Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Svcvmx client


  • This topic is locked This topic is locked
10 replies to this topic

#1 CatBeard

CatBeard

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 25 August 2017 - 10:00 PM

Hello. I have the svcvmx Trojan and tried to use the guide to remove it. Whenever I tried to run any virus removal program (malwarebytes antirootkit, rkill, etc.) I get a message saying "The request resource is in use." Is there a way to fix this?

BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:05:05 AM

Posted 26 August 2017 - 11:21 AM

Welcome :)

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another log (Addition.txt ). Please attach this to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 CatBeard

CatBeard
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 26 August 2017 - 03:48 PM

Okay here is the FRST file information:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by casey (administrator) on BEARD (26-08-2017 16:29:23)
Running from C:\Users\casey\Desktop\Virus Removal
Loaded Profiles: casey (Available Profiles: casey & elber_000)
Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Gramblr\gramblr.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
() C:\Program Files\ntuserlitelist\dataup\dataup.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Kinoni\Remote Desktop\service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
(Kinoni) C:\Program Files (x86)\Kinoni\Remote Desktop\WindowsServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
() C:\Windows\System32\tprdpw64.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Cisco) C:\Users\casey\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
(Spotify Ltd) C:\Users\casey\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401880 2016-12-23] ()
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-12-06] (Alienware)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [KinoniTask] => C:\Program Files (x86)\Kinoni\Remote Desktop\KinoniTask.exe [118416 2016-07-04] ()
HKLM-x32\...\Run: [svcvmx] => "C:\Windows\system32\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe" -starup
HKLM-x32\...\Run: [cpx] => "C:\Windows\system32\config\systemprofile\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup <==== ATTENTION
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3048256 2017-08-09] (Electronic Arts)
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\Run: [Steam] => c:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\Run: [VideoGuardMonitor] => C:\Users\casey\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe [4155656 2016-06-29] (Cisco)
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\Run: [Spotify] => C:\Users\casey\AppData\Roaming\Spotify\Spotify.exe [15849072 2017-07-25] (Spotify Ltd)
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\Run: [Spotify Web Helper] => C:\Users\casey\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1579120 2017-07-25] (Spotify Ltd)
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\Run: [uTorrent] => C:\Users\casey\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-07-06] (BitTorrent Inc.)
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\MountPoints2: E - "E:\setup.exe" 
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\MountPoints2: F - "F:\setup.exe" 
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\MountPoints2: I - "I:\setup.exe" 
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\MountPoints2: J - "J:\setup.exe" 
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [391040 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [391040 2017-03-18] (Microsoft Corporation)
Startup: C:\Users\casey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-04-12]
ShortcutTarget: Twitch.lnk -> C:\Users\casey\AppData\Roaming\Curse Client\Bin\Twitch.exe (Twitch Interactive, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: [S-1-5-21-2699839342-632990880-3611128694-1002] => 127.0.0.1:8003
Tcpip\Parameters: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{03bd6c34-e52a-4972-a1b6-bb253a8025b7}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{03bd6c34-e52a-4972-a1b6-bb253a8025b7}: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{1E6330A2-8350-403C-B0A7-27FCE9BE2599}: [NameServer] 8.8.8.8 91.239.100.100
Tcpip\..\Interfaces\{aa7d7fd4-5240-4764-9774-a9188e684240}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{aa7d7fd4-5240-4764-9774-a9188e684240}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{c3bf28d6-b7f7-4787-a88e-c0b14a4441ef}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c3bf28d6-b7f7-4787-a88e-c0b14a4441ef}: [DhcpNameServer] 209.18.47.62 209.18.47.61
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131154475513167108&GUID=EAC1B82A-73AE-4E66-8885-34173A8755E2
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131154475513493533&GUID=EAC1B82A-73AE-4E66-8885-34173A8755E2
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-us
SearchScopes: HKLM -> DefaultScope {CE29F422-D997-4657-A235-88DE7791F936} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {CE29F422-D997-4657-A235-88DE7791F936} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {CE29F422-D997-4657-A235-88DE7791F936} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {CE29F422-D997-4657-A235-88DE7791F936} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2699839342-632990880-3611128694-1002 -> DefaultScope {CE29F422-D997-4657-A235-88DE7791F936} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2699839342-632990880-3611128694-1002 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-2699839342-632990880-3611128694-1002 -> {CE29F422-D997-4657-A235-88DE7791F936} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-12] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-12] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-01-08] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-01-08] (McAfee, Inc.)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-07-29]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-03-02] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2017-02-16] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2017-02-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-12] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
FF Plugin HKU\S-1-5-21-2699839342-632990880-3611128694-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
 
Chrome: 
=======
CHR Profile: C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default [2017-08-26]
CHR Extension: (Google Slides) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-12]
CHR Extension: (Floorplanner) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag [2015-11-13]
CHR Extension: (Learn German - Wie Geht's) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aglfgpioobpcmdheljepehachdjeopad [2015-11-13]
CHR Extension: (Google Docs) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-12]
CHR Extension: (South Park) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoiakcboakkfknbginpmpfkcdmcmpnfm [2017-05-17]
CHR Extension: (Google Drive) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-12]
CHR Extension: (MEGA) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2017-08-18]
CHR Extension: (YouTube) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-12]
CHR Extension: (Honey) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-08-20]
CHR Extension: (Adblock Plus) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-12]
CHR Extension: (Google Search) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Google Sheets) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-07-25]
CHR Extension: (Application Craft) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbfgfpielckjhdohmkacklnnjkdpkdc [2015-11-13]
CHR Extension: (Google Docs Offline) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23]
CHR Extension: (Pinterest Save Button) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-08-16]
CHR Extension: (Japanese Kana) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnhmomiblghhhfjleapinggmnjhinign [2015-11-13]
CHR Extension: (Zillow) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifccoboedmhjapdlpgkigibgnkmdjoh [2015-11-13]
CHR Extension: (theHunter) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\jangaedeekciafhlanphhnalogmhefmo [2015-11-13]
CHR Extension: (Learn Japanese Free - JapanesePod101.com) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\kndfdlmlcglgbpffaippjfioidjnkpjf [2015-11-13]
CHR Extension: (Little Alchemy) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-02-07]
CHR Extension: (Planner 5D - Interior Design) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna [2016-09-07]
CHR Extension: (Until AM for Chrome) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2015-11-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\casey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR Profile: C:\Users\casey\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-25]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-17]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-17]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
"drmkpro64" => service could not be unlocked. <==== ATTENTION
 
R2 AlienFXWindowsService; C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [14352 2013-12-06] (Alienware)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1467912 2017-01-31] ()
R2 Dataup; C:\Program Files\ntuserlitelist\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [206712 2017-06-20] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3296632 2017-06-20] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-06-20] (Dell Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [245544 2016-11-13] (EasyAntiCheat Ltd)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] ()
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [11804752 2017-08-21] () [File not signed]
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2016-12-23] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 KinoniRemoteDesktop; C:\Program Files (x86)\Kinoni\Remote Desktop\service.exe [81920 2016-07-04] () [File not signed]
R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [525312 2013-02-26] () [File not signed]
S2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188256 2017-05-16] (McAfee, Inc.)
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-01-08] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
S2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-01-08] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
S2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSI_ODD_Service; c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe [83512 2012-11-20] (Micro-Star Int'l Co., Ltd.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-14] (NVIDIA Corporation)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2168672 2017-08-09] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3148128 2017-08-09] (Electronic Arts)
S2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2017-02-20] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 SplashtopRemoteService; C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [731648 2017-05-19] (Splashtop Inc.) [File not signed]
S2 srcsrv; C:\WINDOWS\src_srv\winsrcsrv.exe [17920 2017-06-04] () [File not signed] <==== ATTENTION
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [52696 2017-06-28] (Dell Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-07-29] (Atheros) [File not signed]
S3 HnGSteamService; c:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [X]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-06-20] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-06-20] (Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 Kinonih; C:\WINDOWS\System32\drivers\kinonih.sys [32256 2016-06-22] (Kinoni)
R3 KINONI_Wave; C:\WINDOWS\system32\drivers\kinonivad.sys [32360 2016-04-17] (Windows ® Win 7 DDK provider)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
R1 MpKsl9859210e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0D4B8805-F22C-4F9C-A4CB-ED7379CB7835}\MpKsl9859210e.sys [44928 2017-08-26] (Microsoft Corporation)
R1 MpKslec265fac; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2AC0B928-0422-41A5-8006-8BB54F843C42}\MpKslec265fac.sys [44928 2017-08-25] (Microsoft Corporation)
S3 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.)
R3 NTIOLib_X64; C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys [14136 2012-11-20] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wui.inf_amd64_393cbe542dcfcdfd\nvlddmkm.sys [14456920 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 sthid; C:\WINDOWS\System32\drivers\sthid.sys [21216 2017-01-06] (Splashtop Inc.)
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-06-18] (BigNox Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-08-26 16:27 - 2017-08-26 16:29 - 000000000 ____D C:\FRST
2017-08-25 22:36 - 2017-08-26 16:29 - 000000000 ____D C:\Users\casey\Desktop\Virus Removal
2017-08-25 21:22 - 2017-08-25 21:23 - 000627180 _____ C:\WINDOWS\Minidump\082517-48375-01.dmp
2017-08-25 20:29 - 2017-08-25 20:30 - 000668844 _____ C:\WINDOWS\Minidump\082517-31562-01.dmp
2017-08-25 20:00 - 2017-08-25 20:00 - 000625908 _____ C:\WINDOWS\Minidump\082517-47968-01.dmp
2017-08-25 19:39 - 2017-08-25 19:54 - 000000000 ____D C:\Users\casey\Downloads\Native Instruments Guitar Rig 5 Pro v5.1.0 MacOSX UNLOCKED READNFO - R2R [deepstatus]
2017-08-25 19:32 - 2017-08-25 19:34 - 000569132 _____ C:\WINDOWS\Minidump\082517-43437-01.dmp
2017-08-25 19:29 - 2017-08-25 19:30 - 000000000 ____D C:\Users\casey\Desktop\guat
2017-08-25 19:08 - 2017-08-25 19:09 - 000661652 _____ C:\WINDOWS\Minidump\082517-39703-01.dmp
2017-08-25 18:42 - 2017-08-25 21:22 - 943908699 _____ C:\WINDOWS\MEMORY.DMP
2017-08-25 18:42 - 2017-08-25 21:22 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-25 18:42 - 2017-08-25 18:43 - 000637748 _____ C:\WINDOWS\Minidump\082517-56375-01.dmp
2017-08-21 16:50 - 2017-08-21 16:50 - 000222889 _____ C:\Users\casey\Documents\Jessica Peele Resume August 2017.pdf
2017-08-16 19:45 - 2017-08-16 19:45 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2017-08-08 20:47 - 2017-07-31 22:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-08 20:47 - 2017-07-31 22:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-08 20:47 - 2017-07-31 22:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-08 20:47 - 2017-07-31 22:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-08 20:47 - 2017-07-31 22:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-08 20:47 - 2017-07-31 22:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-08 20:47 - 2017-07-31 22:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-08 20:47 - 2017-07-31 22:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-08 20:47 - 2017-07-31 22:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-08 20:47 - 2017-07-31 22:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-08 20:47 - 2017-07-31 22:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-08 20:47 - 2017-07-31 22:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-08 20:47 - 2017-07-31 22:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-08 20:47 - 2017-07-31 22:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-08 20:47 - 2017-07-31 22:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-08 20:47 - 2017-07-31 22:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-08 20:47 - 2017-07-31 22:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-08 20:47 - 2017-07-31 22:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-08 20:47 - 2017-07-31 22:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-08 20:47 - 2017-07-31 22:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-08 20:47 - 2017-07-31 22:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-08 20:47 - 2017-07-31 22:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-08 20:47 - 2017-07-31 22:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-08 20:47 - 2017-07-31 22:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-08 20:47 - 2017-07-31 22:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-08 20:47 - 2017-07-31 22:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-08 20:47 - 2017-07-31 22:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-08 20:47 - 2017-07-31 22:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-08 20:47 - 2017-07-31 22:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-08 20:47 - 2017-07-31 22:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-08 20:47 - 2017-07-31 22:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-08 20:47 - 2017-07-31 22:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-08 20:47 - 2017-07-31 22:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-08 20:47 - 2017-07-31 22:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-08 20:47 - 2017-07-31 22:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-08 20:47 - 2017-07-31 22:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-08 20:47 - 2017-07-31 22:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-08 20:47 - 2017-07-31 22:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-08 20:47 - 2017-07-31 22:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-08 20:47 - 2017-07-31 22:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-08 20:47 - 2017-07-31 22:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-08 20:47 - 2017-07-31 22:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-08 20:47 - 2017-07-31 22:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-08 20:47 - 2017-07-31 21:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-08 20:47 - 2017-07-31 21:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-08 20:47 - 2017-07-31 21:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-08 20:47 - 2017-07-31 21:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-08 20:47 - 2017-07-31 21:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-08 20:47 - 2017-07-31 21:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-08 20:47 - 2017-07-31 21:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-08 20:47 - 2017-07-31 21:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-08 20:47 - 2017-07-31 21:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-08 20:47 - 2017-07-31 21:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-08 20:47 - 2017-07-31 18:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-08 20:47 - 2017-07-28 01:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-08 20:47 - 2017-07-28 01:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-08 20:47 - 2017-07-28 01:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-08 20:47 - 2017-07-28 01:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-08 20:47 - 2017-07-28 01:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-08 20:47 - 2017-07-28 01:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-08 20:47 - 2017-07-28 01:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-08 20:47 - 2017-07-28 01:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-08 20:47 - 2017-07-28 01:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-08 20:47 - 2017-07-28 01:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-08 20:47 - 2017-07-28 01:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-08 20:47 - 2017-07-28 01:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-08 20:47 - 2017-07-28 01:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-08 20:47 - 2017-07-28 01:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-08 20:47 - 2017-07-28 01:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-08 20:47 - 2017-07-28 01:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-08 20:47 - 2017-07-28 01:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-08 20:47 - 2017-07-28 01:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-08 20:47 - 2017-07-28 01:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-08 20:47 - 2017-07-28 01:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-08 20:47 - 2017-07-28 01:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-08 20:47 - 2017-07-28 00:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-08 20:47 - 2017-07-28 00:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-08 20:47 - 2017-07-28 00:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-08 20:47 - 2017-07-28 00:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-08 20:47 - 2017-07-28 00:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-08 20:47 - 2017-07-28 00:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-08 20:47 - 2017-07-28 00:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-08 20:47 - 2017-07-28 00:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-08 20:47 - 2017-07-28 00:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-08 20:47 - 2017-07-28 00:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-08 20:47 - 2017-07-28 00:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-08 20:47 - 2017-07-28 00:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-08 20:47 - 2017-07-28 00:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-08 20:47 - 2017-07-28 00:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-08 20:47 - 2017-07-28 00:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-08 20:47 - 2017-07-28 00:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-08 20:47 - 2017-07-28 00:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-08 20:47 - 2017-07-28 00:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-08 20:47 - 2017-07-28 00:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-08 20:47 - 2017-07-28 00:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-08 20:47 - 2017-07-28 00:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-08 20:47 - 2017-07-28 00:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-08 20:47 - 2017-07-28 00:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-08 20:47 - 2017-07-28 00:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-08 20:47 - 2017-07-28 00:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-08 20:47 - 2017-07-28 00:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-08 20:47 - 2017-07-28 00:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-08 20:47 - 2017-07-28 00:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-08 20:47 - 2017-07-28 00:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-08 20:47 - 2017-07-28 00:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-08 20:47 - 2017-07-28 00:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-08 20:47 - 2017-07-28 00:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-08 20:47 - 2017-07-28 00:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-08 20:47 - 2017-07-28 00:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-08 20:47 - 2017-07-28 00:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-08 20:47 - 2017-07-28 00:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-08 20:47 - 2017-07-28 00:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-08 20:47 - 2017-07-28 00:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-08 20:47 - 2017-07-28 00:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-08 20:47 - 2017-07-28 00:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-08 20:47 - 2017-07-28 00:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-08 20:47 - 2017-07-28 00:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-08 20:47 - 2017-07-28 00:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-08 20:47 - 2017-07-28 00:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-08 20:47 - 2017-07-28 00:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-08 20:47 - 2017-07-28 00:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-08 20:47 - 2017-07-28 00:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-08 20:47 - 2017-07-28 00:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-08 20:47 - 2017-07-28 00:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-08 20:47 - 2017-07-28 00:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-08 20:47 - 2017-07-28 00:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-08 20:47 - 2017-07-28 00:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-08 20:47 - 2017-07-28 00:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-08 20:47 - 2017-07-28 00:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-08 20:47 - 2017-07-28 00:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-08 20:47 - 2017-07-28 00:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-08 20:47 - 2017-07-28 00:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-08 20:47 - 2017-07-28 00:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-08 20:47 - 2017-07-28 00:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-08 20:47 - 2017-07-28 00:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-08 20:47 - 2017-07-28 00:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-08 20:47 - 2017-07-28 00:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-08 20:47 - 2017-07-28 00:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-08 20:47 - 2017-07-28 00:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-08 20:47 - 2017-07-28 00:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-08 20:47 - 2017-07-28 00:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-08 20:47 - 2017-07-28 00:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-08 20:47 - 2017-07-28 00:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-08 20:47 - 2017-07-28 00:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-08 20:47 - 2017-07-28 00:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-08 20:47 - 2017-07-28 00:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-08 20:47 - 2017-07-28 00:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-08 20:47 - 2017-07-28 00:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-08 20:47 - 2017-07-28 00:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-08 20:47 - 2017-07-28 00:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-08 20:47 - 2017-07-28 00:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-08 20:47 - 2017-07-28 00:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-08 20:47 - 2017-07-28 00:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-08 20:47 - 2017-07-28 00:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-08 20:47 - 2017-07-28 00:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-08 20:47 - 2017-07-28 00:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-08 20:47 - 2017-07-28 00:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-08 20:47 - 2017-07-28 00:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-08 20:47 - 2017-07-28 00:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-08 20:47 - 2017-07-28 00:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-08 20:47 - 2017-07-28 00:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-08 20:47 - 2017-07-28 00:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-08 20:46 - 2017-07-31 22:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-08 20:46 - 2017-07-31 22:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-08 20:46 - 2017-07-31 22:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-08 20:46 - 2017-07-31 22:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-08 20:46 - 2017-07-31 22:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-08 20:46 - 2017-07-31 22:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-08 20:46 - 2017-07-31 22:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-08 20:46 - 2017-07-31 22:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-08 20:46 - 2017-07-31 21:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-08 20:46 - 2017-07-31 21:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-08 20:46 - 2017-07-31 21:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-08 20:46 - 2017-07-31 21:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-08 20:46 - 2017-07-31 21:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-08 20:46 - 2017-07-31 21:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-08 20:46 - 2017-07-31 21:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-08 20:46 - 2017-07-31 21:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-08 20:46 - 2017-07-31 21:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-08 20:46 - 2017-07-31 21:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-08 20:46 - 2017-07-31 21:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-08 20:46 - 2017-07-31 21:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-08 20:46 - 2017-07-31 21:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-08 20:46 - 2017-07-31 21:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-08 20:46 - 2017-07-31 21:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-08 20:46 - 2017-07-31 21:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-08 20:46 - 2017-07-31 21:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-08 20:46 - 2017-07-31 21:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-08 20:46 - 2017-07-31 21:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-08 20:46 - 2017-07-31 21:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-08 20:46 - 2017-07-31 21:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-08 20:46 - 2017-07-31 21:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-08 20:46 - 2017-07-31 21:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-08 20:46 - 2017-07-31 21:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-08 20:46 - 2017-07-31 21:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-08 20:46 - 2017-07-31 21:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-08 20:46 - 2017-07-31 21:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-08 20:46 - 2017-07-31 21:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-08 20:46 - 2017-07-31 21:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-08 20:46 - 2017-07-31 21:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-08 20:46 - 2017-07-31 21:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-08 20:46 - 2017-07-31 21:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-08 20:46 - 2017-07-31 21:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-08 20:46 - 2017-07-31 21:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-08 20:46 - 2017-07-28 01:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-08 20:46 - 2017-07-28 01:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-08 20:46 - 2017-07-28 01:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-08 20:46 - 2017-07-28 01:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-08 20:46 - 2017-07-28 01:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-08 20:46 - 2017-07-28 01:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-08 20:46 - 2017-07-28 01:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-08 20:46 - 2017-07-28 01:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-08 20:46 - 2017-07-28 01:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-08 20:46 - 2017-07-28 01:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-08 20:46 - 2017-07-28 01:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-08 20:46 - 2017-07-28 01:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-08 20:46 - 2017-07-28 01:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-08 20:46 - 2017-07-28 01:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-08 20:46 - 2017-07-28 01:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-08 20:46 - 2017-07-28 00:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-08 20:46 - 2017-07-28 00:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-08 20:46 - 2017-07-28 00:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-08 20:46 - 2017-07-28 00:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-08 20:46 - 2017-07-28 00:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-08 20:46 - 2017-07-28 00:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-08 20:46 - 2017-07-28 00:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-08 20:46 - 2017-07-28 00:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-08 20:46 - 2017-07-28 00:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-08 20:46 - 2017-07-28 00:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-08 20:46 - 2017-07-28 00:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-08 20:46 - 2017-07-28 00:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-08 20:46 - 2017-07-28 00:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-08 20:46 - 2017-07-28 00:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-08 20:46 - 2017-07-28 00:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-08 20:46 - 2017-07-28 00:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-08 20:46 - 2017-07-28 00:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-08 20:46 - 2017-07-28 00:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-08 20:46 - 2017-07-28 00:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-08 20:46 - 2017-07-28 00:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-08 20:46 - 2017-07-28 00:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-08 20:46 - 2017-07-28 00:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-08 20:46 - 2017-07-28 00:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-08 20:46 - 2017-07-28 00:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-08 20:46 - 2017-07-28 00:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-08 20:46 - 2017-07-28 00:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-08 20:46 - 2017-07-28 00:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-08 20:46 - 2017-07-28 00:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-08 20:46 - 2017-07-28 00:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-08 20:46 - 2017-07-28 00:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-08 20:46 - 2017-07-28 00:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-08 20:46 - 2017-07-28 00:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-08 20:46 - 2017-07-28 00:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-08 20:46 - 2017-07-28 00:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-08 20:46 - 2017-07-28 00:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-08 20:46 - 2017-07-28 00:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-08 20:46 - 2017-07-28 00:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-08 20:46 - 2017-07-28 00:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-08 20:46 - 2017-07-28 00:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-08 20:46 - 2017-07-28 00:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-08 20:46 - 2017-07-28 00:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-08 20:46 - 2017-07-28 00:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-08 20:46 - 2017-07-28 00:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-08 20:46 - 2017-07-28 00:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-08 20:46 - 2017-07-28 00:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-08 20:46 - 2017-07-28 00:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-08 20:46 - 2017-07-28 00:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-08 20:46 - 2017-07-28 00:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-08 20:46 - 2017-07-28 00:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-08 20:46 - 2017-07-28 00:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-08 20:46 - 2017-07-28 00:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-08 20:46 - 2017-07-28 00:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-08 20:46 - 2017-07-28 00:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-08 20:46 - 2017-07-28 00:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-08 20:46 - 2017-07-28 00:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-08 20:46 - 2017-07-28 00:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-08 20:46 - 2017-07-28 00:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-08 20:46 - 2017-07-28 00:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-08 20:46 - 2017-07-28 00:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-08 20:46 - 2017-07-28 00:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-08 20:46 - 2017-07-28 00:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-08 20:46 - 2017-07-28 00:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-08 20:46 - 2017-07-28 00:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-08 20:46 - 2017-07-28 00:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-08 20:46 - 2017-07-28 00:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-08 20:46 - 2017-07-28 00:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-08 20:46 - 2017-07-28 00:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-08 20:46 - 2017-07-28 00:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-08 20:46 - 2017-07-28 00:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-02 16:19 - 2017-08-02 16:19 - 000000000 ____D C:\Users\casey\AppData\LocalLow\Game Grumps
2017-08-02 16:13 - 2017-08-02 16:15 - 000000000 ____D C:\Users\casey\Desktop\deamdad
2017-07-28 01:42 - 2017-07-28 01:42 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2699839342-632990880-3611128694-1002
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-08-26 16:31 - 2017-07-10 01:08 - 000000000 ____D C:\ProgramData\Gramblr
2017-08-26 16:25 - 2016-06-28 17:36 - 000000000 ____D C:\Users\casey\AppData\Roaming\Origin
2017-08-26 16:20 - 2016-06-28 17:35 - 000000000 ____D C:\ProgramData\Origin
2017-08-26 16:11 - 2017-06-12 13:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-26 15:07 - 2017-06-12 14:24 - 000004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ACC4C393-020D-418A-9FE7-0F94FBECCA48}
2017-08-26 15:06 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-08-26 15:06 - 2016-06-09 01:12 - 000000000 ____D C:\Users\casey\AppData\Local\ElevatedDiagnostics
2017-08-26 15:00 - 2017-06-12 13:57 - 000000000 ____D C:\Users\casey
2017-08-26 15:00 - 2017-06-12 13:55 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-08-26 15:00 - 2015-11-26 02:33 - 000000000 __SHD C:\Users\casey\IntelGraphicsProfiles
2017-08-26 13:42 - 2014-07-29 18:33 - 000000000 ____D C:\Program Files (x86)\AlienRespawn
2017-08-26 13:39 - 2017-06-12 13:52 - 000270144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-26 13:39 - 2016-08-26 05:03 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-26 13:38 - 2017-06-12 14:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-26 13:33 - 2015-11-17 21:49 - 000000000 ____D C:\Users\casey\AppData\Roaming\uTorrent
2017-08-25 23:59 - 2017-05-01 02:48 - 000000000 ____D C:\Users\casey\AppData\LocalLow\uTorrent
2017-08-25 23:12 - 2017-06-05 18:10 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-08-25 23:12 - 2017-06-05 18:09 - 000000000 ____D C:\WINDOWS\pss
2017-08-25 23:12 - 2017-03-18 07:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-08-25 22:01 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-25 20:50 - 2017-06-12 13:57 - 000000000 ____D C:\Users\elber_000
2017-08-25 20:32 - 2015-11-13 19:33 - 000000000 ____D C:\Users\casey\AppData\Local\NVIDIA
2017-08-25 20:10 - 2017-06-12 13:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-08-25 20:10 - 2017-06-12 13:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-08-25 20:10 - 2017-06-12 13:55 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-08-25 20:10 - 2015-11-13 19:33 - 000000000 ____D C:\Users\casey\AppData\Local\NVIDIA Corporation
2017-08-25 20:10 - 2015-11-13 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-08-25 20:03 - 2017-03-18 17:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-25 19:38 - 2017-06-12 14:18 - 001267428 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-25 19:25 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-25 19:20 - 2017-03-18 17:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-25 19:04 - 2016-06-21 14:14 - 000000000 ____D C:\Users\casey\Downloads\Native Instruments Guitar Rig 5 Pro v5.1.1 UNLOCKED - R2R [deepstatus]
2017-08-25 18:02 - 2015-11-14 14:55 - 000000000 ____D C:\Users\casey\AppData\Roaming\Spotify
2017-08-25 17:41 - 2017-06-12 14:24 - 000004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0579EE40-A7A5-4193-9D01-CC7B930F89AB}
2017-08-25 13:15 - 2017-06-20 12:18 - 000000000 ___HD C:\OneDriveTemp
2017-08-25 13:15 - 2015-11-13 01:11 - 000000000 __RDO C:\Users\elber_000\OneDrive
2017-08-25 13:13 - 2015-11-26 11:1


#4 CatBeard

CatBeard
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 26 August 2017 - 03:49 PM

And here is the Additional file information:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by casey (26-08-2017 16:31:41)
Running from C:\Users\casey\Desktop\Virus Removal
Windows 10 Home Version 1703 (X64) (2017-06-12 18:35:07)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2699839342-632990880-3611128694-500 - Administrator - Disabled)
casey (S-1-5-21-2699839342-632990880-3611128694-1002 - Administrator - Enabled) => C:\Users\casey
DefaultAccount (S-1-5-21-2699839342-632990880-3611128694-503 - Limited - Disabled)
elber_000 (S-1-5-21-2699839342-632990880-3611128694-1003 - Limited - Enabled) => C:\Users\elber_000
Guest (S-1-5-21-2699839342-632990880-3611128694-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Accounting (HKLM\...\Steam App 518580) (Version:  - Crows Crows Crows)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{F83DD803-2467-4D07-9D6F-87AF0434410A}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Alienware Command Center (HKLM\...\{B453A92F-0954-4832-9132-40C2A7C2AE96}) (Version: 3.5.15.0 - Alienware Corp.) Hidden
America's Army: Proving Grounds (HKLM\...\Steam App 203290) (Version:  - U.S. Army)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Arma 3 Tools (HKLM\...\Steam App 233800) (Version:  - Bohemia Interactive)
Authorizer 2.9.0d5 (HKLM\...\{F6762963-9AE5-4bc6-A70F-2D749F6AC02F}_is1) (Version: 2.9.0d5 - Propellerhead Software AB)
BetterAds version 1 (HKLM-x32\...\{376CA350-6C34-4F10-B8DC-586F8CA03009}_is1) (Version: 1 - ) <==== ATTENTION
Blade & Soul (HKLM-x32\...\{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Cisco VideoGuard Player (HKLM-x32\...\{28145961-299d-4f61-88d6-ff9ea46bd919}) (Version: 6.7 - Cisco Systems, Inc)
Cities Skylines After Dark (HKLM-x32\...\Cities Skylines After Dark_is1) (Version:  - )
Cloudberry Kingdom (HKLM\...\Steam App 210870) (Version:  - Pwnee Studios)
Counter-Strike Global Offensive No-Steam (HKLM\...\Counter-Strike Global Offensive_is1) (Version: 1.35.3.8 - Valve Software)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.402 - Dell)
Dell SupportAssistAgent (HKLM\...\{90881C8E-6C4F-4662-9923-85AFCA058C44}) (Version: 2.0.1.7 - Dell)
Dell System Detect (HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Email Extractor (HKLM-x32\...\{30482B99-CAD6-4370-8A3B-8939BCDC90EC}) (Version: 5.7.0.1 - Pro Software) Hidden
Email Extractor (HKLM-x32\...\Email Extractor) (Version: 5.7.0.1 - Pro Software)
eMail Verifier 3.5.3 (HKLM-x32\...\eMail Verifier_is1) (Version:  - Max Programming LLC)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fishing Planet (HKLM\...\Steam App 380600) (Version:  - Fishing Planet LLC)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GoPro Studio (HKLM-x32\...\{BE06FF1A-83A0-42F2-913E-6E405393145C}) (Version: 5.12.5383 - GoPro, Inc.) Hidden
Gramblr (HKLM\...\Gramblr) (Version: 2.9.71 - Gramblr Team)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
High Octane Drift (HKLM\...\Steam App 457330) (Version:  - Cruderocks)
IL Autogun (HKLM-x32\...\IL Autogun) (Version:  - Image-Line)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
Kinoni Streamer 1.51 (HKLM-x32\...\Kinoni Remote Desktop) (Version: 1.51 - Kinoni)
Kodi (HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\Kodi) (Version:  - XBMC-Foundation)
Line of Sight (HKLM\...\Steam App 436520) (Version:  - BlackSpot Entertainment)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MaxBulk Mailer 7.9.2 (HKLM-x32\...\MaxBulk Mailer_is1) (Version:  - Max Programming LLC)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.139 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version:  - )
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version:  - )
Mod Updater for NRaas mods (HKLM-x32\...\{F843593F-C885-40DC-A754-3D2123E93E2D}) (Version: 1.14.2 - Tucknology)
Mount Your Friends (HKLM\...\Steam App 296470) (Version:  - Stegersaurus Software Inc.)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.8.3.1 - Duodian Technology Co. Ltd.)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 358.91 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.3 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 46.0.2597.57 (HKLM-x32\...\Opera 46.0.2597.57) (Version: 46.0.2597.57 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.4.17.36908 - Electronic Arts, Inc.)
PBO Manager v.1.4 beta (HKLM-x32\...\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}) (Version: 1.4.0 -  )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Quik (HKLM\...\{DF7EE9CB-0369-44F3-9B91-BF05A2D4891D}) (Version: 0.1.5383 - GoPro, Inc.) Hidden
Quik (HKLM-x32\...\{b15a4fb5-7637-45ca-b230-33d94af786a7}) (Version: 2.3.0.5383 - GoPro, Inc.)
RaceRoom Racing Experience  (HKLM\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Reason 8 8.3.2d7 (HKLM\...\Reason8.0Stable_64_is1) (Version: 8.3.2d7 - Propellerhead Software AB)
ROBLOX Player for casey (HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio for casey (HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Robocraft (HKLM\...\Steam App 301520) (Version:  - Freejam)
Roxio GAMECAP (HKLM-x32\...\{93B6F95C-7009-4CF3-886B-F80AA6101B14}) (Version: 1.01.0000 - Roxio)
s5m (HKLM-x32\...\s5m) (Version: 2.0.2 - s5m) <==== ATTENTION
SecondLifeViewer (HKLM-x32\...\SecondLifeViewer) (Version: 5.0.5.326444 - Linden Research, Inc.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Sid Meiers Civilization VI (HKLM-x32\...\Sid Meiers Civilization VI_is1) (Version:  - )
Sid Meier's Civilization: Beyond Earth (HKLM\...\Steam App 65980) (Version:  - Firaxis Games)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Sims 4 Tray Importer (S4TI) 1.5.5 (HKLM-x32\...\{8665A9CC-9652-4F31-907A-DE2E7A8E8E97}_is1) (Version: 1.5.5 - TeameeVo)
Sims 4 Tray Importer (S4TI) for XP - Beta 1.5.2.101 (HKLM-x32\...\{DC53DBB2-683C-49D6-BFA0-AC86EFB73AEE}_is1) (Version: 1.5.2.101 - TeameeVo)
Skeet: VR Target Shooting (HKLM\...\Steam App 446770) (Version:  - Flatbox Studios)
SketchUp 2016 (HKLM\...\{E2B66CF6-ABA0-4E5F-B426-7478B18301AE}) (Version: 16.1.1449 - Trimble Navigation Limited)
Splashtop Personal (HKLM-x32\...\{E7CF0F14-8C1D-41F3-85ED-579C108262C7}) (Version: 2.6.4.0 - Splashtop Inc.)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.1.4.1 - Splashtop Inc.)
Spore (HKLM\...\Steam App 17390) (Version:  - Maxis™)
Spotify (HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\Spotify) (Version: 1.0.59.395.ge6ca9946 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.45b - )
TeamSpeak 3 Client (HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Jackbox Party Pack 2 (HKLM\...\Steam App 397460) (Version:  - Jackbox Games, Inc.)
The Lab (HKLM\...\Steam App 450390) (Version:  - Valve)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.32.1.1020 - Electronic Arts Inc.)
The VR Museum of Fine Art (HKLM\...\Steam App 515020) (Version:  - Finn Sinclair)
Toontown Rewritten (HKLM-x32\...\Toontown Rewritten) (Version: 00.00.00.00 - The TTR Team)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
VFW_Codec32 (HKLM-x32\...\{ECDB3455-70F4-4EE6-B89E-3B4C5E9FF592}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{AE4073DE-7596-4E3B-9DE3-18BE2C3EFAA6}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Video Win Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version:  - videowinsoft.com)
Virtual COM Port Driver (HKLM-x32\...\{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics) Hidden
Virtual COM Port Driver (HKLM-x32\...\InstallShield_{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics)
VirtualDJ 8 (HKLM-x32\...\{9FB0C789-72AB-4AE2-B04C-34ED8B94AC4B}) (Version: 8.2.3523.0 - Atomix Productions)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Zombie Vikings: Stab-a-thon (HKLM\...\Steam App 566910) (Version:  - Zoink Games)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\ChromeHTML: -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2699839342-632990880-3611128694-1002_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\casey\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\casey\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\casey\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\casey\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\casey\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\casey\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-17] ()
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-07] (Cyberlink)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2016-01-08] (McAfee, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\casey\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2016-05-24] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-07] (Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\casey\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\casey\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2016-05-24] (Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-12-23] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2016-01-08] (McAfee, Inc.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2016-05-24] (Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {07D0AEF1-A276-48DC-947C-229D57CFCC33} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {1140A217-F753-4DCD-820F-595CD7173ADD} - System32\Tasks\{8023FC4C-C3F4-4584-A9E6-6697F7583398} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Grand Theft Auto V\unins000.exe"
Task: {1CF71A49-E9B3-4413-84E5-35EAA092CFBE} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {2272DC96-C9D9-41FD-AA2B-D41E921865EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12] (Google Inc.)
Task: {2501EA14-64EA-42F2-9803-A773D5D488C4} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {2BF3F4F8-54EA-44FA-9B0B-755092F6B301} - \Optimize Start Menu Cache Files-S-1-5-21-2699839342-632990880-3611128694-1003 -> No File <==== ATTENTION
Task: {2F0C3643-7481-4FEA-A53C-08C896490AC7} - \WPD\SqmUpload_S-1-5-21-2699839342-632990880-3611128694-1003 -> No File <==== ATTENTION
Task: {33057455-E167-4CA5-904D-2DDD80BE7D1A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {349DDAA6-FC04-46EC-96A1-B1893BE2B4AB} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-06-28] (Dell Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3873157A-D685-42E1-96B9-5D7075A4FD62} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3BC869B5-D565-4CF2-BC4F-BE4184F8FCA8} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {3CC2907B-E409-46F8-892F-073DCF294BE2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3FC0D4DB-D2C6-43C7-BCCB-DE3AD4163957} - System32\Tasks\{D7914AE8-FFD6-4B4E-87EC-1E17AB96A0B1} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\casey\Desktop\New folder (7)\SLRR\StreetLegal_Redline.exe" -d "C:\Users\casey\Desktop\New folder (7)\SLRR"
Task: {51FDEF4F-28A5-405C-B791-F84BC7088F5D} - \Optimize Start Menu Cache Files-S-1-5-21-2699839342-632990880-3611128694-1002 -> No File <==== ATTENTION
Task: {545D4151-768A-4C78-98C9-78BC53600227} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [2016-01-03] (McAfee, Inc.)
Task: {54651D91-8507-4E23-AEF7-CA0B4E826E4C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-08] (Microsoft Corporation)
Task: {5BA0DAAC-2775-41F2-ACE1-9135151B819B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5C410223-CABB-48F0-91E2-4B0B9E285712} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {654E5B12-5B3B-4FB4-8E5C-1B6D2E127BCD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {6701E75C-8796-46AA-8603-05904D0F5CE9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7A030211-08E8-4EB8-BBD3-D80EFA381580} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {860ED5D0-4424-4E9E-9D28-087881F19912} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-06-28] (Dell Inc.)
Task: {8E175C38-8D20-4E4D-8A67-3E0B2AB845CC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-16] (Adobe Systems Incorporated)
Task: {962F0FCA-4AE5-4471-8F25-135013B5AF22} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {A876B83B-2F4B-43C6-A4A0-754B22C8B639} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe
Task: {B7691591-8AE1-44B7-B5AB-8E0B67A0224E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12] (Google Inc.)
Task: {B8795CBB-803B-41B9-B59C-F8151F1639E7} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {C14739B3-7757-4218-81F1-6EF0CA35FCC3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C28652D7-AAAC-41AD-A8CB-6EF9F694B04C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C6E4E99A-35E7-473C-974D-0115A9DFC7EC} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {C9E044B4-B769-4462-9286-A0A697BA5731} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink)
Task: {D285E653-1A12-4D80-B83A-B836A8D42810} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EE40B3A9-25BE-4622-BC7D-E307453B91F6} - System32\Tasks\Opera scheduled Autoupdate 1448357685 => C:\Program Files (x86)\Opera\launcher.exe [2017-07-18] (Opera Software)
Task: {F6D36EC1-D914-4DA8-9BC9-DE0EFAF9753E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F6F6FADC-2BF1-4626-882C-DDDB9C8F795D} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {F92D8803-3856-4DF5-ADA5-FBA91BB61C09} - \WPD\SqmUpload_S-1-5-21-2699839342-632990880-3611128694-1002 -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\casey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Сhrоmium.lnk -> C:\Users\casey\AppData\Local\Chromium\Application\chrome.bat ()
Shortcut: C:\Users\casey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\casey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
Shortcut: C:\Users\casey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat ()
Shortcut: C:\Users\casey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Сhrоmium.lnk -> C:\Users\casey\AppData\Local\Chromium\Application\chrome.bat ()
Shortcut: C:\Users\casey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat ()
Shortcut: C:\Users\casey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехplоrеr.lnk -> C:\Program Files\Internet Explorer\IEXPLORE.bat (No File)
Shortcut: C:\Users\Public\Desktop\Еpiс Gаmеs Lаunсhеr.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.bat ()
Shortcut: C:\Users\Public\Desktop\Оpеrа.lnk -> C:\Program Files (x86)\Opera\launcher.bat ()
 
ShortcutWithArgument: C:\Users\casey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Until АМ fоr Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () ->  --profile-directory=Default --app-id=mjafmkicbmhcbapadecadciafbkecofl
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-06-12 13:56 - 2017-05-01 16:51 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-10 01:08 - 2017-08-21 13:10 - 011804752 _____ () C:\Program Files\Gramblr\gramblr.exe
2017-02-20 01:11 - 2017-02-20 01:11 - 000076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-02-26 11:34 - 2013-02-26 11:34 - 000525312 _____ () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
2017-01-05 17:36 - 2017-01-05 17:36 - 000077824 _____ () C:\Program Files\ntuserlitelist\dataup\dataup.exe
2016-07-04 07:27 - 2016-07-04 07:27 - 000081920 _____ () C:\Program Files (x86)\Kinoni\Remote Desktop\service.exe
2017-03-16 17:15 - 2017-03-16 17:15 - 000037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2016-07-17 09:30 - 2014-01-13 12:24 - 001356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2016-06-30 04:23 - 2016-06-30 04:23 - 000592384 _____ () C:\Users\casey\AppData\Local\MEGAsync\ShellExtX64.dll
2017-05-03 17:11 - 2017-05-03 17:11 - 000619008 ____N () C:\windows\system32\tprdpw64.exe
2017-03-18 16:58 - 2017-03-18 16:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 16:59 - 2017-03-18 22:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-23 02:47 - 2017-08-23 02:47 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-23 02:47 - 2017-08-23 02:47 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-23 02:47 - 2017-08-23 02:47 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-23 02:47 - 2017-08-23 02:47 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-08-10 09:11 - 2017-08-09 10:51 - 000022880 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2017-05-10 21:28 - 2017-05-09 05:13 - 003767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-10 21:28 - 2017-05-09 05:13 - 000100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-05-04 11:13 - 2017-05-04 11:13 - 000235520 _____ () C:\Program Files\ntuserlitelist\dataup\help_dll.dll
2015-03-16 13:28 - 2015-03-16 13:28 - 000155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-02-19 21:51 - 2014-02-19 21:51 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-11-13 19:33 - 2016-06-14 21:14 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-07-29 18:25 - 2013-03-04 23:40 - 000626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 14:41 - 2013-03-05 14:41 - 000015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2017-08-10 09:11 - 2017-08-09 10:51 - 002493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-08-10 09:11 - 2017-08-09 10:51 - 000012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2016-06-28 17:35 - 2016-06-28 17:35 - 000266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2016-11-22 18:02 - 000000822 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\casey\Documents\Jessica's Art\Grimes 2 pastel 2.png
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: Dataup => 
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "GoPro Tray App"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "KinoniTask"
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2699839342-632990880-3611128694-1002\...\StartupApproved\Run: => "Steam"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{38B60922-48ED-409C-A237-8C08CFF11403}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AE88FC4A-53D7-4C06-9CF5-939630678BAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D3D8DA5A-19E6-4966-B819-C95930717382}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{69F0F853-8082-4F15-88C4-D7A481D90791}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FCD3FA6E-4FF4-4A57-BADC-1A02E376544A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{71F46CA4-D525-46EA-9C47-023A535B6257}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{63CB0E43-0F62-48EB-AB38-1C1FF5046FF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6916102D-A7A3-4F17-AE32-D0E11DA9DE72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{8DCA6895-0985-418E-B58D-448936E639D8}C:\users\casey\appdata\local\roblox\versions\version-03f9deefecfe4984\robloxstudiobeta.exe] => (Allow) C:\users\casey\appdata\local\roblox\versions\version-03f9deefecfe4984\robloxstudiobeta.exe
FirewallRules: [TCP Query User{7FC7A5F4-C521-4686-BB3D-2936CC9130BC}C:\users\casey\appdata\local\roblox\versions\version-03f9deefecfe4984\robloxstudiobeta.exe] => (Allow) C:\users\casey\appdata\local\roblox\versions\version-03f9deefecfe4984\robloxstudiobeta.exe
FirewallRules: [{941D73E3-72AD-44D4-967B-918E8A18CFC3}] => (Allow) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe
FirewallRules: [UDP Query User{4DF5E5A1-9281-4B08-B40A-54172154F44E}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [TCP Query User{2F2EBC6E-B6C9-4574-9E3A-F254C9A2B144}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [{E3645761-D8C7-47EA-A57E-0EC33CA33C9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F3472BBA-40C0-4DB6-B2E7-15B6912A5435}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{29A0D5FF-5BA0-40E0-846B-6EE317BF314A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{29725640-6021-44C7-87BB-D30FD0A97A79}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D4BB5A16-8E8A-4E9C-BF4F-47161FDEC4AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{10589FE9-CFF4-46EC-BC75-FA14CCC5B9BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AD144F3E-A431-4D85-921D-66E414B1F789}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1267C013-233F-4767-9AA9-6F616F55CAE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8CFED2AE-1A49-491E-AEA9-69B77846E4E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AC0D770C-D899-437B-9BD5-1C2600338BDE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{66E22F61-5E2F-4AE4-AB7C-90571BEB5773}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F4EECFB7-1884-4F80-96E0-CEEF4B28B5CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{52DA5E6F-CDFD-4648-971E-B26E76FBC7B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1E55EA35-4198-4918-801E-6A42B6D3384B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B76B51BD-A8C6-43CF-8949-2B961DC3E391}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{752AFACE-EFF5-43AC-8CEA-6933D3E4E841}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{86B05396-B17A-41EE-9586-678CBA446313}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CF0AD654-9B24-497D-86FC-19D4FE7E6FF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7F58979E-37B0-42D3-9C73-9DD904E5606E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2D1C5B35-3168-49BE-B081-E2444A9FEA9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{628DDB04-CA71-40E0-BF42-9683D9ED6ABA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4D90B0AE-8D51-4F3D-963F-90BD75491114}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D8A505FA-F1A8-4463-8D62-A103181333BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B2F9FEF1-8ED5-455C-90F5-C5D892822597}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D83E0690-50E6-4E67-8CC6-F0D0967D518F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{937A1E75-D5AF-4D00-91D4-1CDCA41C2504}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe
FirewallRules: [{0F9953FD-613F-49CB-BE6B-7DF2EBB749B2}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe
FirewallRules: [{E20360FE-D8F8-46A3-BA23-458BF60F0062}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe
FirewallRules: [{EC67D9F7-1F1A-49B7-BFE0-7A765A16971A}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe
FirewallRules: [{50E6EAB9-5843-4F55-A877-6AD91FB20843}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4B0B90C5-0FBE-46AB-AB80-086053379C64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{571A9AC8-5267-4971-B552-546CD2C8CD88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A967E443-1E80-4A34-9D71-04E9962E0678}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EB1AB235-D72B-4837-A8BC-ABDFAE04B4BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{56F044F6-5EBD-4AE3-9C56-9F2B7A9CEC32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{79D74631-0A20-459F-85F8-5E661034DF48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{663AD1CD-2B6F-4202-9990-D67D0D89E4A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B24BCCB6-F15E-4BD0-A54B-8E569A63C562}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{A12C2367-9520-4720-8C25-07B9321C68CE}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{7EAD2EFF-C2CA-4898-B70F-C8FA00E3FFF8}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{BE2F1AC1-DD25-448A-AC3E-7B36E220BB64}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{C6946DBD-E2FF-4506-B8C9-7C865E02C8DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DF20D5B8-FA02-4B12-96A9-E90A63ABC379}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{582E13F3-8C2E-42F6-88A9-CF5AFE11E9C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{54360254-E36C-4AF7-BE07-C87853B5CA0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E324FCFE-F985-417F-A03E-D450C071DDA4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{90E1245A-1629-487A-8034-9962F7F84867}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{10B5EB49-5349-4D08-AF06-AB4ADE793E6D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{21C19C67-C0FA-4F32-BC6C-2AF73E4B6FD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6B4116DB-A9CD-47EA-89F7-338EE61B5CB7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9DDB81FF-0D94-4502-BBAD-C292953D68E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3CAD7F68-78FE-4D36-8280-BF1E5EF5023A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6CC8969C-4839-4418-9671-635962531ACE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7A315796-97EB-4DA6-A1D1-26EB684EBB2F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{155ED6F2-2F71-4F50-922F-2F099EED44E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{89CF7243-20C3-4601-BF52-B921F3C53B62}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{98D9F531-B30B-4380-8D7B-21F59078FE7F}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{A025E7F3-7761-439B-A249-AE3F1C80C0C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD1FB602-196B-48F4-A790-B6B17EBC8AA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F56DA91B-7E6A-40CD-8F35-5B8D86F185B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{91545BD2-FF2D-4846-99F8-B940F497EC1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{13177FA1-1344-4970-92BD-D3D2B9F1CAFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{45BBD535-7FE7-4E44-A2A1-3CB6365F2014}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C51ED451-3A07-4F96-82AB-0D08D70ABD83}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{72EE23D1-F5AA-486C-8755-F506C3B4A372}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{945E4915-4C06-4BC9-A45D-DEE9FD12B0C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{161C19D5-3FB7-4138-9440-D532BBF6F420}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8902327D-7662-43D4-8E36-131C7E34D8BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{856E6318-D860-490D-B489-84610FEB6A63}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6DB06A08-FD76-401F-9636-CF22159E0DAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Accounting\Accounting.exe
FirewallRules: [{2ACF509C-F031-4D3D-A8E7-37F16659594F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Accounting\Accounting.exe
FirewallRules: [{30F4B111-63E5-4084-B02C-78009A9A5865}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe
FirewallRules: [{5A06CEF0-D1BD-4982-9F6E-07303F5A4107}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe
FirewallRules: [{CBADFD46-D9F9-4FCC-89A4-AD4ECCB2DC8E}] => (Allow) C:\Program Files (x86)\Kinoni\Remote Desktop\windowsserver.exe
FirewallRules: [{311036B4-2560-4D87-8D65-F1D202996EBC}] => (Allow) C:\Program Files (x86)\Kinoni\Remote Desktop\windowsserver.exe
FirewallRules: [{416EACC1-2B28-4B49-A11D-4C42ED2B4992}] => (Allow) C:\Program Files (x86)\Kinoni\Remote Desktop\windowsserver.exe
FirewallRules: [{2F028383-8BD3-4C90-BDB3-FC6A0C4086AC}] => (Allow) C:\Program Files (x86)\Kinoni\Remote Desktop\windowsserver.exe
FirewallRules: [UDP Query User{CD9EF522-0E08-4883-BA33-800D83BF4E41}C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe] => (Block) C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe
FirewallRules: [TCP Query User{D296D1EF-52D5-400D-BB6F-582F6323A5EB}C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe] => (Block) C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe
FirewallRules: [{3917823D-BA4D-482F-BD04-6AEC048D3310}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E0B8A7EC-88DB-412A-AFB9-BC258A5BD6EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{74743271-474A-4C2A-9E1A-734B7851DB19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The VR Museum of Fine Art\Museum2.exe
FirewallRules: [{6A285573-793A-4D4B-9D47-DBDFCD83884A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The VR Museum of Fine Art\Museum2.exe
FirewallRules: [{BDA5F111-F186-4B56-A4F0-9AC18DA61F7C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skeet VR Target Shooting\Skeet.exe
FirewallRules: [{837C78BD-F6F6-4F30-9F83-42C536E3C5CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skeet VR Target Shooting\Skeet.exe
FirewallRules: [UDP Query User{3C726ED1-029E-4B3E-B310-97843B47C33A}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{259979FC-34FA-44DF-A986-B7E85D1FBD63}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{DF356A99-5553-418A-BC91-DCCF4C7BD4AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6E8BF587-EA0E-420F-8560-3957F6C2078F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{DE51408F-867A-4547-BC6D-298BDE8A48F5}C:\users\casey\desktop\drlsimulator_1-1-0_win\simulator\drlsimulator.exe] => (Allow) C:\users\casey\desktop\drlsimulator_1-1-0_win\simulator\drlsimulator.exe
FirewallRules: [TCP Query User{7A9C9C3E-B119-46B8-8F4E-C60A05762704}C:\users\casey\desktop\drlsimulator_1-1-0_win\simulator\drlsimulator.exe] => (Allow) C:\users\casey\desktop\drlsimulator_1-1-0_win\simulator\drlsimulator.exe
FirewallRules: [UDP Query User{049D2456-6994-425B-A0A3-C7A985AF890C}C:\users\casey\appdata\local\temp\rar$exa0.031\drlsimulator_1-1-0_win\simulator\drlsimulator.exe] => (Allow) C:\users\casey\appdata\local\temp\rar$exa0.031\drlsimulator_1-1-0_win\simulator\drlsimulator.exe
FirewallRules: [TCP Query User{45A6FB83-5BEA-484E-96D8-847EE1E8B450}C:\users\casey\appdata\local\temp\rar$exa0.031\drlsimulator_1-1-0_win\simulator\drlsimulator.exe] => (Allow) C:\users\casey\appdata\local\temp\rar$exa0.031\drlsimulator_1-1-0_win\simulator\drlsimulator.exe
FirewallRules: [UDP Query User{EB784FB7-552F-46F4-BDDD-65D9A91FDEBC}C:\games\eco v0.4.2\server v0.4.2\ecoserver.exe] => (Allow) C:\games\eco v0.4.2\server v0.4.2\ecoserver.exe
FirewallRules: [TCP Query User{39FE9328-CD41-4F18-8AA9-4726EB8F1237}C:\games\eco v0.4.2\server v0.4.2\ecoserver.exe] => (Allow) C:\games\eco v0.4.2\server v0.4.2\ecoserver.exe
FirewallRules: [UDP Query User{DA805DF9-244C-4D8A-A278-C5604CE69234}C:\users\casey\downloads\3dmgame-assetto.corsa.v1.7.incl.5dlcs.cracked-3dm\assettocorsa\acs.exe] => (Allow) C:\users\casey\downloads\3dmgame-assetto.corsa.v1.7.incl.5dlcs.cracked-3dm\assettocorsa\acs.exe
FirewallRules: [TCP Query User{B8E60E0F-428F-4528-BB5C-CDCB1456F2E6}C:\users\casey\downloads\3dmgame-assetto.corsa.v1.7.incl.5dlcs.cracked-3dm\assettocorsa\acs.exe] => (Allow) C:\users\casey\downloads\3dmgame-assetto.corsa.v1.7.incl.5dlcs.cracked-3dm\assettocorsa\acs.exe
FirewallRules: [{9DE084F0-F53B-421F-9012-A75B352F3AC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F7C4E017-0058-44C0-8F7A-258B3F905E16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{AF0CFE9C-01A7-4CCB-98C6-62037A494076}C:\users\casey\desktop\necrobot\new bot\necrobot2.exe] => (Allow) C:\users\casey\desktop\necrobot\new bot\necrobot2.exe
FirewallRules: [TCP Query User{0735D98D-4E30-45D4-BAC3-6819C4A4296A}C:\users\casey\desktop\necrobot\new bot\necrobot2.exe] => (Allow) C:\users\casey\desktop\necrobot\new bot\necrobot2.exe
FirewallRules: [UDP Query User{2F1B594E-BCD2-4D7C-A4B2-D5669F9FB211}C:\users\casey\desktop\necrobot\necrobot2.exe] => (Allow) C:\users\casey\desktop\necrobot\necrobot2.exe
FirewallRules: [TCP Query User{F699062B-AA79-4549-A814-66C66FEB7062}C:\users\casey\desktop\necrobot\necrobot2.exe] => (Allow) C:\users\casey\desktop\necrobot\necrobot2.exe
FirewallRules: [{86A0B5F7-1948-4D2F-B281-9D8C49920781}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B4641848-D430-4C7C-9F02-5EEED438EA45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B1B84D31-3B21-4A3B-AE7E-A6D75C1FF542}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CB656D67-AE15-4C1A-AC02-5B622D3A19ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{81437A4C-E790-47AD-A397-B7FE11911C56}C:\users\casey\desktop\necrobot\necrobot2.exe] => (Allow) C:\users\casey\desktop\necrobot\necrobot2.exe
FirewallRules: [TCP Query User{A222B6D7-41AC-4766-84EE-EF33B27829AD}C:\users\casey\desktop\necrobot\necrobot2.exe] => (Allow) C:\users\casey\desktop\necrobot\necrobot2.exe
FirewallRules: [{CDB269B9-F18E-43BC-81D7-381228E884FB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{536CCA37-458A-455C-B223-96D084F15B26}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EFD006B0-AB21-45E5-8E09-3D85E6E882C1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0B4F71D7-0A0F-40A6-884C-907E0E4645AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0CE6EFFF-7EEF-470F-AE0B-D77450DC3ABC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{0F6B8DD0-7990-415A-AA26-77AD84C600DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{AE4F5D99-62F2-41D0-9C83-0FB82D71AD8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AAGame.exe
FirewallRules: [{85ACA5F5-3BAE-440D-BFE4-50514185489F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AAGame.exe
FirewallRules: [{09562B37-5FAD-45DF-88C7-7C39C3DC2FC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe
FirewallRules: [{CE1C97FC-D099-437C-8ACD-D5B250367C06}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe
FirewallRules: [{07899EAB-E6B6-42D1-82AF-7B63AF727522}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{7FB04BD2-CC41-4B3E-B84E-1CD37A32D3E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{EE3AD2F2-402E-461A-8B07-4481488963A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{D6512A4E-794D-4D74-83F5-735DF98A3BC9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{5E3483E5-36E0-4C2B-824E-5C6F9ABF52F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EE146BE3-B2D9-413E-9CA7-0D61E4779933}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{34DED24E-071D-40C8-A9F8-FFAE47578484}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6C199A95-CC11-4FFE-8FBC-3D951EA1D68C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{45DC10D6-7A46-4338-BDE4-DED6BA122B19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zombie Vikings Stab-a-thon\Zombie Vikings Stab-a-thon.exe
FirewallRules: [{7FC5E309-E9D2-4F44-89C2-E254E2B83280}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zombie Vikings Stab-a-thon\Zombie Vikings Stab-a-thon.exe
FirewallRules: [{ACBE5887-7691-4E7B-8613-1E4BEBE157C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{5F7C8490-72DF-458E-BF07-278A03FDAE55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{C578C7A0-E9C6-4DEF-ACC9-96988AFA236A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{862D9DB9-DE09-4C45-94D4-209182BFBBFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{487F1A1D-338C-4A18-BBF8-605EDCB27864}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C16F1D25-32E7-46CC-B27E-C0FC93E4A77F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{44EC33F1-A77D-4CBE-849B-2730683999CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{8ADBF1FD-D73A-4996-A8D4-F09BFB8482DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{25056E73-21E4-44D5-9784-6852355D95F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cloudberry Kingdom\CloudberryKingdom.exe
FirewallRules: [{64AA6542-87B1-4C38-8902-43DB5C989BEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cloudberry Kingdom\CloudberryKingdom.exe
FirewallRules: [{4D80C3D4-3B56-414B-9ADD-D5ACF3F479AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E288D72F-8544-427C-A860-1ADF9D8771B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{07B557AC-F251-450F-BBDC-5CAC023ED48F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FF3FBEC7-021F-44A5-B6A0-2A62355C4C29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7DD63BAC-537D-4D18-8A7B-7AC42B421172}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6176830E-4B4B-42D8-AC2B-0BF75AFF2534}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{31C7D014-9798-4AAC-811F-505CB514E013}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{9E25AF0D-9D13-45F8-B6FE-7D45A175BB66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{49D68E1A-583A-4F12-9892-D50574BF375B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{0BD27CB2-D1F7-4CC4-A14C-81518D73AAA8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{13B907D2-856D-4F07-A93E-83FD843215C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A281EEEA-6A39-444E-84D0-9C725B9EFC9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{05D5C6C8-17F4-440A-87E2-73DC0142C86A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{F50DA923-4FB3-4D34-997F-B3693FAED6C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{99C4AF0A-23AD-4559-A1A5-1D6A5E7B1D62}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{F68B17BF-CCAC-425A-9ECB-F102CAE9E8DB}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{8983894D-02A4-42AE-84A1-147CE13E9ACD}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{3852F02E-E30F-4B9C-AAA9-EF1589E8F5C9}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{027EBD36-81CF-4055-AA40-39D0E8958633}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{14F5AA67-6791-42A7-B4A0-275C8CA01B8E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CFFBA923-BA73-4F21-B86E-8D4AA9DD1944}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C25C3D33-2E00-4132-8BDE-D51B0C4AD576}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A75EE026-33C3-4F5A-9000-47C020DC9B66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack 2\The Jackbox Party Pack 2.exe
FirewallRules: [{A1758A8B-03EB-4609-9D1B-C54F27A05B83}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack 2\The Jackbox Party Pack 2.exe
FirewallRules: [{AEA0F4D6-5B39-4F27-9886-60B20A960DAC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5B9EDAF0-7A28-4516-B511-4FD3189556B6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{220AFEAD-B230-4AD2-91A1-2C43E76C8F29}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{405A3C48-A43B-4CF4-BF28-CE87C5B63719}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{40448218-04E9-4A89-92FC-BE872B564DA7}] => (Allow) C:\Program Files (x86)\Survarium\game\binaries\x86\survarium-2.exe
FirewallRules: [{6542BE77-6313-4CF5-A362-614FAE6DE4EC}] => (Allow) C:\Program Files (x86)\Survarium\game\binaries\x86\survarium-2.exe
FirewallRules: [{D820E396-2101-41FB-B07D-B81BE997506A}] => (Allow) C:\Program Files (x86)\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{960CABFF-6100-4825-B3F8-7EB331B53526}] => (Allow) C:\Program Files (x86)\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{E8837E8F-3E4A-4028-B1CB-957E9E691CDB}] => (Allow) C:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{4234B8FE-A8A9-4402-877D-1B61EE2CF485}] => (Allow) C:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{58DD8F46-6ADE-4520-A7B9-955D9D1DF4EF}] => (Allow) C:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{C8E0B0E5-807F-4A5B-8E3C-4580966DA700}] => (Allow) C:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{E30BC4AB-B0DE-4F65-A6EE-3D36D1DE67EC}] => (Allow) C:\Program Files (x86)\Survarium\temp\survarium_launcher.exe
FirewallRules: [UDP Query User{4CE204A0-1E0A-4BE5-AC42-2B42FBC5AED9}C:\users\casey\desktop\conselllpoke\necrobot2.exe] => (Allow) C:\users\casey\desktop\conselllpoke\necrobot2.exe
FirewallRules: [TCP Query User{652CD199-B016-4531-BA8B-B6B96F6F8FE6}C:\users\casey\desktop\conselllpoke\necrobot2.exe] => (Allow) C:\users\casey\desktop\conselllpoke\necrobot2.exe
FirewallRules: [UDP Query User{79F6551B-0735-43D5-97C0-B68B7730F508}C:\users\casey\desktop\pokenewww\new folder\new folder\pokefarmer.exe] => (Allow) C:\users\casey\desktop\pokenewww\new folder\new folder\pokefarmer.exe
FirewallRules: [TCP Query User{11FD92F6-B68D-4222-93D0-FABBDB90A386}C:\users\casey\desktop\pokenewww\new folder\new folder\pokefarmer.exe] => (Allow) C:\users\casey\desktop\pokenewww\new folder\new folder\pokefarmer.exe
FirewallRules: [UDP Query User{5C115979-49B5-4643-ADF0-2C293C7806B9}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{31DBB040-EC02-493D-9870-11124EF2D061}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{D12BFFD0-C3E5-44D5-B40B-9E73D16B8C15}C:\users\casey\desktop\pokeeemom\new folder\necrobot2.exe] => (Allow) C:\users\casey\desktop\pokeeemom\new folder\necrobot2.exe
FirewallRules: [TCP Query User{2157A6C3-F0FE-4AAF-A0AC-A5FD8095F161}C:\users\casey\desktop\pokeeemom\new folder\necrobot2.exe] => (Allow) C:\users\casey\desktop\pokeeemom\new folder\necrobot2.exe
FirewallRules: [{0F8C503C-1AFF-4BDC-8A26-E28F673CDF6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{B39DBD79-DD5F-42CC-872E-B61529A157A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{4ADE3064-0050-4318-83F3-9DED6AF57F3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{E0142031-1BA6-4707-B8E0-AC697197474C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{00F8EF55-0CF2-4F99-B656-DE8D08023317}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\High Octane Drift\HighOctaneDrift.exe
FirewallRules: [{2DDE537D-BB65-4542-AA09-5054BE5864C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\High Octane Drift\HighOctaneDrift.exe
FirewallRules: [UDP Query User{B1A33C91-E008-47E8-B23F-209581EE52AC}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{4C2AF085-2F55-40B0-87C1-47AD6C8F9DCD}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{7231E23A-7070-422F-9B43-FC025E0CFBDD}C:\users\casey\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\casey\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C26CBDDA-3F54-47D2-9FB2-4EAF581D4F44}C:\users\casey\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\casey\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{C45D1976-BD0B-4882-817D-77C8539C7D82}C:\program files (x86)\google\chrome\application\chrome334.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome334.exe
FirewallRules: [TCP Query User{0B51250A-0321-46C6-BB73-0930685F9E3A}C:\program files (x86)\google\chrome\application\chrome334.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome334.exe
FirewallRules: [{CDE20814-9C4D-4631-959B-A6B86E1CDCBA}] => (Allow) C:\Program Files (x86)\quattro\intents.exe
FirewallRules: [{7E531760-3D91-4F74-9243-64C7561023C9}] => (Allow) C:\Users\casey\AppData\Local\8825944.exe
FirewallRules: [{38874D22-0680-4C17-AF30-4C4CB39EBC11}] => (Allow) C:\Users\casey\AppData\Local\Temp\423E7038-1F23-48D5-81C3-5FBF4AC376E2\installer.exe
FirewallRules: [UDP Query User{9E2011B1-753E-4336-AFAB-5579144DC81F}C:\users\casey\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\casey\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E915E531-4AE0-4AF8-889E-E6BDB2A16D30}C:\users\casey\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\casey\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4D256967-B915-491E-BC5A-8CBFCBBA902B}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶獜獹慣汬屰楗剮畯整⹄硥e
FirewallRules: [UDP Query User{AAA72AB3-07E4-463A-A3B2-AF2212FA2CCA}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{B49E3847-DD4D-4FFA-A85B-094EBB738460}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe
FirewallRules: [{3961A84D-F46F-41BA-93CA-450EE7A15B04}] => (Allow) C:\Program Files\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0EED4B4C-063A-43C3-8830-10DB9A5478C0}] => (Allow) C:\Program Files\Counter-Strike Global Offensive\revLoader.exe
FirewallRules: [{BD6C727F-E99B-4075-82B2-4D72A91D10A3}] => (Allow) C:\Program Files\Counter-Strike Global Offensive\Run_CSGO.exe
FirewallRules: [{C2382BAF-B117-40FD-9A52-AB792A4B4AC8}] => (Allow) C:\Program Files\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4531C7D6-1D17-4BFC-B130-F65851151BD6}] => (Allow) C:\Program Files\Counter-Strike Global Offensive\revLoader.exe
FirewallRules: [{E9BAB9D3-187C-4903-B9B1-1525D3F4AAD8}] => (Allow) C:\Program Files\Counter-Strike Global Offensive\Run_CSGO.exe
FirewallRules: [UDP Query User{96CAE688-3202-4066-AB04-4FDB2C6F27B9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{BBA55F31-43A2-497F-AD4A-D322D70A2CAA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{8BD60AB8-C39D-4C90-9CE9-F770B12D4BB8}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{8C9F1963-C70C-4AD0-8CB0-73549449ADC7}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{B505037D-A886-4EFF-9EB9-E30DA54DD873}] => (Allow) C:\users\casey\desktop\forza h3\arma 3 apex version pc game ^^nosteam^^\arma 3 apex\arma 3\arma3.exe
FirewallRules: [{BAB51ADB-9BD3-4910-8129-6F5AED2E2D09}] => (Allow) C:\users\casey\desktop\forza h3\arma 3 apex version pc game ^^nosteam^^\arma 3 apex\arma 3\arma3.exe
FirewallRules: [{5ACAF715-45FC-4C0A-B460-878DF8A80C90}] => (Allow) C:\program files (x86)\arma 3\arma3.exe
FirewallRules: [{EABAE5E5-1F44-4A70-8685-27B774ED7BFF}] => (Allow) C:\program files (x86)\arma 3\arma3.exe
FirewallRules: [{7F8D454D-3169-44C4-AAC4-6B0FB5B66A4B}] => (Allow) C:\users\casey\desktop\forza h3\arma 3 apex version pc game ^^nosteam^^\arma 3 apex\arma 3\arma3.exe
FirewallRules: [{37B5E02E-D229-42BD-B5D8-209DAF36ABA7}] => (Allow) C:\users\casey\desktop\forza h3\arma 3 apex version pc game ^^nosteam^^\arma 3 apex\arma 3\arma3.exe
FirewallRules: [UDP Query User{3D488A52-097A-473C-AEFE-5CC4677D68D3}C:\users\casey\desktop\forza h3\arma 3 apex version pc game ^^nosteam^^\arma 3 apex\arma 3\arma3.exe] => (Allow) C:\users\casey\desktop\forza h3\arma 3 apex version pc game ^^nosteam^^\arma 3 apex\arma 3\arma3.exe
FirewallRules: [TCP Query User{79D63C47-5BE6-4ABB-9AE6-9C4433420DC5}C:\users\casey\desktop\forza h3\arma 3 apex version pc game ^^nosteam^^\arma 3 apex\arma 3\arma3.exe] => (Allow) C:\users\casey\desktop\forza h3\arma 3 apex version pc game ^^nosteam^^\arma 3 apex\arma 3\arma3.exe
FirewallRules: [UDP Query User{C6A5E0F9-3BC5-46DC-BBBB-18FB27F125B3}C:\program files (x86)\arma 3\arma3.exe] => (Allow) C:\program files (x86)\arma 3\arma3.exe
FirewallRules: [TCP Query User{F6192A57-D6D2-4A78-B62F-98BFD360688C}C:\program files (x86)\arma 3\arma3.exe] => (Allow) C:\program files (x86)\arma 3\arma3.exe
FirewallRules: [UDP Query User{DD965909-CDE8-47BD-B63E-BE2CBDDA8600}C:\program files (x86)\arma 3 apex\arma3.exe] => (Allow) C:\program files (x86)\arma 3 apex\arma3.exe
FirewallRules: [TCP Query User{7E63F3A9-702F-4BB6-81A2-8F49500168FE}C:\program files (x86)\arma 3 apex\arma3.exe] => (Allow) C:\program files (x86)\arma 3 apex\arma3.exe
FirewallRules: [{FD45F485-E55F-464C-A941-FA315F187A70}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{845289D9-BB58-4DA2-8CB4-1F5F85748DF9}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{9C7E0221-F580-424F-A591-A03297331E8B}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{56BDBFD7-1B2E-4070-A6FA-2A233495C1F6}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [UDP Query User{D7D7C60F-F960-45E8-84C8-BC1D0C24A888}C:\users\casey\appdata\local\temp\$poweriso$\arma3.exe] => (Allow) C:\users\casey\appdata\local\temp\$poweriso$\arma3.exe
FirewallRules: [TCP Query User{B9AB5134-EDF7-4B04-B31E-C625C4B1C252}C:\users\casey\appdata\local\temp\$poweriso$\arma3.exe] => (Allow) C:\users\casey\appdata\local\temp\$poweriso$\arma3.exe
FirewallRules: [UDP Query User{50A49415-F219-4B0F-8A04-09689215BC0E}C:\program files (x86)\steam\steamapps\common\arma 3 apex\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3 apex\arma3.exe
FirewallRules: [TCP Query User{950B81DF-0883-4EF5-B470-67EDC3217BDE}C:\program files (x86)\steam\steamapps\common\arma 3 apex\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3 apex\arma3.exe
FirewallRules: [{E6E0E4FA-03E5-4A5A-86FE-5A5FD9870FC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3 Tools\Publisher\Publisher.exe
FirewallRules: [{0CD4D40B-696A-4095-B640-82706912AF80}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3 Tools\Publisher\Publisher.exe
FirewallRules: [{AD82D814-11BB-4A2F-88D4-6E0A5AAF868A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe
FirewallRules: [{37BE7189-1ABA-42A4-BA21-14CD2A4CF0CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe
FirewallRules: [{4B29751C-85C1-483C-8BCD-457790EC4623}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3 Tools\starter.exe
FirewallRules: [{BE48E1D2-F793-4CF1-AFD5-F60D1673E9CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3 Tools\starter.exe
FirewallRules: [{44A2D2AC-A6E4-412D-8EED-331A7F69056F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3 Tools\Arma3Tools.exe
FirewallRules: [{C141EB0F-D550-464F-9F4A-AF5BA545AFDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3 Tools\Arma3Tools.exe
FirewallRules: [UDP Query User{EFDC3CFA-FA9B-4131-A861-1F6877BB052B}C:\users\casey\downloads\3dmgame-assetto.corsa.v1.7.incl.5dlcs.cracked-3dm\assettocorsa\acs.exe] => (Allow) C:\users\casey\downloads\3dmgame-assetto.corsa.v1.7.incl.5dlcs.cracked-3dm\assettocorsa\acs.exe
FirewallRules: [TCP Query User{A0A2A454-1B53-41C6-84BD-C8614791DD66}C:\users\casey\downloads\3dmgame-assetto.corsa.v1.7.incl.5dlcs.cracked-3dm\assettocorsa\acs.exe] => (Allow) C:\users\casey\downloads\3dmgame-assetto.corsa.v1.7.incl.5dlcs.cracked-3dm\assettocorsa\acs.exe
FirewallRules: [UDP Query User{8283CAB5-6A48-469C-A414-C1D3C806C95D}C:\users\casey\desktop\games iso\dr\drift.streets.japan.v2.5.0\drift streets japan.exe] => (Allow) C:\users\casey\desktop\games iso\dr\drift.streets.japan.v2.5.0\drift streets japan.exe
FirewallRules: [TCP Query User{C5FDF491-0FA7-42B2-95E9-536CDF0E592A}C:\users\casey\desktop\games iso\dr\drift.streets.japan.v2.5.0\drift streets japan.exe] => (Allow) C:\users\casey\desktop\games iso\dr\drift.streets.japan.v2.5.0\drift streets japan.exe
FirewallRules: [UDP Query User{8AB8840D-64B8-42A7-B223-CF2BE131C3A0}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [TCP Query User{161E4624-8282-431F-A6C4-20577FF82347}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [{944FD65F-5D2D-4BDF-A144-8EE1006DDA53}] => (Allow) LPort=5055
FirewallRules: [UDP Query User{46FF7D3F-22DC-4A4C-BAE5-7B78F13D3B1C}C:\program files (x86)\peak angle\peakangle.exe] => (Allow) C:\program files (x86)\peak angle\peakangle.exe
FirewallRules: [TCP Query User{C080ED49-5EE2-411F-9256-6E0EED168D6B}C:\program files (x86)\peak angle\peakangle.exe] => (Allow) C:\program files (x86)\peak angle\peakangle.exe
FirewallRules: [{5508273E-2703-4E85-A338-847D8B1DEC11}] => (Allow) C:\Users\casey\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EC4D0ACD-D9F6-4FCE-A83C-DAE0BEC9E0EA}] => (Allow) C:\Users\casey\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{47DCB64E-6677-4EFC-ABF1-E6966A1C96CA}] => (Allow) C:\Users\casey\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4E67D3D1-0660-45A9-BE72-324C772A68F1}] => (Allow) C:\Users\casey\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{15D40C27-FF7E-418A-9B06-4707653D2EAC}] => (Allow) C:\Users\casey\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EC9F7FD9-33F5-474D-A103-C6AECD8CC408}] => (Allow) C:\Users\casey\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{305B3D7C-C7DA-4CED-A330-FC0CAAFFCAF9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{D4463D37-284E-4547-9301-9841C80549AA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{CFC01F67-F64E-4E47-BE65-114DDFAEF1E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{B01B0C0A-BD8A-4FF6-835C-222499194879}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{6DEE196C-E04F-44B6-8B7A-98E86CAC67FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{28285BD2-FFB3-49C2-BE02-59B7E5CCFEC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{C04B214B-BA65-4F73-AD40-FC44D4CED702}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{9A5A1519-DC49-4D4A-9D8C-BA18941896AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{20EB43F1-E83C-423F-A4BD-E7288780128D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5A21E7BA-479C-48D4-9E80-9522429E93CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F0D11D25-25C4-4111-8324-ED5BBBDAFF0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4DE48A47-8002-4351-B7E3-BC459B0880B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A1412558-F012-454F-9A61-C54831A52CCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{49745AAB-7C78-43BA-B65B-350504CD8AA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D48F4634-D230-4A28-B40B-DFC5E8FDCE93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{14C82C14-72F3-49C2-8D51-E777C642EDCC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{681D381D-9B93-410B-9B58-C4CC3326C281}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{17F6422C-97A0-4952-B96C-528C9E51D084}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{0593E81D-C285-4C86-95AA-318D8D2E9135}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A92C556E-D09E-42B4-A83B-F9586766FA42}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{19D8EBE4-572F-447E-9701-655688E61264}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{22205CF2-E654-4028-A617-B6453C215553}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{2351FACB-172D-4A8E-9CBD-7D3B86363F68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{ECA2FB7F-7E9E-44E2-AFB4-DB3E5F427A69}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B7E068C9-7E6F-4501-A9F8-B598AAF2F634}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FCF7D9B6-58F9-4975-BE68-B80710BAEF96}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{839BCDC8-EFF7-4DFE-8111-CE7B0E772E67}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{14A61DDE-BE43-4AD5-9471-9804009354C1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{E903E348-12C9-481D-BA14-5F95EF854139}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{EAE7CD4E-D28F-45F6-A104-2AE01487FACE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5D692AAF-FAD8-43DD-AFA1-E665BAC9B2F5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3D4D5A96-0137-44E0-A4F5-966BA229CC27}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C7C56F92-3666-499E-B4E0-17892636D04E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3AE20146-9448-41CE-89D9-ABD0F52D1895}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{40BE9DE2-A3B0-425F-8D53-144C9D63EF18}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{FFA49C21-222B-40CE-B70D-59E9560962ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{607979A4-CE77-4D56-9B25-E86366DC5286}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{704F0E64-B206-4191-989E-9705A9F75482}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{671CC664-0868-4E1B-8B5A-0DD362497F5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{AC51D0CE-26E1-415C-9BBD-499FB15F9268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{8B70CED1-9924-46B8-98A0-28D8E0A21D91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{4DB13B61-2DB2-4EA0-8440-D20A348DC9F4}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{1D1E258D-B8B4-41E3-BFA2-59596A3DE202}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [{A2E58A93-21CB-4A6E-A7FB-21407528D25A}] => (Allow) C:\Users\casey\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{8893C30B-1D18-4E8D-9ADA-5E698635824A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{68A5C09F-4902-4C70-AD1B-F5F0E94E3BA4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [TCP Query User{C5B40A12-3694-4BC9-B462-4232092DB8FB}C:\users\casey\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\casey\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C53419A0-42A5-4B3D-ABA3-F1408A1F0A24}C:\users\casey\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\casey\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B8E1E506-66A8-406E-AB00-885E7D4B443B}C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.gui.v0.1.6\pogolocationfeeder.gui.exe] => (Allow) C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.gui.v0.1.6\pogolocationfeeder.gui.exe
FirewallRules: [UDP Query User{449167EC-0186-4D5C-B0DB-1236C8F0D873}C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.gui.v0.1.6\pogolocationfeeder.gui.exe] => (Allow) C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.gui.v0.1.6\pogolocationfeeder.gui.exe
FirewallRules: [TCP Query User{CF47D471-2D08-4C16-BDDA-55E1FD2D5131}C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.v0.1.8\pogolocationfeeder.gui.exe] => (Allow) C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.v0.1.8\pogolocationfeeder.gui.exe
FirewallRules: [UDP Query User{A662FDD4-278E-4BD3-AFF1-C9F1E8B48EF1}C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.v0.1.8\pogolocationfeeder.gui.exe] => (Allow) C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.v0.1.8\pogolocationfeeder.gui.exe
FirewallRules: [{7E3B5027-11DD-4B86-9B5E-DAC34236F2CA}] => (Block) C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.v0.1.8\pogolocationfeeder.gui.exe
FirewallRules: [{BF7B5220-256B-471D-B323-D01693B944EA}] => (Block) C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.v0.1.8\pogolocationfeeder.gui.exe
FirewallRules: [TCP Query User{859FE7C5-470C-4A0F-9CFE-84277187A509}C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.v0.1.8\pogolocationfeeder.exe] => (Allow) C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.v0.1.8\pogolocationfeeder.exe
FirewallRules: [UDP Query User{98BC08BE-2D63-4E7F-9D9F-42A4655BFCCB}C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.v0.1.8\pogolocationfeeder.exe] => (Allow) C:\users\casey\downloads\pokemon go\pokeysniper\pogolocationfeeder.v0.1.8\pogolocationfeeder.exe
FirewallRules: [TCP Query User{AA1E3FFF-1D21-4E74-A9DB-277AB39F534D}C:\users\casey\downloads\pokemon go\mob bot\pokemobbot.exe] => (Allow) C:\users\casey\downloads\pokemon go\mob bot\pokemobbot.exe
FirewallRules: [UDP Query User{103F2D75-F0AC-466C-9C74-F8152847A55B}C:\users\casey\downloads\pokemon go\mob bot\pokemobbot.exe] => (Allow) C:\users\casey\downloads\pokemon go\mob bot\pokemobbot.exe
FirewallRules: [{9D23FE89-0FA8-4EA8-8F2B-74CEFD3DC7D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E64F3137-BA8F-447E-81BE-05FA53DC09CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6EE98451-4633-4A77-A910-8F4FEFE65A9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E4CF5C4E-AA51-4F79-ACC5-7D8C1EB13424}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DD14D91D-ED62-418C-9692-026DAC6B2B50}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{E53C573C-0990-4F18-9600-B465A1F1B79A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{ED7C8B3B-5D5C-4F51-8D59-15EB32416940}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F2223185-27DE-4307-A9FB-9AB7E049BC3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5FD0DDFF-5EC5-4D43-9C57-2E5AF0B35B5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DD3DE0A4-5381-4E3B-AFE0-51CC1D5F7A1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{AA567980-4D41-4F18-A299-27EA8B1298DF}C:\users\casey\desktop\pokenewww\new folder\new folder\pokefarmer.exe] => (Allow) C:\users\casey\desktop\pokenewww\new folder\new folder\pokefarmer.exe
FirewallRules: [UDP Query User{FD70E03B-17FB-427C-8A0F-61806B791C13}C:\users\casey\desktop\pokenewww\new folder\new folder\pokefarmer.exe] => (Allow) C:\users\casey\desktop\pokenewww\new folder\new folder\pokefarmer.exe
FirewallRules: [{94D6FAC9-07E3-42CE-84D0-FEC0C87D9EE8}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe
FirewallRules: [{6565A080-B6AA-4653-A72C-495DD8E01079}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{4B885D41-2E34-414E-A76F-8F821AC36624}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{1BFDE7ED-E5E4-436B-93DB-F34412CBBD52}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [TCP Query User{1A3E9D0C-86AE-4DC8-B0F2-CC96C5F5D321}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{31EC2691-3BF3-416C-84C6-E780EC2C6E79}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{C4706432-6701-4F81-B201-6FDFD987800D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{013445BB-F5F3-4536-A46C-954B9870FC23}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{E1770DB3-A1C4-4613-ABF6-17ED628480F8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{9EB51332-B684-419A-83CA-482CE02CFCA2}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{FFCA66D9-8958-430A-A3DA-87904DC5E192}] => (Allow) C:\Program Files (x86)\Opera\46.0.2597.57\opera.exe
FirewallRules: [{C11FBEE3-F725-4A2F-8BA1-5D5611737F8B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8A01BB3C-D820-470D-83F4-452EDD85E37B}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
Name: Scan
Description: Scan
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Dell Wireless 1506 802.11b/g/n (2.4GHz)
Description: Dell Wireless 1506 802.11b|g|n (2.4GHz)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Apple iPhone
Description: Apple iPhone
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Apple Inc.
Service: WUDFWpdMtp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/26/2017 03:13:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\STMicroelectronics\Software\Virtual COM Port Driver\dpinst_ia64.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (08/26/2017 03:13:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files (x86)\google\chrome\application\сhrоmе.bаt.exe".
Dependent Assembly 53.0.2785.143,language="&#x2a;",type="win32",version="53.0.2785.143" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (08/26/2017 03:12:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: launcher.exe_Opera Internet Browser, version: 46.0.2597.57, time stamp: 0x5969387e
Faulting module name: launcher.exe, version: 46.0.2597.57, time stamp: 0x5969387e
Exception code: 0x80000003
Fault offset: 0x0002e912
Faulting process id: 0x20a0
Faulting application start time: 0x01d31e9f3355cd88
Faulting application path: C:\Program Files (x86)\Opera\launcher.exe
Faulting module path: C:\Program Files (x86)\Opera\launcher.exe
Report Id: 33be094a-93aa-4925-ae42-ec5b6b5de1aa
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/26/2017 03:07:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: launcher.exe_Opera Internet Browser, version: 46.0.2597.57, time stamp: 0x5969387e
Faulting module name: launcher.exe, version: 46.0.2597.57, time stamp: 0x5969387e
Exception code: 0x80000003
Fault offset: 0x0002e912
Faulting process id: 0x3dc
Faulting application start time: 0x01d31e9e7fe5dd9f
Faulting application path: C:\Program Files (x86)\Opera\launcher.exe
Faulting module path: C:\Program Files (x86)\Opera\launcher.exe
Report Id: 1c0c748b-e1f1-44d4-a953-8dc2f3c10065
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/26/2017 01:41:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/26/2017 01:39:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: winsrcsrv.exe, version: 1.0.0.0, time stamp: 0x5934754d
Faulting module name: KERNELBASE.dll, version: 10.0.15063.502, time stamp: 0xc3955624
Exception code: 0xe0434352
Fault offset: 0x000eb802
Faulting process id: 0xc2c
Faulting application start time: 0x01d31e9234a40f39
Faulting application path: C:\WINDOWS\src_srv\winsrcsrv.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 2f7d02e9-ccc4-4a2e-8871-cd9b04758d95
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/26/2017 01:39:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: winsrcsrv.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at winsrcsrv.Service1..ctor()
   at winsrcsrv.Program.Main()
 
Error: (08/26/2017 12:05:08 AM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'
 
Error: (08/25/2017 11:23:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BEARD)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2147024726 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/25/2017 11:18:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: launcher.exe_Opera Internet Browser, version: 46.0.2597.57, time stamp: 0x5969387e
Faulting module name: launcher.exe, version: 46.0.2597.57, time stamp: 0x5969387e
Exception code: 0x80000003
Fault offset: 0x0002e912
Faulting process id: 0x23d8
Faulting application start time: 0x01d31e19ffa6cb70
Faulting application path: C:\Program Files (x86)\Opera\launcher.exe
Faulting module path: C:\Program Files (x86)\Opera\launcher.exe
Report Id: e7112a99-124a-4bc8-961c-2d3d2801d42a
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (08/26/2017 04:24:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Validation Trust Protection Service service failed to start due to the following error: 
The requested resource is in use.
 
Error: (08/26/2017 04:24:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Validation Trust Protection Service service failed to start due to the following error: 
The requested resource is in use.
 
Error: (08/26/2017 04:24:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Validation Trust Protection Service service failed to start due to the following error: 
The requested resource is in use.
 
Error: (08/26/2017 04:24:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Validation Trust Protection Service service failed to start due to the following error: 
The requested resource is in use.
 
Error: (08/26/2017 04:24:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Validation Trust Protection Service service failed to start due to the following error: 
The requested resource is in use.
 
Error: (08/26/2017 04:23:29 PM) (Source: DCOM) (EventID: 10010) (User: BEARD)
Description: The server {ABC01078-F197-4B0B-ADBC-CFE684B39C82} did not register with DCOM within the required timeout.
 
Error: (08/26/2017 04:14:16 PM) (Source: DCOM) (EventID: 10010) (User: BEARD)
Description: The server {ABC01078-F197-4B0B-ADBC-CFE684B39C82} did not register with DCOM within the required timeout.
 
Error: (08/26/2017 03:49:03 PM) (Source: DCOM) (EventID: 10010) (User: BEARD)
Description: The server {ABC01078-F197-4B0B-ADBC-CFE684B39C82} did not register with DCOM within the required timeout.
 
Error: (08/26/2017 03:48:25 PM) (Source: DCOM) (EventID: 10010) (User: BEARD)
Description: The server {ABC01078-F197-4B0B-ADBC-CFE684B39C82} did not register with DCOM within the required timeout.
 
Error: (08/26/2017 03:47:25 PM) (Source: DCOM) (EventID: 10010) (User: BEARD)
Description: The server {ABC01078-F197-4B0B-ADBC-CFE684B39C82} did not register with DCOM within the required timeout.
 
 
CodeIntegrity:
===================================
  Date: 2017-08-26 16:27:31.332
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-26 16:27:31.328
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-26 16:27:14.674
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-26 16:27:14.672
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-26 15:55:29.788
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-26 15:55:29.785
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-26 15:23:00.492
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-26 15:23:00.490
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-26 15:08:49.829
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-26 15:08:49.827
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 65%
Total physical RAM: 6060.74 MB
Available physical RAM: 2090.21 MB
Total Virtual: 12972.74 MB
Available Virtual: 7350.11 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.67 GB) (Free:258.92 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3A49D024)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#5 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:05:05 AM

Posted 26 August 2017 - 04:40 PM

  • Please download this version of Malwarebytes Anti-Rootkit and save the file to your Desktop.
  • Right-Click MBAR.exe and select AVOiBNU.jpgRun as administrator to run the installer.
  • Select your Desktop as the location to extract the contents and click OK. The programme should open upon completion.
  • Click Next, followed by Update. Upon update completion, click Next.
  • Ensure Drivers, Sectors & System are checked and click Scan.
  • Note: Do not use your computer during the scan.
  • Upon completion:
    • If no infection is found, close the MBAR window.
    • If an infection is found, ensure Create Restore Point is checked and click Cleanup. Reboot when prompted.
  • Two logs (mbar-log.txt and system-log.txt) will be created. Copy the contents of both logs and paste in your next reply. Both logs can be found in the MBAR folder.
This is a long scan. It may seem that has hang, but that is not the case. Some members have had to allow the program to run Overnight. Be patient.

Edited by JSntgRvr, 26 August 2017 - 04:41 PM.
typo

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#6 CatBeard

CatBeard
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 26 August 2017 - 06:29 PM

Okay so it's been running for two hours. It has 4,704 detected malware but now my curser just spins and it won't scan anymore. Is this normal? What should I do?

#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:05:05 AM

Posted 26 August 2017 - 07:35 PM

Some members have had to allow the program to run Overnight. Be patient.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 CatBeard

CatBeard
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 28 August 2017 - 02:56 PM

I've been running it for 2 days now. It says 22,981 malware found and hasn't changed in 12 hours. Is it frozen or should I keep it going?

#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:05:05 AM

Posted 28 August 2017 - 03:17 PM

Ok. Lets stop the application and apply a fix in the Recovery Environment.

 

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. (FRST64)

Please also download the attached file [attachment=197354:Fixlist.txt] and save it in the same location the FRST64 is saved in the flash drive.

Insert the USB drive in the infected computer.

Boot to the Recovery Console's Command prompt.

Entry points into the Windows Recovery Environment (WinRE).

You can access WinRE features through the Boot Options menu, which can be launched from Windows in a few different ways:

  • Option 1: From the login screen, click Shutdown, then hold down the Shift key while selecting Restart.
  • Option 2: In Windows 10, select Start > Settings > Update & security > Recovery > under Advanced Startup, click Restart now.
  • Option 3: Boot to recovery media.
  • Option 4: Use a hardware recovery button (or button combination) configured by the OEM (Computer Manufacturer).

After any of these actions is performed, all user sessions are signed off and the Boot Options menu is displayed. The PC will restart into the WinRE and the selected feature is launched.

On the boot options, select Troubleshooting > Advanced Options > Command prompt.

Once in the Command Prompt:

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Fix button.
  • It will make a log (Fixlog.txt) in the flash drive. Please copy and paste it to your reply.

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#10 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:05:05 AM

Posted 31 August 2017 - 03:12 PM

Are you still with us?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:05:05 AM

Posted 03 September 2017 - 02:48 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users