 - 000689560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-07-11 08:25 - 2018-07-06 10:17 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-07-11 08:25 - 2018-07-06 09:56 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-07-11 08:25 - 2018-07-06 09:51 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-07-11 08:25 - 2018-07-06 07:26 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-07-11 08:25 - 2018-07-06 07:25 - 023863296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-07-11 08:25 - 2018-07-06 03:31 - 000462752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-07-11 08:25 - 2018-07-06 03:25 - 009147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-11 08:25 - 2018-07-06 03:25 - 002571728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-07-11 08:25 - 2018-07-06 03:25 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-07-11 08:25 - 2018-07-06 03:10 - 025845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-07-11 08:25 - 2018-07-06 03:07 - 022006272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-07-11 08:25 - 2018-07-06 03:04 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-11 08:25 - 2018-07-06 03:03 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-07-11 08:25 - 2018-07-06 03:02 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-07-11 08:25 - 2018-07-06 03:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-07-11 08:25 - 2018-07-06 03:01 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-07-11 08:25 - 2018-07-06 03:00 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-11 08:25 - 2018-07-06 02:58 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-07-11 08:25 - 2018-07-06 02:57 - 007579648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-11 08:25 - 2018-07-06 02:57 - 005779456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-11 08:25 - 2018-07-06 02:56 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-07-11 08:25 - 2018-07-06 02:55 - 003440128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-07-11 08:25 - 2018-07-06 02:55 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-11 08:25 - 2018-06-15 13:49 - 021388856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-07-11 08:25 - 2018-06-15 13:48 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-07-11 08:25 - 2018-06-15 13:33 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-07-11 08:25 - 2018-06-15 11:25 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-07-11 08:25 - 2018-06-15 11:07 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-07-11 08:25 - 2018-06-15 01:21 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-07-11 08:25 - 2018-06-15 01:12 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-07-11 08:25 - 2018-06-15 01:11 - 006817872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-07-11 08:25 - 2018-06-15 01:09 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-07-11 08:25 - 2018-06-15 01:09 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-07-11 08:25 - 2018-06-15 01:08 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-07-11 08:25 - 2018-06-15 01:08 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-07-11 08:25 - 2018-06-15 01:08 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-07-11 08:25 - 2018-06-15 01:08 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-07-11 08:25 - 2018-06-15 01:07 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-07-11 08:25 - 2018-06-15 01:07 - 001145696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-07-11 08:25 - 2018-06-15 01:04 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-07-11 08:25 - 2018-06-15 01:03 - 006572000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-07-11 08:25 - 2018-06-15 01:03 - 006528600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-07-11 08:25 - 2018-06-15 01:03 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-07-11 08:25 - 2018-06-15 01:03 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-07-11 08:25 - 2018-06-15 01:03 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-07-11 08:25 - 2018-06-15 01:03 - 001144120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-07-11 08:25 - 2018-06-15 01:03 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-07-11 08:25 - 2018-06-15 00:46 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-07-11 08:25 - 2018-06-15 00:45 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-07-11 08:25 - 2018-06-15 00:42 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-07-11 08:25 - 2018-06-15 00:42 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-07-11 08:25 - 2018-06-15 00:41 - 004561920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-07-11 08:25 - 2018-06-15 00:41 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-07-11 08:24 - 2018-07-06 10:20 - 000792472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-07-11 08:24 - 2018-07-06 10:20 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-07-11 08:24 - 2018-07-06 10:20 - 000451992 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-07-11 08:24 - 2018-07-06 10:20 - 000309664 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-07-11 08:24 - 2018-07-06 10:20 - 000144792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-07-11 08:24 - 2018-07-06 10:20 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-07-11 08:24 - 2018-07-06 10:14 - 000541592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-07-11 08:24 - 2018-07-06 09:53 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-07-11 08:24 - 2018-07-06 09:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-07-11 08:24 - 2018-07-06 09:53 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-07-11 08:24 - 2018-07-06 09:52 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-07-11 08:24 - 2018-07-06 09:52 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-07-11 08:24 - 2018-07-06 09:51 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-07-11 08:24 - 2018-07-06 09:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-11 08:24 - 2018-07-06 09:51 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-07-11 08:24 - 2018-07-06 09:51 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-11 08:24 - 2018-07-06 09:50 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-07-11 08:24 - 2018-07-06 09:49 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-07-11 08:24 - 2018-07-06 08:06 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-07-11 08:24 - 2018-07-06 07:54 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-07-11 08:24 - 2018-07-06 07:54 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-11 08:24 - 2018-07-06 07:53 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-07-11 08:24 - 2018-07-06 07:53 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-07-11 08:24 - 2018-07-06 07:52 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-07-11 08:24 - 2018-07-06 07:52 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-07-11 08:24 - 2018-07-06 07:52 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-07-11 08:24 - 2018-07-06 07:51 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-07-11 08:24 - 2018-07-06 07:51 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-07-11 08:24 - 2018-07-06 07:01 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-11 08:24 - 2018-07-06 03:32 - 000480672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-07-11 08:24 - 2018-07-06 03:31 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-07-11 08:24 - 2018-07-06 03:29 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-11 08:24 - 2018-07-06 03:29 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-11 08:24 - 2018-07-06 03:27 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-11 08:24 - 2018-07-06 03:27 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-07-11 08:24 - 2018-07-06 03:27 - 001012632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-11 08:24 - 2018-07-06 03:27 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-11 08:24 - 2018-07-06 03:27 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-11 08:24 - 2018-07-06 03:27 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-11 08:24 - 2018-07-06 03:27 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2018-07-11 08:24 - 2018-07-06 03:26 - 002712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-11 08:24 - 2018-07-06 03:26 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-07-11 08:24 - 2018-07-06 03:26 - 000930720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-07-11 08:24 - 2018-07-06 03:26 - 000766608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-07-11 08:24 - 2018-07-06 03:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-11 08:24 - 2018-07-06 03:25 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-07-11 08:24 - 2018-07-06 03:25 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-07-11 08:24 - 2018-07-06 03:25 - 001026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-07-11 08:24 - 2018-07-06 03:25 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-11 08:24 - 2018-07-06 03:25 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-07-11 08:24 - 2018-07-06 03:25 - 000483048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-07-11 08:24 - 2018-07-06 03:25 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-07-11 08:24 - 2018-07-06 03:25 - 000267680 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-07-11 08:24 - 2018-07-06 03:25 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-07-11 08:24 - 2018-07-06 03:24 - 000380824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-07-11 08:24 - 2018-07-06 03:16 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-07-11 08:24 - 2018-07-06 03:14 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-07-11 08:24 - 2018-07-06 03:14 - 001981896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-07-11 08:24 - 2018-07-06 03:14 - 001175568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-11 08:24 - 2018-07-06 03:14 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-07-11 08:24 - 2018-07-06 03:14 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-07-11 08:24 - 2018-07-06 03:14 - 000573904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-07-11 08:24 - 2018-07-06 03:13 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-07-11 08:24 - 2018-07-06 03:01 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-07-11 08:24 - 2018-07-06 03:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-07-11 08:24 - 2018-07-06 03:00 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-07-11 08:24 - 2018-07-06 03:00 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-07-11 08:24 - 2018-07-06 03:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-07-11 08:24 - 2018-07-06 03:00 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-07-11 08:24 - 2018-07-06 03:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-07-11 08:24 - 2018-07-06 03:00 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-07-11 08:24 - 2018-07-06 02:59 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-07-11 08:24 - 2018-07-06 02:59 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-07-11 08:24 - 2018-07-06 02:59 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-07-11 08:24 - 2018-07-06 02:59 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-07-11 08:24 - 2018-07-06 02:59 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-07-11 08:24 - 2018-07-06 02:59 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2018-07-11 08:24 - 2018-07-06 02:59 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-07-11 08:24 - 2018-07-06 02:59 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-07-11 08:24 - 2018-07-06 02:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-07-11 08:24 - 2018-07-06 02:58 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-07-11 08:24 - 2018-07-06 02:58 - 001931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-07-11 08:24 - 2018-07-06 02:58 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-11 08:24 - 2018-07-06 02:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-07-11 08:24 - 2018-07-06 02:58 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-07-11 08:24 - 2018-07-06 02:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-07-11 08:24 - 2018-07-06 02:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2018-07-11 08:24 - 2018-07-06 02:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-07-11 08:24 - 2018-07-06 02:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-07-11 08:24 - 2018-07-06 02:58 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-07-11 08:24 - 2018-07-06 02:58 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-07-11 08:24 - 2018-07-06 02:58 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-07-11 08:24 - 2018-07-06 02:58 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-07-11 08:24 - 2018-07-06 02:57 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-07-11 08:24 - 2018-07-06 02:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-11 08:24 - 2018-07-06 02:57 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-07-11 08:24 - 2018-07-06 02:57 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-07-11 08:24 - 2018-07-06 02:57 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-07-11 08:24 - 2018-07-06 02:57 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-07-11 08:24 - 2018-07-06 02:57 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-07-11 08:24 - 2018-07-06 02:57 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-07-11 08:24 - 2018-07-06 02:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-07-11 08:24 - 2018-07-06 02:56 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-07-11 08:24 - 2018-07-06 02:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-11 08:24 - 2018-07-06 02:55 - 001395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-07-11 08:24 - 2018-07-06 02:55 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-07-11 08:24 - 2018-07-06 02:55 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-07-11 08:24 - 2018-07-06 02:55 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-11 08:24 - 2018-07-06 02:55 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-07-11 08:24 - 2018-07-06 02:55 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-07-11 08:24 - 2018-07-06 02:54 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-07-11 08:24 - 2018-07-06 02:54 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-07-11 08:24 - 2018-07-06 02:53 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-07-11 08:24 - 2018-07-06 02:53 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-07-11 08:24 - 2018-07-06 02:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-07-11 08:24 - 2018-07-06 02:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-07-11 08:24 - 2018-07-06 02:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-07-11 08:24 - 2018-07-06 01:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-11 08:24 - 2018-06-29 00:16 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-11 08:24 - 2018-06-15 13:55 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-07-11 08:24 - 2018-06-15 13:53 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-07-11 08:24 - 2018-06-15 13:53 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-07-11 08:24 - 2018-06-15 13:50 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-07-11 08:24 - 2018-06-15 13:48 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-07-11 08:24 - 2018-06-15 13:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-07-11 08:24 - 2018-06-15 13:34 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-07-11 08:24 - 2018-06-15 13:34 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-07-11 08:24 - 2018-06-15 13:34 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-07-11 08:24 - 2018-06-15 13:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-07-11 08:24 - 2018-06-15 13:33 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-07-11 08:24 - 2018-06-15 13:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-07-11 08:24 - 2018-06-15 13:32 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-07-11 08:24 - 2018-06-15 13:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-07-11 08:24 - 2018-06-15 13:31 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-07-11 08:24 - 2018-06-15 13:31 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-07-11 08:24 - 2018-06-15 13:31 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-07-11 08:24 - 2018-06-15 13:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-07-11 08:24 - 2018-06-15 13:30 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-07-11 08:24 - 2018-06-15 13:30 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-07-11 08:24 - 2018-06-15 13:30 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-07-11 08:24 - 2018-06-15 13:29 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-07-11 08:24 - 2018-06-15 13:29 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-07-11 08:24 - 2018-06-15 13:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-07-11 08:24 - 2018-06-15 13:29 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-07-11 08:24 - 2018-06-15 13:29 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-07-11 08:24 - 2018-06-15 13:29 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-07-11 08:24 - 2018-06-15 13:28 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-07-11 08:24 - 2018-06-15 13:28 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-07-11 08:24 - 2018-06-15 11:22 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-07-11 08:24 - 2018-06-15 11:16 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-07-11 08:24 - 2018-06-15 11:06 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-07-11 08:24 - 2018-06-15 11:06 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-07-11 08:24 - 2018-06-15 11:04 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-07-11 08:24 - 2018-06-15 11:04 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-07-11 08:24 - 2018-06-15 11:03 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-07-11 08:24 - 2018-06-15 11:03 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-07-11 08:24 - 2018-06-15 11:02 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-07-11 08:24 - 2018-06-15 11:01 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-07-11 08:24 - 2018-06-15 11:01 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-07-11 08:24 - 2018-06-15 09:23 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-07-11 08:24 - 2018-06-15 03:11 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-07-11 08:24 - 2018-06-15 03:10 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-07-11 08:24 - 2018-06-15 03:03 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-07-11 08:24 - 2018-06-15 01:21 - 000761440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-07-11 08:24 - 2018-06-15 01:19 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-07-11 08:24 - 2018-06-15 01:19 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-07-11 08:24 - 2018-06-15 01:19 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-07-11 08:24 - 2018-06-15 01:18 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-07-11 08:24 - 2018-06-15 01:16 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-07-11 08:24 - 2018-06-15 01:16 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-07-11 08:24 - 2018-06-15 01:15 - 002563960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-07-11 08:24 - 2018-06-15 01:15 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-07-11 08:24 - 2018-06-15 01:13 - 000510904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-07-11 08:24 - 2018-06-15 01:13 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-07-11 08:24 - 2018-06-15 01:12 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-07-11 08:24 - 2018-06-15 01:12 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-07-11 08:24 - 2018-06-15 01:12 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-07-11 08:24 - 2018-06-15 01:12 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-07-11 08:24 - 2018-06-15 01:10 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-07-11 08:24 - 2018-06-15 01:10 - 001097640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-07-11 08:24 - 2018-06-15 01:10 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-07-11 08:24 - 2018-06-15 01:10 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-07-11 08:24 - 2018-06-15 01:09 - 002830240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-07-11 08:24 - 2018-06-15 01:09 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-07-11 08:24 - 2018-06-15 01:09 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-07-11 08:24 - 2018-06-15 01:09 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-07-11 08:24 - 2018-06-15 01:09 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-07-11 08:24 - 2018-06-15 01:09 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-07-11 08:24 - 2018-06-15 01:09 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-07-11 08:24 - 2018-06-15 01:09 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-07-11 08:24 - 2018-06-15 01:08 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-07-11 08:24 - 2018-06-15 01:08 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-07-11 08:24 - 2018-06-15 01:08 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-07-11 08:24 - 2018-06-15 01:08 - 001457128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-07-11 08:24 - 2018-06-15 01:08 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-07-11 08:24 - 2018-06-15 01:08 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-07-11 08:24 - 2018-06-15 01:08 - 001140568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-07-11 08:24 - 2018-06-15 01:08 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-07-11 08:24 - 2018-06-15 01:08 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-07-11 08:24 - 2018-06-15 01:08 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-07-11 08:24 - 2018-06-15 01:08 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-07-11 08:24 - 2018-06-15 01:08 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-07-11 08:24 - 2018-06-15 01:08 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-07-11 08:24 - 2018-06-15 01:08 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-07-11 08:24 - 2018-06-15 01:08 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-07-11 08:24 - 2018-06-15 01:05 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-07-11 08:24 - 2018-06-15 01:05 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-07-11 08:24 - 2018-06-15 01:04 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-07-11 08:24 - 2018-06-15 01:04 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-07-11 08:24 - 2018-06-15 01:04 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-07-11 08:24 - 2018-06-15 01:04 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-07-11 08:24 - 2018-06-15 01:04 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-07-11 08:24 - 2018-06-15 01:04 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-07-11 08:24 - 2018-06-15 01:03 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-07-11 08:24 - 2018-06-15 01:03 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-07-11 08:24 - 2018-06-15 01:03 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-07-11 08:24 - 2018-06-15 01:03 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-07-11 08:24 - 2018-06-15 01:03 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-07-11 08:24 - 2018-06-15 01:03 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-07-11 08:24 - 2018-06-15 01:03 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-07-11 08:24 - 2018-06-15 01:03 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-07-11 08:24 - 2018-06-15 01:03 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-07-11 08:24 - 2018-06-15 01:03 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-07-11 08:24 - 2018-06-15 01:03 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-07-11 08:24 - 2018-06-15 01:03 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-07-11 08:24 - 2018-06-15 00:49 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-07-11 08:24 - 2018-06-15 00:48 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-07-11 08:24 - 2018-06-15 00:48 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-07-11 08:24 - 2018-06-15 00:47 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-07-11 08:24 - 2018-06-15 00:47 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-07-11 08:24 - 2018-06-15 00:47 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-07-11 08:24 - 2018-06-15 00:46 - 004333568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-07-11 08:24 - 2018-06-15 00:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-07-11 08:24 - 2018-06-15 00:46 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-07-11 08:24 - 2018-06-15 00:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-07-11 08:24 - 2018-06-15 00:46 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-07-11 08:24 - 2018-06-15 00:46 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-11 08:24 - 2018-06-15 00:45 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-07-11 08:24 - 2018-06-15 00:45 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-07-11 08:24 - 2018-06-15 00:45 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-07-11 08:24 - 2018-06-15 00:45 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-07-11 08:24 - 2018-06-15 00:45 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-07-11 08:24 - 2018-06-15 00:45 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-07-11 08:24 - 2018-06-15 00:45 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-07-11 08:24 - 2018-06-15 00:44 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-07-11 08:24 - 2018-06-15 00:44 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-07-11 08:24 - 2018-06-15 00:44 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-07-11 08:24 - 2018-06-15 00:44 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-07-11 08:24 - 2018-06-15 00:44 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-07-11 08:24 - 2018-06-15 00:44 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-07-11 08:24 - 2018-06-15 00:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-07-11 08:24 - 2018-06-15 00:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-07-11 08:24 - 2018-06-15 00:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-07-11 08:24 - 2018-06-15 00:43 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-07-11 08:24 - 2018-06-15 00:43 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-07-11 08:24 - 2018-06-15 00:43 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-07-11 08:24 - 2018-06-15 00:43 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-07-11 08:24 - 2018-06-15 00:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-07-11 08:24 - 2018-06-15 00:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-07-11 08:24 - 2018-06-15 00:43 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-07-11 08:24 - 2018-06-15 00:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-07-11 08:24 - 2018-06-15 00:43 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-07-11 08:24 - 2018-06-15 00:43 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-07-11 08:24 - 2018-06-15 00:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-07-11 08:24 - 2018-06-15 00:42 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-07-11 08:24 - 2018-06-15 00:42 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-07-11 08:24 - 2018-06-15 00:42 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-07-11 08:24 - 2018-06-15 00:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-07-11 08:24 - 2018-06-15 00:42 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-07-11 08:24 - 2018-06-15 00:42 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-07-11 08:24 - 2018-06-15 00:42 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-07-11 08:24 - 2018-06-15 00:42 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-07-11 08:24 - 2018-06-15 00:42 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-07-11 08:24 - 2018-06-15 00:42 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-07-11 08:24 - 2018-06-15 00:42 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-11 08:24 - 2018-06-15 00:41 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-07-11 08:24 - 2018-06-15 00:41 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-07-11 08:24 - 2018-06-15 00:41 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-07-11 08:24 - 2018-06-15 00:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-07-11 08:24 - 2018-06-15 00:41 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-07-11 08:24 - 2018-06-15 00:41 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-07-11 08:24 - 2018-06-15 00:41 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-07-11 08:24 - 2018-06-15 00:41 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-07-11 08:24 - 2018-06-15 00:41 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-07-11 08:24 - 2018-06-15 00:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-07-11 08:24 - 2018-06-15 00:40 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-07-11 08:24 - 2018-06-15 00:40 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-07-11 08:24 - 2018-06-15 00:40 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-07-11 08:24 - 2018-06-15 00:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-07-11 08:24 - 2018-06-15 00:40 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-07-11 08:24 - 2018-06-15 00:39 - 002903040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-07-11 08:24 - 2018-06-15 00:39 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-07-11 08:24 - 2018-06-15 00:39 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-07-11 08:24 - 2018-06-15 00:39 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-07-11 08:24 - 2018-06-15 00:39 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-07-11 08:24 - 2018-06-15 00:39 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-07-11 08:24 - 2018-06-15 00:39 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-07-11 08:24 - 2018-06-15 00:38 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-07-11 08:24 - 2018-06-15 00:38 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-07-11 08:24 - 2018-06-15 00:38 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-07-11 08:24 - 2018-06-15 00:38 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-07-11 08:24 - 2018-06-15 00:38 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-07-11 08:24 - 2018-06-15 00:38 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-07-11 08:24 - 2018-06-15 00:38 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-07-11 08:24 - 2018-06-15 00:38 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-07-11 08:24 - 2018-06-15 00:37 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-07-11 08:24 - 2018-06-15 00:37 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-07-11 08:24 - 2018-06-15 00:36 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-07-11 08:24 - 2018-06-01 01:18 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-07-11 08:24 - 2018-05-20 07:53 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-07-11 08:24 - 2018-05-20 07:52 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-07-10 20:28 - 2018-07-10 20:28 - 001090929 _____ C:\Users\Ian\Downloads\aos-warscroll-archaon-everchosen-en.pdf
2018-07-10 12:50 - 2018-07-14 12:16 - 000000000 ____D C:\ProgramData\Packages
2018-07-09 17:10 - 2018-07-09 16:55 - 000012293 _____ C:\Users\Ian\Desktop\Cygnar Models.xlsx
2018-07-09 16:55 - 2018-07-09 16:55 - 000012293 _____ C:\Users\Ian\Documents\Cygnar Models.xlsx
2018-07-08 15:09 - 2018-07-08 15:09 - 000385380 _____ C:\Users\Ian\Downloads\aos-warscroll-exalteddeathbringer-en.pdf
2018-07-08 15:09 - 2018-07-08 15:09 - 000282722 _____ C:\Users\Ian\Downloads\aos-warscroll-bloodmaster-en.pdf
2018-07-08 15:08 - 2018-07-08 15:08 - 000745298 _____ C:\Users\Ian\Downloads\aos-warscroll-chaos-chosen-en.pdf
2018-07-08 15:06 - 2018-07-08 15:07 - 000380715 _____ C:\Users\Ian\Downloads\aos-warscroll-kairic-acolytes-en.pdf
2018-07-08 15:05 - 2018-07-08 15:05 - 000662103 _____ C:\Users\Ian\Downloads\aos-warscroll-dragon-ogors-en.pdf
2018-07-08 15:04 - 2018-07-08 15:04 - 000902075 _____ C:\Users\Ian\Downloads\aos-warscroll-chaos-knights-en.pdf
2018-07-08 15:02 - 2018-07-08 15:02 - 000476060 _____ C:\Users\Ian\Downloads\aos-warscroll-dragon-ogor-shaggoth-en.pdf
2018-07-08 15:01 - 2018-07-08 15:01 - 000251235 _____ C:\Users\Ian\Downloads\aos-warscroll-bloodwarriors-en.pdf
2018-07-08 14:59 - 2018-07-08 14:59 - 001042110 _____ C:\Users\Ian\Downloads\aos-warscroll-everchosen-varanguard-en.pdf
2018-07-08 14:59 - 2018-07-08 14:59 - 001042110 _____ C:\Users\Ian\Downloads\aos-warscroll-everchosen-varanguard-en (1).pdf
2018-07-08 14:58 - 2018-07-08 14:58 - 000410435 _____ C:\Users\Ian\Downloads\aos-warscroll-ghorgon-en.pdf
2018-07-08 14:57 - 2018-07-08 14:57 - 000618624 _____ C:\Users\Ian\Downloads\aos-warscroll-chimera-en.pdf
2018-07-08 14:55 - 2018-07-08 14:55 - 000808037 _____ C:\Users\Ian\Downloads\aos-warscroll-chaos-lord-manticore-en.pdf
2018-07-08 14:53 - 2018-07-08 14:53 - 000500521 _____ C:\Users\Ian\Downloads\aos-warscroll-spirit-of-durthu-en.pdf
2018-07-08 14:46 - 2018-07-08 14:46 - 000600994 _____ C:\Users\Ian\Downloads\aos-warscroll-putridblightkings-en.pdf
2018-07-08 14:43 - 2018-07-08 14:43 - 000745949 _____ C:\Users\Ian\Downloads\aos-warscroll-theglottkin-en.pdf
2018-07-08 14:41 - 2018-07-08 14:41 - 000784879 _____ C:\Users\Ian\Downloads\ENG-Great-unclean-one.pdf
2018-07-08 14:38 - 2018-07-08 14:38 - 000278423 _____ C:\Users\Ian\Downloads\aos-warscroll-khorne-skullcannon-en.pdf
2018-07-08 14:36 - 2018-07-08 14:36 - 000339931 _____ C:\Users\Ian\Downloads\aos-warscroll-khorne-bloodthirster-en.pdf
2018-07-08 14:32 - 2018-07-08 14:32 - 000547095 _____ C:\Users\Ian\Downloads\aos-warscroll-scarbrand-en.pdf
2018-07-08 14:29 - 2018-07-08 14:29 - 000333228 _____ C:\Users\Ian\Downloads\aos-warscroll-magores-fiends-en.pdf
2018-07-08 14:29 - 2018-07-08 14:29 - 000298298 _____ C:\Users\Ian\Downloads\aos-warscroll-garreks-reavers-en.pdf
2018-07-08 14:27 - 2018-07-08 14:27 - 000386147 _____ C:\Users\Ian\Downloads\aos-warscroll-ogroid-thaumaturge-en.pdf
2018-07-08 14:26 - 2018-07-08 14:26 - 000370136 _____ C:\Users\Ian\Downloads\aos-warscroll-lord-of-change-en.pdf
2018-07-08 14:24 - 2018-07-08 14:24 - 000449695 _____ C:\Users\Ian\Downloads\aos-warscroll-kairos-fateweaver-en.pdf
2018-07-08 14:19 - 2018-07-08 14:19 - 000490347 _____ C:\Users\Ian\Downloads\aos-warscroll-Drakesworn-Templar-en.pdf
2018-07-08 14:18 - 2018-07-08 14:18 - 000506662 _____ C:\Users\Ian\Downloads\aos-warscroll-Desolators-en.pdf
2018-07-08 14:16 - 2018-07-08 14:16 - 000578406 _____ C:\Users\Ian\Downloads\aos-warscroll-Vanguard-Palladors-en.pdf
2018-07-08 14:15 - 2018-07-08 14:15 - 001653893 _____ C:\Users\Ian\Downloads\Vandus_Hammerhand_CB_Web - cropped (1).pdf
2018-07-08 14:13 - 2018-07-08 14:13 - 001653893 _____ C:\Users\Ian\Downloads\Vandus_Hammerhand_CB_Web - cropped.pdf
2018-07-08 14:12 - 2018-07-08 14:12 - 000536509 _____ C:\Users\Ian\Downloads\aos-warscroll-Fulminators-en.pdf
2018-07-08 14:10 - 2018-07-08 14:10 - 001501630 _____ C:\Users\Ian\Downloads\aos-warscroll-Lord-Aquilor-en.pdf
2018-07-08 14:06 - 2018-07-08 14:06 - 001289076 _____ C:\Users\Ian\Downloads\aos-warscroll-stormcast-stardrake-en.pdf
2018-07-08 14:05 - 2018-07-08 14:05 - 000506661 _____ C:\Users\Ian\Downloads\aos-warscroll-Concussors-en.pdf
2018-07-08 14:01 - 2018-07-08 14:01 - 000264641 _____ C:\Users\Ian\Downloads\ENG Morghast Archai.pdf
2018-07-08 14:00 - 2018-07-08 14:00 - 000264231 _____ C:\Users\Ian\Downloads\ENG Morghast Harbingers.pdf
2018-07-08 13:57 - 2018-07-08 13:57 - 002100476 _____ C:\Users\Ian\Downloads\aos-warscroll-crypt-ghouls-en.pdf
2018-07-08 13:55 - 2018-07-08 13:55 - 001009759 _____ C:\Users\Ian\Downloads\aos-warscroll-crypt-haunter-courtier-en.pdf
2018-07-08 13:54 - 2018-07-08 13:54 - 001102323 _____ C:\Users\Ian\Downloads\aos-warscroll-crypt-flayers-en.pdf
2018-07-08 13:54 - 2018-07-08 13:54 - 001009249 _____ C:\Users\Ian\Downloads\aos-warscroll-crypt-horrors-en.pdf
2018-07-08 13:53 - 2018-07-08 13:53 - 001065717 _____ C:\Users\Ian\Downloads\aos-warscroll-crypt-infernal-courtier-en.pdf
2018-07-08 13:51 - 2018-07-08 13:51 - 000817706 _____ C:\Users\Ian\Downloads\aos-warscroll-orruk-goregruntas-en.pdf
2018-07-08 13:49 - 2018-07-08 13:49 - 001093537 _____ C:\Users\Ian\Downloads\aos-warscroll-orruk-ardboyz-en.pdf
2018-07-08 13:48 - 2018-07-08 13:48 - 001119505 _____ C:\Users\Ian\Downloads\aos-warscroll-orruk-brutes-en.pdf
2018-07-08 13:47 - 2018-07-08 13:47 - 001247427 _____ C:\Users\Ian\Downloads\aos-warscroll-orruk-megaboss-en.pdf
2018-07-08 13:46 - 2018-07-08 13:46 - 001053692 _____ C:\Users\Ian\Downloads\aos-warscroll-orruk-warchanter-en.pdf
2018-07-08 13:41 - 2018-07-08 13:41 - 001309250 _____ C:\Users\Ian\Downloads\aos-warscroll-orruk-mawkrusha-en.pdf
2018-07-08 13:37 - 2018-07-08 13:37 - 000675201 _____ C:\Users\Ian\Downloads\ENG-Orghotts_daemonspew.pdf
2018-07-08 13:36 - 2018-07-08 13:36 - 000675354 _____ C:\Users\Ian\Downloads\ENG-Blob-rotspawned.pdf
2018-07-08 13:35 - 2018-07-08 13:35 - 000597630 _____ C:\Users\Ian\Downloads\aos-warscroll-the-masque-of-slaanesh-en.pdf
2018-07-08 13:33 - 2018-07-08 13:33 - 000240382 _____ C:\Users\Ian\Downloads\aos-warscroll-wightking-blackaxe-en.pdf
2018-07-08 13:32 - 2018-07-08 13:32 - 000261569 _____ C:\Users\Ian\Downloads\aos-warscroll-vampire-lord-en.pdf
2018-07-08 13:30 - 2018-07-08 13:30 - 000670507 _____ C:\Users\Ian\Downloads\aos-Darkoath-Cheiftain-en.pdf
2018-07-08 13:29 - 2018-07-08 13:29 - 000587057 _____ C:\Users\Ian\Downloads\aos-warscroll-fiend-of-slaanesh-en.pdf
2018-07-08 13:27 - 2018-07-08 13:27 - 000515802 _____ C:\Users\Ian\Downloads\aos-warscroll-hellstriders-en.pdf
2018-07-08 13:25 - 2018-07-08 13:25 - 001066397 _____ C:\Users\Ian\Downloads\aos-warscroll-varghulf-courtier-en.pdf
2018-07-08 13:23 - 2018-07-08 13:23 - 000335924 _____ C:\Users\Ian\Downloads\aos-warscroll-lordjuggernaught-en.pdf
2018-07-08 13:21 - 2018-07-08 13:21 - 000632641 _____ C:\Users\Ian\Downloads\aos-warscroll-doombull-en.pdf
2018-07-08 13:20 - 2018-07-08 13:20 - 000288813 _____ C:\Users\Ian\Downloads\aos-warscroll-scylaanfingrimm-en.pdf
2018-07-08 13:18 - 2018-07-08 13:18 - 000548397 _____ C:\Users\Ian\Downloads\aos-warscroll-zombie-dragon-en.pdf
2018-07-08 13:08 - 2018-07-08 13:08 - 000548455 _____ C:\Users\Ian\Downloads\aos-warscroll-terrorgheist-en.pdf
2018-07-08 13:05 - 2018-07-08 13:05 - 004972509 _____ C:\Users\Ian\Downloads\aos-warscroll-mutalith-vortex-beast-en.pdf
2018-07-08 13:02 - 2018-07-08 13:02 - 005347888 _____ C:\Users\Ian\Downloads\aos-warscroll-slaughterbrute-en.pdf
2018-07-07 19:21 - 2018-07-07 19:21 - 000529860 _____ C:\Users\Ian\Downloads\aos-warscroll-soul-grinder-en.pdf
2018-07-07 19:19 - 2018-07-07 19:19 - 000462188 _____ C:\Users\Ian\Downloads\aos-warscroll-chaos-belakor-en.pdf
2018-07-07 19:16 - 2018-07-07 19:16 - 000666047 _____ C:\Users\Ian\Downloads\aos-warscroll-chaos-daemonprince-en.pdf
2018-07-07 10:28 - 2018-07-07 10:28 - 000046901 _____ C:\Users\Ian\Downloads\ajax (5).pdf
2018-07-07 10:28 - 2018-07-07 10:28 - 000046328 _____ C:\Users\Ian\Downloads\ajax (4).pdf
2018-07-02 22:30 - 2018-07-02 22:30 - 007526517 _____ C:\Users\Ian\Downloads\Steamroller Rules 2018.pdf
2018-06-26 20:23 - 2018-06-26 20:23 - 000363537 _____ C:\Users\Ian\Desktop\pizzahut.pdf
2018-06-26 20:23 - 2018-06-26 20:23 - 000360091 _____ C:\Users\Ian\Desktop\kroger7.pdf
2018-06-26 20:05 - 2018-06-26 20:05 - 000301509 _____ C:\Users\Ian\Desktop\hobbylobby.pdf
2018-06-26 20:04 - 2018-06-26 20:04 - 000240760 _____ C:\Users\Ian\Desktop\busgas.pdf
2018-06-26 19:54 - 2018-06-26 19:54 - 000106086 _____ C:\Users\Ian\Desktop\groupon3.pdf
2018-06-26 19:54 - 2018-06-26 19:54 - 000101790 _____ C:\Users\Ian\Downloads\LG-R3W6-P9LV-FV34-HMJY.pdf
2018-06-26 19:53 - 2018-06-26 19:53 - 000103058 _____ C:\Users\Ian\Desktop\groupon2.pdf
2018-06-26 19:53 - 2018-06-26 19:53 - 000101851 _____ C:\Users\Ian\Downloads\LG-BFH1-7J4F-3H7V-S9RB (1).pdf
2018-06-26 19:52 - 2018-06-26 19:52 - 000101851 _____ C:\Users\Ian\Downloads\LG-BFH1-7J4F-3H7V-S9RB.pdf
2018-06-26 19:51 - 2018-06-26 19:51 - 000106128 _____ C:\Users\Ian\Desktop\groupon1.pdf
2018-06-26 19:50 - 2018-06-26 19:50 - 000101396 _____ C:\Users\Ian\Downloads\LG-Z6SF-BYF4-TN1C-CK19.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-26 10:13 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-26 10:00 - 2018-05-17 06:29 - 000004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E921204A-DB0C-4E7D-9BD5-5FCD911EE9D3}
2018-07-26 10:00 - 2018-05-17 06:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-26 00:00 - 2015-02-04 17:46 - 000000000 ____D C:\Users\Ian\AppData\Local\SweetLabs App Platform
2018-07-24 06:15 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-21 01:41 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-19 21:50 - 2016-01-05 15:06 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-07-19 21:50 - 2016-01-05 15:06 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-07-19 21:50 - 2016-01-05 15:06 - 000002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-07-19 21:50 - 2016-01-05 15:06 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-07-19 21:50 - 2016-01-05 15:06 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-07-19 21:50 - 2016-01-05 15:06 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-07-19 21:50 - 2016-01-05 15:06 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-07-19 21:49 - 2014-12-10 19:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-18 22:03 - 2018-05-17 06:29 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3235607453-2435032520-3054460784-1001
2018-07-18 22:03 - 2018-05-17 06:06 - 000002414 _____ C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-18 22:03 - 2015-02-04 17:50 - 000000000 __RDO C:\Users\Ian\OneDrive
2018-07-17 06:10 - 2015-03-13 21:19 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-07-12 07:55 - 2018-05-17 06:29 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-07-12 07:54 - 2016-02-01 22:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-07-11 17:59 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-11 17:47 - 2018-05-17 06:18 - 000840376 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-11 17:45 - 2018-05-27 00:17 - 000000000 ____D C:\Users\Ian\AppData\Local\D3DSCache
2018-07-11 17:43 - 2015-06-01 01:39 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-07-11 17:41 - 2017-08-08 11:12 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-11 17:41 - 2016-01-19 11:15 - 000000000 ___RD C:\Users\Ian\3D Objects
2018-07-11 17:41 - 2015-09-10 01:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-11 17:40 - 2018-05-17 05:59 - 000438576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-11 17:39 - 2018-05-17 06:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-11 17:39 - 2018-04-11 17:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-07-11 17:38 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-07-11 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-07-11 17:37 - 2018-04-11 19:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-07-11 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-11 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-11 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-07-11 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-11 08:35 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-11 08:35 - 2015-02-04 23:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-11 08:33 - 2015-02-04 23:15 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-11 03:04 - 2018-05-17 06:29 - 000004576 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-11 03:04 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-07-11 03:04 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-07-06 10:42 - 2015-02-04 17:55 - 000000000 ____D C:\Users\Ian\AppData\Roaming\Nitro PDF
2018-07-04 16:14 - 2017-05-17 16:11 - 000000000 ____D C:\Users\Ian\AppData\Roaming\DigiByte
2018-06-27 19:47 - 2016-12-10 01:37 - 000000000 ____D C:\Users\Ian\AppData\Local\ElevatedDiagnostics
2018-06-26 18:19 - 2015-02-05 17:06 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-26 17:58 - 2018-02-27 12:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
 
==================== Files in the root of some directories =======
 
2015-02-08 15:15 - 2015-02-08 15:15 - 000007599 _____ () C:\Users\Ian\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
2018-07-20 17:56 - 2018-07-20 17:56 - 001906040 _____ (Oracle Corporation) C:\Users\Ian\AppData\Local\Temp\jre-8u181-windows-au.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-17 05:59
 
==================== End of FRST.txt ============================ 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.07.2018
Ran by Ian (26-07-2018 10:16:03)
Running from C:\Users\Ian\Downloads
Windows 10 Home Version 1803 17134.165 (X64) (2018-05-17 10:31:02)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3235607453-2435032520-3054460784-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3235607453-2435032520-3054460784-503 - Limited - Disabled)
Guest (S-1-5-21-3235607453-2435032520-3054460784-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3235607453-2435032520-3054460784-1003 - Limited - Enabled)
Ian (S-1-5-21-3235607453-2435032520-3054460784-1001 - Administrator - Enabled) => C:\Users\Ian
not me (S-1-5-21-3235607453-2435032520-3054460784-1004 - Limited - Enabled) => C:\Users\not me
WDAGUtilityAccount (S-1-5-21-3235607453-2435032520-3054460784-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Atlas Reactor Live (HKLM-x32\...\Glyph Atlas Reactor Live) (Version:  - Trion Worlds, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitcoin Core (64-bit) (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\Bitcoin Core (64-bit)) (Version: 0.14.1 - Bitcoin Core project)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Content Anywhere (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\Content Anywhere) (Version: 2.3.4049 - F-Secure Corporation)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
DigiByte Core (64-bit) (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\DigiByte Core (64-bit)) (Version: 6.14.2 - DigiByte Core project)
Discord (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dogecoin Core (64-bit) (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\Dogecoin Core (64-bit)) (Version: 1.10.0 - Dogecoin Core project)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
Epic Games Launcher (HKLM-x32\...\{8FEB5B5F-0777-4E9D-8705-06F0A2295544}) (Version: 1.1.143.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Feathercoin Core (64-bit) (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\Feathercoin Core (64-bit)) (Version: 0.9.6 - Feathercoin Core project)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.1.2.2 - Genesys Logic)
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.10.0.95 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2751 - Hightail, Inc.)
Host App Service (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\SweetLabs_AP) (Version: 0.269.8.416 - Pokki) <==== ATTENTION
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.)
Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.3.7 - Stoneware, Inc.)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 1.0.11.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)
Lenovo Web Start (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.01.0429 - Lenovo)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.10228.20134 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MultiDoge 0.1.7 (HKLM-x32\...\MultiDoge 0.1.7) (Version: 0.1.7 - )
Nitro Pro 9 (HKLM\...\{356896F4-F148-4BEB-8268-7D877F6C0DD0}) (Version: 9.0.6.20 - Nitro)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.25502 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0227 - REALTEK Semiconductor Corp.)
Reddcoin Core (64-bit) (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\Reddcoin Core (64-bit)) (Version: 2.0.0 - Reddcoin Project)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 12.0.0.5 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Stargazer 1.5.1 (only current user) (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\60a4785b-aa57-5af8-8950-40f1e66937a5) (Version: 1.5.1 - Future Tense)
Start Menu (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.416 - Pokki)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total War Arena EU (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\TWA.EU.PRODUCTION) (Version:  - Wargaming.net)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\Wargaming.net Game Center) (Version: 18.4.1.595 - Wargaming.net)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
World of Warships NA (HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\WOWS.NA.PRODUCTION) (Version:  - Wargaming.net)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\9.0\NPShellExtension64.dll [2014-02-14] (Nitro PDF)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-23] (Lenovo)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-23] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0133A327-F75A-4533-BCE8-8F6A736817BF} - System32\Tasks\SweetLabs App Platform => C:\Users\Ian\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2018-03-20] (Pokki)
Task: {08097A5D-7928-4143-9AD9-11F76D5190E4} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {0824CE24-4F81-4848-B6B8-8FF56FF8DE98} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {0BF75B9B-51C1-49AB-BAB9-B4F730712B5A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {0FA60E40-2852-43FB-BB62-E045FF816008} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {19788E44-B251-466B-8293-4696297FCCBA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {27887688-7404-45A9-A0D8-7148E1DF9AC2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {28AAD592-AC93-4539-B9C9-1A201D544B40} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {2C082C86-8B38-4472-A17D-7C1D67672AB9} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe
Task: {2FD8DA6F-548F-40D2-89D0-C2FFF9E11147} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3647FBA4-4EDA-487F-93B5-8D251E1F2A76} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3A5E0C9A-3D51-460A-BFEC-98D11315D44A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {454063D2-5236-4904-9E59-F6F794EFC05A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-07-19] (Microsoft Corporation)
Task: {48D19781-DBDF-4EEF-BDD2-3974F0EDEC6F} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-08-24] ()
Task: {4B69267B-2A85-4B5E-8CB5-B603659561CF} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {4EA5C5B2-6235-4707-B4C9-0EF0A74E2323} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-08-24] (Lenovo)
Task: {52EECEBB-3EA3-481D-9D79-8CCE0C86DEB6} - System32\Tasks\{105858AA-1D17-4FE6-8CFC-A5F0B7FBE176} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.17.0.105/en/abandoninstall?page=tsBing
Task: {55148A77-FB26-4A54-B02B-6DD1DEC26DF0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-07-11] (Microsoft Corporation)
Task: {5758199F-6578-46C9-AEB7-A26BCDCBEEA5} - System32\Tasks\{01486799-932F-4B8A-9E7E-01A47DC549A8} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Ian\Downloads\multidoge-0.1.7-windows-setup.exe -d C:\Users\Ian\Downloads
Task: {5ABB9D29-4EB2-4BEE-886A-537CE0A6A66E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {5B8AEEC9-6845-4BB1-BDC4-16BE8EFFCE9E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {69DF0C37-ECB0-42FC-B821-FD71BCBC7015} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {6B9776C8-7945-4D18-9B79-DD668979F348} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2017-11-09] ()
Task: {73F51E70-5D46-4A76-A856-397977859AAD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {76979F92-C54B-4223-B832-597D1E74431B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {76DA0BCD-E0A2-4835-88E6-720DE41C049A} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-07-19] (Microsoft Corporation)
Task: {779A0226-E6CC-4464-A7E3-BA13BA7EB5E7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {857BA046-4C71-4168-8CE0-16546EB61991} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {8662E34C-7450-4156-8E04-B480BA8831DD} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {8715CF0F-D8F3-46B9-93B3-B4880D30FBD3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {91A5FFC8-96F4-4F9A-A008-F7BF685E3EA0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {9BFBF0E1-9623-4393-BFE5-81D6451F579D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {A0D79C9B-1531-41AD-A938-F0F9E3CEB6F0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B34DED8F-08EC-4CDE-A6B7-15374673AFE5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-19] (Microsoft Corporation)
Task: {B7928D37-00BA-4E03-AFC6-A4166302B7C9} - System32\Tasks\{BA41BE7C-6017-41C0-B8B5-1FA2C9F89B81} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/en/abandoninstall?page=tsProgressBar
Task: {BDE7123B-8A23-4FC1-A895-2FEDC346589C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C1BD633C-B571-4B01-A0A1-2DBD13714A9F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D191B149-6DF7-47B7-A098-1F53441B070A} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {D869BA37-379A-4E81-A98E-EAEA2C5DAAF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {E26D0FBC-F0B5-49CF-8238-D090417C9D0D} - System32\Tasks\UMonitor Task => C:\windows\SysWOW64\UMonit64.exe [2013-10-25] ()
Task: {E4D43B2C-C364-49AA-B1AD-A41F88E59E49} - \WPD\SqmUpload_S-1-5-21-3235607453-2435032520-3054460784-1001 -> No File <==== ATTENTION
Task: {E69007A2-56ED-408B-9066-87B821D4EFA5} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {E7DF2C1D-758D-4B92-9D74-BB45B7B39023} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {ECC77258-7CFE-4D3B-B0C7-905BFF2D834B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {F96FAB94-C169-4AAA-B5EC-692F71E47AB7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-19] (Microsoft Corporation)
Task: {F9FA7B2B-81B9-4D34-9710-D7B26E84172B} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-04-11 19:34 - 2018-04-11 19:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2014-12-10 19:19 - 2011-08-17 00:46 - 000032768 _____ () C:\Windows\jmesoft\Service.exe
2015-02-04 19:24 - 2015-02-04 19:25 - 000187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-12-10 19:32 - 2013-05-14 14:53 - 000390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-08-08 11:12 - 2017-10-27 12:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2014-12-10 19:19 - 2013-10-25 05:23 - 000053248 _____ () C:\windows\SysWOW64\UMonit64.exe
2018-06-13 08:25 - 2018-06-08 04:55 - 003037184 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll
2014-09-18 03:23 - 2014-09-18 03:23 - 000866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 14:23 - 2015-03-12 14:23 - 001050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 03:23 - 2014-09-18 03:23 - 000059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 14:23 - 2015-03-12 14:23 - 000242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-12-10 19:19 - 2011-08-17 00:46 - 000024576 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2018-06-26 18:19 - 2018-06-22 15:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-06-26 18:19 - 2018-06-22 15:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2018-07-10 12:50 - 2018-07-10 12:50 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-07-14 12:14 - 2018-07-14 12:14 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-14 12:14 - 2018-07-14 12:14 - 002449952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-14 12:14 - 2018-07-14 12:14 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-07-16 17:40 - 2018-07-16 17:40 - 032597504 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\Music.UI.exe
2018-07-16 17:40 - 2018-07-16 17:40 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-07-16 17:40 - 2018-07-16 17:40 - 006373376 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-12-01 14:47 - 2017-12-01 14:47 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-10-05 19:38 - 2017-10-05 19:38 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-16 17:40 - 2018-07-16 17:40 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-16 17:40 - 2018-07-16 17:40 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-16 17:40 - 2018-07-16 17:40 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-16 17:40 - 2018-07-16 17:40 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-16 17:40 - 2018-07-16 17:40 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-07-17 13:36 - 2018-07-17 13:36 - 035195392 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.12711.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-07-17 13:36 - 2018-07-17 13:36 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.12711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-07-17 13:36 - 2018-07-17 13:36 - 006373376 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.12711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-10-05 19:38 - 2017-10-05 19:38 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.12711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-17 13:36 - 2018-07-17 13:36 - 008903168 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.12711.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-07-11 08:25 - 2018-07-06 02:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-12-10 19:19 - 2013-12-03 01:37 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-03-30 22:28 - 2016-05-02 02:02 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-12-10 19:19 - 2011-05-17 17:27 - 000028672 _____ () C:\Windows\jmesoft\hidhook.dll
2015-02-02 03:52 - 2015-02-02 03:52 - 000137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2018-03-20 12:00 - 2018-03-20 12:00 - 044752080 _____ () C:\Users\Ian\AppData\Local\SweetLabs App Platform\Engine\libPokki.dll
2018-03-20 12:00 - 2018-03-20 12:00 - 001413856 _____ () C:\Users\Ian\AppData\Local\SweetLabs App Platform\Engine\avcodec-54.dll
2018-03-20 12:00 - 2018-03-20 12:00 - 000164064 _____ () C:\Users\Ian\AppData\Local\SweetLabs App Platform\Engine\avutil-51.dll
2018-03-20 12:00 - 2018-03-20 12:00 - 000235744 _____ () C:\Users\Ian\AppData\Local\SweetLabs App Platform\Engine\avformat-54.dll
2018-06-29 10:56 - 2018-06-29 10:56 - 024031728 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2018-02-11 18:53 - 2018-02-11 18:53 - 000392688 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2017-07-31 18:31 - 2017-07-31 18:31 - 072940016 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\AppData:CSM [482]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-12-22 12:39 - 2016-01-18 10:48 - 000000355 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run32: => "jmekey"
HKLM\...\StartupApproved\Run32: => "LVT"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\StartupApproved\StartupFolder: => "Content Anywhere.lnk"
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_1D57E82E54B212132D321B49430EE825"
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3235607453-2435032520-3054460784-1001\...\StartupApproved\Run: => "Discord"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{6CEC6B57-3850-41E4-939A-2B492232CB19}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [TCP Query User{72956903-DBBE-4420-9A3C-546A324B66DA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F10EA424-B485-4DD1-B10A-DD1E49A4C158}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [TCP Query User{B7B734C6-B460-4A95-B65C-CD722F7A95AE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [UDP Query User{24C898E3-9DE5-4F78-BBF4-33F4D2E14CCE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [TCP Query User{2292B3AA-8E41-48ED-AEA4-214E07C54CA9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [UDP Query User{E059467F-7D8B-4732-A3A6-A147E6324D99}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [TCP Query User{25DB4A1A-93ED-43BE-8DC8-FD719D4AF372}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [UDP Query User{0C28F308-3DBF-4EC6-BFD1-ED0D09A97913}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe
FirewallRules: [TCP Query User{5B817D48-2BFE-4BA0-990F-6393C8E8E430}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe
FirewallRules: [UDP Query User{4E978BAB-C29E-4154-8DF9-3A6263589CBA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [TCP Query User{8064F891-C1A3-403B-B40A-C028F09D95A2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [UDP Query User{3CCA8224-D625-4A30-B116-98D0878E7866}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{7E8264A8-7E13-496D-BF0C-EACE3F40C72C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{FFD2AB23-C784-4654-BD6B-4DB80778A9FD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{32FE751E-2F42-41E6-8628-0B41A504E53C}C:\program files (x86)\battle.net\battle.net.8839\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8839\battle.net.exe
FirewallRules: [TCP Query User{B59BB03A-82EF-4867-BFA1-E47E8B402E4C}C:\program files (x86)\battle.net\battle.net.8839\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8839\battle.net.exe
FirewallRules: [UDP Query User{C798D770-31D9-4608-9B23-EE72D0A70E10}C:\program files (x86)\feathercoin\feathercoin-qt.exe] => (Allow) C:\program files (x86)\feathercoin\feathercoin-qt.exe
FirewallRules: [TCP Query User{C91EF233-77A8-4BD3-9BEC-528A21AD55D3}C:\program files (x86)\feathercoin\feathercoin-qt.exe] => (Allow) C:\program files (x86)\feathercoin\feathercoin-qt.exe
FirewallRules: [UDP Query User{67CFF3FC-3FF3-4231-BBD9-4B58465E0F56}C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B2527C2B-6D1B-4AE4-9EE6-0340FBA8A913}C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CAC88BBB-0ACA-4C46-950B-5A6045CDB5C8}C:\program files (x86)\battle.net\battle.net.8800\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8800\battle.net.exe
FirewallRules: [TCP Query User{295C89D8-282D-491A-B18C-BC8CCE0EEF30}C:\program files (x86)\battle.net\battle.net.8800\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8800\battle.net.exe
FirewallRules: [UDP Query User{2A9687A9-1044-43D6-A8C7-C716714EB51B}C:\users\ian\downloads\bytecoinwallet-1.1.1.win64\bytecoinwallet-win64\bytecoinwallet.exe] => (Allow) C:\users\ian\downloads\bytecoinwallet-1.1.1.win64\bytecoinwallet-win64\bytecoinwallet.exe
FirewallRules: [TCP Query User{443212A5-6640-4DD4-9F4D-0F298D63F543}C:\users\ian\downloads\bytecoinwallet-1.1.1.win64\bytecoinwallet-win64\bytecoinwallet.exe] => (Allow) C:\users\ian\downloads\bytecoinwallet-1.1.1.win64\bytecoinwallet-win64\bytecoinwallet.exe
FirewallRules: [UDP Query User{FC7D8B40-E8F8-4855-B543-8DF08C3A938A}C:\program files\reddcoin\reddcoin-qt.exe] => (Allow) C:\program files\reddcoin\reddcoin-qt.exe
FirewallRules: [TCP Query User{083ABDBC-1B61-4381-B921-6742DA4C4BF7}C:\program files\reddcoin\reddcoin-qt.exe] => (Allow) C:\program files\reddcoin\reddcoin-qt.exe
FirewallRules: [UDP Query User{E6B8208B-BF32-4395-BC29-505ECC687791}C:\program files\digibyte\digibyte-qt.exe] => (Allow) C:\program files\digibyte\digibyte-qt.exe
FirewallRules: [TCP Query User{7C4A07D1-FFE4-437F-9848-CF10DDC0059D}C:\program files\digibyte\digibyte-qt.exe] => (Allow) C:\program files\digibyte\digibyte-qt.exe
FirewallRules: [UDP Query User{80D031BD-008D-4B94-A5A2-4B01523B5487}C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe
FirewallRules: [TCP Query User{D64212D2-6B93-4EF7-8096-07E9CA9A4586}C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe
FirewallRules: [UDP Query User{F2989172-2158-499E-9C49-656D280831B7}C:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{091711C0-0811-4777-B9D4-3701C8BD79A2}C:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4C229B46-5CF7-4A39-9185-B11A7C32E002}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [TCP Query User{25FB64FC-75F7-480C-8572-2855D284B892}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{4D968C0C-5346-46C1-97FF-DCC046B127D1}C:\program files\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files\dogecoin\dogecoin-qt.exe
FirewallRules: [TCP Query User{9EA98D37-6904-4CBC-A7A2-46342BDDA4BA}C:\program files\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files\dogecoin\dogecoin-qt.exe
FirewallRules: [UDP Query User{337AE5B4-5437-410B-9BFD-A71B341FE3F6}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{9D8E2806-DAEC-4E30-B635-2B652DA5DE5A}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9C34858E-7405-49C5-B0E3-3BD89FCCE0D4}C:\program files (x86)\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{326A6289-F3F6-40DF-88CA-8DDD920978E2}C:\program files (x86)\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1E90B299-18F3-41B9-9647-401A5D6EAFB3}C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe
FirewallRules: [TCP Query User{260A723C-555F-4F53-BD2D-7502AC8D92A9}C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe
FirewallRules: [UDP Query User{3850D106-20F9-4A3E-BE45-4072F86A7745}C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{729EF6CC-CEEA-45BE-8F17-F8F49293CAD9}C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{41A15F77-2328-4D45-BEC6-DA4469043F83}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{D266637D-6998-40C2-BC44-85F401CE237D}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{99CED062-D82C-475B-B7A5-C78A4A6D524C}C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{AF52D6EF-E652-40FB-879A-64CF97C0C7E6}C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{A7AD9A11-B9EC-42AB-B4DC-DFF0EE889561}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{54756CBE-46A8-4642-A83D-4F10A295DE78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{8C6462B0-E43C-4639-AB30-7F0A82724B86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{F4554AD1-5520-4F62-ABCC-53C8C10196FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{3D16A4A1-6222-4874-8F74-1A9897ABCDCF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A1E3635F-6B74-496B-97B9-9E60B481608A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{65C5F461-76D5-40C2-AAFA-273E6399EEAE}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{96B14BCC-7914-43E5-8575-E0B94BE0A529}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{602B82E6-87B9-4268-A924-76528AD0C84C}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{102B8B16-C430-446C-93BA-CFE90101380B}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{EF4450A7-6B83-4982-BAD7-BE17EA039B19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{08280066-6E9F-4DD0-A413-DECD1AA52235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [UDP Query User{9D5097AD-0C7E-446A-A0DD-EFE5D161A93D}C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{4098B0DF-EC51-4BC1-9815-FAD0758DBDA6}C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1F7AA1C7-622F-4221-9C77-5E60EA65DE97}C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{79AE6D6B-2C20-420A-9D92-F9D3DA62F508}C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
FirewallRules: [{41056629-57FB-4CC6-B95F-A9609288B1E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{769748F4-36E3-406D-B0B0-75CF349D5288}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [UDP Query User{0CAD2F0B-26F8-4F68-8AD3-E64F91E83E4F}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B33698C9-AE8D-4C14-9FC0-889BE9ADC219}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{37400FB3-0666-48B7-A7F4-06701F729789}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Block) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{B128CE0D-2853-471F-8E3D-E15C69C9C369}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Block) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{790AC194-485A-4043-AE40-6FE34034E52B}C:\program files (x86)\overwatch\gameclientapp.exe] => (Allow) C:\program files (x86)\overwatch\gameclientapp.exe
FirewallRules: [TCP Query User{955A5C00-FCC0-4DE8-8064-A2D97612292E}C:\program files (x86)\overwatch\gameclientapp.exe] => (Allow) C:\program files (x86)\overwatch\gameclientapp.exe
FirewallRules: [UDP Query User{E0B08A6B-0107-4405-9214-DC4739B76F6D}C:\program files (x86)\steam\steamapps\common\ageofconan_us\ageofconan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ageofconan_us\ageofconan.exe
FirewallRules: [TCP Query User{00B5D8C6-47D1-4F4B-9476-D330773FFEF9}C:\program files (x86)\steam\steamapps\common\ageofconan_us\ageofconan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ageofconan_us\ageofconan.exe
FirewallRules: [{057CF94D-2245-47CC-BEB7-FB98420E8542}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7A862E29-A18F-4F66-A95A-081557F6DFA3}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{AF7C00B6-8842-47C9-B71E-3AA6F029AAD9}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{B1766AFF-7E62-487E-AF00-C56BF4CF0863}] => (Allow) C:\Program Files (x86)\lenovo\SHAREit\SHAREit.exe
FirewallRules: [{01AC3BDD-CDC7-45A3-A3DE-700211BA495A}] => (Allow) C:\Program Files (x86)\lenovo\SHAREit\SHAREit.exe
FirewallRules: [{3FA59E52-BF4C-495F-A98B-897EDC254B28}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{B794E156-4F8A-4626-BEB3-431807053ED8}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{03864641-2ED5-4C14-8643-1DA71965173C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1C53C8E3-17CE-4516-82F8-AE9C662166A3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D9EE5CBB-3A56-4AAB-B720-D078449B7FF7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{81B3381A-5FA2-423A-90A2-E480EECE695A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6568EA54-F080-4AEE-96DC-4CEDAEAEEAA5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F2BE04AD-05B2-4ABF-AB57-EE47C614BB4F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{9C6D3BBF-EE6B-4D72-B484-48B908DDD092}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B7AD9974-14D2-4321-B587-405CA889A141}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{C0237F1C-EF23-4CBA-B760-3DD76E8FA28C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F0F13B3C-264E-430B-B4C9-28BF87F915B5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7C38569C-F328-4A5A-A53C-08EDEA2C9423}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{6C7ED239-66AE-473A-A8CC-0DD274FC8435}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{CA14F4D6-F086-4380-AD10-88676D84B99D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A2C8036C-F9F2-4AE2-9E52-0842E077148D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60D9BF79-2006-40F2-BE04-DF30C373AFE3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7EB66A4B-683C-419B-96C4-53849116EEE4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84048B49-7AD7-4D5D-A2AD-88B1853019C4}] => (Allow) C:\Program Files (x86)\DolbyAxon\Axon.exe
FirewallRules: [{E1800F51-AEB3-414A-97C7-BA3C03C93E4D}] => (Allow) C:\Program Files (x86)\DolbyAxon\Axon.exe
FirewallRules: [{F91F6169-A322-429F-A0AD-D52143DF7E9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mordheim\mordheim.exe
FirewallRules: [{E1F0461C-B4B7-4197-8EAA-92B85883E963}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mordheim\mordheim.exe
FirewallRules: [{36B97F20-D35A-462A-94FE-CBB5313FAFF7}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{25815ED0-4A12-4001-9819-2106376B2879}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{FF9D6DD3-803B-4E19-B5AC-2A7EED28B3F5}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{2139ADD6-B027-47FC-98DD-6DFA6D840D67}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{6481BCBF-C8F4-420B-A5E3-8ED4F08FCFFB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{16D47E38-D78C-4BF1-B32D-DD0114001648}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E60C5DD0-22C0-4FA3-93F7-44A993BF8C52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{10CE1B5F-9671-4545-8946-7009247A9F13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5F96889A-BC91-42D1-8C05-ADAAF47DA897}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{284A78CD-6BF4-4D56-BCC0-56290F0CE53B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{164D3A8F-4D3C-4875-A760-EBD3B055569C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{35284FFC-4500-4662-B882-282EC2DF8A2E}C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{AC19E854-1F10-46AD-8662-A6E98D57EEA9}C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{D691E64E-2631-4241-A9CE-1139C6E809E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{4E65DAB9-626A-4942-B747-64030946D60D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{76CB7057-4333-4E6F-9593-FE9CDEC86897}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{9AC9B5BB-7952-4E9C-A1F7-A511BE8024CD}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{7EDB6292-B1EB-48AD-A083-1A3CB2895D62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe
FirewallRules: [{B1A7BE2A-E98E-49F7-9A9E-251E3EE3CA96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe
FirewallRules: [TCP Query User{C524E792-3D6B-4590-BC11-7CA73DC85205}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe
FirewallRules: [UDP Query User{5F452394-852A-4933-83AD-2AB60B0889EA}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe
FirewallRules: [{B6D8723E-DD42-4DAC-BECA-D270CC35F3D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Elder Scrolls Legends\The Elder Scrolls Legends.exe
FirewallRules: [{7591947A-B6E3-4FFE-9C05-F29DE40CCAA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Elder Scrolls Legends\The Elder Scrolls Legends.exe
FirewallRules: [TCP Query User{5BE2388C-A54C-4740-8750-B9DE42AB2D7F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{02C3D865-605F-47EE-8A8E-26FC45C2FFE7}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{3A495BDA-1F3C-4EF6-9418-8E96EA91D716}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{D6D43737-ADD9-48CD-B604-FA0C1163709F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{BBA5EFA7-E9C3-4F8E-A0B3-CF1D055B04B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Atlas Reactor\GlyphClient.exe
FirewallRules: [{685DC494-BD4A-49A4-A7E2-C71669440460}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Atlas Reactor\GlyphClient.exe
FirewallRules: [TCP Query User{CC0D4963-07C2-4409-AD43-C6D3938B226B}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [UDP Query User{EC95E1D4-2ABF-4508-9714-498FC1317D44}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [{E1752AAB-4F2D-467F-9EC1-6C642D70CA48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{3A625CA7-75B8-4122-8ECE-8A31F5963263}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{F93B09F9-5F77-4AF2-9AB1-0926A235FFB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{499A66B0-013E-4CA3-BC8C-FBD0BE85A829}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [TCP Query User{52E059F2-11E7-40CF-A6D7-18D88AF92F82}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [UDP Query User{57450732-7B72-45D1-9D61-02A5F7B638E1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [TCP Query User{2A3E8B67-F591-480F-A588-021502E3CD76}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [UDP Query User{AE7B8840-F734-475C-A662-03E4190FE927}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [{E691CDA7-9234-415E-9F47-B3BA9BBD9693}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{EC4282D9-277F-44D9-A29E-64B1E42B8E75}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
FirewallRules: [UDP Query User{C259909F-AFDB-4F9B-89C6-C195D7BFDA87}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
FirewallRules: [TCP Query User{57D3094D-E5AC-40D5-B2D4-E429156981D4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [UDP Query User{170AA351-45D9-4058-85B9-C562FA67A9CD}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [TCP Query User{67BE3470-B20D-487B-B921-91527D590F4E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe
FirewallRules: [UDP Query User{80DA7C39-76C3-4E39-95A3-8AF07F975F1B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe
FirewallRules: [TCP Query User{DBED6BBC-4C72-4797-8EA6-E7E11DDFE8AC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [UDP Query User{2B3DA4BE-8938-4150-9830-0BEB9F8E688F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
 
==================== Restore Points =========================
 
02-07-2018 03:50:55 Scheduled Checkpoint
11-07-2018 07:46:55 Scheduled Checkpoint
20-07-2018 13:40:01 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/25/2018 03:57:21 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (07/25/2018 12:38:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LeagueClient.exe version 8.14.238.5230 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1e45c
 
Start Time: 01d423d14f8622dc
 
Termination Time: 6
 
Application Path: C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.156\deploy\LeagueClient.exe
 
Report Id: c52b49f1-a396-4ec7-a9e3-6155a0af7038
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/24/2018 03:57:20 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (07/23/2018 03:57:20 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (07/22/2018 03:57:20 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (07/21/2018 03:57:20 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (07/20/2018 03:57:20 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (07/19/2018 03:57:21 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
 
System errors:
=============
Error: (07/18/2018 09:21:26 PM) (Source: DCOM) (EventID: 10010) (User: IAN-DESKTOP)
Description: The server WindowsUpdate.Internal.InstallControl did not register with DCOM within the required timeout.
 
Error: (07/16/2018 04:32:13 PM) (Source: DCOM) (EventID: 10016) (User: IAN-DESKTOP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user Ian-Desktop\Ian SID (S-1-5-21-3235607453-2435032520-3054460784-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/16/2018 10:32:13 AM) (Source: DCOM) (EventID: 10016) (User: IAN-DESKTOP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user Ian-Desktop\Ian SID (S-1-5-21-3235607453-2435032520-3054460784-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/16/2018 04:32:00 AM) (Source: DCOM) (EventID: 10016) (User: IAN-DESKTOP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user Ian-Desktop\Ian SID (S-1-5-21-3235607453-2435032520-3054460784-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/15/2018 10:31:30 PM) (Source: DCOM) (EventID: 10016) (User: IAN-DESKTOP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user Ian-Desktop\Ian SID (S-1-5-21-3235607453-2435032520-3054460784-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/15/2018 06:53:22 PM) (Source: DCOM) (EventID: 10016) (User: IAN-DESKTOP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user Ian-Desktop\Ian SID (S-1-5-21-3235607453-2435032520-3054460784-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/15/2018 04:56:25 PM) (Source: DCOM) (EventID: 10016) (User: IAN-DESKTOP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user Ian-Desktop\Ian SID (S-1-5-21-3235607453-2435032520-3054460784-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/15/2018 10:56:25 AM) (Source: DCOM) (EventID: 10016) (User: IAN-DESKTOP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user Ian-Desktop\Ian SID (S-1-5-21-3235607453-2435032520-3054460784-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2018-07-08 03:35:50.538
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {397D4FBD-1301-41F9-8E22-74D93F35195F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 66%
Total physical RAM: 16316.33 MB
Available physical RAM: 5493.33 MB
Total Virtual: 24164.75 MB
Available Virtual: 7612.42 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:363.26 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Removable) (Total:14.83 GB) (Free:10.4 GB) FAT32
 
\\?\Volume{7e8a4b25-f806-4107-8999-47adb61ec5c3}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.62 GB) NTFS
\\?\Volume{34258808-a225-4c5b-93ea-4f4cf306adf6}\ (PBR_DRV) (Fixed) (Total:24.41 GB) (Free:14.05 GB) NTFS
\\?\Volume{dfac85c2-c575-44c1-a988-ca1f25b36c27}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9AAFE147)
 
Partition: GPT.
 
========================================================
Disk: 1 (Protective MBR) (Size: 14.8 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements

#2
RKinner
Posted 28 July 2018 - 07:57 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Don't see any malware but your Bitcoin Core scares me.  Hopefully it is not running:
 

Bitcoin Core initial synchronization will take time and download a lot of data. You should make sure that you have enough bandwidth and storage for the full block chain size (over 145GB). If you have a good Internet connection, you can help strengthen the network by keeping your PC running with Bitcoin Core and port 8333 open. Read the full node guide for details.

 

 

 

 

 

Get tcpview.  https://live.sysinte...com/Tcpview.exeDownload, Save and then run it by right clicking and Run As Admin.

 

Click on Rcvd Bytes once or twice to sort it by most Bytes received (scroll to the top each time to see if you need to click a second time)   or Sent Bytes if the traffic is known to be outbound.

Then File, Save As (to your desktop), tcp , OK.  This should create a  file tcp.txt on your desktop.  Attach or copy and paste it to a reply.

 

You could also just let it run while you are away then look at it when you get back to see what process is sending out the packets.

 

If the culprit is svchost.exe then also do:

 

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.



 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP