Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can viruses do this or is it ny win 10 installation?


  • This topic is locked This topic is locked
20 replies to this topic

#1 zyphodb

zyphodb

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 26 March 2018 - 10:01 PM

Hi there,

                I've just recently moved & have changed my internet connection.

 I tried to open my EA games Origin acc. & it stuck on loading the sign in screen. To cut a long story short, in the process of trying to sort it with EA help I sent them an msinfo file, they replied saying it was mostly full of windows errors I should try starting it in safe mode & look at my windows installation as they thought it had been corrupted.

 So I tried to start in safe mode, got as far as my windows pin no. log in screen where it refused to let me log in as according to it my windows PIN code was wrong.

I have since tried running my own Avira free anti virus which says no problem. I have tried two online virus scanners, the first one froze without starting. the second one housecall from trend micro has got 25% in & now seems to be in a loop scanning C./..956473542.jpg:Zone.Identifier with the 9 digit number constantly changing.  Windows also won't let me perform an SFC either. Do you think that this is a virus? or is it my Windows 10 breaking down? or something else perhaps. This is way outside my knowledge comfort zone, and as I live in the backwoods of Thailand I have no possibility of finding someone locally to advise me.

 

     Some help would be very much appreciated please...

 

                                                                                              Best regards zyphodb



BC AdBot (Login to Remove)

 


#2 zyphodb

zyphodb
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 26 March 2018 - 10:05 PM

I forgot to mention I am running a (hopefully) up to date copy of windows 10 home  & also I've scanned it with Anti melwarebytes with nothing of interest.



#3 RayS

RayS

  • Malware Response Team
  • 2,433 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:05 PM

Posted 28 March 2018 - 11:25 AM

Hi zyphodb,

 

My name is Ray and I'll be assisting you with your issue. Please give me a day or two to review your logs and prepare a reply. Since I'm still a trainee, all my posts have to be reviewed by my instructor prior to being posted to make sure that you receive the best assistance possible.

Thank you for your understanding, I'll be with you shortly!

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#4 RayS

RayS

  • Malware Response Team
  • 2,433 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:05 PM

Posted 28 March 2018 - 12:56 PM

Hello again zyphodb, and welcome to Bleeping Computer.

Please call me "Ray". Do you have a short nickname I can use?

I will be helping you with your computer problem.
 

  • Please do not attach any log files to your replies unless specifically requested. Instead, please copy and paste the entire text of the logs into the body of your reply. Use separate consecutive posts if that's easier for you.
  • Please do not make any further changes to your computer (such as Install/Uninstall programs, use special fix tools, delete files, edit the registry, etc...) and don't perform any actions without being advised to do so. If you are unsure, please stop and describe the current state of your PC and ask your question.
  • Always read my entire message before you begin to follow my instructions.
  • It may be helpful for you to print my instructions for easy reference.
  • Perform my instructions in the order as given.
  • Click More Reply Options and then Preview Post before you post a reply. Be sure your message addresses all the issues I raise.
  • Any fixes I provide are for this specific problem on this machine only.
  • Removing malware is hazardous. I will not knowingly advise actions that will damage your computer, but it is impossible to guarantee the safety of your system. It may even become necessary to re-format and re-install your operating system. Before we proceed, you should back up all your data -- preferably to a different computer or to off-line storage.


Preliminary questions


  • Please confirm that you are consistently able to start your PC in normal boot.
  • Do you see any error messages or unexpected behavior as the PC starts up?
  • You say, "I tried to open my EA games Origin acc. & it stuck on loading the sign in screen." Does the problem occur because your sign-in credentials (user name and password) are not accepted or does the problem occur before the sign-in window is completely displayed?

Follow Preparation Guide
Please follow the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help by Lawrence Abrams. Since you have already posted a request for help, you can skip some of the steps in the guide, but you should follow closely steps :step1:  and :step6: .
Note one exception: Please do not attach the Addition.txt file. Instead, copy and paste it into the body of your reply.


In your next reply...


  • Please tell me your nickname. If none, may I address you as "Z"?
  • Confirm that you have backed up all your important data.
  • Copy and paste the entire contents of FRST.txt and Addition.txt into the body of your message.
  • Give me a complete description of any additional symptoms including verbatim copies of error messages, if any.

Thank you,

Ray

 


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#5 zyphodb

zyphodb
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 28 March 2018 - 09:38 PM

Hi Ray,

              Yes you can call me Z.

 First thing, windows boots perfectly well in normal mode, the problem is only if I try to boot in safe mode.

2. Theres no error messages on windows startup.

3. when i try to boot in safe mode it just says that my PIN no. is incorrect.

4. I've backed up all my important stuff.

5. The Origin problem occurs before I get to the login screen, it freezes on loading the login screen. Since I posted this I've also found out that it won't let me login to the origin website either.

 

   Since posting this I have been reading up & posted on several other forums as well & have tried to remedy it myself, I discovered that the virus/malware was blocking my antivirus from scanning properly so I have d/led & run Rkill followed by malwarebytes, then followed by several different antivirus scans, malwarebytes quarantined several things but none of the antiviruses found anything.

 

   A bit more background.....   the network I'm connected to is my home network but I'm living and working away from home mostly now, I've just come home for a months holiday & brought my PC with me. here at home my 14 yr old stepson has a PC attached to the network, he is completely ignorant of PC security protocols & also is Thai & unable to speak English so I can't educate him. One of the first things I did on getting home was run malwarebytes & avira AV on his PC One of them, I can't remember which found a bitcoin miner which I'd hoped was deleted, I strongly suspect this has migrated across the network & infected my PC.

 I've been using being able to log in to Origin as the benchmark for having cleared the infection, I had no problems with this until I started using my home network again. 

My next step, which I haven't done yet was launching an Avast boot time scan, now you have answered I shall follow your instructions instead...

I shall reply again ASAP with a copy of FRST. txt


Here is the FRST log...

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by lauri (administrator) on DESKTOP-0OKN7NQ (29-03-2018 09:34:47)
Running from C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads
Loaded Profiles: lauri (Available Profiles: lauri)
Platform: Windows 10 Home Single Language Version 1709 16299.309 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Cybereason) C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe
(Windows ® Win 7 DDK provider) C:\Windows\System32\AdminService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Cybereason) C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.22105.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
() C:\Windows\jmesoft\ServiceLoader.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(Sonix Technology Co., Ltd.) C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.22105.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\Video.UI.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-05-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-05-14] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-07-15] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-28] (AVAST Software)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink)
HKLM-x32\...\Run: [jmekey] => C:\Windows\jmesoft\hotkey.exe [118784 2013-07-25] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-17] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-03-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [snp2uvc] => C:\WINDOWS\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM-x32\...\Run: [tsnp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [322560 2011-09-07] (Sonix Technology Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-584912067-1683141588-1664888071-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3100456 2018-03-28] (Electronic Arts)
HKU\S-1-5-21-584912067-1683141588-1664888071-1001\...\Policies\Explorer: [NoDrives] 2
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 203.113.111.98 203.113.111.11
Tcpip\..\Interfaces\{52f8ae17-6c0f-4915-a5c7-016b5016bd81}: [DhcpNameServer] 203.113.111.98 203.113.111.11
Tcpip\..\Interfaces\{56b153e8-a1e9-41a8-9a31-1863d93a7cf4}: [DhcpNameServer] 10.204.0.1
Tcpip\..\Interfaces\{95150bee-c04b-4dd7-976f-360184d022f4}: [DhcpNameServer] 203.113.111.98 203.113.111.11
Tcpip\..\Interfaces\{d37eca95-c475-41f2-8f26-e3cc54a572e8}: [DhcpNameServer] 10.200.0.1
Tcpip\..\Interfaces\{f3952f38-1186-4ea9-9839-58e24916a4f6}: [DhcpNameServer] 203.144.206.49 203.144.206.29
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-584912067-1683141588-1664888071-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-584912067-1683141588-1664888071-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-584912067-1683141588-1664888071-1001 -> DefaultScope {3D5B03F4-6AD0-4888-8CE2-95AB9EC2FF9A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-21] (Oracle Corporation)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2017-08-04] (IObit)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-21] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
 
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://aboutblank/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default [2018-03-29]
CHR Extension: (Google Translate) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-10]
CHR Extension: (Slides) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-10]
CHR Extension: (Docs) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-10]
CHR Extension: (Google Drive) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-10]
CHR Extension: (Earth View from Google Earth) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdofhnnoh [2018-03-10]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-03-10]
CHR Extension: (DuckDuckGo) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2018-03-26]
CHR Extension: (YouTube) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-10]
CHR Extension: (uBlock Origin) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-03-20]
CHR Extension: (Ecosia Omnibar Redirect (Legacy)) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\clellnciejhoedgepbdilbkdkaoecgpc [2018-03-10]
CHR Extension: (Search by Image (by Google)) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2018-03-10]
CHR Extension: (PriceJump) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dblfcnaanidhgjbmcfgebdcifkaffcpb [2018-03-10]
CHR Extension: (Polarr Photo Editor) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2018-03-10]
CHR Extension: (Mahjong Solitaire) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogmadihniohlnmipdhchaoagjhfnohc [2018-03-10]
CHR Extension: (Stitcher) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcenjghnbkdmdncneijobnbgjcadnbge [2018-03-10]
CHR Extension: (Radioplayer UK) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcppdfelojakeahklfgkjegnpbgndoch [2018-03-10]
CHR Extension: (Sheets) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-10]
CHR Extension: (PicMonkey) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm [2018-03-10]
CHR Extension: (Google Docs Offline) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-10]
CHR Extension: (iPlayer) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgmajojbjblmdmlebglpllemlhkfjmk [2018-03-10]
CHR Extension: (Learn Thai Free - ThaiPod101.com) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmmgcobjnmoilnkmahocaipdccbjoodi [2018-03-10]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-03-10]
CHR Extension: (Protect My Choices) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgloanjhdcenjgiafkpbehddcnonlic [2018-03-27]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-03-14]
CHR Extension: (Up To Ten) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkmdpjhkpaefacnclohblibjodcofpnd [2018-03-10]
CHR Extension: (Disconnect) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2018-03-10]
CHR Extension: (Save to Facebook) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2018-03-10]
CHR Extension: (View Image) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2018-03-27]
CHR Extension: (Chrometana - Redirect Bing Somewhere Better) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaicbfmipfpfpjmlbpejaoaflfdnabnc [2018-03-10]
CHR Extension: (StumbleBar by StumbleUpon) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2018-03-10]
CHR Extension: (InvisibleHand) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko [2018-03-10]
CHR Extension: (UK Radio Absolute) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljiiongfgmepdfnfndmpccopehjdlddl [2018-03-10]
CHR Extension: (Google Maps) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-03-10]
CHR Extension: (BBC Radio Tuner) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbhegenoegcelljcidbaalkopfhiddke [2018-03-10]
CHR Extension: (3D Solar System Web) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2018-03-10]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-03-10]
CHR Extension: (Google Play Books) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2018-03-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-10]
CHR Extension: (Hover Zoom) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2018-03-10]
CHR Extension: (Kloojj) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pappkkddikembcifchmlpciebdjcggig [2018-03-28]
CHR Extension: (Gmail) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-10]
CHR Extension: (Google Similar Pages) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnfggphgdjblhfjaphkjhfpiiekbbej [2018-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-14]
CHR Extension: (Watch ITV) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkehfjjplbohfmcklpllagnebkdibpl [2018-03-10]
CHR Extension: (RightToCopy) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmcimdddlobkphnofejmeidjblideca [2018-03-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1136744 2018-02-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [492560 2018-02-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [492560 2018-02-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1533608 2018-02-16] (Avira Operations GmbH & Co. KG)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-28] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-28] (AVAST Software)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [443024 2018-03-12] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2017-03-24] ()
R2 CybereasonRansomFree; C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe [18368 2017-01-24] (Cybereason)
S3 Disc Soft Lite Bus Service; D:\Program files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd)
R2 FastbootService; C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe [288768 2015-11-10] (Lenovo) [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [662600 2018-02-18] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8410184 2018-02-18] (GOG.com)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S4 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-20] (Intel Corporation) [File not signed]
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-20] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
S3 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-17] () [File not signed]
R2 LenovoPortalService; C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe [24312 2015-11-10] ()
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [523152 2018-03-14] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [523152 2018-03-14] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2158912 2018-03-28] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3028808 2018-03-28] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2018-03-18] ()
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [31176 2016-01-20] (SHAREit Technologies Co.Ltd)
S3 UpdateAgentService; C:\Program Files\update\UpdateAgent.exe [226216 2015-11-10] ()
S3 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [61784 2017-04-11] (KeepSolid Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196648 2018-03-28] (AVAST Software)
S3 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-28] (AVAST Software)
S3 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-28] (AVAST Software)
S3 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-28] (AVAST Software)
S3 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-28] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [215320 2018-03-28] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-03-28] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146656 2018-03-28] (AVAST Software)
S3 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-03-28] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-03-28] (AVAST Software)
S3 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-03-28] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-03-28] (AVAST Software)
S3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-03-28] (AVAST Software)
S3 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-03-28] (AVAST Software)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-10-09] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [178840 2017-12-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-02-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-21] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-01-03] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [46392 2016-01-03] (Disc Soft Ltd)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [538088 2017-03-22] (Intel Corporation)
R0 Fastboot; C:\WINDOWS\System32\DRIVERS\Fastboot.sys [67608 2015-11-10] (Windows ® Win 7 DDK provider) [File not signed]
R0 FBFsmon; C:\WINDOWS\System32\DRIVERS\FBFsmon.sys [39448 2015-11-10] (Windows ® Win 7 DDK provider) [File not signed]
R2 FBNetFilter; C:\WINDOWS\system32\Drivers\FBNetFlt.sys [32792 2015-11-10] (Windows ® Win 7 DDK provider) [File not signed]
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [131160 2016-10-05] (Genesys logic)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-31] (REALiX™)
S3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [24056 2017-07-19] (IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [40328 2018-01-10] (IObit.com)
S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2017-09-29] (MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlei.inf_amd64_021dbdd953a33529\nvlddmkm.sys [17526688 2018-03-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31632 2018-03-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-16] (NVIDIA Corporation)
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [32568 2015-08-15] (EldoS Corporation)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-04-14] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
U3 aswbdisk; no ImagePath
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-03-29 09:34 - 2018-03-29 09:35 - 000031660 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\FRST.txt
2018-03-29 09:10 - 2018-03-29 09:34 - 000000000 ____D C:\FRST
2018-03-29 09:10 - 2018-03-29 09:10 - 002403328 _____ (Farbar) C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\FRST64.exe
2018-03-28 13:51 - 2018-03-28 13:51 - 000000000 __SHD C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\ This folder protects against ransomware. Modifying it will reduce protection
2018-03-28 13:51 - 2018-03-28 13:51 - 000000000 ___HD C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Owrap76
2018-03-28 13:51 - 2018-03-28 13:51 - 000000000 ___HD C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Amdefinitions228
2018-03-28 13:50 - 2018-03-28 13:50 - 000529093 _____ C:\Users\UBTFu8i\plants-dive.xlsx
2018-03-28 13:50 - 2018-03-28 13:50 - 000515283 _____ C:\Users\Aknfw\pullingsellassociatemaid.xlsx
2018-03-28 13:50 - 2018-03-28 13:50 - 000214369 _____ C:\Users\Aknfw\basin.label.cat.charter.mdb
2018-03-28 13:50 - 2018-03-28 13:50 - 000203707 _____ C:\Users\UBTFu8i\68H1PJuU.mdb
2018-03-28 13:50 - 2018-03-28 13:50 - 000066282 _____ C:\Users\Aknfw\japan_garden.xls
2018-03-28 13:50 - 2018-03-28 13:50 - 000066036 _____ C:\Users\UBTFu8i\conceived.readers.alaska.xls
2018-03-28 13:50 - 2018-03-28 13:50 - 000055681 _____ C:\Users\Aknfw\ninemorris.pem
2018-03-28 13:50 - 2018-03-28 13:50 - 000050049 _____ C:\Users\UBTFu8i\ham tried approximate.pem
2018-03-28 13:50 - 2018-03-28 13:50 - 000027566 _____ C:\Users\UBTFu8i\slight_rome_visited_accordingly.txt
2018-03-28 13:50 - 2018-03-28 13:50 - 000022257 _____ C:\Users\UBTFu8i\inevitably.officers.sql
2018-03-28 13:50 - 2018-03-28 13:50 - 000022040 _____ C:\Users\Aknfw\rubbish jobs seeds.sql
2018-03-28 13:50 - 2018-03-28 13:50 - 000020755 _____ C:\Users\Aknfw\empirical_pretty.txt
2018-03-28 13:50 - 2018-03-28 13:50 - 000000000 ___HD C:\Users\UBTFu8i
2018-03-28 13:50 - 2018-03-28 13:50 - 000000000 ___HD C:\Users\Aknfw
2018-03-28 13:50 - 2018-03-28 13:50 - 000000000 ____D C:\Xhelper81
2018-03-28 13:50 - 2018-03-28 13:50 - 000000000 ____D C:\Aorganized45
2018-03-28 10:13 - 2018-03-28 10:13 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\AVAST Software
2018-03-28 10:12 - 2018-03-29 08:13 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-03-28 10:12 - 2018-03-28 10:12 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-03-28 10:12 - 2018-03-28 10:12 - 000001992 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-03-28 10:12 - 2018-03-28 10:12 - 000001980 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-03-28 10:11 - 2018-03-28 10:11 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-03-28 10:11 - 2018-03-28 10:11 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000196648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000146656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-03-28 10:11 - 2018-03-28 10:10 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-03-28 10:11 - 2018-03-28 10:10 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-03-28 10:11 - 2018-03-28 10:10 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-03-28 10:11 - 2018-03-28 10:10 - 000215320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-03-28 10:11 - 2018-03-28 10:10 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-03-28 10:11 - 2018-03-28 10:10 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-03-28 10:08 - 2018-03-28 10:08 - 000000000 ____D C:\Program Files\AVAST Software
2018-03-28 10:07 - 2018-03-28 10:07 - 007302848 _____ (AVAST Software) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\avast_free_antivirus_setup_online.exe
2018-03-28 10:04 - 2018-03-28 10:04 - 000444258 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\ars.cache
2018-03-28 09:05 - 2018-03-28 09:05 - 000001927 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-03-28 09:05 - 2018-03-28 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-28 09:05 - 2018-03-28 09:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-28 09:05 - 2018-03-28 09:05 - 000000000 ____D C:\Program Files\Malwarebytes
2018-03-28 09:05 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-03-28 08:59 - 2018-03-28 08:59 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2018-03-28 08:56 - 2018-03-28 08:56 - 000000194 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\hosts-perm.bat
2018-03-28 08:53 - 2018-03-28 10:28 - 000002702 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Rkill.txt
2018-03-28 08:52 - 2018-03-28 08:52 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\rkill.exe
2018-03-28 08:08 - 2018-03-28 08:27 - 000000000 ___HD C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Ncached16
2018-03-27 18:42 - 2018-03-27 18:42 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\UnrealEngine
2018-03-27 15:42 - 2018-03-27 15:42 - 000215128 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2018-03-27 08:47 - 2018-03-28 09:39 - 000000010 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\sponge.last.runtime.cache
2018-03-27 08:40 - 2018-03-27 08:40 - 000000000 ____D C:\WINDOWS\Trend Micro
2018-03-27 08:40 - 2018-03-27 08:40 - 000000000 ____D C:\ProgramData\Trend Micro
2018-03-27 08:37 - 2018-03-27 08:37 - 002527376 _____ (Trend Micro Inc.) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\HousecallLauncher64.exe
2018-03-27 08:37 - 2018-03-27 08:37 - 000000036 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\housecall.guid.cache
2018-03-27 08:37 - 2017-10-17 23:40 - 000334488 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2018-03-27 08:18 - 2018-03-27 08:18 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\ESET
2018-03-27 08:17 - 2018-03-27 08:18 - 006968952 _____ (ESET spol. s r.o.) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\esetonlinescanner_enu.exe
2018-03-27 06:40 - 2018-03-27 06:40 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-03-27 06:39 - 2018-03-27 06:40 - 000192416 _____ C:\WINDOWS\ntbtlog.txt
2018-03-26 18:31 - 2018-02-12 19:09 - 000096710 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Fishing Planet Unique Technique Reference - Techniques.pdf
2018-03-26 16:52 - 2018-03-26 16:52 - 004135710 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\my msinfo.txt
2018-03-26 16:46 - 2018-03-26 16:46 - 004135710 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\my msinfo.txt
2018-03-26 11:14 - 2018-03-28 08:29 - 000000000 ____D C:\Program Files (x86)\Origin
2018-03-26 11:14 - 2018-03-26 16:38 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Origin
2018-03-26 11:14 - 2018-03-26 11:14 - 000001069 _____ C:\Users\Public\Desktop\Origin.lnk
2018-03-26 11:14 - 2018-03-26 11:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2018-03-26 10:53 - 2018-03-29 08:15 - 000000000 ____D C:\ProgramData\Origin
2018-03-26 10:53 - 2018-03-26 10:53 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Origin
2018-03-26 10:46 - 2018-03-26 10:49 - 065744352 _____ (Electronic Arts) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\OriginThinSetup.exe
2018-03-25 18:48 - 2018-03-25 18:48 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Battlefield 3
2018-03-25 16:10 - 2018-03-25 16:10 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Macromedia
2018-03-25 09:39 - 2018-03-28 15:38 - 000000000 ____D C:\ProgramData\AVAST Software
2018-03-25 09:38 - 2018-03-26 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-03-25 09:38 - 2018-03-26 10:35 - 000000000 ____D C:\Program Files\CCleaner
2018-03-24 19:56 - 2018-03-24 19:56 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\.LSC
2018-03-23 19:39 - 2018-03-23 19:39 - 000000016 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\origin info no.txt
2018-03-23 18:43 - 2018-03-29 08:19 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\CrashDumps
2018-03-22 19:25 - 2018-03-22 19:25 - 000001463 _____ C:\Users\Public\Desktop\Advanced SystemCare 11.lnk
2018-03-22 19:25 - 2018-03-22 19:25 - 000000000 ____D C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
2018-03-22 19:24 - 2018-03-22 19:24 - 028866136 _____ (IObit ) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\advanced-systemcare-setup.exe
2018-03-22 19:22 - 2018-03-22 19:22 - 095825920 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2018-03-22 19:22 - 2018-03-22 19:22 - 005591040 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2018-03-22 19:22 - 2018-03-22 19:22 - 000385024 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2018-03-22 19:22 - 2018-03-22 19:22 - 000061440 _____ C:\WINDOWS\system32\config\SAM.iobit
2018-03-22 19:22 - 2018-03-22 19:22 - 000036864 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2018-03-21 23:03 - 2018-03-21 23:03 - 000002213 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2018-03-21 23:02 - 2018-03-21 23:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-03-21 23:02 - 2018-03-21 23:02 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-03-21 23:02 - 2018-03-21 23:02 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-03-21 23:02 - 2018-03-17 01:15 - 000542056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-03-21 23:02 - 2018-03-17 01:15 - 000447848 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-03-21 23:02 - 2018-03-16 05:42 - 000137664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-03-21 23:02 - 2018-03-16 05:40 - 000123840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-03-21 23:02 - 2017-12-09 05:25 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-03-21 23:02 - 2017-12-09 05:25 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-03-21 23:02 - 2017-12-09 05:24 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-03-21 23:02 - 2017-12-09 05:24 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-03-21 23:01 - 2018-03-17 01:12 - 000997280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-03-21 23:01 - 2018-03-17 01:12 - 000949176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-03-21 23:01 - 2018-03-17 01:12 - 000625592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-03-21 23:01 - 2018-03-17 01:12 - 000515672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 040278616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 035189336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 004318464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 003719200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 001985280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439124.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 001684000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439124.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 001138432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 001066072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 000748960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 000608344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 019854816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 016496072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 013571008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 011131872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 001355408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 001346128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 001153568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 001067368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 000902096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 000811992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 000650232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 000633224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-03-21 23:01 - 2018-03-17 01:00 - 012966216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-03-21 23:01 - 2018-03-17 01:00 - 011000296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-03-21 23:01 - 2018-03-17 01:00 - 004629824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-03-21 23:01 - 2018-03-17 01:00 - 003937000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-03-21 23:01 - 2018-03-17 01:00 - 001061168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-03-21 23:01 - 2018-03-16 07:57 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-03-21 23:01 - 2018-03-16 07:57 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-03-21 23:01 - 2018-03-16 07:57 - 000058816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-03-21 23:01 - 2018-03-16 07:57 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-03-21 23:01 - 2018-03-16 07:57 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-03-21 22:52 - 2018-03-21 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-03-21 22:52 - 2018-03-21 22:52 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-03-21 22:52 - 000004088 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-03-21 22:52 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-03-21 22:52 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-03-21 22:52 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-03-21 22:52 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-03-21 22:52 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-03-21 22:52 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-03-21 22:52 - 000001524 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-03-21 22:52 - 2018-03-21 22:52 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\ansel
2018-03-21 22:52 - 2018-03-14 20:01 - 002480520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-03-21 22:52 - 2018-03-14 20:01 - 002137488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-03-21 22:52 - 2018-03-14 20:01 - 001310608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-03-21 22:52 - 2018-03-14 19:44 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-03-21 22:52 - 2018-03-05 13:18 - 000189784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-03-21 22:52 - 2018-03-05 13:18 - 000152408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-03-21 22:46 - 2018-03-21 22:46 - 091075776 _____ (NVIDIA Corporation) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\GeForce_Experience_v3.13.1.30.exe
2018-03-21 22:46 - 2017-12-15 09:03 - 000059240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-03-21 22:42 - 2018-03-21 22:42 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Sun
2018-03-21 22:42 - 2018-03-21 22:42 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Sun
2018-03-21 22:41 - 2018-03-21 22:42 - 000000000 ____D C:\ProgramData\Oracle
2018-03-21 22:41 - 2018-03-21 22:41 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-03-21 22:41 - 2018-03-21 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-03-21 22:41 - 2018-03-21 22:41 - 000000000 ____D C:\Program Files (x86)\Java
2018-03-21 22:40 - 2018-03-21 22:40 - 001861696 _____ (Oracle Corporation) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\JavaSetup8u161.exe
2018-03-21 22:32 - 2018-03-25 16:26 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Nvidia Corporation
2018-03-21 22:29 - 2018-03-21 23:10 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Battlefield 1
2018-03-21 22:29 - 2018-03-21 22:52 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\NVIDIA
2018-03-21 21:30 - 2018-03-21 21:30 - 000000876 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2018-03-21 21:30 - 2018-03-21 21:30 - 000000000 ___HD C:\Program Files\Common FilesEAInstaller
2018-03-21 21:30 - 2018-03-21 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1
2018-03-21 19:43 - 2018-03-21 19:43 - 000280600 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2018-03-21 15:25 - 2018-03-21 15:25 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\My facebook files
2018-03-21 15:23 - 2018-03-21 15:23 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\WinRAR
2018-03-20 23:12 - 2018-03-20 23:12 - 000001200 _____ C:\Users\Public\Desktop\Avira.lnk
2018-03-20 12:36 - 2018-03-20 12:36 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\.mono
2018-03-20 12:36 - 2018-03-20 12:36 - 000000000 ____D C:\ProgramData\.mono
2018-03-20 12:34 - 2018-03-20 12:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\RussianFishingLLC
2018-03-20 12:34 - 2018-03-20 12:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Russian Fishing LLC
2018-03-18 23:56 - 2018-03-18 23:56 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\MOHW
2018-03-18 22:25 - 2018-03-26 10:36 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\BFBC2
2018-03-18 22:25 - 2018-03-18 23:56 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\PunkBuster
2018-03-18 09:33 - 2018-03-18 09:33 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Battlefield 4
2018-03-18 09:29 - 2018-03-18 09:29 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\.QtWebEngineProcess
2018-03-18 09:29 - 2018-03-18 09:29 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\.Origin
2018-03-17 08:53 - 2018-03-17 08:53 - 000002262 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-03-17 08:53 - 2018-03-17 08:53 - 000002224 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-03-17 08:52 - 2018-03-17 08:52 - 001129816 _____ (Google Inc.) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\GoogleEarthProSetup.exe
2018-03-17 08:52 - 2018-03-17 08:52 - 000000000 ____D C:\Program Files\Google
2018-03-17 08:48 - 2018-03-17 08:48 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Google
2018-03-16 16:45 - 2018-03-03 04:09 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-03-16 16:45 - 2018-03-03 04:09 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-16 16:32 - 2018-03-16 16:32 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-03-16 16:32 - 2018-03-16 16:32 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-03-16 16:30 - 2018-03-02 10:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-03-16 16:30 - 2018-03-01 14:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-03-16 16:30 - 2018-03-01 14:31 - 008602520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-03-16 16:30 - 2018-03-01 14:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-16 16:30 - 2018-03-01 14:17 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-03-16 16:30 - 2018-03-01 14:15 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-03-16 16:30 - 2018-03-01 14:14 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-03-16 16:30 - 2018-03-01 14:14 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-03-16 16:30 - 2018-03-01 14:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-03-16 16:30 - 2018-03-01 14:14 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-03-16 16:30 - 2018-03-01 14:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-03-16 16:30 - 2018-03-01 14:09 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-03-16 16:30 - 2018-03-01 13:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-03-16 16:30 - 2018-03-01 13:29 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-03-16 16:30 - 2018-03-01 13:28 - 006480616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-16 16:30 - 2018-03-01 13:28 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-03-16 16:30 - 2018-03-01 13:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-03-16 16:30 - 2018-03-01 13:26 - 001057816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-03-16 16:30 - 2018-03-01 13:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-03-16 16:30 - 2018-03-01 13:09 - 025251840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-03-16 16:30 - 2018-03-01 13:03 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-03-16 16:30 - 2018-03-01 13:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-03-16 16:30 - 2018-03-01 13:03 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-03-16 16:30 - 2018-03-01 13:01 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-03-16 16:30 - 2018-03-01 12:57 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-03-16 16:30 - 2018-03-01 12:56 - 018922496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-03-16 16:30 - 2018-03-01 12:56 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-03-16 16:30 - 2018-03-01 12:54 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-03-16 16:30 - 2018-03-01 12:54 - 001296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-03-16 16:30 - 2018-03-01 12:54 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-03-16 16:30 - 2018-03-01 12:54 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-03-16 16:30 - 2018-03-01 12:53 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-03-16 16:30 - 2018-03-01 12:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-03-16 16:30 - 2018-03-01 12:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-03-16 16:30 - 2018-03-01 12:52 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-03-16 16:30 - 2018-03-01 12:52 - 006030336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-03-16 16:30 - 2018-03-01 12:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-03-16 16:30 - 2018-03-01 12:50 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-03-16 16:30 - 2018-03-01 12:50 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-03-16 16:30 - 2018-03-01 12:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-03-16 16:30 - 2018-03-01 12:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-16 16:30 - 2018-03-01 12:48 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-03-16 16:30 - 2018-03-01 12:47 - 023674368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-03-16 16:30 - 2018-03-01 12:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-03-16 16:30 - 2018-03-01 12:45 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-03-16 16:30 - 2018-03-01 12:45 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-03-16 16:30 - 2018-03-01 12:43 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-03-16 16:30 - 2018-03-01 12:42 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-03-16 16:30 - 2018-03-01 12:41 - 008103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-03-16 16:30 - 2018-03-01 12:41 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-03-16 16:30 - 2018-03-01 12:41 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-03-16 16:30 - 2018-03-01 12:41 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-03-16 16:30 - 2018-03-01 12:41 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-03-16 16:30 - 2018-03-01 12:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-03-16 16:30 - 2018-02-22 09:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-03-16 16:30 - 2018-02-22 09:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-03-16 16:30 - 2018-02-22 09:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-03-16 16:30 - 2018-02-22 09:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-03-16 16:30 - 2018-02-22 09:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-03-16 16:30 - 2018-02-22 09:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-03-16 16:30 - 2018-02-22 09:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-03-16 16:30 - 2018-02-22 09:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-03-16 16:30 - 2018-02-22 08:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-03-16 16:30 - 2018-02-22 08:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-03-16 16:30 - 2018-02-22 08:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-03-16 16:30 - 2018-02-22 08:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-03-16 16:30 - 2018-02-22 08:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-03-16 16:30 - 2018-02-22 07:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-03-16 16:30 - 2018-02-22 07:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-03-16 16:30 - 2018-02-22 07:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-03-16 16:30 - 2018-02-22 07:26 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-03-16 16:30 - 2018-02-10 13:16 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-03-16 16:30 - 2018-02-10 13:15 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-03-16 16:30 - 2018-02-10 13:15 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-03-16 16:30 - 2018-02-10 13:14 - 004504464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-03-16 16:30 - 2018-02-10 13:14 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-03-16 16:30 - 2018-02-10 13:13 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-03-16 16:30 - 2018-02-10 13:12 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-03-16 16:30 - 2018-02-10 13:09 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-03-16 16:30 - 2018-02-10 13:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-03-16 16:30 - 2018-02-10 13:08 - 003010248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-03-16 16:30 - 2018-02-10 13:07 - 004506576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-03-16 16:30 - 2018-02-10 13:06 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-03-16 16:30 - 2018-02-10 13:04 - 006791984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-03-16 16:30 - 2018-02-10 13:04 - 001426672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-03-16 16:30 - 2018-02-10 13:04 - 001254144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-03-16 16:30 - 2018-02-10 13:04 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-03-16 16:30 - 2018-02-10 13:04 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-03-16 16:30 - 2018-02-10 13:04 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-03-16 16:30 - 2018-02-10 13:03 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2018-03-16 16:30 - 2018-02-10 12:21 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-03-16 16:30 - 2018-02-10 12:17 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-03-16 16:30 - 2018-02-10 12:09 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-03-16 16:30 - 2018-02-10 12:06 - 006014688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-03-16 16:30 - 2018-02-10 12:06 - 004670728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-03-16 16:30 - 2018-02-10 12:06 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-03-16 16:30 - 2018-02-10 12:05 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-03-16 16:30 - 2018-02-10 12:05 - 001149272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-03-16 16:30 - 2018-02-10 12:05 - 000662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-03-16 16:30 - 2018-02-10 11:49 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-03-16 16:30 - 2018-02-10 11:47 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-03-16 16:30 - 2018-02-10 11:47 - 013704192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-03-16 16:30 - 2018-02-10 11:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-03-16 16:30 - 2018-02-10 11:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-03-16 16:30 - 2018-02-10 11:46 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-03-16 16:30 - 2018-02-10 11:45 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-03-16 16:30 - 2018-02-10 11:45 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-03-16 16:30 - 2018-02-10 11:44 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-03-16 16:30 - 2018-02-10 11:43 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-03-16 16:30 - 2018-02-10 11:43 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-03-16 16:30 - 2018-02-10 11:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-03-16 16:30 - 2018-02-10 11:42 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-03-16 16:30 - 2018-02-10 11:42 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-03-16 16:30 - 2018-02-10 11:42 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-03-16 16:30 - 2018-02-10 11:42 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-03-16 16:30 - 2018-02-10 11:41 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-03-16 16:30 - 2018-02-10 11:41 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-03-16 16:30 - 2018-02-10 11:41 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-03-16 16:30 - 2018-02-10 11:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-03-16 16:30 - 2018-02-10 11:39 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-03-16 16:30 - 2018-02-10 11:39 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-03-16 16:30 - 2018-02-10 11:39 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 004815360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 003169280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-03-16 16:30 - 2018-02-10 11:37 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-03-16 16:30 - 2018-02-10 11:37 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-03-16 16:30 - 2018-02-10 11:37 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-03-16 16:30 - 2018-02-10 11:37 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-03-16 16:30 - 2018-02-10 11:37 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-03-16 16:30 - 2018-02-10 11:36 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-03-16 16:30 - 2018-02-10 11:36 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-03-16 16:30 - 2018-02-10 11:36 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-03-16 16:30 - 2018-02-10 11:36 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-03-16 16:30 - 2018-02-10 11:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-03-16 16:30 - 2018-02-10 11:35 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-03-16 16:30 - 2018-02-10 11:34 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-03-16 16:30 - 2018-02-10 11:33 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-03-16 16:30 - 2018-01-01 19:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-03-16 16:30 - 2018-01-01 19:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-03-16 16:30 - 2018-01-01 19:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-03-16 16:30 - 2018-01-01 19:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-03-16 16:30 - 2018-01-01 19:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-03-16 16:30 - 2018-01-01 19:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-03-16 16:30 - 2018-01-01 19:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-03-16 16:30 - 2018-01-01 19:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-03-16 16:30 - 2018-01-01 19:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-03-16 16:30 - 2018-01-01 19:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-03-16 16:30 - 2018-01-01 18:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-03-16 16:30 - 2018-01-01 18:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-03-16 16:30 - 2018-01-01 18:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-03-16 16:30 - 2018-01-01 18:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-03-16 16:30 - 2018-01-01 18:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-03-16 16:30 - 2018-01-01 18:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-03-16 16:30 - 2018-01-01 18:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-03-16 16:30 - 2018-01-01 18:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-03-16 16:30 - 2018-01-01 18:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-03-16 16:30 - 2018-01-01 18:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-03-16 16:30 - 2018-01-01 18:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-03-16 16:30 - 2018-01-01 18:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-03-16 16:30 - 2018-01-01 18:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-03-16 16:30 - 2018-01-01 18:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-03-16 16:30 - 2018-01-01 18:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-03-16 16:30 - 2018-01-01 18:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-03-16 16:29 - 2018-03-02 10:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-16 16:29 - 2018-03-02 10:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-16 16:29 - 2018-03-02 10:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-16 16:29 - 2018-03-02 10:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2018-03-16 16:29 - 2018-03-02 10:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-16 16:29 - 2018-03-02 09:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-03-16 16:29 - 2018-03-02 03:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-03-16 16:29 - 2018-03-01 14:50 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-16 16:29 - 2018-03-01 14:49 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-16 16:29 - 2018-03-01 14:48 - 000664472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-16 16:29 - 2018-03-01 14:47 - 000749464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-16 16:29 - 2018-03-01 14:47 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-16 16:29 - 2018-03-01 14:46 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-16 16:29 - 2018-03-01 14:46 - 001568664 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-16 16:29 - 2018-03-01 14:46 - 000609176 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-16 16:29 - 2018-03-01 14:46 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-16 16:29 - 2018-03-01 14:45 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-16 16:29 - 2018-03-01 14:40 - 002514936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-03-16 16:29 - 2018-03-01 14:40 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-16 16:29 - 2018-03-01 14:40 - 000273304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-16 16:29 - 2018-03-01 14:30 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-16 16:29 - 2018-03-01 14:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-03-16 16:29 - 2018-03-01 14:27 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-03-16 16:29 - 2018-03-01 14:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-03-16 16:29 - 2018-03-01 14:25 - 000377752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-03-16 16:29 - 2018-03-01 14:23 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-03-16 16:29 - 2018-03-01 14:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-16 16:29 - 2018-03-01 14:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-16 16:29 - 2018-03-01 14:17 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-03-16 16:29 - 2018-03-01 14:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-16 16:29 - 2018-03-01 14:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-03-16 16:29 - 2018-03-01 14:14 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-03-16 16:29 - 2018-03-01 14:12 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-03-16 16:29 - 2018-03-01 14:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2018-03-16 16:29 - 2018-03-01 14:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-16 16:29 - 2018-03-01 14:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-03-16 16:29 - 2018-03-01 14:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-16 16:29 - 2018-03-01 14:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-03-16 16:29 - 2018-03-01 13:51 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-03-16 16:29 - 2018-03-01 13:48 - 001930736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-03-16 16:29 - 2018-03-01 13:39 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-16 16:29 - 2018-03-01 13:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-03-16 16:29 - 2018-03-01 13:28 - 000115096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-03-16 16:29 - 2018-03-01 13:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-03-16 16:29 - 2018-03-01 13:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2018-03-16 16:29 - 2018-03-01 13:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2018-03-16 16:29 - 2018-03-01 13:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-03-16 16:29 - 2018-03-01 13:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-03-16 16:29 - 2018-03-01 13:01 - 006575616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-03-16 16:29 - 2018-03-01 13:01 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-03-16 16:29 - 2018-03-01 13:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-03-16 16:29 - 2018-03-01 13:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-03-16 16:29 - 2018-03-01 12:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-16 16:29 - 2018-03-01 12:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-03-16 16:29 - 2018-03-01 12:58 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-03-16 16:29 - 2018-03-01 12:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-03-16 16:29 - 2018-03-01 12:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-03-16 16:29 - 2018-03-01 12:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-03-16 16:29 - 2018-03-01 12:54 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-03-16 16:29 - 2018-03-01 12:54 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-03-16 16:29 - 2018-03-01 12:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-16 16:29 - 2018-03-01 12:53 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-03-16 16:29 - 2018-03-01 12:53 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-16 16:29 - 2018-03-01 12:53 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-03-16 16:29 - 2018-03-01 12:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-16 16:29 - 2018-03-01 12:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-03-16 16:29 - 2018-03-01 12:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-03-16 16:29 - 2018-03-01 12:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-03-16 16:29 - 2018-03-01 12:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-03-16 16:29 - 2018-03-01 12:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-03-16 16:29 - 2018-03-01 12:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-03-16 16:29 - 2018-03-01 12:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-03-16 16:29 - 2018-03-01 12:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-03-16 16:29 - 2018-03-01 12:49 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-16 16:29 - 2018-03-01 12:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-16 16:29 - 2018-03-01 12:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-03-16 16:29 - 2018-03-01 12:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-03-16 16:29 - 2018-03-01 12:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-03-16 16:29 - 2018-03-01 12:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-03-16 16:29 - 2018-03-01 12:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-03-16 16:29 - 2018-03-01 12:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-03-16 16:29 - 2018-03-01 12:44 - 008030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-03-16 16:29 - 2018-03-01 12:44 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-03-16 16:29 - 2018-03-01 12:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-03-16 16:29 - 2018-03-01 12:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-03-16 16:29 - 2018-03-01 12:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-03-16 16:29 - 2018-03-01 12:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-03-16 16:29 - 2018-03-01 12:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-03-16 16:29 - 2018-03-01 12:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-03-16 16:29 - 2018-03-01 12:38 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-03-16 16:29 - 2018-03-01 12:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-03-16 16:29 - 2018-03-01 12:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-03-16 16:29 - 2018-03-01 12:35 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-03-16 16:29 - 2018-03-01 12:35 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-03-16 16:29 - 2018-03-01 12:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-16 16:29 - 2018-02-22 09:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-03-16 16:29 - 2018-02-22 09:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-03-16 16:29 - 2018-02-22 09:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-03-16 16:29 - 2018-02-22 09:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-03-16 16:29 - 2018-02-22 09:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-03-16 16:29 - 2018-02-22 09:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-03-16 16:29 - 2018-02-22 09:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-03-16 16:29 - 2018-02-22 09:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-03-16 16:29 - 2018-02-22 08:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-03-16 16:29 - 2018-02-22 08:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-03-16 16:29 - 2018-02-22 08:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-03-16 16:29 - 2018-02-22 07:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-03-16 16:29 - 2018-02-22 07:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-03-16 16:29 - 2018-02-22 07:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-03-16 16:29 - 2018-02-22 07:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-03-16 16:29 - 2018-02-22 07:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-03-16 16:29 - 2018-02-22 07:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-03-16 16:29 - 2018-02-10 13:21 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-03-16 16:29 - 2018-02-10 13:20 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-03-16 16:29 - 2018-02-10 13:19 - 001133888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-03-16 16:29 - 2018-02-10 13:18 - 001193192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-03-16 16:29 - 2018-02-10 13:18 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-03-16 16:29 - 2018-02-10 13:18 - 000098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2018-03-16 16:29 - 2018-02-10 13:18 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-03-16 16:29 - 2018-02-10 13:16 - 002406456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-03-16 16:29 - 2018-02-10 13:14 - 001002592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-03-16 16:29 - 2018-02-10 13:13 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-03-16 16:29 - 2018-02-10 13:13 - 000535960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-03-16 16:29 - 2018-02-10 13:12 - 004537040 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2018-03-16 16:29 - 2018-02-10 13:12 - 001313016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-03-16 16:29 - 2018-02-10 13:11 - 001029528 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-03-16 16:29 - 2018-02-10 13:11 - 000711432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-03-16 16:29 - 2018-02-10 13:10 - 002447768 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-03-16 16:29 - 2018-02-10 13:10 - 000614160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-03-16 16:29 - 2018-02-10 13:10 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-03-16 16:29 - 2018-02-10 13:10 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-03-16 16:29 - 2018-02-10 13:09 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-03-16 16:29 - 2018-02-10 13:09 - 000491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-03-16 16:29 - 2018-02-10 13:08 - 000687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-03-16 16:29 - 2018-02-10 13:08 - 000398824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-03-16 16:29 - 2018-02-10 13:08 - 000096200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-03-16 16:29 - 2018-02-10 13:08 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-03-16 16:29 - 2018-02-10 13:07 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-03-16 16:29 - 2018-02-10 13:07 - 000436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-03-16 16:29 - 2018-02-10 13:06 - 004486904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-03-16 16:29 - 2018-02-10 13:06 - 000824896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-03-16 16:29 - 2018-02-10 13:06 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-03-16 16:29 - 2018-02-10 13:06 - 000594048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-03-16 16:29 - 2018-02-10 13:06 - 000100248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-03-16 16:29 - 2018-02-10 13:06 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-03-16 16:29 - 2018-02-10 13:05 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-03-16 16:29 - 2018-02-10 13:05 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-03-16 16:29 - 2018-02-10 13:05 - 000070856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-03-16 16:29 - 2018-02-10 13:04 - 001430760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-03-16 16:29 - 2018-02-10 13:04 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-03-16 16:29 - 2018-02-10 13:04 - 000339872 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-03-16 16:29 - 2018-02-10 13:04 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-03-16 16:29 - 2018-02-10 13:04 - 000212880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-03-16 16:29 - 2018-02-10 13:03 - 001619808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-03-16 16:29 - 2018-02-10 13:03 - 000849304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-03-16 16:29 - 2018-02-10 13:03 - 000722616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-03-16 16:29 - 2018-02-10 13:03 - 000706600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-03-16 16:29 - 2018-02-10 13:03 - 000098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2018-03-16 16:29 - 2018-02-10 13:02 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-03-16 16:29 - 2018-02-10 13:02 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-03-16 16:29 - 2018-02-10 13:02 - 000628632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-03-16 16:29 - 2018-02-10 13:02 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-03-16 16:29 - 2018-02-10 12:18 - 001384288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-03-16 16:29 - 2018-02-10 12:17 - 002255112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-03-16 16:29 - 2018-02-10 12:17 - 000542856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-03-16 16:29 - 2018-02-10 12:15 - 001145624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-03-16 16:29 - 2018-02-10 12:12 - 004382032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2018-03-16 16:29 - 2018-02-10 12:11 - 001250528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-03-16 16:29 - 2018-02-10 12:10 - 000422592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-03-16 16:29 - 2018-02-10 12:09 - 002338776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-03-16 16:29 - 2018-02-10 12:09 - 001123456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-03-16 16:29 - 2018-02-10 12:09 - 000559976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-03-16 16:29 - 2018-02-10 12:09 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-03-16 16:29 - 2018-02-10 12:08 - 003980720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-03-16 16:29 - 2018-02-10 12:08 - 000592792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-03-16 16:29 - 2018-02-10 12:07 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-03-16 16:29 - 2018-02-10 12:07 - 000527864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2018-03-16 16:29 - 2018-02-10 12:07 - 000123808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2018-03-16 16:29 - 2018-02-10 12:07 - 000089504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2018-03-16 16:29 - 2018-02-10 12:07 - 000083216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2018-03-16 16:29 - 2018-02-10 12:07 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000718232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000654456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000551672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000193248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000079256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-03-16 16:29 - 2018-02-10 12:05 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-03-16 16:29 - 2018-02-10 12:03 - 000505160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2018-03-16 16:29 - 2018-02-10 11:50 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-03-16 16:29 - 2018-02-10 11:50 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-03-16 16:29 - 2018-02-10 11:49 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-03-16 16:29 - 2018-02-10 11:49 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-03-16 16:29 - 2018-02-10 11:49 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-03-16 16:29 - 2018-02-10 11:48 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-03-16 16:29 - 2018-02-10 11:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-03-16 16:29 - 2018-02-10 11:48 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-03-16 16:29 - 2018-02-10 11:47 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-03-16 16:29 - 2018-02-10 11:47 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-03-16 16:29 - 2018-02-10 11:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-03-16 16:29 - 2018-02-10 11:47 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-03-16 16:29 - 2018-02-10 11:47 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-03-16 16:29 - 2018-02-10 11:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-03-16 16:29 - 2018-02-10 11:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-03-16 16:29 - 2018-02-10 11:46 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2018-03-16 16:29 - 2018-02-10 11:46 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2018-03-16 16:29 - 2018-02-10 11:45 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-03-16 16:29 - 2018-02-10 11:45 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2018-03-16 16:29 - 2018-02-10 11:45 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-03-16 16:29 - 2018-02-10 11:45 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-03-16 16:29 - 2018-02-10 11:45 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-03-16 16:29 - 2018-02-10 11:45 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-03-16 16:29 - 2018-02-10 11:45 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EnterpriseAppMgmtClient.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2018-03-16 16:29 - 2018-02-10 11:44 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 003756032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 001113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2018-03-16 16:29 - 2018-02-10 11:42 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2018-03-16 16:29 - 2018-02-10 11:42 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-03-16 16:29 - 2018-02-10 11:42 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-03-16 16:29 - 2018-02-10 11:42 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvr32.exe
2018-03-16 16:29 - 2018-02-10 11:41 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-03-16 16:29 - 2018-02-10 11:41 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-03-16 16:29 - 2018-02-10 11:41 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 004498432 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-03-16 16:29 - 2018-02-10 11:40 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 001234432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2018-03-16 16:29 - 2018-02-10 11:40 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2018-03-16 16:29 - 2018-02-10 11:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2018-03-16 16:29 - 2018-02-10 11:40 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 005500928 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 002677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2018-03-16 16:29 - 2018-02-10 11:39 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2018-03-16 16:29 - 2018-02-10 11:38 - 006722560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2018-03-16 16:29 - 2018-02-10 11:38 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 002184192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-03-16 16:29 - 2018-02-10 11:38 - 001968640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 001228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-03-16 16:29 - 2018-02-10 11:38 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2018-03-16 16:29 - 2018-02-10 11:38 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-03-16 16:29 - 2018-02-10 11:38 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 003419136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-03-16 16:29 - 2018-02-10 11:37 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 002523648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2018-03-16 16:29 - 2018-02-10 11:37 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 001759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 005388800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-03-16 16:29 - 2018-02-10 11:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-03-16 16:29 - 2018-02-10 11:35 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-03-16 16:29 - 2018-02-10 11:34 - 006532096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2018-03-16 16:29 - 2018-02-10 11:34 - 002983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-03-16 16:29 - 2018-02-10 11:34 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2018-03-16 16:29 - 2018-02-10 11:34 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-03-16 16:29 - 2018-02-10 11:34 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2018-03-16 16:29 - 2018-02-10 11:34 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 001936384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-03-16 16:29 - 2018-02-10 11:33 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-03-16 16:29 - 2018-02-10 11:33 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-03-16 16:29 - 2018-02-10 11:33 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000604672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-03-16 16:29 - 2018-02-10 11:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-03-16 16:29 - 2018-02-10 11:32 - 002427904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-03-16 16:29 - 2018-02-10 11:32 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2018-03-16 16:29 - 2018-02-10 11:32 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2018-03-16 16:29 - 2018-02-10 11:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-03-16 16:29 - 2018-02-10 11:32 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.ProxyStub.dll
2018-03-16 16:29 - 2018-02-10 11:31 - 001488896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-03-16 16:29 - 2018-02-10 11:31 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-03-16 16:29 - 2018-02-10 11:31 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-03-16 16:29 - 2018-02-10 11:31 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-03-16 16:29 - 2018-02-10 11:31 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-03-16 16:29 - 2018-02-10 09:59 - 000804240 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-03-16 16:29 - 2018-02-10 09:59 - 000804240 _____ C:\WINDOWS\system32\locale.nls
2018-03-16 16:29 - 2018-02-09 10:35 - 004959688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-03-16 16:29 - 2018-02-09 10:35 - 001234888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2018-03-16 16:29 - 2018-02-09 10:35 - 001002952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2018-03-16 16:29 - 2018-02-09 10:35 - 000892872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2018-03-16 16:29 - 2018-02-09 10:35 - 000065992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2018-03-16 16:29 - 2018-02-02 10:36 - 003903944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-03-16 16:29 - 2018-02-02 10:36 - 000921032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2018-03-16 16:29 - 2018-02-02 10:36 - 000854976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2018-03-16 16:29 - 2018-02-02 10:36 - 000649672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2018-03-16 16:29 - 2018-02-02 10:36 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2018-03-16 16:29 - 2018-01-01 19:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-03-16 16:29 - 2018-01-01 19:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-03-16 16:29 - 2018-01-01 19:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-03-16 16:29 - 2018-01-01 19:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-03-16 16:29 - 2018-01-01 19:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-03-16 16:29 - 2018-01-01 19:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-03-16 16:29 - 2018-01-01 19:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-03-16 16:29 - 2018-01-01 19:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-03-16 16:29 - 2018-01-01 19:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-03-16 16:29 - 2018-01-01 19:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-03-16 16:29 - 2018-01-01 19:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-03-16 16:29 - 2018-01-01 19:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-03-16 16:29 - 2018-01-01 19:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-03-16 16:29 - 2018-01-01 19:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-03-16 16:29 - 2018-01-01 19:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-03-16 16:29 - 2018-01-01 19:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-03-16 16:29 - 2018-01-01 19:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-03-16 16:29 - 2018-01-01 19:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-03-16 16:29 - 2018-01-01 19:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-03-16 16:29 - 2018-01-01 19:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-03-16 16:29 - 2018-01-01 19:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-03-16 16:29 - 2018-01-01 19:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-03-16 16:29 - 2018-01-01 18:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-03-16 16:29 - 2018-01-01 18:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-03-16 16:29 - 2018-01-01 18:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-03-16 16:29 - 2018-01-01 18:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-03-16 16:29 - 2018-01-01 18:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-03-16 16:29 - 2018-01-01 18:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-03-16 16:29 - 2018-01-01 18:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-03-16 16:29 - 2018-01-01 18:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-03-16 16:29 - 2018-01-01 18:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-03-16 16:29 - 2018-01-01 18:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-03-16 16:29 - 2018-01-01 18:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-03-16 16:29 - 2018-01-01 18:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-03-16 16:29 - 2018-01-01 18:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-03-16 16:29 - 2018-01-01 18:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-03-16 16:29 - 2018-01-01 18:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-03-16 16:29 - 2018-01-01 18:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-03-16 16:29 - 2018-01-01 18:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-03-16 16:29 - 2018-01-01 18:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-03-16 16:29 - 2018-01-01 18:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-03-16 16:29 - 2018-01-01 18:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-03-16 16:29 - 2018-01-01 18:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-03-16 16:29 - 2018-01-01 18:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-03-16 16:29 - 2018-01-01 18:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-03-16 16:29 - 2018-01-01 18:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-03-16 16:29 - 2018-01-01 18:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-03-16 16:29 - 2018-01-01 18:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-03-16 16:29 - 2018-01-01 18:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-03-16 16:29 - 2018-01-01 18:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-03-16 16:29 - 2018-01-01 18:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-03-16 16:29 - 2018-01-01 18:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-03-16 16:29 - 2018-01-01 18:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-03-16 16:29 - 2018-01-01 18:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-03-16 16:29 - 2018-01-01 18:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-03-16 16:29 - 2018-01-01 18:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-03-16 16:29 - 2018-01-01 18:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-03-16 16:29 - 2018-01-01 18:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-03-16 16:29 - 2018-01-01 18:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-03-16 16:29 - 2018-01-01 18:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-03-16 16:29 - 2018-01-01 18:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-03-16 16:29 - 2018-01-01 18:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-03-16 16:29 - 2018-01-01 18:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-03-16 16:29 - 2018-01-01 18:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-03-16 16:29 - 2018-01-01 18:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-03-16 16:29 - 2018-01-01 18:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-03-16 16:29 - 2018-01-01 18:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-03-16 16:29 - 2018-01-01 18:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-03-16 16:29 - 2018-01-01 18:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-03-16 16:29 - 2018-01-01 18:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-03-16 16:29 - 2018-01-01 18:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-03-16 16:29 - 2018-01-01 18:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-03-16 16:29 - 2018-01-01 18:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-03-16 16:29 - 2018-01-01 18:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-03-16 16:29 - 2018-01-01 18:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-03-15 14:53 - 2018-03-15 14:53 - 000000667 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2018-03-15 14:51 - 2018-03-15 14:57 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\calibre-cache
2018-03-15 14:51 - 2018-03-15 14:52 - 069337088 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\calibre-64bit-3.19.0.msi
2018-03-15 14:50 - 2018-03-15 15:06 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Calibre Library
2018-03-15 14:50 - 2018-03-15 15:06 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\calibre
2018-03-15 06:36 - 2018-03-28 21:02 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\vlc
2018-03-14 22:02 - 2018-03-15 06:33 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\ElevatedDiagnostics
2018-03-13 21:22 - 2018-03-27 13:00 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Unity
2018-03-11 19:06 - 2018-03-11 19:06 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\DBG
2018-03-11 12:10 - 2018-03-11 14:42 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Skype
2018-03-11 12:10 - 2018-03-11 12:10 - 000002670 _____ C:\Users\Public\Desktop\Skype.lnk
2018-03-11 12:10 - 2018-03-11 12:10 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Tracing
2018-03-11 12:01 - 2018-03-11 12:01 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Adobe
2018-03-11 12:01 - 2018-03-11 12:01 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Adobe
2018-03-11 09:55 - 2018-03-11 09:55 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\IELTS unrestricted
2018-03-11 09:27 - 2016-05-14 18:03 - 000001395 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Movie Maker.lnk
2018-03-11 09:26 - 2016-01-09 12:58 - 000001155 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Uplay.lnk
2018-03-11 09:25 - 2018-01-16 12:05 - 000000838 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Photo Pos Pro 3.lnk
2018-03-11 09:25 - 2017-12-07 07:20 - 000000232 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\World in Conflict.url
2018-03-11 09:25 - 2016-03-26 19:23 - 000002040 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Silver Efex Pro 2 - Shortcut.lnk
2018-03-11 09:25 - 2016-03-26 19:23 - 000001972 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\RAW resharpener - Shortcut.lnk
2018-03-11 09:25 - 2016-03-26 19:23 - 000001735 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Viveza 2 - Shortcut.lnk
2018-03-11 09:25 - 2016-03-26 19:22 - 000001883 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\SHP3OS - Shortcut.lnk
2018-03-11 09:25 - 2016-03-22 07:42 - 000001103 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\WonderFox DVD Video Converter.lnk
2018-03-11 09:24 - 2018-03-14 21:47 - 000003053 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\BitTorrent.lnk
2018-03-11 09:24 - 2018-02-11 11:42 - 001889280 _____ (Fateful Productions) C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\CompactGUI.exe
2018-03-11 09:24 - 2016-03-26 19:22 - 000001332 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\HDR Efex Pro 2 - Shortcut.lnk
2018-03-11 09:24 - 2016-03-26 19:21 - 000001691 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Dfine2 - Shortcut.lnk
2018-03-11 09:24 - 2016-03-26 19:21 - 000001633 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Color Efex Pro 4 - Shortcut.lnk
2018-03-11 09:23 - 2018-03-11 12:06 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\PTE audio
2018-03-11 09:23 - 2018-03-11 09:23 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\online teaching stuff
2018-03-11 09:22 - 2018-03-14 14:47 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\IELTS pat hw
2018-03-11 07:15 - 2018-03-11 07:15 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Apps\2.0
2018-03-11 04:17 - 2018-03-11 04:21 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-03-11 04:16 - 2018-03-11 04:17 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-03-11 04:16 - 2018-03-11 04:16 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-03-11 04:14 - 2018-03-11 04:21 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-03-11 04:14 - 2018-03-11 04:14 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-03-11 04:14 - 2018-03-11 04:14 - 000000000 ____D C:\Program Files\MSBuild
2018-03-11 04:14 - 2018-03-11 04:14 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-03-11 04:14 - 2017-09-29 06:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-03-11 04:14 - 2017-09-29 06:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-03-11 04:14 - 2017-09-29 06:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-03-11 04:14 - 2017-09-23 09:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-03-11 04:14 - 2017-09-23 09:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-03-11 04:14 - 2017-09-23 09:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-03-10 18:02 - 2018-03-19 22:12 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Anvsoft
2018-03-10 18:02 - 2018-03-10 18:02 - 000001289 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Any Video Converter.lnk
2018-03-10 18:02 - 2018-03-10 18:02 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Any Video Converter
2018-03-10 18:02 - 2018-03-10 18:02 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2018-03-10 18:01 - 2018-03-10 18:01 - 051753632 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\avc-free.exe
2018-03-10 15:54 - 2018-03-10 18:05 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Winamp
2018-03-10 14:37 - 2018-03-10 14:37 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Avalanche Studios
2018-03-10 14:37 - 2018-03-10 14:37 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\RSG
2018-03-10 14:34 - 2018-03-19 19:06 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\My Games
2018-03-10 14:34 - 2018-03-10 14:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\HelloGames
2018-03-10 14:34 - 2018-03-10 14:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Fishing Planet LLC
2018-03-10 14:34 - 2018-03-10 14:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\SniperElite4
2018-03-10 14:33 - 2018-03-21 23:02 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\NVIDIA
2018-03-10 14:33 - 2018-03-10 14:33 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Steam
2018-03-10 14:33 - 2018-03-10 14:33 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\CEF
2018-03-10 14:23 - 2018-03-10 14:23 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Publishers
2018-03-10 14:13 - 2018-03-10 14:15 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\MicrosoftEdge
2018-03-10 14:13 - 2018-03-10 14:13 - 000000000 ___HD C:\Users\lauri.DESKTOP-0OKN7NQ\MicrosoftEdgeBackups
2018-03-10 14:04 - 2018-03-10 14:27 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\PlaceholderTileLogoFolder
2018-03-10 14:01 - 2018-03-10 14:01 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2018-03-10 14:01 - 2018-03-10 14:01 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Google
2018-03-10 13:50 - 2018-03-29 08:59 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\ClassicShell
2018-03-10 13:50 - 2018-03-10 13:50 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\ClassicShell
2018-03-10 13:48 - 2018-03-10 13:48 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-584912067-1683141588-1664888071-1001
2018-03-10 13:48 - 2018-03-10 13:48 - 000002418 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-03-10 13:47 - 2018-03-10 13:48 - 000000000 ___RD C:\Users\lauri.DESKTOP-0OKN7NQ\OneDrive
2018-03-10 13:46 - 2018-03-10 13:46 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-03-10 13:45 - 2018-03-26 10:36 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\IObit
2018-03-10 13:45 - 2018-03-26 10:36 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\IObit
2018-03-10 13:45 - 2018-03-10 13:45 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Cybereason
2018-03-10 13:45 - 2018-03-10 13:45 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Cybereason
2018-03-10 13:44 - 2018-03-26 10:39 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ
2018-03-10 13:44 - 2018-03-25 16:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Packages
2018-03-10 13:44 - 2018-03-16 16:47 - 000000000 ___RD C:\Users\lauri.DESKTOP-0OKN7NQ\3D Objects
2018-03-10 13:44 - 2018-03-14 11:13 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google
2018-03-10 13:44 - 2018-03-11 12:01 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Adobe
2018-03-10 13:44 - 2018-03-10 21:05 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\ConnectedDevicesPlatform
2018-03-10 13:44 - 2018-03-10 14:28 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Comms
2018-03-10 13:44 - 2018-03-10 13:44 - 000000020 ___SH C:\Users\lauri.DESKTOP-0OKN7NQ\ntuser.ini
2018-03-10 13:44 - 2018-03-10 13:44 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\VirtualStore
2018-03-10 13:44 - 2016-10-09 15:05 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Microsoft Help
2018-03-10 13:43 - 2018-03-28 13:56 - 001052018 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-10 13:42 - 2018-03-28 13:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-10 13:42 - 2018-03-10 14:48 - 000003374 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2018-03-10 13:42 - 2018-03-10 13:42 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-03-10 13:42 - 2018-03-10 13:42 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-03-10 13:42 - 2018-03-10 13:42 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-03-10 13:42 - 2018-03-10 13:42 - 000002956 _____ C:\WINDOWS\System32\Tasks\Cybereason RansomFree Keepalive
2018-03-10 13:42 - 2018-03-10 13:42 - 000002686 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_AutoAnalyze
2018-03-10 13:42 - 2018-03-10 13:42 - 000002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2018-03-10 13:42 - 2018-03-10 13:42 - 000002448 _____ C:\WINDOWS\System32\Tasks\IObitSelfCheckTask
2018-03-10 13:42 - 2018-03-10 13:42 - 000002444 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2018-03-10 13:42 - 2018-03-10 13:42 - 000002328 _____ C:\WINDOWS\System32\Tasks\PDVDServ12 Task
2018-03-10 13:42 - 2018-03-10 13:42 - 000002296 _____ C:\WINDOWS\System32\Tasks\{CFC189F3-E7BF-459F-A47E-1D2C147BC341}
2018-03-10 13:42 - 2018-03-10 13:42 - 000002262 _____ C:\WINDOWS\System32\Tasks\UMonitor Task
2018-03-10 13:42 - 2018-03-10 13:42 - 000002248 _____ C:\WINDOWS\System32\Tasks\Cybereason RansomFree Autostart
2018-03-10 13:42 - 2018-03-10 13:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-03-10 13:42 - 2018-03-10 13:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2018-03-10 13:41 - 2018-03-10 13:42 - 000003813 _____ C:\WINDOWS\diagwrn.xml
2018-03-10 13:41 - 2018-03-10 13:42 - 000003813 _____ C:\WINDOWS\diagerr.xml
2018-03-10 13:35 - 2018-03-10 13:35 - 000000000 ____D C:\ProgramData\USOShared
2018-03-10 13:29 - 2018-03-10 13:29 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-03-10 13:27 - 2017-09-29 20:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-03-10 13:26 - 2018-03-10 13:26 - 000000000 ____D C:\Program Files\Dolby Digital Plus
2018-03-10 13:25 - 2018-03-23 15:25 - 000067584 ____S C:\WINDOWS\bootstat(723).dat
2018-03-10 13:24 - 2018-03-29 08:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-10 13:24 - 2018-03-23 15:23 - 000401424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-10 12:45 - 2018-03-10 12:45 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-03-10 12:17 - 2018-03-27 06:36 - 000000000 ___DC C:\WINDOWS\Panther
2018-03-10 12:15 - 2018-03-10 12:17 - 000000036 _____ C:\WINDOWS\progress.ini
2018-03-09 20:39 - 2018-03-09 20:39 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2018-03-09 07:16 - 2018-03-15 06:29 - 000000000 ____D C:\Windows10Upgrade
2018-03-09 07:16 - 2018-03-10 12:15 - 000000000 ___HD C:\$GetCurrent
2018-03-09 07:16 - 2018-03-10 12:12 - 000000840 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2018-03-09 07:10 - 2018-03-09 07:10 - 000001242 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2018-03-09 07:10 - 2017-03-09 13:53 - 000030744 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
2018-03-09 07:10 - 2016-03-25 14:33 - 000128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-03-29 08:59 - 2017-09-29 20:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-29 08:17 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-29 08:17 - 2017-05-13 11:02 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-29 08:15 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-03-28 13:48 - 2017-09-29 15:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-03-28 10:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-03-28 10:23 - 2017-09-29 15:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-03-28 08:59 - 2016-02-02 09:09 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2018-03-27 15:42 - 2016-01-08 13:11 - 000215128 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2018-03-27 08:36 - 2016-05-15 02:40 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2018-03-27 07:17 - 2017-09-29 20:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-26 10:53 - 2016-01-07 11:21 - 000000000 ____D C:\ProgramData\Electronic Arts
2018-03-26 10:36 - 2017-11-04 07:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cybereason RansomFree
2018-03-26 10:36 - 2017-11-04 07:14 - 000000000 ____D C:\Program Files (x86)\Cybereason
2018-03-26 10:36 - 2017-09-29 15:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-03-26 10:36 - 2016-01-22 07:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2018-03-26 10:36 - 2015-12-31 13:32 - 000000000 ____D C:\ProgramData\ProductData
2018-03-26 10:36 - 2015-12-31 13:21 - 000000000 ____D C:\Program Files\TAP-Windows
2018-03-26 10:36 - 2015-11-10 03:59 - 000000000 ____D C:\ProgramData\Package Cache
2018-03-26 10:34 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\InfusedApps
2018-03-26 10:30 - 2017-09-29 20:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-26 10:27 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\registration
2018-03-26 10:26 - 2015-11-10 03:53 - 000000000 ____D C:\ProgramData\Lenovo
2018-03-25 17:22 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-23 18:43 - 2017-09-29 15:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI(199)
2018-03-22 21:02 - 2016-01-03 09:37 - 000000000 ____D C:\Users\lauri\AppData\Roaming\BitTorrent
2018-03-21 23:03 - 2017-05-13 11:02 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-21 23:02 - 2017-05-13 11:02 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-03-21 23:02 - 2017-05-13 11:02 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-03-21 22:48 - 2017-09-29 15:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI(724)
2018-03-21 22:48 - 2017-09-29 15:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI(374)
2018-03-21 22:48 - 2017-09-29 15:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI(352)
2018-03-21 06:48 - 2016-01-01 04:11 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-21 06:48 - 2016-01-01 04:11 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-20 23:12 - 2016-01-25 09:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-03-18 23:57 - 2016-01-04 08:29 - 000076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-03-17 11:22 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\rescache
2018-03-17 08:52 - 2016-01-01 04:10 - 000000000 ____D C:\Program Files (x86)\Google
2018-03-16 16:47 - 2015-07-16 22:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-03-16 16:41 - 2017-09-29 15:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-03-16 06:14 - 2017-05-13 11:02 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-03-16 05:40 - 2017-05-13 11:03 - 005952640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-03-16 05:40 - 2017-05-13 11:03 - 002589576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-03-16 05:40 - 2017-05-13 11:03 - 001767816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-03-16 05:40 - 2017-05-13 11:03 - 000634256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-03-16 05:40 - 2017-05-13 11:03 - 000451040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-03-16 05:40 - 2017-05-13 11:03 - 000083072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-03-16 05:39 - 2017-05-13 11:03 - 008099202 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-03-15 14:53 - 2016-02-03 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2018-03-14 07:15 - 2016-01-01 07:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-14 07:13 - 2017-10-11 16:26 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-14 07:13 - 2016-01-01 07:35 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-11 12:10 - 2017-03-27 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-03-11 12:10 - 2016-01-01 04:24 - 000000000 ____D C:\ProgramData\Skype
2018-03-11 07:19 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-03-11 04:23 - 2017-09-29 20:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-03-11 04:21 - 2017-12-20 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oxenfree [GOG.com]
2018-03-11 04:21 - 2017-10-24 13:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-03-11 04:21 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-03-11 04:21 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-03-11 04:21 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\Help
2018-03-11 04:21 - 2017-09-29 20:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-03-11 04:21 - 2017-05-12 13:19 - 000000000 ____D C:\Program Files\UNP
2018-03-11 04:21 - 2017-03-19 04:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-03-11 04:21 - 2016-10-13 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2018-03-11 04:21 - 2016-08-12 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medal of Honor™ Warfighter
2018-03-11 04:21 - 2016-08-06 12:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2018-03-11 04:21 - 2016-07-19 16:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NOX
2018-03-11 04:21 - 2016-05-15 02:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2018-03-11 04:21 - 2016-05-14 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront
2018-03-11 04:21 - 2016-05-14 17:57 - 000000000 ____D C:\WINDOWS\en
2018-03-11 04:21 - 2016-04-29 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2018-03-11 04:21 - 2016-04-21 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2018-03-11 04:21 - 2016-04-09 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medal of Honor Pacific Assault™
2018-03-11 04:21 - 2016-04-09 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2018-03-11 04:21 - 2016-04-04 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BDAntiRansomware
2018-03-11 04:21 - 2016-04-03 12:17 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2018-03-11 04:21 - 2016-04-03 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP2700 series
2018-03-11 04:21 - 2016-03-22 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunesKit Audiobook Converter
2018-03-11 04:21 - 2016-03-20 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Superb Game Boost
2018-03-11 04:21 - 2016-02-22 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
2018-03-11 04:21 - 2016-02-05 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-03-11 04:21 - 2016-01-07 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Photo Resizer
2018-03-11 04:21 - 2016-01-07 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2018-03-11 04:21 - 2016-01-07 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bejeweled 3
2018-03-11 04:21 - 2016-01-06 13:04 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2018-03-11 04:21 - 2016-01-05 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Movie Maker
2018-03-11 04:21 - 2016-01-03 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-03-11 04:21 - 2016-01-03 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2018-03-11 04:21 - 2015-12-31 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-03-11 04:21 - 2015-12-31 13:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN Unlimited
2018-03-11 04:21 - 2015-11-10 04:33 - 000000000 ____D C:\Program Files\Intel
2018-03-11 04:21 - 2015-11-10 03:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-03-11 04:21 - 2015-11-10 03:57 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2018-03-11 04:21 - 2015-10-30 16:05 - 000000000 ____D C:\WINDOWS\ShellNew
2018-03-11 04:20 - 2017-09-29 20:49 - 000000000 ____D C:\WINDOWS\Setup
2018-03-11 04:20 - 2017-09-29 20:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-03-11 04:17 - 2017-12-20 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-03-11 04:17 - 2017-05-13 11:02 - 000000000 ____D C:\Program Files\Realtek
2018-03-11 04:17 - 2016-03-22 07:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2018-03-11 04:17 - 2016-01-04 08:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy
2018-03-11 04:17 - 2016-01-03 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2018-03-11 04:17 - 2016-01-01 08:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft
2018-03-11 04:13 - 2017-09-29 21:42 - 000000000 ____D C:\WINDOWS\OCR
2018-03-11 04:13 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-03-10 13:41 - 2016-01-01 09:56 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-03-10 13:40 - 2017-09-29 20:46 - 000000000 __RSD C:\WINDOWS\media
2018-03-10 13:35 - 2017-09-29 20:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-03-10 13:30 - 2017-09-29 20:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-03-10 13:25 - 2017-05-13 11:02 - 000216221 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2018-03-10 13:25 - 2017-05-13 11:02 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-03-10 13:25 - 2017-05-13 11:02 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-03-10 13:03 - 2017-05-13 11:04 - 000000000 ____D C:\Users\lauri
2018-03-10 13:02 - 2016-01-05 09:49 - 000000000 ____D C:\Users\lauri\AppData\Local\ClassicShell
2018-03-09 20:36 - 2015-12-31 18:25 - 000000000 ____D C:\Users\lauri\AppData\Roaming\vlc
2018-03-09 11:12 - 2018-02-15 06:53 - 000000000 ____D C:\Program Files\rempl
2018-03-09 07:20 - 2016-01-01 04:06 - 000000000 ____D C:\Users\lauri\AppData\Local\Packages
2018-03-08 15:50 - 2016-03-26 12:06 - 000000000 ____D C:\Users\lauri\AppData\Local\ElevatedDiagnostics
2018-03-05 06:55 - 2017-11-24 07:38 - 000000000 ____D C:\Users\lauri\AppData\LocalLow\Mozilla
2018-02-28 07:13 - 2017-11-24 07:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
 
==================== Files in the root of some directories =======
 
2018-03-28 10:04 - 2018-03-28 10:04 - 000444258 _____ () C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\ars.cache
2018-03-27 08:37 - 2018-03-27 08:37 - 000000036 _____ () C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\housecall.guid.cache
2018-03-27 08:47 - 2018-03-28 09:39 - 000000010 _____ () C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\sponge.last.runtime.cache
 
Some files in TEMP:
====================
2018-03-28 08:59 - 2018-01-10 16:51 - 083316440 _____ (Malwarebytes                                                ) C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Temp\mbam-setup.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-03-20 18:55
 
==================== End of FRST.txt ============================


#6 zyphodb

zyphodb
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 28 March 2018 - 09:39 PM

Here is the addition log...

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by lauri (29-03-2018 09:36:10)
Running from C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads
Windows 10 Home Single Language Version 1709 16299.309 (X64) (2018-03-10 06:43:48)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-584912067-1683141588-1664888071-500 - Administrator - Disabled)
ASPNET (S-1-5-21-584912067-1683141588-1664888071-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-584912067-1683141588-1664888071-503 - Limited - Disabled)
Guest (S-1-5-21-584912067-1683141588-1664888071-501 - Limited - Disabled)
lauri (S-1-5-21-584912067-1683141588-1664888071-1001 - Administrator - Enabled) => C:\Users\lauri.DESKTOP-0OKN7NQ
WDAGUtilityAccount (S-1-5-21-584912067-1683141588-1664888071-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Advanced SystemCare 11 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 11.2.0 - IObit)
Any Video Converter 6.2.2 (HKLM-x32\...\Any Video Converter) (Version: 6.2.2 - Anvsoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
Avira (HKLM-x32\...\{5269e51a-b619-4c55-8a5c-8c7eaf27e6cf}) (Version: 1.2.108.24268 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{DBA89A98-6FF1-4FE3-8147-69DD2C5DE889}) (Version: 1.2.108.24268 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.34.27 - Avira Operations GmbH & Co. KG)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.53.31065 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version:  - Ubisoft)
calibre 64bit (HKLM\...\{332E0E14-41EE-4C18-B366-0CE1609A393A}) (Version: 3.19.0 - Kovid Goyal)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - Canon Inc.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Cybereason RansomFree 2.2.3.0 (HKLM-x32\...\{D94D745E-266E-4B2B-B505-7B6042C0C1C9}) (Version: 2.2.3.0 - Cybereason Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.24 - NVIDIA Corporation) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Driver and Application Installation (HKLM-x32\...\{6EC299C6-074C-4529-8D5F-2798584BB27B}) (Version: 2.02.0803 - Lenovo)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
FastStone Photo Resizer 3.8 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.8 - FastStone Soft.)
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Earth Pro (HKLM\...\{D9EF644E-2FAE-493B-8180-5617CC774C4F}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.3.0.13 - IObit)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0701 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.4212 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.4212 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0011.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-584912067-1683141588-1664888071-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 58.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0.1 (x64 en-US)) (Version: 58.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NOX (HKLM-x32\...\{BF152F35-9708-452C-862C-F7E3B62DF732}) (Version: 2.0.0.20 - Electronic Arts, Inc.)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.24 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Graphics Driver 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.24 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.15.44004 - Electronic Arts, Inc.)
Oxenfree (HKLM-x32\...\1457519353_is1) (Version: 2.6.0_cs_hotfix - GOG.com)
Photo Pos Pro 3 (HKLM\...\Photo Pos Pro 3) (Version: 3.30 - PowerOfSoftware Ltd.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.128 - Qualcomm Atheros)
Qualcomm Atheros 61x4 Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.0.041 - Qualcomm Atheros)
Russian Fishing 4 (HKU\S-1-5-21-584912067-1683141588-1664888071-1001\...\com.rf4game.rf4_launcher_en) (Version: 4.0.9224 - Russian Fishing Spb LLC)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.8.5 - IObit)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Tom Clancy's Splinter Cell (HKLM-x32\...\Uplay Install 109) (Version:  - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{BF492E7F-BD3F-4F33-932A-1DD0891968B0}) (Version: 2.13.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{B8B01E04-5393-4902-98E6-0E2787F03C80}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VPN Unlimited 4.0 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 4.0 - KeepSolid Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Essentials Pack (HKLM-x32\...\Winamp Essentials Pack) (Version: v5.64 - Christoph Grether)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows Driver Package - Genesys Logic (GeneStor) USB  (07/13/2015 4.5.0.6) (HKLM\...\AE2E6FAB44844413B4C6F53C908EACC8AFC838F0) (Version: 07/13/2015 4.5.0.6 - Genesys Logic)
Windows Driver Package - Intel (e1dexpress) Net  (06/18/2015 12.13.17.4) (HKLM\...\EB46E325A9A1BEC97608B27915959487E64F32B3) (Version: 06/18/2015 12.13.17.4 - Intel)
Windows Driver Package - NVIDIA (nvlddmkm) Display  (07/22/2015 10.18.13.5362) (HKLM\...\81C36D5B443FFB6F528F76BD424D750C53ADF10E) (Version: 07/22/2015 10.18.13.5362 - NVIDIA)
Windows Driver Package - NVIDIA Corporation (NVHDA) MEDIA  (04/16/2015 1.3.34.3) (HKLM\...\E1EF4D4E1E41BA85DB6DA51424B73AE1B3F0056A) (Version: 04/16/2015 1.3.34.3 - NVIDIA Corporation)
Windows Driver Package - Qualcomm Atheros Communications Inc. (Qcamain10x64) Net  (06/24/2015 12.0.0.102) (HKLM\...\4487BC319063A97DD4FDC3A8F68BADD5E5BA0B49) (Version: 06/24/2015 12.0.0.102 - Qualcomm Atheros Communications Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WonderFox DVD Video Converter 8.8 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 8.8 - WonderFox Soft, Inc.)
World in Conflict (HKLM-x32\...\Uplay Install 90) (Version:  - Ubisoft)
YoutubeMovieMaker (HKLM-x32\...\{E084C471-FA8F-4468-93F1-25B3A13ED942}) (Version: 12.26 - Youtube Movie Maker)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-28] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32-x32-x32-x32-x32-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-28] (AVAST Software)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-10-16] (Lenovo)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-12-14] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-28] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-10-16] (Lenovo)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-28] (AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-12-14] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2016-07-30] (IvoSoft)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0F8DDE97-6B2C-4577-8DF5-12EC3E65BDE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-01] (Google Inc.)
Task: {17E64663-B617-4FFA-9538-3F065A011E98} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {19D6E593-3826-4E19-9935-AD9FCB8379BC} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-02-16] (Avira Operations GmbH & Co. KG)
Task: {2B78A029-6D44-49BB-A607-B2765E2A4882} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {3695E470-7B11-49C2-922F-47CCDF730D62} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
Task: {417C29D4-38FA-4702-800B-F4416F08F2F8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {56DE9980-251A-4E1C-BF85-7B14EDE6949F} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {624D636E-2AEF-452D-A24A-34EC0F0ADF1A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {63AFD9E7-F7E0-463F-82E0-6457B45C9CD3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6AE92616-0C4F-47CA-9C50-65ABE80D516C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {702F5C54-2316-44EE-A4C8-0D4586E0D676} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {72DB62DD-D69F-4327-8D81-1EB233A722BC} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)
Task: {77CB3FE1-E1F8-4784-B4A8-AD56C04140A4} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-01-01] (Lenovo)
Task: {7EE2C694-B131-43D8-A374-0FB9A53F383E} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [2015-07-15] ()
Task: {82389A9A-6A5E-4301-A31B-119E795A3988} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)
Task: {8AD7BFC4-AF5F-46E0-8B48-E3DA8F332A6E} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {9163F97D-F0C0-42EC-86F6-200097B0E885} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-01] (Google Inc.)
Task: {93B35AD6-351B-4AB9-853D-3D0FFBC604F1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {9430792A-C536-4FEF-AEC2-BE19DFCDDB9F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-28] (AVAST Software)
Task: {9B3CD4E0-88B4-4A9C-A6B4-9A64FC4A1B6C} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-05-20] (CyberLink Corp.)
Task: {A1181141-0A81-40FD-9EA9-E33B1200757B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {A6F04644-8D98-4D6C-BE12-9E10D92777AE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {A7849079-B5FA-485D-A958-9DD2A719C624} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
Task: {A8AD428B-1BBD-4BA8-8548-BD1BF85656E8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-12-10] (Lenovo)
Task: {AE6AC89B-A43F-4759-9989-3967EA70B5BC} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {B2522C42-2EEF-4F82-B950-08B9D55979E1} - System32\Tasks\{CFC189F3-E7BF-459F-A47E-1D2C147BC341} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Winamp\winamp.exe" -d "C:\Program Files (x86)\Winamp"
Task: {B500F614-6D66-46C4-B7E3-71B036754766} - \Lenovo\Lenovo Service Bridge\S-1-5-21-584912067-1683141588-1664888071-1001 -> No File <==== ATTENTION
Task: {BAE1D0D9-C864-4977-8080-6DE2454FEB4E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {C0F35511-7321-496D-8324-A35438B60D35} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {C0FA9EC5-FC72-4F2B-BBA2-CC374467867B} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
Task: {C7DD88CD-BF42-4532-92E0-D8E8363B266C} - System32\Tasks\Cybereason RansomFree Autostart => C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe [2017-01-24] (Cybereason)
Task: {E19EB859-048A-4D56-9403-33244EBECF92} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {F424A71F-C633-416D-94D9-624D2A4CFA57} - System32\Tasks\Cybereason RansomFree Keepalive => C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe [2017-01-24] (Cybereason)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-03-21 23:02 - 2018-03-16 07:57 - 000544384 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2016-01-04 08:29 - 2018-03-18 23:57 - 000076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-03-21 22:52 - 2018-03-14 20:01 - 001268112 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-11-10 04:37 - 2015-11-10 04:37 - 000024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
2017-09-29 20:41 - 2017-09-29 20:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-05-13 11:03 - 2018-03-16 05:40 - 000135136 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-11-10 04:33 - 2015-07-15 17:54 - 000053832 _____ () C:\WINDOWS\SysWOW64\UMonit64.exe
2018-03-16 16:30 - 2018-02-22 07:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-16 16:30 - 2018-02-22 07:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-10 14:36 - 2018-03-10 14:36 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-10 14:36 - 2018-03-10 14:36 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-10 14:36 - 2018-03-10 14:36 - 021824000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-10 14:36 - 2018-03-10 14:36 - 002529792 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\skypert.dll
2018-03-10 14:36 - 2018-03-10 14:36 - 000649216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2015-11-10 04:35 - 2011-08-17 11:46 - 000028672 _____ () C:\Windows\jmesoft\ServiceLoader.exe
2018-03-10 14:35 - 2018-03-10 14:36 - 001227440 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.22105.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-03-10 14:26 - 2018-03-10 14:27 - 004601048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.22105.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-21 06:48 - 2018-03-20 13:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-21 06:48 - 2018-03-20 13:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2018-03-16 16:54 - 2018-03-16 16:54 - 000173568 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-03-10 14:34 - 2018-03-10 14:34 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-10 14:17 - 2018-03-10 14:21 - 027139072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-03-10 14:17 - 2018-03-10 14:20 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-03-10 14:17 - 2018-03-10 14:19 - 006687744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-10-09 19:01 - 2017-10-09 19:02 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 18:04 - 2015-07-10 18:02 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-584912067-1683141588-1664888071-1001\Control Panel\Desktop\\Wallpaper -> D:\lauri\Pictures\Abigail 2016\DSCF8852.JPG
DNS Servers: 203.113.111.98 - 203.113.111.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdvancedSystemCareService10 => 2
MSCONFIG\Services: AdvancedSystemCareService9 => 2
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: JME Keyboard => 2
MSCONFIG\Services: MbaeSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: UpdateAgentService => 2
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{C4EB517D-3117-471D-B1DD-BC909AB03CB5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DC328B5E-5CA6-4D3C-919B-01074EF1CB9F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{92A26829-DB3E-457A-B4A4-6389284B1660}] => (Allow) D:\Program files\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{6BE0B183-CDBF-4C21-8002-9A73DDF9B7E5}] => (Allow) D:\Program files\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{8446220E-1077-4606-B69E-4B610E0DF3DA}] => (Allow) D:\Program files\steamapps\common\Polynomial 2\bin_w64\Polynomial2_64.exe
FirewallRules: [{6BFC9B2D-CBEA-476D-82A0-E8735564B510}] => (Allow) D:\Program files\steamapps\common\Polynomial 2\bin_w64\Polynomial2_64.exe
FirewallRules: [UDP Query User{FB32BF11-EC4F-4037-A43C-12273A70E33D}D:\program files\steamapps\common\fishing barents sea\fbs\binaries\win64\fbs-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\fishing barents sea\fbs\binaries\win64\fbs-win64-shipping.exe
FirewallRules: [TCP Query User{A20CDBAD-7933-47FA-A1CF-1A87EF3B91DE}D:\program files\steamapps\common\fishing barents sea\fbs\binaries\win64\fbs-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\fishing barents sea\fbs\binaries\win64\fbs-win64-shipping.exe
FirewallRules: [{31ABBB48-39F5-4A11-AAC2-DDF58296D97B}] => (Allow) D:\Program files\steamapps\common\Steep\steep.exe
FirewallRules: [{40D202F1-70AE-4365-B4EE-A8D0488DAB64}] => (Allow) D:\Program files\steamapps\common\Steep\steep.exe
FirewallRules: [{62F7039A-B7C1-4AC4-9C7C-4C2CF36C8945}] => (Allow) D:\Program files\steamapps\common\Fishing Barents Sea\FBS.exe
FirewallRules: [{AE723D42-7EB4-43C3-B18E-CCEAA5EBAFBF}] => (Allow) D:\Program files\steamapps\common\Fishing Barents Sea\FBS.exe
FirewallRules: [{D20444F1-DA89-46EB-950C-EAF727DEACD6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{17023FB9-5F87-4674-9492-16DBA9222A90}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{31BBFF24-7F39-43FC-B5F7-99A7F278A9D3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8BE2CA77-4EB3-4AAE-A2AF-5522DEED3575}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C32F7CF4-C652-4E56-8F4E-B9C4E88A6FE1}] => (Allow) D:\Program files\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{0FCF086E-7A8B-4E14-875C-50E6AFA89DB4}] => (Allow) D:\Program files\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{AA948359-36F8-4AC0-87AB-2B9210741FA2}] => (Allow) D:\Program files\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{6A2E7DCB-ED48-423B-B72C-A49F99F3C24E}] => (Allow) D:\Program files\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [UDP Query User{14D9B3B4-6343-448C-B451-2B10AB606D4D}D:\program files\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [TCP Query User{E2D22BD9-4B37-4328-A885-E385FD4329D2}D:\program files\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [{BBC21C75-8872-470F-9949-2BBEF11C7D21}] => (Allow) D:\Program files\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{AC6A642D-B1BD-4FCF-B82B-A71E5B650F4A}] => (Allow) D:\Program files\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [UDP Query User{B4BE4423-6A13-4B8A-B2F7-08BF57677070}C:\games\rf4_en\rf4launcher.exe] => (Allow) C:\games\rf4_en\rf4launcher.exe
FirewallRules: [TCP Query User{61FC65AD-9ADE-4074-B61E-7BB6D535BC4E}C:\games\rf4_en\rf4launcher.exe] => (Allow) C:\games\rf4_en\rf4launcher.exe
FirewallRules: [{89F1D0EA-F79A-4E2D-B5CA-023CD7A996BB}] => (Allow) D:\Program files\steamapps\common\Homefront_The_Revolution\Bin64\Homefront2_Release.exe
FirewallRules: [{53DA87F9-3309-452B-B24F-FA2DEA5365B0}] => (Allow) D:\Program files\steamapps\common\Homefront_The_Revolution\Bin64\Homefront2_Release.exe
FirewallRules: [{EA628109-83E6-4F48-AE8C-3C2A2F3F362D}] => (Allow) D:\Program files\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{0E1F34D0-FFEC-4A5D-96E6-6E1D9CC91FF6}] => (Allow) D:\Program files\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{F679E7B3-3808-43BE-A6D6-B660082A4E4C}] => (Allow) D:\Program files\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{FA73E468-E18B-4898-B389-D53924728EA7}] => (Allow) D:\Program files\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{EEF8EC86-5AF8-47C2-8B50-11DDFA796C4A}] => (Allow) D:\Program files\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{54BF5EC5-5A9C-457D-93BA-4B8A9F47BDCC}] => (Allow) D:\Program files\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{D0CC10F8-1A2B-475D-BA86-60C32F05AAA5}] => (Allow) D:\Program files\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{B0005629-6795-4E7E-8E24-F6D6328C4F4F}] => (Allow) D:\Program files\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{D6E0EE0E-4B2F-457C-8A91-96005C465DBB}] => (Allow) D:\Program files\steamapps\common\Valley\Valley.exe
FirewallRules: [{25533361-E764-468F-BE4E-39E1DB5AD358}] => (Allow) D:\Program files\steamapps\common\Valley\Valley.exe
FirewallRules: [{4E0BDE29-4DED-4985-B2CD-768C60326224}] => (Allow) D:\Program files\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{13795AEB-1C6F-46D5-A1DB-EA2A02812C97}] => (Allow) D:\Program files\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{69DE3369-51E2-4161-AC71-5A9A8BDEB04C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C5562A40-6E66-4E08-999B-33863DA6D35B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0EC4F455-C43C-4EDC-BBA4-477FFB0C394B}] => (Allow) D:\Program files\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{F7E957E2-2F4D-4A09-9EAC-9752E0130E19}] => (Allow) D:\Program files\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{5EFA038D-8FB0-42DC-9341-8ED1A7F1E81D}] => (Allow) D:\Program files\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{E4168DB8-CAA6-4308-B783-206160332542}] => (Allow) D:\Program files\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{864B366C-14AA-4451-91CE-40193752BC75}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{4C5706C5-5478-4DDE-9A3A-0ACB11FBCBB4}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{E399E5ED-8720-4B2D-B9C9-2A2CFE30A96D}] => (Allow) D:\Program files\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{88AC620C-BB9F-4D69-AB86-0EA849765C2A}] => (Allow) D:\Program files\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0C7E3556-14D2-49A8-BAD9-8A56F10DB80D}] => (Allow) D:\Program files\steamapps\common\Sniper Elite 4\Launcher\SniperElite4.exe
FirewallRules: [{11E3452F-53BE-43EE-A13F-364B43CBF82B}] => (Allow) D:\Program files\steamapps\common\Sniper Elite 4\Launcher\SniperElite4.exe
FirewallRules: [{696CF8EE-243A-4B29-8657-99B7267E9906}] => (Allow) D:\Program files\steamapps\common\theHunterCotW\theHunterCotW_F.exe
FirewallRules: [{C8C8AD90-BD79-4821-9774-0DF1D40D4B23}] => (Allow) D:\Program files\steamapps\common\theHunterCotW\theHunterCotW_F.exe
FirewallRules: [{5A3551B9-0919-4339-AD39-89A9B97A43F4}] => (Allow) D:\Program files\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{04BB63DD-0624-4EB8-A9AD-50D6520FE9B0}] => (Allow) D:\Program files\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{7AD98C26-DDB7-44CA-9D44-51056534E851}] => (Allow) D:\Program files\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{E0AD659F-E8FD-40D2-8E61-B777EF89637F}] => (Allow) D:\Program files\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{D6A9753C-5011-43B9-A281-AF7F188FFCD0}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{0588AD4D-5332-4417-8A0B-75941BC9CED7}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{60BC8BD5-FF50-4904-A1C9-C95D468AAE5F}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{F105A9AA-065B-44D5-ADA5-FEB3196D63AE}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{DD0D1CBC-3203-46C5-AB3A-50FB7B99A45E}] => (Allow) D:\Program files\steamapps\common\Tempest\Tempest.exe
FirewallRules: [{116A9BD1-BA75-41A2-BDCB-05F3C4AD6F4C}] => (Allow) D:\Program files\steamapps\common\Tempest\Tempest.exe
FirewallRules: [{3C2FECAE-E812-4474-A84B-C1D3E53B3D7E}] => (Allow) D:\Program files\steamapps\common\DDDA\DDDA.exe
FirewallRules: [{8B27B540-EF58-4AD4-B89A-FE622682AB36}] => (Allow) D:\Program files\steamapps\common\DDDA\DDDA.exe
FirewallRules: [{89B2C9EE-E5ED-4B2C-8342-21F9EEB1B625}] => (Allow) D:\Program files\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{FC661F53-7DCD-41FD-AC7C-A8FA5B5AC58A}] => (Allow) D:\Program files\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [UDP Query User{200DF08E-634F-47E1-9A51-26937D210B3D}D:\program files\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{C038825F-41EC-488F-979C-42F941FA2493}D:\program files\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{E0B46D7E-383D-4CBB-B8A7-E8E256A60A18}] => (Allow) D:\Program files\Origin Games\Medal of Honor Warfighter\MOHW.exe
FirewallRules: [{F091D8A2-36DB-4851-B695-B5E722E52F54}] => (Allow) D:\Program files\Origin Games\Medal of Honor Warfighter\MOHW.exe
FirewallRules: [UDP Query User{CB2CB62E-13AE-48E8-9F39-56ACA714977F}D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [TCP Query User{10F57AEE-13A8-48C7-93EA-BB757C90835E}D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{F016F7A8-E487-468C-AAD4-A82E569ADE1D}D:\vpn unlimited\vpn-unlimited.exe] => (Allow) D:\vpn unlimited\vpn-unlimited.exe
FirewallRules: [TCP Query User{6E42EF95-1993-4A4D-9F0B-18560A2A0F82}D:\vpn unlimited\vpn-unlimited.exe] => (Allow) D:\vpn unlimited\vpn-unlimited.exe
FirewallRules: [UDP Query User{61731F6C-BEA4-430F-90E7-BE1D1E280A41}D:\program files\steamapps\common\hunted\binaries\win32\p4dftre.dll] => (Allow) D:\program files\steamapps\common\hunted\binaries\win32\p4dftre.dll
FirewallRules: [TCP Query User{8226B348-18CC-4106-BED9-D92B69A0E267}D:\program files\steamapps\common\hunted\binaries\win32\p4dftre.dll] => (Allow) D:\program files\steamapps\common\hunted\binaries\win32\p4dftre.dll
FirewallRules: [UDP Query User{F09ACD80-8E99-4B9E-B93E-63DC46EF1514}D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{DA2E4589-0DE0-4541-9B7F-26F68533F8BE}D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{3B4A5DCE-B29D-4073-AB00-264ABE322B94}] => (Allow) D:\Program files\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{9C9C36A1-CC3E-41CF-9198-5E2A7EA97C52}] => (Allow) D:\Program files\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [UDP Query User{FD073BB4-729B-4D4E-A483-846D7B7DB68A}D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [TCP Query User{D2015385-E98B-4F92-854D-ED10B6691AA8}D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{A8AE1D36-F96C-4109-A805-F37912D10E38}D:\program files\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{B80FF2FE-5868-4DA3-828F-6EC47B4ADBD4}D:\program files\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files\origin games\battlefield 4\bf4.exe
FirewallRules: [{80849946-6B5A-492F-B221-8CB63AB62D16}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{93FAB6C6-AC1D-46DA-9680-0F3AFA9BA785}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{11FC38C8-5142-4F8D-B3E0-B2CDE5D9242D}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{A65C848A-80F5-48AD-A652-7C703A4D4E4A}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{C78CD944-7FBB-4F6B-ADA7-3C802B8D5178}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C68BA6C8-4B82-4B9E-A4F9-476A7A4867AA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6725DCE9-F3B5-47B9-BD38-A64C44A84558}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F7B367E5-1F07-47D1-AA4F-C522A91B5706}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4482C4B2-DC22-41E6-80DC-CB1BC418579B}] => (Allow) D:\Program files\steamapps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{1A2AC4CB-72E4-4A8F-BE0E-861F422F3D78}] => (Allow) D:\Program files\steamapps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{4C298886-6A11-4999-9AFF-A49BCF6AB9D9}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{ADED800B-BE01-426B-BC12-4134861D1208}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{D648DD03-5B4B-4174-BB5C-E7C9D2578660}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{CAAFD88E-03F5-4BED-B924-4C7AB787BCA5}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{5C709344-21AA-4E2B-B2FD-F5E71DF66091}] => (Allow) D:\Program files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E4D99CE7-D2E7-445D-A512-1F6E99381B58}] => (Allow) D:\Program files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DA5BFDB0-B967-4471-925F-F3193A48BF98}] => (Allow) D:\Program files\steamapps\common\Universe Sandbox 2\Universe Sandbox VR.exe
FirewallRules: [{850147A0-5718-4E39-91D6-88D4BFBAF46C}] => (Allow) D:\Program files\steamapps\common\Universe Sandbox 2\Universe Sandbox VR.exe
FirewallRules: [{114BE306-3A2A-46A1-806D-7135C3F61E63}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{211E804F-20BE-48AA-9566-EFF684F2A6FE}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{07B4F742-30BB-4271-AA22-33462A4F5A4D}] => (Allow) D:\Program files\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{CA643005-97CB-417F-927B-1969F0E2EFC7}] => (Allow) D:\Program files\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [UDP Query User{B968EE69-5B9B-491E-8884-F40232A88ED4}D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{681D7342-4B53-40C1-831E-0DA842BE6403}D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{8C6D52CE-11DD-4D45-B45D-C997F7F7636A}] => (Allow) D:\Program files\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{C0051B3C-A8BE-41FB-8548-91B7F2354AA9}] => (Allow) D:\Program files\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{936553AE-6343-41D5-9044-319938AC1B96}] => (Allow) D:\Program files\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{D1A37568-2025-4870-AC2C-EC5AECA5EE8D}] => (Allow) D:\Program files\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{8CA50BEA-F814-48FA-9F4E-DAF35F643311}] => (Allow) D:\Program files\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5C3E9600-26D0-4A2F-9D31-D3D3FA39F6D6}] => (Allow) D:\Program files\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{4860A63F-CCEB-45E5-97E3-459E0F44AB7F}] => (Allow) D:\Program files\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{698D092B-4F96-4579-8103-E420677DC68C}] => (Allow) D:\Program files\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{941FEBC4-E9F4-4DCD-AFBE-1B28507D72C9}] => (Allow) D:\Program files\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{D3453482-BA48-408D-BC08-C02C2E64B5A1}] => (Allow) D:\Program files\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{FFF1E4CF-6845-4101-9E34-329C66647957}] => (Allow) D:\Program files\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{D709F790-5333-46D7-8CC7-85E44CB69CDE}] => (Allow) D:\Program files\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{98EED11F-5516-4147-B997-A9ED6F33E1CA}] => (Allow) D:\Program files\steamapps\common\Dead Space\Dead Space.exe
FirewallRules: [{6E2E0A7E-258D-42AC-8C5A-350F50EFF30C}] => (Allow) D:\Program files\steamapps\common\Dead Space\Dead Space.exe
FirewallRules: [{86E351DB-5849-440B-B88B-E711B852CDC5}] => (Allow) D:\Program files\steamapps\common\Crysis Warhead\Bin32\Crysis.exe
FirewallRules: [{79B11F4F-5500-4A33-AF84-7592D4FB1946}] => (Allow) D:\Program files\steamapps\common\Crysis Warhead\Bin32\Crysis.exe
FirewallRules: [{18AC9262-31BF-4EF3-8B6C-126028B00A6C}] => (Allow) D:\Program files\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{5C4A0FFC-1B01-4A68-B1E8-33F5AA7FAEBC}] => (Allow) D:\Program files\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{55675F44-7665-4FFF-872B-10AAC7040B7F}] => (Allow) D:\Program files\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{B0C384ED-2B9C-4551-BBB7-4C7E7783EF1E}] => (Allow) D:\Program files\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{038627A1-B150-45CF-BD01-FF9BE7B5FCFA}] => (Allow) D:\Program files\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{C5AE46F3-3BA1-412A-A36E-4A9B73EA449D}] => (Allow) D:\Program files\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{3F6D13E5-887E-4CCD-8CBB-A47F6E9F5D21}] => (Allow) D:\Program files\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{E5C218D5-85DD-4C50-A7CA-11E199446843}] => (Allow) D:\Program files\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{1349887C-FAB4-41BE-A20F-7786D1732AFA}] => (Allow) D:\Program files\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{8DB8DB28-209F-4D17-BD69-15CE73495A7E}] => (Allow) D:\Program files\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{13F3FB45-1F5F-47A4-98BE-239A23CD344B}] => (Allow) D:\Program files\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{91F3B93C-251B-4D53-B344-A7025DC0FDAC}] => (Allow) D:\Program files\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{9642E6DE-FCAA-4F2D-B356-0B18E311E925}] => (Allow) D:\Program files\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{F9D2C055-6380-47C0-81DE-F633A370585A}] => (Allow) D:\Program files\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{43B7BF8F-FC3E-451A-B6AA-5C96B9C0C051}] => (Allow) D:\Program files\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{A8AE1EF9-9F41-4825-87CF-8B8CCD761FE8}] => (Allow) D:\Program files\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{8983D1FE-8326-45DD-9145-EE879743EAFE}] => (Allow) D:\Program files\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{948047E1-DC79-40CC-B840-89D46DD03FF2}] => (Allow) D:\Program files\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{4155C64B-7043-498C-9444-A97CE129F158}] => (Allow) D:\Program files\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{EB6D3C8F-47CA-40CD-AF09-6B00002D98ED}] => (Allow) D:\Program files\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{589A13CA-FD8C-4552-B8E5-397BEF5189E4}] => (Allow) D:\Program files\steamapps\common\Call of Duty 2\CoD2MP_s.exe
FirewallRules: [{BBAAB2CC-1B40-40B9-9954-946B435DCE57}] => (Allow) D:\Program files\steamapps\common\Call of Duty 2\CoD2MP_s.exe
FirewallRules: [{167372F8-51A6-4D95-9082-55DF135770FB}] => (Allow) D:\Program files\steamapps\common\Call of Duty 2\CoD2SP_s.exe
FirewallRules: [{5C5FBA4B-8149-4335-A0D6-DBFA9DB52BBE}] => (Allow) D:\Program files\steamapps\common\Call of Duty 2\CoD2SP_s.exe
FirewallRules: [{913774B4-E2B3-45A0-AC67-C91793801464}] => (Allow) D:\Program files\steamapps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{64621427-9B99-4D4E-9A5A-0202F6BB76BC}] => (Allow) D:\Program files\steamapps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{37F1B702-CEC0-4F86-8E70-40411578E8E2}] => (Allow) D:\Program files\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{349AC164-4DB2-48AF-8697-F5F5B959DE3B}] => (Allow) D:\Program files\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{A984A8AC-8948-42A6-A25F-7730C08EE4DC}] => (Allow) D:\Program files\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{67E9C678-585D-4A0B-A8DE-732848954A23}] => (Allow) D:\Program files\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{98C29A63-0472-496B-8AAD-584E48716BAA}] => (Allow) D:\Program files\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{D10EA609-761C-4A44-9393-D0A96CC120CB}] => (Allow) D:\Program files\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{E1BDE1D1-65AD-4614-97C8-C9B461AF583C}] => (Allow) D:\Program files\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{63D211AC-CD01-4102-B761-29FF8CC8F377}] => (Allow) D:\Program files\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{32565F91-B29F-46E9-9B71-B0BD8853A07A}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{1A5FE69E-9A48-4AF6-90BC-C1CCC15C64C5}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{6574CC47-D1C2-4BF8-BC6D-BA23199BC660}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{BBC3C4BB-6076-4799-A3ED-2E3FDCE0F426}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{42A13497-7305-448D-9E78-E80CAB8C5B32}] => (Allow) D:\Program files\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{7A18FBED-735D-4910-B021-EBAD5CD78038}] => (Allow) D:\Program files\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{8EC731E4-2B3F-469F-A622-43579E4A51BF}] => (Allow) D:\Program files\steamapps\common\RebelGalaxy\SteamLauncher.exe
FirewallRules: [{290FC246-D8BD-4682-9213-B4FD851304F8}] => (Allow) D:\Program files\steamapps\common\RebelGalaxy\SteamLauncher.exe
FirewallRules: [{DF9C372D-3A92-4ABB-B6F6-0A3F6E3870ED}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{144AED82-6AB1-4278-8837-809E754DFC2E}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{3A56C89C-21C2-479B-954C-A9FA623BA664}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{41BE2A52-9016-4C3E-9488-26A7D0A73031}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{C1813300-2FFC-466F-9F41-5B00CCD7200A}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{3E53BA7B-0817-4EDC-ACE0-84C8B18DA619}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{69761619-5B0D-43E0-888B-335B65BCA9B4}] => (Allow) D:\Program files\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{F13BD89F-6EA8-44DC-9C75-4802DD1BD87E}] => (Allow) D:\Program files\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{FE0F170B-49CD-4F65-9ED4-2F84660260D4}] => (Allow) D:\Program files\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{B3ACF2E5-4047-4D16-8236-04BA5B1F85BF}] => (Allow) D:\Program files\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{05FDB988-5C80-4668-91DC-64074466305B}] => (Allow) D:\Program files\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{75B12E55-64B6-4954-A0BD-D15B5059AC22}] => (Allow) D:\Program files\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{266BCB87-7489-4714-9C79-D4B4A69D3785}] => (Allow) D:\Program files\game.dat
FirewallRules: [{45AB811A-CC2A-4EE1-B544-32C46BD85CD8}] => (Allow) D:\Program files\game.dat
FirewallRules: [{36404B2A-74B2-4DC3-ACB5-D075C95D847D}] => (Allow) D:\Program files\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{66D6BBEB-2E17-46DB-975F-F7E683C70BB1}] => (Allow) D:\Program files\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{7FB4A5B4-1F95-4513-B883-A014D18FD627}] => (Allow) D:\Program files\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{B9494609-EDEC-46C0-822D-80449BB03F40}] => (Allow) D:\Program files\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{95825D22-366A-42EC-8A03-E8E51653C5A1}] => (Allow) D:\Program files\steamapps\common\Enemy Front\Bin32\DedicatedServer.exe
FirewallRules: [{95659016-6D08-4FCB-8536-5E1B5238A778}] => (Allow) D:\Program files\steamapps\common\Enemy Front\Bin32\DedicatedServer.exe
FirewallRules: [{6E090893-2227-48CF-B39F-9650BF0BBE9A}] => (Allow) D:\Program files\steamapps\common\Enemy Front\Bin32\EnemyFront.exe
FirewallRules: [{A721A48D-E2A0-4332-BD6F-71B40BCAE030}] => (Allow) D:\Program files\steamapps\common\Enemy Front\Bin32\EnemyFront.exe
FirewallRules: [{B3F2ABDB-B753-4464-9A06-CFF6DA59540D}] => (Allow) D:\Program files\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{F09D713C-2976-4111-9779-4216E5AE6835}] => (Allow) D:\Program files\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{7FE570F2-9F5D-4028-99FC-765ED063BE3D}] => (Allow) LPort=1900
FirewallRules: [{8FB03CE2-59EC-4F9C-9624-AD7A22D86528}] => (Allow) LPort=2869
FirewallRules: [{59D7E2A8-977E-4163-9BCD-7906CD7BA769}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BFF1FB30-2FA8-448A-ACBC-1AD2BDA5DA4D}] => (Allow) D:\Program files\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{1C59BE2D-5CD8-4F51-8301-42BF93078293}] => (Allow) D:\Program files\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{0E32066F-A538-427D-BAC5-5656602055D6}] => (Allow) D:\Program files\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{49A2A638-CCA7-4951-8A9F-0C4673FA04F9}] => (Allow) D:\Program files\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{3CAA67B6-6713-41C2-BC35-C4D646C16EAE}] => (Allow) D:\Program files\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{EC9D8A4B-3587-47E3-A8A9-99DE8A0D6A8F}] => (Allow) D:\Program files\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{13C535F8-8D8C-4F7E-B395-B4F062AB2AC9}] => (Allow) D:\Program files\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{1C3651B1-B52A-4A7C-B0A7-AED2EBE7ECC6}] => (Allow) D:\Program files\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{2F341DCC-D3E5-4B87-93C6-0A2E699FCCC3}] => (Allow) D:\Program files\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2A37B3B0-AD4C-4DFE-907B-80488CB8860D}] => (Allow) D:\Program files\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{BF46C409-FAB8-4D88-8F6D-688C394ADDDA}] => (Allow) D:\Program files\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{D969849C-DEDE-4B77-83C9-C0FE85B2F81F}] => (Allow) D:\Program files\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{7E564701-9B05-470E-8B88-FB638891FA49}] => (Allow) D:\Program files\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{B48F4628-E52A-4BAB-BE63-5E19A7D2AB95}] => (Allow) D:\Program files\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{2FE4BD59-7504-4FF4-8CA7-6B34E237C0B0}] => (Allow) D:\Program files\steamapps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{DDB443F3-35EE-4EBA-BDD0-F4B8F75CF25C}] => (Allow) D:\Program files\steamapps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{348B96AD-0F48-4DEB-B994-1BC6B5DA697C}] => (Allow) D:\Program files\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{6BA83878-7C26-4060-BF7E-D7EE72140609}] => (Allow) D:\Program files\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{60A18A7E-DB2A-43F2-9038-10B1F0817548}] => (Allow) D:\Program files\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{EB179371-9C1D-4D45-9997-195E41FE8601}] => (Allow) D:\Program files\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{A502A7FE-97D9-47F3-93F0-0D5BFABFFDF4}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B1321AF2-F307-4270-BC8E-1288AAC09FE4}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{3D515C28-990C-43F4-8FF5-B048F4B8DD2C}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{3D0EC9AA-17F5-463A-AC38-FA7BA86BE745}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{8D45F3E9-D3C9-4FAA-9990-DE0C941D4411}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A1497F58-AF8E-4A09-A943-3D6CCBBF9731}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{70B1050B-F539-4514-8FF3-6B015948DFA5}] => (Allow) D:\Program files\steamapps\common\Way of the Samurai 4\WayOfTheSamurai4.exe
FirewallRules: [{F218DF99-EC27-47A7-BD4D-C31099EFF0D1}] => (Allow) D:\Program files\steamapps\common\Way of the Samurai 4\WayOfTheSamurai4.exe
FirewallRules: [{10E23352-5C18-4974-A6C5-1353DA1CA1C7}] => (Allow) D:\Program files\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{FB95AD7A-9152-4E2F-9A37-877A7B642E66}] => (Allow) D:\Program files\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{9C7286F1-D7F1-4967-B334-10FF2FB05A4B}] => (Allow) D:\Program files\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{88A04E79-8263-49BE-9145-CAF433CA3BA4}] => (Allow) D:\Program files\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{FCA13A55-4F23-4BDB-A4F9-6E83E2D5C8FE}] => (Allow) D:\Program files\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{F1ECA28A-A9ED-48EE-A850-C06B6A8CFBE5}] => (Allow) D:\Program files\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{F9FF208D-07E0-4FE0-8F76-8FFFB0C53134}] => (Allow) D:\Program files\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{E34D0FA6-DDC1-477E-95EA-D44711ECDF3A}] => (Allow) D:\Program files\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{E4E39F9C-1641-4E6F-BAC5-CCC423C0D5DE}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoPortal\Lenovo.Portal.exe
FirewallRules: [{BBB309AA-BE13-4957-8A35-9C2416DD2E08}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{FE2516CE-AAEE-48ED-B6AB-7787550FCCD8}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{994389D0-B1A9-4D3E-96BC-1B41D0445A5D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{96B18693-74CF-457C-B9FB-7998995857DD}] => (Allow) D:\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{E23527BB-E329-474B-AEF0-4C0790A570C0}] => (Allow) D:\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{D2716C78-623D-4280-BCB7-0F75745353BF}] => (Allow) D:\VPN Unlimited\openvpn.exe
FirewallRules: [{144880FE-E307-4F80-9F06-92A63D2BE050}] => (Allow) D:\VPN Unlimited\openvpn.exe
FirewallRules: [{7819589E-5AC9-4A30-9FD5-2D0737C7B630}] => (Allow) D:\Program files\Steam.exe
FirewallRules: [{1B589443-8CA6-4405-8D7C-6AA40448D627}] => (Allow) D:\Program files\Steam.exe
FirewallRules: [{AFCFA2B5-627A-4AE2-8C7E-530D53DB4FE9}] => (Allow) D:\Program files\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{DBBADC7F-9E62-4FF4-9BB0-2CA1C744D34A}] => (Allow) D:\Program files\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{2557AA0D-6252-4BD0-ABC8-3500658B9FA4}] => (Allow) D:\Program files\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{640CB8F2-F196-4CDD-9BBD-D8977192E937}] => (Allow) D:\Program files\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [TCP Query User{8DBC766D-A068-4832-BC25-6F449C86B0F4}D:\program files\steamapps\common\watch_dogs\bin\watch_dogs.exe] => (Allow) D:\program files\steamapps\common\watch_dogs\bin\watch_dogs.exe
FirewallRules: [UDP Query User{3E634D2B-0500-4802-99A8-E350B5F8BFED}D:\program files\steamapps\common\watch_dogs\bin\watch_dogs.exe] => (Allow) D:\program files\steamapps\common\watch_dogs\bin\watch_dogs.exe
FirewallRules: [{B315C3CE-2CE5-4B18-88E6-F6A50CC5B92F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{6136AE92-8AB9-4A1A-933D-F195043DE3E9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{4190B3F8-5B23-4AEF-8737-69D92BE0BBBE}D:\program files\steamapps\common\everspace\rsg\binaries\win64\rsg-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\everspace\rsg\binaries\win64\rsg-win64-shipping.exe
FirewallRules: [UDP Query User{6141709E-30EB-4DFB-A128-9568929E87FC}D:\program files\steamapps\common\everspace\rsg\binaries\win64\rsg-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\everspace\rsg\binaries\win64\rsg-win64-shipping.exe
FirewallRules: [{626D57D2-B100-497C-86B3-0E414217DCD8}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{86893811-4E11-49D0-AC45-CA01ACE0BB4D}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [TCP Query User{505245C3-5B1B-4C9A-8BF7-96632554E399}D:\program files\steamapps\common\total war attila\attila.exe] => (Allow) D:\program files\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{1896D86E-E526-4E12-AFB1-5AD515BB980A}D:\program files\steamapps\common\total war attila\attila.exe] => (Allow) D:\program files\steamapps\common\total war attila\attila.exe
FirewallRules: [TCP Query User{EB4F8B10-19E3-4896-B894-02B714C7A4FE}D:\program files\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\program files\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe
FirewallRules: [UDP Query User{15647856-F7B7-40D6-97CE-5A65E2C66149}D:\program files\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\program files\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe
FirewallRules: [TCP Query User{7546D98D-84BE-4AD0-B42A-A5F5AEAC5169}D:\program files\steamapps\common\far cry primal\bin\fcprimal.exe] => (Allow) D:\program files\steamapps\common\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{F0D282C2-6C6A-4F24-A13A-01BD2D6D4DDD}D:\program files\steamapps\common\far cry primal\bin\fcprimal.exe] => (Allow) D:\program files\steamapps\common\far cry primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{63CBDBF6-B872-41F6-BC6A-01EAFF421B38}D:\program files\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\program files\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{B7647EDB-6064-460C-AE1E-A5E377ABCE1A}D:\program files\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\program files\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{4D9811DA-048B-458E-B313-867F6AAEE1FD}] => (Allow) D:\Program files\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{726D8F26-D93A-4140-87EB-E79E30CF1525}] => (Allow) D:\Program files\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{17A04860-7428-48FE-B5BA-006C2A0BD58C}] => (Allow) D:\Program files\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{E06E528A-A6C5-4975-8307-5021B4C81A02}] => (Allow) D:\Program files\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{02210263-9ADE-4630-AE26-7A8FB9B70F07}] => (Allow) D:\Program files\steamapps\common\Starpoint Gemini Warlords\GameLauncher.exe
FirewallRules: [{FDDF1D4A-6613-4656-A03B-FC527053F24F}] => (Allow) D:\Program files\steamapps\common\Starpoint Gemini Warlords\GameLauncher.exe
FirewallRules: [{54CF00E0-EEC4-4C4C-9AC5-BAFEAA5057F9}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{E8902CCE-E9F2-4E98-8E1B-8BB90B89FCBD}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{DEB55AF3-B3CF-40EB-A72F-CB94E841E99A}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{EB300AF2-214B-4C08-8547-084E21987307}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{56D99966-12CA-4F88-B4FF-07C85B323355}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{4C1C8E3D-BCC3-4F1E-96EE-8D06DC3CF9C4}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{F0725BA7-454C-486C-824E-CCAEA4C927AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0F1DB09B-5B22-4381-864F-57CA344952B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{31D426C0-CDC1-45BF-B82E-3EECF8953A59}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{38C30541-8C58-4515-9DB9-1502B3A2D19C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BCA0E7F3-6D9D-411A-A2A8-1262D35A9132}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E6B23DF4-0A5E-4551-AB5E-5ED5DE5983FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{42627B10-F584-4006-8BD5-D53853B79057}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D8837275-CE07-4CB1-A02E-5DB360B7C8F6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B4151755-2437-4F20-A7D7-E5CC9D46C91E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{90E9C1C9-CB7E-459E-980C-275A5B40D62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{CA364A99-567C-4C72-A30C-5CB60D030C6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F5353DEB-B51F-49EA-8A95-129682BD9B28}] => (Allow) D:\Program files\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{65EB5C92-D7CD-4EC1-98A8-BBBC7DF5B8C8}] => (Allow) D:\Program files\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{0F6ED5C2-7AF1-4D80-A0F6-60B4CACA55E7}] => (Allow) D:\Program files\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{587922BE-5DA2-4126-A13D-0EF75E2C58C3}] => (Allow) D:\Program files\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{8FB9D851-10FC-40BB-B1A7-2F013C8082A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D6B00D30-0BE4-4834-8D8D-64D27FE95C97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{68E84F29-279F-4E29-8A83-117A6517DA4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A4287A2D-745F-485F-8572-E18843DB341A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0AB7CCA9-2ECC-4935-B35D-1A016AC6D3DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FCBFEBC8-4D8D-422F-824C-F724EF2CB194}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9FCF7046-FAD2-4749-8112-4A20E40A8A50}] => (Allow) C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Temp\HouseCall\tmase\nmap\bonjour.exe
 
==================== Restore Points =========================
 
28-03-2018 15:38:55 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/29/2018 08:15:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Origin.exe, version: 10.5.15.44004, time stamp: 0x5aafed47
Faulting module name: Qt5WebEngineCore.dll, version: 5.8.0.0, time stamp: 0x5a30a1e8
Exception code: 0x80000003
Fault offset: 0x01f76c03
Faulting process id: 0x20b4
Faulting application start time: 0x01d3c6fb379f46f2
Faulting application path: C:\Program Files (x86)\Origin\Origin.exe
Faulting module path: C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
Report Id: 5af2b7ab-55ad-4dc5-9d6e-29a4ea81195d
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/28/2018 01:59:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Origin.exe, version: 10.5.15.44004, time stamp: 0x5aafed47
Faulting module name: Qt5WebEngineCore.dll, version: 5.8.0.0, time stamp: 0x5a30a1e8
Exception code: 0x80000003
Fault offset: 0x01f76c03
Faulting process id: 0x25c4
Faulting application start time: 0x01d3c6614afa5e5b
Faulting application path: C:\Program Files (x86)\Origin\Origin.exe
Faulting module path: C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
Report Id: 51e57614-5637-44db-9860-b4352f61ce82
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/28/2018 01:34:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Origin.exe, version: 10.5.15.44004, time stamp: 0x5aafed47
Faulting module name: Qt5WebEngineCore.dll, version: 5.8.0.0, time stamp: 0x5a30a1e8
Exception code: 0x80000003
Fault offset: 0x01f76c03
Faulting process id: 0x26fc
Faulting application start time: 0x01d3c65e8cc2fbf8
Faulting application path: C:\Program Files (x86)\Origin\Origin.exe
Faulting module path: C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
Report Id: 77d107dd-adb8-4cb8-bb8f-56b7ac94b5b3
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/28/2018 10:13:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
Dependent Assembly Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/28/2018 10:13:04 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
Dependent Assembly Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/28/2018 09:32:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Origin.exe, version: 10.5.15.44004, time stamp: 0x5aafed47
Faulting module name: Qt5WebEngineCore.dll, version: 5.8.0.0, time stamp: 0x5a30a1e8
Exception code: 0x80000003
Fault offset: 0x01f76c03
Faulting process id: 0x12f4
Faulting application start time: 0x01d3c63cf40a6c50
Faulting application path: C:\Program Files (x86)\Origin\Origin.exe
Faulting module path: C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
Report Id: 73572b4a-af45-45c4-8638-1d795c222afb
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/28/2018 09:23:05 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-0OKN7NQ$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep failed:
 
GetCACaps
 
Method: GET(625ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
 
Error: (03/28/2018 09:04:48 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-0OKN7NQ$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep failed:
 
GetCACaps
 
Method: GET(859ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
 
 
System errors:
=============
Error: (03/29/2018 08:17:56 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OKN7NQ)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-0OKN7NQ\lauri SID (S-1-5-21-584912067-1683141588-1664888071-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/28/2018 09:08:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0OKN7NQ)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (03/28/2018 09:08:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0OKN7NQ)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (03/28/2018 09:03:44 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OKN7NQ)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-0OKN7NQ\lauri SID (S-1-5-21-584912067-1683141588-1664888071-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/28/2018 04:29:21 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OKN7NQ)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-0OKN7NQ\lauri SID (S-1-5-21-584912067-1683141588-1664888071-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/28/2018 02:36:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OKN7NQ)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-0OKN7NQ\lauri SID (S-1-5-21-584912067-1683141588-1664888071-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/28/2018 02:00:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OKN7NQ)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-0OKN7NQ\lauri SID (S-1-5-21-584912067-1683141588-1664888071-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/28/2018 01:55:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Software Protection service hung on starting.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 49%
Total physical RAM: 16322.39 MB
Available physical RAM: 8259.6 MB
Total Virtual: 18754.39 MB
Available Virtual: 9208.24 MB
 
==================== Drives ================================
 
Drive b: (Windows) (Network) (Total:100 GB) (Free:17.7 GB) NTFS
Drive c: (Windows) (Fixed) (Total:100 GB) (Free:17.7 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: () (Fixed) (Total:1731.17 GB) (Free:76.55 GB) NTFS
Drive f: (Elements) (Fixed) (Total:931.48 GB) (Free:190.32 GB) NTFS
 
\\?\Volume{fff78e2c-dc23-414b-97fe-32265f25bb56}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
\\?\Volume{5b962e74-9e20-4de6-804c-f194399fb23e}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.59 GB) NTFS
\\?\Volume{b73deac6-68e0-4c5c-891e-48cd55b18e86}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:17.48 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 73CA0AEC)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 106CE890)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#7 RayS

RayS

  • Malware Response Team
  • 2,433 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:05 PM

Posted 31 March 2018 - 05:26 AM

Hi Z,

Thank you for the FRST logs and the extra description of the PC's symptoms.

 

when i try to boot in safe mode it just says that my PIN no. is incorrect.

Are you saying that the identical password that works without problem in normal boot will not allow logging in to safe mode? Describe what method you are using to attempt to enter safe mode. If you are referring to an actual PIN (not a password), what device is the PIN associated with? Some devices (e.g., a fingerprint scanner) cannot be used while attempting to launch safe mode.


 

Since posting this I have been reading up & posted on several other forums as well & have tried to remedy it myself...

That's good initiative on your part, but as long as we are working together, please heed the advice I gave in my welcoming message, "Please do not make any further changes to your computer (such as Install/Uninstall programs, use special fix tools, delete files, edit the registry, etc...) and don't perform any actions without being advised to do so." That will complicate and delay our ultimate goal -- cleaning your PC.


Overview
One of the supporting files for Electronic Arts Origin is missing or corrupt. Let's uninstall Origin and reinstall it. Please back up all your gamedata from Origin before you uninstall. See this Origin FAQ page for more details where it says, "Cancelling your Origin Access membership is quick and easy with your EA Account. (By the way, should you rejoin, all your games will be waiting for you, right where you left off). You can cancel from either the Origin Client or Origin.com."

Three of your Chrome extensions are known to cause problems and I'd like you to remove them. While opening your extensions list, Please critically evaluate all your other extensions and remove those you really don't need. Note especially three extensions that were not obtained from the Chrome Web Store and, therefore, are not endorsed by Google.


Uninstall programs

  • Press Windows key + R on your keyboard at the same time.
  • Type appwiz.cpl and press Enter.
  • Click Appwiz.cpl in the search results.
  • A list of installed programs will be displayed in the Programs and Features section of your Control Panel.
  • Uninstall the following by right-clicking on the program below (and any other similar names) and selecting Remove or Uninstall and clicking Yes.

Origin

  • Take note of any error messages you see.

 

 

Remove and/or update Chrome extensions

  • Launch your Chrome browser.
  • Type the following into the address bar: chrome://extensions and press Enter.
  • Click the trash can icon next to each of the following extensions:

Ecosia Omnibar Redirect (Legacy)

Chrome Web Store Payments
Chrome Media Router

  • Click the trash can icon next to all other extensions you don't really need. Note especially that the following did not come from the Chrome Web Store:

Stitcher

Watch ITV

Learn Thai Free - ThaiPod101.com

  • Optional: add a checkmark next to Developer mode and click Update extensions now.

 

Note: Restart your PC in normal boot.


Reinstall Origin

  • Use Chrome to visit Electronic Arts Origin access here and reinstall Origin.
  • If unable to access Origin with Chrome, try a different browser like Firefox.
  • Tell me whether normal access to Origin has been restored.

 

In your next reply...

  • Please tell me whether the identical password in normal boot is not accepted when logging in to safe mode.
  • Describe the method you are attempting for logging in to safe mode.
  • Confirm that you removed the Ecosia Omnibar Redirect (Legacy), Chrome Web Store Payments, and Chrome Media Router extensions from Chrome.
  • How many other extensions did you remove from Chrome?
  • Confirm whether you were able to access the Electronic Arts Origin website with Chrome.
  • How is your PC running now?

Thank you,

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#8 zyphodb

zyphodb
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 31 March 2018 - 07:49 AM

Hi there,

 

  1. when i try to boot in safe mode it just says that my PIN no. is incorrect.

It is my Microsoft acc PIN no. that I use to log into my PC & Laptop that logs in with no problem until I go to safe mode with networking, which I got to via settings/recovery/safe mode with networking where it then said repeatedly incorrect PIN no.

  1.    

Sry but I started uninstalling chrome extensions without writing down what I was uninstalling so I’ve given you a list of the remaining extensions. But before I do, I think you have possibly found the root problems already.  I deleted the extension Ecosia Omnibar Redirect (Legacy)   but the extensions Chrome Web Store Payments and Chrome Media Router didn’t appear on the chrome extensions page, nor do I have any memory of installing them Or Ecosia omibar redirect come to that……

  1. I have uninstalled & reinstalled Origin using windows uninstaller as you requested, I normally use Iobit (to get rid of all the remains that windows doesn’t)& am now, again stuck on getting to the login screen. Interestingly, previously to uninstalling, last night and this morning I was able to login with the origin app & play my games as normal but after reading your email I tried logging into the website(with chrome) and had the usual login failure, but after that the Origin app wouldn’t let me log in again which has continued after removing & reinstalling Origin. Error message there has been a log in error. Please try again later.(should I try logging into the origin website with firefox or edge maybe?)

 

here is the list of extensions that are showing on the Chrome extension page after I finished deleting:-

 

DuckDuckGo Privacy Essentials

Google Similar Pages

InvisibleHand

Protect My Choices

StumbleBar by StumbleUpon

uBlock Origin

RightToCopy

LastPass: Free Password Manager

Google Translate

Ghostery – Privacy Ad Blocker

Google Docs Offline

Hover Zoom

No Coin - Block miners on the web!

Search by Image (by Google)

WOT: Web of Trust, Website Reputation

 

I repeat Chrome Web Store Payments and Chrome Media Router have never appeared on the extensions page.

 

One other odd thing that happened shortly after your first email was having d/led Avast free edition with the intention of running a boot time scan I deleted Avira free edition with Iobit uninstaller so as not to have 2 antiviruses running at the same time. However when I booted the PC the next day Avira was back again, & I now have 2 antiviruses running…

 

I am loathe to completely cancel my origin acc as I have 200+ gbs of games that I don’t trust E.A. to return to my if I do this…

 

                   Best regards Zyphodb+



#9 RayS

RayS

  • Malware Response Team
  • 2,433 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:05 PM

Posted 02 April 2018 - 02:53 AM

Hi Z,
 
 

It is my Microsoft acc PIN no. that I use to log into my PC & Laptop that logs in with no problem until I go to safe mode with networking...


See this article. Excerpt: You can use Microsoft email account based logon or a Local account to access your computer. However, there are some design conflicts that may not allow you to use either of PIN or a Picture Password to log into your system. For example, when you’re in Safe Mode, neither of these alternatives work and you need to have a traditional password in that case. We have no need for safe mode at this point.

 
 

should I try logging into the origin website with firefox or edge maybe?


Tell me the address (URL) you are attempting. If it doesn't work with Chrome, try it with Firefox and/or Edge and tell me the results. When you attempt to log in using Origin or Chrome, do you type your password every time or are you allowing LastPass to supply the log in credentials for you?

 
 

...when I booted the PC the next day Avira was back again, & I now have 2 antiviruses running…


The addition.txt listing you supplied shows that both Avast and Avira are installed but Avast is disabled. Even while disabled, however, a possibility of conflicts exists. Please completely uninstall Avira.
 
 
 

I am loathe to completely cancel my origin acc as I have 200+ gbs of games that I don’t trust E.A. to return to my if I do this…


No need to cancel your account. It is enough to uninstall/reinstall the Origin app.


Thank you for the current list of your Chrome extensions. They are all harmless.


Please confirm the sequence of events was as follows:

  • Removed the Ecosia Omnibar Redirect Extension.
  • Accessed games using Origin and played games normally for some hours.
  • Tried log in to the EA website using Chrome but failed.
  • Was unable to re-log in again using Origin.
  • Uninstalled and reinstalled Origin.
  • Tried to log in again using Origin but it continued to fail.

 

Overview
Your FRST logs show that Origin is crashing. Do these procedures in the sequence as given:

  1. Uninstall Avira completely.
  2. I am supplying a short script for you to run with FRST. It will remove the Chrome Web Store Payments and Chrome Media Router extensions from your Chrome browser even if they are hidden.
  3. Try to log in to the Electronic Arts website using first Chrome then Firefox and/or Edge if Chrome fails.
  4. Uninstall and reinstall Origin again. Be sure to delete all elements of Origin except your gamedata.
  5. Try to access your games using Origin.
  6. Scan with FRST again to get a new set of logs.

 

Uninstall Avira
Use the Programs and Features section of your Control Panel.


Run Farbar Recovery Scan Tool (FRST) in FIX mode

Save your work and exit all programs because Farbar Recovery Scan Tool may reboot your computer.

  • Double-click on FRST64.exe to open the Farbar Recovery Scan Tool window.
  • Select the entire contents of the following code box including the Start:: and End:: directives.
  • Now press Ctrl+C to copy the contents into your clipboard.
Start::

C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

End::
  • Click the Fix button in the Farbar Recovery Scan Tool window.
  • Wait until the program completes execution.
  • The tool will create a log called Fixlog.txt. Please post it into your reply.

NOTICE: This script was written specifically for this user to be used on this particular machine. Running this script on another machine may cause damage to your operating system.


 
Test your browser(s)

  • Try to log in to the Electronic Arts website using first Chrome then Firefox and/or Edge if Chrome fails.
  • Tell me the web address (URL) you are trying.
  • Do you type the password each time or do you allow LastPass to log in for you?

 

 

Uninstall and reinstall Origin
Uninstall and reinstall Origin again as you did before. Be sure to delete all elements of Origin except your gamedata.


Access your games using Origin.
Try to access your games using Origin. Take note of all irregular symptoms. Copy error messages (if any) verbatim.


Re-scan with Farbar Recovery Scan Tool

  • Right-click FRST64.exe then click Run as administrator.
  • When the tool opens, click Yes to disclaimer.
  • When the tool is done updating itself, it will show This tool is ready to use. near the upper left corner of the tool's window.
  • Under Optional Scan, be sure a checkmark is placed next to Addition.txt.
  • Click Scan.
  • When finished, it will produce logs called FRST.txt and Addition.txt in the same directory where the tool was run from.
  • Please copy and paste both logs into your next reply.

 

 

In your next reply...

  • Confirm the sequence of steps you described in your Post #8. I want to be sure I understand what you did and what the sequence was.
  • Copy and paste the entire contents of Fixlog.txt into the body of your message.
  • Were you able to log in to the EA site? What browser(s) did you use? What web address did you use? Did you log in using LastPass?
  • Were you able to access your games via Origin? If not, describe symptoms and provide verbatim copies of error messages.
  • Copy and paste the entire contents of FRST.txt and Addition.txt into the body of your message.
  • How is your PC running now?

 

Thank you,

Ray

Edited a typo


Edited by RayS, 02 April 2018 - 02:59 AM.

I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#10 zyphodb

zyphodb
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 02 April 2018 - 10:20 PM

Hi Ray,

             The sequence of events was as follows:-

  • Accessed games using Origin and played games normally for some hours.
  • Removed the Ecosia Omnibar Redirect Extension.
  • Tried log in to the EA website using Chrome but failed.
  • Was unable to re-log in again using Origin.
  • Uninstalled and reinstalled Origin.
  • Tried to log in again using Origin but it continued to fail.

   As you can see it was the same apart from 1. & 2. being the other way around.

 

I'm trying to do your other steps but I'm having problems as something seems to be monopolizing my internet connection, I'm finding myself unable to play online games on steam for any length of time without getting cut off.

However this could just be my connection playing up, it's a signal from a 3g cellphone mast sent to a receiver on a 5 meter mast at my home 4 km away, as you can imagine this does not always work well but is the only realistically priced way for me where I am here in Thailand. I shall be back at my other home where I work at the end of the month which has a much better internet connection.

I uninstalled Avira again but it still came back on reboot so I went into C/programme files, found it & deleted the folder after switching it off in task manager, it seems to be permanently gone now. I have followed your instructions for the FRST fix. Here is the log:-

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by lauri (03-04-2018 09:28:57) Run:1
Running from C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop
Loaded Profiles: lauri (Available Profiles: lauri)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
 
*****************
 
C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully
 
==== End of Fixlog 09:28:58 ====
 
I have uninstalled & reinstalled origin it comes up with the same sign in error as before.

 

I have tried Chrome & Firefox on the origin site, I'm not getting the option weather to use lastpass or not, I hit sign in & it goes straight to attempting to sign in & then very quickly comes up with sign in failure. I tried putting it in manually on edge, as the only browser without lastpass on & it worked. I then tried the origin app again while remaining signed in on edge to see if that made any difference, unfortunately it has made no difference, same login error. the web address i used for origin was https://www.origin.com/tha/en-us/store the same one on all browsers.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by lauri (administrator) on DESKTOP-0OKN7NQ (03-04-2018 10:13:14)
Running from C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop
Loaded Profiles: lauri (Available Profiles: lauri)
Platform: Windows 10 Home Single Language Version 1709 16299.309 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows ® Win 7 DDK provider) C:\Windows\System32\AdminService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Lenovo) C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\UMonit64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Windows\jmesoft\ServiceLoader.exe
(Sonix Technology Co., Ltd.) C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-05-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-05-14] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-07-15] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-28] (AVAST Software)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink)
HKLM-x32\...\Run: [jmekey] => C:\Windows\jmesoft\hotkey.exe [118784 2013-07-25] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-17] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [snp2uvc] => C:\WINDOWS\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM-x32\...\Run: [tsnp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [322560 2011-09-07] (Sonix Technology Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{52f8ae17-6c0f-4915-a5c7-016b5016bd81}: [DhcpNameServer] 203.113.111.98 203.113.111.11
Tcpip\..\Interfaces\{56b153e8-a1e9-41a8-9a31-1863d93a7cf4}: [DhcpNameServer] 10.204.0.1
Tcpip\..\Interfaces\{95150bee-c04b-4dd7-976f-360184d022f4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d37eca95-c475-41f2-8f26-e3cc54a572e8}: [DhcpNameServer] 10.200.0.1
Tcpip\..\Interfaces\{f3952f38-1186-4ea9-9839-58e24916a4f6}: [DhcpNameServer] 203.144.206.49 203.144.206.29
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-584912067-1683141588-1664888071-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-584912067-1683141588-1664888071-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-584912067-1683141588-1664888071-1001 -> DefaultScope {3D5B03F4-6AD0-4888-8CE2-95AB9EC2FF9A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-21] (Oracle Corporation)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2017-08-04] (IObit)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-21] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
 
FireFox:
========
FF DefaultProfile: t06qodeh.default
FF ProfilePath: C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Mozilla\Firefox\Profiles\t06qodeh.default [2018-04-03]
FF Extension: (Chrome Store Foxified) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Mozilla\Firefox\Profiles\t06qodeh.default\Extensions\Chrome-Store-Foxified@jetpack.xpi [2018-04-03]
FF Extension: (Name) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Mozilla\Firefox\Profiles\t06qodeh.default\Extensions\firefox@ghostery.com.xpi [2018-04-03]
FF Extension: (To Google Translate) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Mozilla\Firefox\Profiles\t06qodeh.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-04-03]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Mozilla\Firefox\Profiles\t06qodeh.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2018-04-03]
FF Extension: (LastPass: Free Password Manager) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Mozilla\Firefox\Profiles\t06qodeh.default\Extensions\support@lastpass.com.xpi [2018-04-03]
FF Extension: (Hover Zoom+) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Mozilla\Firefox\Profiles\t06qodeh.default\Extensions\{1f50c5bd-711d-441f-8cdf-d2043bcce0f9}.xpi [2018-04-03]
FF Extension: (No Coin - Block miners on the web!) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Mozilla\Firefox\Profiles\t06qodeh.default\Extensions\{5657c026-efc3-4860-b43b-16e4eaa8a9aa}.xpi [2018-04-03]
FF Extension: (__MSG_appName__) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Mozilla\Firefox\Profiles\t06qodeh.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2018-04-03]
FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Mozilla\Firefox\Profiles\t06qodeh.default\features\{69a0c3a2-dc6d-4ad3-9a11-73922ab9fa1a}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-04-03] [Legacy]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://aboutblank/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default [2018-04-03]
CHR Extension: (Google Translate) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-10]
CHR Extension: (Google Drive) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-10]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-03-10]
CHR Extension: (DuckDuckGo) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2018-03-30]
CHR Extension: (YouTube) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-10]
CHR Extension: (uBlock Origin) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-03-20]
CHR Extension: (Search by Image (by Google)) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2018-03-10]
CHR Extension: (Stitcher) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcenjghnbkdmdncneijobnbgjcadnbge [2018-03-10]
CHR Extension: (PicMonkey) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm [2018-03-10]
CHR Extension: (Google Docs Offline) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-10]
CHR Extension: (iPlayer) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgmajojbjblmdmlebglpllemlhkfjmk [2018-03-10]
CHR Extension: (Learn Thai Free - ThaiPod101.com) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmmgcobjnmoilnkmahocaipdccbjoodi [2018-03-10]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-03-10]
CHR Extension: (Protect My Choices) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgloanjhdcenjgiafkpbehddcnonlic [2018-03-27]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-03-30]
CHR Extension: (Up To Ten) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkmdpjhkpaefacnclohblibjodcofpnd [2018-03-10]
CHR Extension: (StumbleBar by StumbleUpon) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2018-03-10]
CHR Extension: (InvisibleHand) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko [2018-03-10]
CHR Extension: (UK Radio Absolute) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljiiongfgmepdfnfndmpccopehjdlddl [2018-03-10]
CHR Extension: (Google Maps) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-03-10]
CHR Extension: (3D Solar System Web) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2018-03-10]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-03-10]
CHR Extension: (Google Play Books) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2018-03-10]
CHR Extension: (Hover Zoom) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2018-03-10]
CHR Extension: (Gmail) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-10]
CHR Extension: (Google Similar Pages) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnfggphgdjblhfjaphkjhfpiiekbbej [2018-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-03]
CHR Extension: (Watch ITV) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkehfjjplbohfmcklpllagnebkdibpl [2018-03-10]
CHR Extension: (RightToCopy) - C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmcimdddlobkphnofejmeidjblideca [2018-03-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-28] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-28] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2017-03-24] ()
S3 Disc Soft Lite Bus Service; D:\Program files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd)
R2 FastbootService; C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe [288768 2015-11-10] (Lenovo) [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [662600 2018-02-18] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8410184 2018-02-18] (GOG.com)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S4 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-20] (Intel Corporation) [File not signed]
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-20] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
S3 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-17] () [File not signed]
R2 LenovoPortalService; C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe [24312 2015-11-10] ()
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [523152 2018-03-14] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [523152 2018-03-14] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2158912 2018-04-03] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3028808 2018-04-03] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2018-03-18] ()
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [31176 2016-01-20] (SHAREit Technologies Co.Ltd)
S3 UpdateAgentService; C:\Program Files\update\UpdateAgent.exe [226216 2015-11-10] ()
S3 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [61784 2017-04-11] (KeepSolid Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
S2 Avira.ServiceHost; "C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196648 2018-03-28] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-28] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-28] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-28] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-28] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [215320 2018-03-28] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-03-28] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146656 2018-03-28] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-03-28] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-03-28] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-03-28] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-03-28] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-03-28] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-03-28] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-01-03] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [46392 2016-01-03] (Disc Soft Ltd)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [538088 2017-03-22] (Intel Corporation)
R0 Fastboot; C:\WINDOWS\System32\DRIVERS\Fastboot.sys [67608 2015-11-10] (Windows ® Win 7 DDK provider) [File not signed]
R0 FBFsmon; C:\WINDOWS\System32\DRIVERS\FBFsmon.sys [39448 2015-11-10] (Windows ® Win 7 DDK provider) [File not signed]
R2 FBNetFilter; C:\WINDOWS\system32\Drivers\FBNetFlt.sys [32792 2015-11-10] (Windows ® Win 7 DDK provider) [File not signed]
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [131160 2016-10-05] (Genesys logic)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-31] (REALiX™)
S3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [24056 2017-07-19] (IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [40328 2018-01-10] (IObit.com)
S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2017-09-29] (MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlei.inf_amd64_021dbdd953a33529\nvlddmkm.sys [17526688 2018-03-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31632 2018-03-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-16] (NVIDIA Corporation)
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [32568 2015-08-15] (EldoS Corporation)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-04-14] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
U1 aswbdisk; no ImagePath
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-04-03 09:48 - 2018-04-03 10:00 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Origin
2018-04-03 09:48 - 2018-04-03 09:48 - 000001069 _____ C:\Users\Public\Desktop\Origin.lnk
2018-04-03 09:48 - 2018-04-03 09:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2018-04-03 09:48 - 2018-04-03 09:48 - 000000000 ____D C:\Program Files (x86)\Origin
2018-04-03 09:39 - 2018-04-03 09:39 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Origin
2018-04-03 09:31 - 2018-04-03 09:31 - 000000909 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Fixlog no.1.txt
2018-04-03 09:28 - 2018-04-03 09:28 - 000000909 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Fixlog.txt
2018-04-03 08:33 - 2018-04-03 08:33 - 000000094 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Firefox API keys.txt
2018-04-03 08:23 - 2018-04-03 09:37 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Mozilla
2018-04-03 08:23 - 2018-04-03 08:28 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Mozilla
2018-04-03 08:23 - 2018-04-03 08:23 - 000001006 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-04-03 08:23 - 2018-04-03 08:23 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Mozilla
2018-04-03 08:21 - 2018-04-03 08:21 - 000313520 _____ (Mozilla) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\Firefox Installer.exe
2018-04-03 08:08 - 2018-04-03 08:08 - 000000000 ____D C:\Users\lauri\Downloads\Aurio Corra - Reiki
2018-04-03 07:45 - 2018-04-03 07:45 - 000015639 _____ C:\Users\lauri\Downloads\Aurio Corra - Reiki.torrent
2018-04-03 07:44 - 2018-04-03 07:50 - 000000000 ____D C:\Users\lauri\Downloads\Steve Murray - Reiki Healing
2018-04-03 07:44 - 2018-04-03 07:44 - 000010912 _____ C:\Users\lauri\Downloads\Steve Murray - Reiki Healing.torrent
2018-04-02 18:44 - 2018-04-02 18:44 - 000001200 _____ C:\Users\Public\Desktop\Avira.lnk
2018-04-02 15:40 - 2018-04-02 15:40 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\rkill64.exe
2018-04-01 11:32 - 2018-04-01 11:33 - 000265331 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Thai months of year.jpeg
2018-03-31 08:05 - 2018-03-31 08:05 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\EA Games
2018-03-30 10:18 - 2018-04-03 09:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-03-29 09:36 - 2018-03-29 09:36 - 000088422 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Addition.txt
2018-03-29 09:34 - 2018-04-03 10:13 - 000028156 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\FRST.txt
2018-03-29 09:10 - 2018-04-03 10:13 - 000000000 ____D C:\FRST
2018-03-29 09:10 - 2018-03-29 09:10 - 002403328 _____ (Farbar) C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\FRST64.exe
2018-03-28 10:13 - 2018-03-28 10:13 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\AVAST Software
2018-03-28 10:12 - 2018-04-02 18:39 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-03-28 10:12 - 2018-03-28 10:12 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-03-28 10:12 - 2018-03-28 10:12 - 000001992 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-03-28 10:12 - 2018-03-28 10:12 - 000001980 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-03-28 10:11 - 2018-03-28 10:11 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-03-28 10:11 - 2018-03-28 10:11 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000196648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000146656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-03-28 10:11 - 2018-03-28 10:11 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-03-28 10:11 - 2018-03-28 10:10 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-03-28 10:11 - 2018-03-28 10:10 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-03-28 10:11 - 2018-03-28 10:10 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-03-28 10:11 - 2018-03-28 10:10 - 000215320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-03-28 10:11 - 2018-03-28 10:10 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-03-28 10:11 - 2018-03-28 10:10 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-03-28 10:08 - 2018-03-28 10:08 - 000000000 ____D C:\Program Files\AVAST Software
2018-03-28 10:07 - 2018-03-28 10:07 - 007302848 _____ (AVAST Software) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\avast_free_antivirus_setup_online.exe
2018-03-28 10:04 - 2018-03-28 10:04 - 000444258 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\ars.cache
2018-03-28 09:05 - 2018-03-28 09:05 - 000001927 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-03-28 09:05 - 2018-03-28 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-28 09:05 - 2018-03-28 09:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-28 09:05 - 2018-03-28 09:05 - 000000000 ____D C:\Program Files\Malwarebytes
2018-03-28 09:05 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-03-28 08:59 - 2018-03-28 08:59 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2018-03-28 08:56 - 2018-03-28 08:56 - 000000194 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\hosts-perm.bat
2018-03-28 08:53 - 2018-04-02 15:42 - 000001970 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Rkill.txt
2018-03-28 08:52 - 2018-03-28 08:52 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\rkill.exe
2018-03-28 08:08 - 2018-03-28 08:27 - 000000000 ___HD C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Ncached16
2018-03-27 18:42 - 2018-03-27 18:42 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\UnrealEngine
2018-03-27 15:42 - 2018-03-27 15:42 - 000215128 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2018-03-27 08:47 - 2018-03-28 09:39 - 000000010 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\sponge.last.runtime.cache
2018-03-27 08:40 - 2018-03-27 08:40 - 000000000 ____D C:\WINDOWS\Trend Micro
2018-03-27 08:40 - 2018-03-27 08:40 - 000000000 ____D C:\ProgramData\Trend Micro
2018-03-27 08:37 - 2018-03-27 08:37 - 002527376 _____ (Trend Micro Inc.) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\HousecallLauncher64.exe
2018-03-27 08:37 - 2018-03-27 08:37 - 000000036 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\housecall.guid.cache
2018-03-27 08:37 - 2017-10-17 23:40 - 000334488 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2018-03-27 08:18 - 2018-03-27 08:18 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\ESET
2018-03-27 08:17 - 2018-03-27 08:18 - 006968952 _____ (ESET spol. s r.o.) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\esetonlinescanner_enu.exe
2018-03-27 06:40 - 2018-03-27 06:40 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-03-27 06:39 - 2018-03-27 06:40 - 000192416 _____ C:\WINDOWS\ntbtlog.txt
2018-03-26 18:31 - 2018-02-12 19:09 - 000096710 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Fishing Planet Unique Technique Reference - Techniques.pdf
2018-03-26 16:52 - 2018-03-26 16:52 - 004135710 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\my msinfo.txt
2018-03-26 10:53 - 2018-04-03 10:09 - 000000000 ____D C:\ProgramData\Origin
2018-03-26 10:46 - 2018-03-26 10:49 - 065744352 _____ (Electronic Arts) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\OriginThinSetup.exe
2018-03-25 18:48 - 2018-03-25 18:48 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Battlefield 3
2018-03-25 16:10 - 2018-03-25 16:10 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Macromedia
2018-03-25 09:39 - 2018-03-28 15:38 - 000000000 ____D C:\ProgramData\AVAST Software
2018-03-25 09:38 - 2018-03-26 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-03-25 09:38 - 2018-03-26 10:35 - 000000000 ____D C:\Program Files\CCleaner
2018-03-24 19:56 - 2018-03-24 19:56 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\.LSC
2018-03-23 19:39 - 2018-03-23 19:39 - 000000016 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\origin info no.txt
2018-03-23 18:43 - 2018-04-02 09:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\CrashDumps
2018-03-22 19:25 - 2018-03-22 19:25 - 000001463 _____ C:\Users\Public\Desktop\Advanced SystemCare 11.lnk
2018-03-22 19:25 - 2018-03-22 19:25 - 000000000 ____D C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
2018-03-22 19:24 - 2018-03-22 19:24 - 028866136 _____ (IObit ) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\advanced-systemcare-setup.exe
2018-03-22 19:22 - 2018-03-22 19:22 - 095825920 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2018-03-22 19:22 - 2018-03-22 19:22 - 005591040 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2018-03-22 19:22 - 2018-03-22 19:22 - 000385024 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2018-03-22 19:22 - 2018-03-22 19:22 - 000061440 _____ C:\WINDOWS\system32\config\SAM.iobit
2018-03-22 19:22 - 2018-03-22 19:22 - 000036864 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2018-03-21 23:03 - 2018-03-21 23:03 - 000002213 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2018-03-21 23:02 - 2018-03-21 23:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-03-21 23:02 - 2018-03-21 23:02 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-03-21 23:02 - 2018-03-21 23:02 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-03-21 23:02 - 2018-03-17 01:15 - 000542056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-03-21 23:02 - 2018-03-17 01:15 - 000447848 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-03-21 23:02 - 2018-03-16 05:42 - 000137664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-03-21 23:02 - 2018-03-16 05:40 - 000123840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-03-21 23:02 - 2017-12-09 05:25 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-03-21 23:02 - 2017-12-09 05:25 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-03-21 23:02 - 2017-12-09 05:24 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-03-21 23:02 - 2017-12-09 05:24 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-03-21 23:01 - 2018-03-17 01:12 - 000997280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-03-21 23:01 - 2018-03-17 01:12 - 000949176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-03-21 23:01 - 2018-03-17 01:12 - 000625592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-03-21 23:01 - 2018-03-17 01:12 - 000515672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 040278616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 035189336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 004318464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 003719200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 001985280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439124.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 001684000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439124.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 001138432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 001066072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 000748960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-03-21 23:01 - 2018-03-17 01:11 - 000608344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 019854816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 016496072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 013571008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 011131872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 001355408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 001346128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 001153568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 001067368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 000902096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 000811992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 000650232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-03-21 23:01 - 2018-03-17 01:01 - 000633224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-03-21 23:01 - 2018-03-17 01:00 - 012966216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-03-21 23:01 - 2018-03-17 01:00 - 011000296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-03-21 23:01 - 2018-03-17 01:00 - 004629824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-03-21 23:01 - 2018-03-17 01:00 - 003937000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-03-21 23:01 - 2018-03-17 01:00 - 001061168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-03-21 23:01 - 2018-03-16 07:57 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-03-21 23:01 - 2018-03-16 07:57 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-03-21 23:01 - 2018-03-16 07:57 - 000058816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-03-21 23:01 - 2018-03-16 07:57 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-03-21 23:01 - 2018-03-16 07:57 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-03-21 22:52 - 2018-04-03 09:25 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-04-03 09:25 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-04-03 09:25 - 000003140 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-04-03 09:25 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-04-03 09:25 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-04-03 09:25 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-04-03 09:25 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-04-03 09:25 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-21 22:52 - 2018-03-21 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-03-21 22:52 - 2018-03-21 22:52 - 000001524 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-03-21 22:52 - 2018-03-21 22:52 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\ansel
2018-03-21 22:52 - 2018-03-14 20:01 - 002480520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-03-21 22:52 - 2018-03-14 20:01 - 002137488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-03-21 22:52 - 2018-03-14 20:01 - 001310608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-03-21 22:52 - 2018-03-14 19:44 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-03-21 22:52 - 2018-03-05 13:18 - 000189784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-03-21 22:52 - 2018-03-05 13:18 - 000152408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-03-21 22:46 - 2018-03-21 22:46 - 091075776 _____ (NVIDIA Corporation) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\GeForce_Experience_v3.13.1.30.exe
2018-03-21 22:46 - 2017-12-15 09:03 - 000059240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-03-21 22:42 - 2018-03-21 22:42 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Sun
2018-03-21 22:42 - 2018-03-21 22:42 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Sun
2018-03-21 22:41 - 2018-03-21 22:42 - 000000000 ____D C:\ProgramData\Oracle
2018-03-21 22:41 - 2018-03-21 22:41 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-03-21 22:41 - 2018-03-21 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-03-21 22:41 - 2018-03-21 22:41 - 000000000 ____D C:\Program Files (x86)\Java
2018-03-21 22:40 - 2018-03-21 22:40 - 001861696 _____ (Oracle Corporation) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\JavaSetup8u161.exe
2018-03-21 22:32 - 2018-03-25 16:26 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Nvidia Corporation
2018-03-21 22:29 - 2018-03-21 23:10 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Battlefield 1
2018-03-21 22:29 - 2018-03-21 22:52 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\NVIDIA
2018-03-21 21:30 - 2018-03-21 21:30 - 000000876 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2018-03-21 21:30 - 2018-03-21 21:30 - 000000000 ___HD C:\Program Files\Common FilesEAInstaller
2018-03-21 21:30 - 2018-03-21 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1
2018-03-21 19:43 - 2018-03-21 19:43 - 000280600 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2018-03-21 15:25 - 2018-03-21 15:25 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\My facebook files
2018-03-21 15:23 - 2018-03-21 15:23 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\WinRAR
2018-03-20 12:36 - 2018-03-20 12:36 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\.mono
2018-03-20 12:36 - 2018-03-20 12:36 - 000000000 ____D C:\ProgramData\.mono
2018-03-20 12:34 - 2018-03-20 12:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\RussianFishingLLC
2018-03-20 12:34 - 2018-03-20 12:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Russian Fishing LLC
2018-03-18 23:56 - 2018-03-18 23:56 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\MOHW
2018-03-18 22:25 - 2018-03-26 10:36 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\BFBC2
2018-03-18 22:25 - 2018-03-18 23:56 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\PunkBuster
2018-03-18 09:33 - 2018-03-18 09:33 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Battlefield 4
2018-03-18 09:29 - 2018-03-18 09:29 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\.QtWebEngineProcess
2018-03-18 09:29 - 2018-03-18 09:29 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\.Origin
2018-03-17 08:53 - 2018-03-17 08:53 - 000002262 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-03-17 08:53 - 2018-03-17 08:53 - 000002224 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-03-17 08:52 - 2018-03-17 08:52 - 001129816 _____ (Google Inc.) C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\GoogleEarthProSetup.exe
2018-03-17 08:52 - 2018-03-17 08:52 - 000000000 ____D C:\Program Files\Google
2018-03-17 08:48 - 2018-03-17 08:48 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Google
2018-03-16 16:45 - 2018-03-03 04:09 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-03-16 16:45 - 2018-03-03 04:09 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-16 16:32 - 2018-03-16 16:32 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-03-16 16:32 - 2018-03-16 16:32 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-03-16 16:30 - 2018-03-02 10:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-03-16 16:30 - 2018-03-01 14:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-03-16 16:30 - 2018-03-01 14:31 - 008602520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-03-16 16:30 - 2018-03-01 14:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-16 16:30 - 2018-03-01 14:17 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-03-16 16:30 - 2018-03-01 14:15 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-03-16 16:30 - 2018-03-01 14:14 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-03-16 16:30 - 2018-03-01 14:14 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-03-16 16:30 - 2018-03-01 14:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-03-16 16:30 - 2018-03-01 14:14 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-03-16 16:30 - 2018-03-01 14:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-03-16 16:30 - 2018-03-01 14:09 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-03-16 16:30 - 2018-03-01 13:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-03-16 16:30 - 2018-03-01 13:29 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-03-16 16:30 - 2018-03-01 13:28 - 006480616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-16 16:30 - 2018-03-01 13:28 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-03-16 16:30 - 2018-03-01 13:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-03-16 16:30 - 2018-03-01 13:26 - 001057816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-03-16 16:30 - 2018-03-01 13:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-03-16 16:30 - 2018-03-01 13:09 - 025251840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-03-16 16:30 - 2018-03-01 13:03 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-03-16 16:30 - 2018-03-01 13:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-03-16 16:30 - 2018-03-01 13:03 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-03-16 16:30 - 2018-03-01 13:01 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-03-16 16:30 - 2018-03-01 12:57 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-03-16 16:30 - 2018-03-01 12:56 - 018922496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-03-16 16:30 - 2018-03-01 12:56 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-03-16 16:30 - 2018-03-01 12:54 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-03-16 16:30 - 2018-03-01 12:54 - 001296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-03-16 16:30 - 2018-03-01 12:54 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-03-16 16:30 - 2018-03-01 12:54 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-03-16 16:30 - 2018-03-01 12:53 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-03-16 16:30 - 2018-03-01 12:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-03-16 16:30 - 2018-03-01 12:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-03-16 16:30 - 2018-03-01 12:52 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-03-16 16:30 - 2018-03-01 12:52 - 006030336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-03-16 16:30 - 2018-03-01 12:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-03-16 16:30 - 2018-03-01 12:50 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-03-16 16:30 - 2018-03-01 12:50 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-03-16 16:30 - 2018-03-01 12:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-03-16 16:30 - 2018-03-01 12:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-16 16:30 - 2018-03-01 12:48 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-03-16 16:30 - 2018-03-01 12:47 - 023674368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-03-16 16:30 - 2018-03-01 12:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-03-16 16:30 - 2018-03-01 12:45 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-03-16 16:30 - 2018-03-01 12:45 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-03-16 16:30 - 2018-03-01 12:43 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-03-16 16:30 - 2018-03-01 12:42 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-03-16 16:30 - 2018-03-01 12:41 - 008103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-03-16 16:30 - 2018-03-01 12:41 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-03-16 16:30 - 2018-03-01 12:41 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-03-16 16:30 - 2018-03-01 12:41 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-03-16 16:30 - 2018-03-01 12:41 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-03-16 16:30 - 2018-03-01 12:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-03-16 16:30 - 2018-02-22 09:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-03-16 16:30 - 2018-02-22 09:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-03-16 16:30 - 2018-02-22 09:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-03-16 16:30 - 2018-02-22 09:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-03-16 16:30 - 2018-02-22 09:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-03-16 16:30 - 2018-02-22 09:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-03-16 16:30 - 2018-02-22 09:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-03-16 16:30 - 2018-02-22 09:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-03-16 16:30 - 2018-02-22 08:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-03-16 16:30 - 2018-02-22 08:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-03-16 16:30 - 2018-02-22 08:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-03-16 16:30 - 2018-02-22 08:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-03-16 16:30 - 2018-02-22 08:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-03-16 16:30 - 2018-02-22 07:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-03-16 16:30 - 2018-02-22 07:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-03-16 16:30 - 2018-02-22 07:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-03-16 16:30 - 2018-02-22 07:26 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-03-16 16:30 - 2018-02-10 13:16 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-03-16 16:30 - 2018-02-10 13:15 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-03-16 16:30 - 2018-02-10 13:15 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-03-16 16:30 - 2018-02-10 13:14 - 004504464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-03-16 16:30 - 2018-02-10 13:14 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-03-16 16:30 - 2018-02-10 13:13 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-03-16 16:30 - 2018-02-10 13:12 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-03-16 16:30 - 2018-02-10 13:09 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-03-16 16:30 - 2018-02-10 13:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-03-16 16:30 - 2018-02-10 13:08 - 003010248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-03-16 16:30 - 2018-02-10 13:07 - 004506576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-03-16 16:30 - 2018-02-10 13:06 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-03-16 16:30 - 2018-02-10 13:04 - 006791984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-03-16 16:30 - 2018-02-10 13:04 - 001426672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-03-16 16:30 - 2018-02-10 13:04 - 001254144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-03-16 16:30 - 2018-02-10 13:04 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-03-16 16:30 - 2018-02-10 13:04 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-03-16 16:30 - 2018-02-10 13:04 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-03-16 16:30 - 2018-02-10 13:03 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2018-03-16 16:30 - 2018-02-10 12:21 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-03-16 16:30 - 2018-02-10 12:17 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-03-16 16:30 - 2018-02-10 12:09 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-03-16 16:30 - 2018-02-10 12:06 - 006014688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-03-16 16:30 - 2018-02-10 12:06 - 004670728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-03-16 16:30 - 2018-02-10 12:06 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-03-16 16:30 - 2018-02-10 12:05 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-03-16 16:30 - 2018-02-10 12:05 - 001149272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-03-16 16:30 - 2018-02-10 12:05 - 000662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-03-16 16:30 - 2018-02-10 11:49 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-03-16 16:30 - 2018-02-10 11:47 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-03-16 16:30 - 2018-02-10 11:47 - 013704192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-03-16 16:30 - 2018-02-10 11:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-03-16 16:30 - 2018-02-10 11:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-03-16 16:30 - 2018-02-10 11:46 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-03-16 16:30 - 2018-02-10 11:45 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-03-16 16:30 - 2018-02-10 11:45 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-03-16 16:30 - 2018-02-10 11:44 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-03-16 16:30 - 2018-02-10 11:43 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-03-16 16:30 - 2018-02-10 11:43 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-03-16 16:30 - 2018-02-10 11:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-03-16 16:30 - 2018-02-10 11:42 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-03-16 16:30 - 2018-02-10 11:42 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-03-16 16:30 - 2018-02-10 11:42 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-03-16 16:30 - 2018-02-10 11:42 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-03-16 16:30 - 2018-02-10 11:41 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-03-16 16:30 - 2018-02-10 11:41 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-03-16 16:30 - 2018-02-10 11:41 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-03-16 16:30 - 2018-02-10 11:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-03-16 16:30 - 2018-02-10 11:39 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-03-16 16:30 - 2018-02-10 11:39 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-03-16 16:30 - 2018-02-10 11:39 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 004815360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 003169280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-03-16 16:30 - 2018-02-10 11:38 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-03-16 16:30 - 2018-02-10 11:37 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-03-16 16:30 - 2018-02-10 11:37 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-03-16 16:30 - 2018-02-10 11:37 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-03-16 16:30 - 2018-02-10 11:37 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-03-16 16:30 - 2018-02-10 11:37 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-03-16 16:30 - 2018-02-10 11:36 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-03-16 16:30 - 2018-02-10 11:36 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-03-16 16:30 - 2018-02-10 11:36 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-03-16 16:30 - 2018-02-10 11:36 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-03-16 16:30 - 2018-02-10 11:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-03-16 16:30 - 2018-02-10 11:35 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-03-16 16:30 - 2018-02-10 11:34 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-03-16 16:30 - 2018-02-10 11:33 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-03-16 16:30 - 2018-01-01 19:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-03-16 16:30 - 2018-01-01 19:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-03-16 16:30 - 2018-01-01 19:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-03-16 16:30 - 2018-01-01 19:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-03-16 16:30 - 2018-01-01 19:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-03-16 16:30 - 2018-01-01 19:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-03-16 16:30 - 2018-01-01 19:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-03-16 16:30 - 2018-01-01 19:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-03-16 16:30 - 2018-01-01 19:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-03-16 16:30 - 2018-01-01 19:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-03-16 16:30 - 2018-01-01 18:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-03-16 16:30 - 2018-01-01 18:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-03-16 16:30 - 2018-01-01 18:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-03-16 16:30 - 2018-01-01 18:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-03-16 16:30 - 2018-01-01 18:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-03-16 16:30 - 2018-01-01 18:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-03-16 16:30 - 2018-01-01 18:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-03-16 16:30 - 2018-01-01 18:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-03-16 16:30 - 2018-01-01 18:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-03-16 16:30 - 2018-01-01 18:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-03-16 16:30 - 2018-01-01 18:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-03-16 16:30 - 2018-01-01 18:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-03-16 16:30 - 2018-01-01 18:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-03-16 16:30 - 2018-01-01 18:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-03-16 16:30 - 2018-01-01 18:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-03-16 16:30 - 2018-01-01 18:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-03-16 16:29 - 2018-03-02 10:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-16 16:29 - 2018-03-02 10:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-16 16:29 - 2018-03-02 10:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-16 16:29 - 2018-03-02 10:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2018-03-16 16:29 - 2018-03-02 10:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-16 16:29 - 2018-03-02 09:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-03-16 16:29 - 2018-03-02 03:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-03-16 16:29 - 2018-03-01 14:50 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-16 16:29 - 2018-03-01 14:49 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-16 16:29 - 2018-03-01 14:48 - 000664472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-16 16:29 - 2018-03-01 14:47 - 000749464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-16 16:29 - 2018-03-01 14:47 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-16 16:29 - 2018-03-01 14:46 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-16 16:29 - 2018-03-01 14:46 - 001568664 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-16 16:29 - 2018-03-01 14:46 - 000609176 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-16 16:29 - 2018-03-01 14:46 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-16 16:29 - 2018-03-01 14:45 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-16 16:29 - 2018-03-01 14:40 - 002514936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-03-16 16:29 - 2018-03-01 14:40 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-16 16:29 - 2018-03-01 14:40 - 000273304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-16 16:29 - 2018-03-01 14:30 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-16 16:29 - 2018-03-01 14:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-03-16 16:29 - 2018-03-01 14:27 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-03-16 16:29 - 2018-03-01 14:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-03-16 16:29 - 2018-03-01 14:25 - 000377752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-03-16 16:29 - 2018-03-01 14:23 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-03-16 16:29 - 2018-03-01 14:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-16 16:29 - 2018-03-01 14:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-16 16:29 - 2018-03-01 14:17 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-03-16 16:29 - 2018-03-01 14:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-16 16:29 - 2018-03-01 14:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-03-16 16:29 - 2018-03-01 14:14 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-03-16 16:29 - 2018-03-01 14:12 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-03-16 16:29 - 2018-03-01 14:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2018-03-16 16:29 - 2018-03-01 14:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-16 16:29 - 2018-03-01 14:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-03-16 16:29 - 2018-03-01 14:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-16 16:29 - 2018-03-01 14:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-03-16 16:29 - 2018-03-01 13:51 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-03-16 16:29 - 2018-03-01 13:48 - 001930736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-03-16 16:29 - 2018-03-01 13:39 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-16 16:29 - 2018-03-01 13:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-03-16 16:29 - 2018-03-01 13:28 - 000115096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-03-16 16:29 - 2018-03-01 13:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-03-16 16:29 - 2018-03-01 13:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2018-03-16 16:29 - 2018-03-01 13:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2018-03-16 16:29 - 2018-03-01 13:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-03-16 16:29 - 2018-03-01 13:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-03-16 16:29 - 2018-03-01 13:01 - 006575616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-03-16 16:29 - 2018-03-01 13:01 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-03-16 16:29 - 2018-03-01 13:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-03-16 16:29 - 2018-03-01 13:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-03-16 16:29 - 2018-03-01 12:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-16 16:29 - 2018-03-01 12:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-03-16 16:29 - 2018-03-01 12:58 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-03-16 16:29 - 2018-03-01 12:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-03-16 16:29 - 2018-03-01 12:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-03-16 16:29 - 2018-03-01 12:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-03-16 16:29 - 2018-03-01 12:54 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-03-16 16:29 - 2018-03-01 12:54 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-03-16 16:29 - 2018-03-01 12:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-16 16:29 - 2018-03-01 12:53 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-03-16 16:29 - 2018-03-01 12:53 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-16 16:29 - 2018-03-01 12:53 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-03-16 16:29 - 2018-03-01 12:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-16 16:29 - 2018-03-01 12:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-03-16 16:29 - 2018-03-01 12:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-03-16 16:29 - 2018-03-01 12:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-03-16 16:29 - 2018-03-01 12:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-03-16 16:29 - 2018-03-01 12:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-03-16 16:29 - 2018-03-01 12:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-03-16 16:29 - 2018-03-01 12:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-03-16 16:29 - 2018-03-01 12:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-03-16 16:29 - 2018-03-01 12:49 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-16 16:29 - 2018-03-01 12:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-16 16:29 - 2018-03-01 12:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-03-16 16:29 - 2018-03-01 12:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-03-16 16:29 - 2018-03-01 12:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-03-16 16:29 - 2018-03-01 12:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-03-16 16:29 - 2018-03-01 12:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-03-16 16:29 - 2018-03-01 12:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-03-16 16:29 - 2018-03-01 12:44 - 008030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-03-16 16:29 - 2018-03-01 12:44 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-03-16 16:29 - 2018-03-01 12:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-03-16 16:29 - 2018-03-01 12:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-03-16 16:29 - 2018-03-01 12:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-03-16 16:29 - 2018-03-01 12:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-03-16 16:29 - 2018-03-01 12:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-03-16 16:29 - 2018-03-01 12:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-03-16 16:29 - 2018-03-01 12:38 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-03-16 16:29 - 2018-03-01 12:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-03-16 16:29 - 2018-03-01 12:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-03-16 16:29 - 2018-03-01 12:35 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-03-16 16:29 - 2018-03-01 12:35 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-03-16 16:29 - 2018-03-01 12:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-16 16:29 - 2018-02-22 09:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-03-16 16:29 - 2018-02-22 09:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-03-16 16:29 - 2018-02-22 09:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-03-16 16:29 - 2018-02-22 09:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-03-16 16:29 - 2018-02-22 09:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-03-16 16:29 - 2018-02-22 09:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-03-16 16:29 - 2018-02-22 09:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-03-16 16:29 - 2018-02-22 09:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-03-16 16:29 - 2018-02-22 08:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-03-16 16:29 - 2018-02-22 08:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-03-16 16:29 - 2018-02-22 08:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-03-16 16:29 - 2018-02-22 07:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-03-16 16:29 - 2018-02-22 07:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-03-16 16:29 - 2018-02-22 07:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-03-16 16:29 - 2018-02-22 07:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-03-16 16:29 - 2018-02-22 07:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-03-16 16:29 - 2018-02-22 07:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-03-16 16:29 - 2018-02-10 13:21 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-03-16 16:29 - 2018-02-10 13:20 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-03-16 16:29 - 2018-02-10 13:19 - 001133888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-03-16 16:29 - 2018-02-10 13:18 - 001193192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-03-16 16:29 - 2018-02-10 13:18 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-03-16 16:29 - 2018-02-10 13:18 - 000098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2018-03-16 16:29 - 2018-02-10 13:18 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-03-16 16:29 - 2018-02-10 13:16 - 002406456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-03-16 16:29 - 2018-02-10 13:14 - 001002592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-03-16 16:29 - 2018-02-10 13:13 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-03-16 16:29 - 2018-02-10 13:13 - 000535960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-03-16 16:29 - 2018-02-10 13:12 - 004537040 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2018-03-16 16:29 - 2018-02-10 13:12 - 001313016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-03-16 16:29 - 2018-02-10 13:11 - 001029528 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-03-16 16:29 - 2018-02-10 13:11 - 000711432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-03-16 16:29 - 2018-02-10 13:10 - 002447768 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-03-16 16:29 - 2018-02-10 13:10 - 000614160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-03-16 16:29 - 2018-02-10 13:10 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-03-16 16:29 - 2018-02-10 13:10 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-03-16 16:29 - 2018-02-10 13:09 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-03-16 16:29 - 2018-02-10 13:09 - 000491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-03-16 16:29 - 2018-02-10 13:08 - 000687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-03-16 16:29 - 2018-02-10 13:08 - 000398824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-03-16 16:29 - 2018-02-10 13:08 - 000096200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-03-16 16:29 - 2018-02-10 13:08 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-03-16 16:29 - 2018-02-10 13:07 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-03-16 16:29 - 2018-02-10 13:07 - 000436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-03-16 16:29 - 2018-02-10 13:06 - 004486904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-03-16 16:29 - 2018-02-10 13:06 - 000824896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-03-16 16:29 - 2018-02-10 13:06 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-03-16 16:29 - 2018-02-10 13:06 - 000594048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-03-16 16:29 - 2018-02-10 13:06 - 000100248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-03-16 16:29 - 2018-02-10 13:06 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-03-16 16:29 - 2018-02-10 13:05 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-03-16 16:29 - 2018-02-10 13:05 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-03-16 16:29 - 2018-02-10 13:05 - 000070856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-03-16 16:29 - 2018-02-10 13:04 - 001430760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-03-16 16:29 - 2018-02-10 13:04 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-03-16 16:29 - 2018-02-10 13:04 - 000339872 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-03-16 16:29 - 2018-02-10 13:04 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-03-16 16:29 - 2018-02-10 13:04 - 000212880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-03-16 16:29 - 2018-02-10 13:03 - 001619808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-03-16 16:29 - 2018-02-10 13:03 - 000849304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-03-16 16:29 - 2018-02-10 13:03 - 000722616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-03-16 16:29 - 2018-02-10 13:03 - 000706600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-03-16 16:29 - 2018-02-10 13:03 - 000098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2018-03-16 16:29 - 2018-02-10 13:02 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-03-16 16:29 - 2018-02-10 13:02 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-03-16 16:29 - 2018-02-10 13:02 - 000628632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-03-16 16:29 - 2018-02-10 13:02 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-03-16 16:29 - 2018-02-10 12:18 - 001384288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-03-16 16:29 - 2018-02-10 12:17 - 002255112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-03-16 16:29 - 2018-02-10 12:17 - 000542856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-03-16 16:29 - 2018-02-10 12:15 - 001145624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-03-16 16:29 - 2018-02-10 12:12 - 004382032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2018-03-16 16:29 - 2018-02-10 12:11 - 001250528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-03-16 16:29 - 2018-02-10 12:10 - 000422592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-03-16 16:29 - 2018-02-10 12:09 - 002338776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-03-16 16:29 - 2018-02-10 12:09 - 001123456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-03-16 16:29 - 2018-02-10 12:09 - 000559976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-03-16 16:29 - 2018-02-10 12:09 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-03-16 16:29 - 2018-02-10 12:08 - 003980720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-03-16 16:29 - 2018-02-10 12:08 - 000592792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-03-16 16:29 - 2018-02-10 12:07 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-03-16 16:29 - 2018-02-10 12:07 - 000527864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2018-03-16 16:29 - 2018-02-10 12:07 - 000123808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2018-03-16 16:29 - 2018-02-10 12:07 - 000089504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2018-03-16 16:29 - 2018-02-10 12:07 - 000083216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2018-03-16 16:29 - 2018-02-10 12:07 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000718232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000654456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000551672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000193248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000079256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2018-03-16 16:29 - 2018-02-10 12:05 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-03-16 16:29 - 2018-02-10 12:05 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-03-16 16:29 - 2018-02-10 12:03 - 000505160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2018-03-16 16:29 - 2018-02-10 11:50 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-03-16 16:29 - 2018-02-10 11:50 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-03-16 16:29 - 2018-02-10 11:49 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-03-16 16:29 - 2018-02-10 11:49 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-03-16 16:29 - 2018-02-10 11:49 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-03-16 16:29 - 2018-02-10 11:48 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-03-16 16:29 - 2018-02-10 11:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-03-16 16:29 - 2018-02-10 11:48 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-03-16 16:29 - 2018-02-10 11:47 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-03-16 16:29 - 2018-02-10 11:47 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-03-16 16:29 - 2018-02-10 11:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-03-16 16:29 - 2018-02-10 11:47 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-03-16 16:29 - 2018-02-10 11:47 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-03-16 16:29 - 2018-02-10 11:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-03-16 16:29 - 2018-02-10 11:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-03-16 16:29 - 2018-02-10 11:46 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-03-16 16:29 - 2018-02-10 11:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2018-03-16 16:29 - 2018-02-10 11:46 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2018-03-16 16:29 - 2018-02-10 11:45 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-03-16 16:29 - 2018-02-10 11:45 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2018-03-16 16:29 - 2018-02-10 11:45 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-03-16 16:29 - 2018-02-10 11:45 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-03-16 16:29 - 2018-02-10 11:45 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-03-16 16:29 - 2018-02-10 11:45 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-03-16 16:29 - 2018-02-10 11:45 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EnterpriseAppMgmtClient.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2018-03-16 16:29 - 2018-02-10 11:44 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-03-16 16:29 - 2018-02-10 11:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 003756032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2018-03-16 16:29 - 2018-02-10 11:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 001113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2018-03-16 16:29 - 2018-02-10 11:42 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2018-03-16 16:29 - 2018-02-10 11:42 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-03-16 16:29 - 2018-02-10 11:42 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-03-16 16:29 - 2018-02-10 11:42 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-03-16 16:29 - 2018-02-10 11:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvr32.exe
2018-03-16 16:29 - 2018-02-10 11:41 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-03-16 16:29 - 2018-02-10 11:41 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-03-16 16:29 - 2018-02-10 11:41 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2018-03-16 16:29 - 2018-02-10 11:41 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 004498432 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-03-16 16:29 - 2018-02-10 11:40 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 001234432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2018-03-16 16:29 - 2018-02-10 11:40 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2018-03-16 16:29 - 2018-02-10 11:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2018-03-16 16:29 - 2018-02-10 11:40 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-03-16 16:29 - 2018-02-10 11:40 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 005500928 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 002677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2018-03-16 16:29 - 2018-02-10 11:39 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-03-16 16:29 - 2018-02-10 11:39 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2018-03-16 16:29 - 2018-02-10 11:38 - 006722560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2018-03-16 16:29 - 2018-02-10 11:38 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 002184192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-03-16 16:29 - 2018-02-10 11:38 - 001968640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 001228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-03-16 16:29 - 2018-02-10 11:38 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2018-03-16 16:29 - 2018-02-10 11:38 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-03-16 16:29 - 2018-02-10 11:38 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-03-16 16:29 - 2018-02-10 11:38 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 003419136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-03-16 16:29 - 2018-02-10 11:37 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 002523648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2018-03-16 16:29 - 2018-02-10 11:37 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2018-03-16 16:29 - 2018-02-10 11:37 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 001759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-03-16 16:29 - 2018-02-10 11:36 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 005388800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-03-16 16:29 - 2018-02-10 11:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-03-16 16:29 - 2018-02-10 11:35 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2018-03-16 16:29 - 2018-02-10 11:35 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-03-16 16:29 - 2018-02-10 11:34 - 006532096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2018-03-16 16:29 - 2018-02-10 11:34 - 002983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-03-16 16:29 - 2018-02-10 11:34 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2018-03-16 16:29 - 2018-02-10 11:34 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-03-16 16:29 - 2018-02-10 11:34 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2018-03-16 16:29 - 2018-02-10 11:34 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 001936384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-03-16 16:29 - 2018-02-10 11:33 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-03-16 16:29 - 2018-02-10 11:33 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-03-16 16:29 - 2018-02-10 11:33 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000604672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-03-16 16:29 - 2018-02-10 11:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-03-16 16:29 - 2018-02-10 11:33 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-03-16 16:29 - 2018-02-10 11:32 - 002427904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-03-16 16:29 - 2018-02-10 11:32 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2018-03-16 16:29 - 2018-02-10 11:32 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2018-03-16 16:29 - 2018-02-10 11:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-03-16 16:29 - 2018-02-10 11:32 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.ProxyStub.dll
2018-03-16 16:29 - 2018-02-10 11:31 - 001488896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-03-16 16:29 - 2018-02-10 11:31 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-03-16 16:29 - 2018-02-10 11:31 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-03-16 16:29 - 2018-02-10 11:31 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-03-16 16:29 - 2018-02-10 11:31 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-03-16 16:29 - 2018-02-10 09:59 - 000804240 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-03-16 16:29 - 2018-02-10 09:59 - 000804240 _____ C:\WINDOWS\system32\locale.nls
2018-03-16 16:29 - 2018-02-09 10:35 - 004959688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-03-16 16:29 - 2018-02-09 10:35 - 001234888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2018-03-16 16:29 - 2018-02-09 10:35 - 001002952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2018-03-16 16:29 - 2018-02-09 10:35 - 000892872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2018-03-16 16:29 - 2018-02-09 10:35 - 000065992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2018-03-16 16:29 - 2018-02-02 10:36 - 003903944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-03-16 16:29 - 2018-02-02 10:36 - 000921032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2018-03-16 16:29 - 2018-02-02 10:36 - 000854976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2018-03-16 16:29 - 2018-02-02 10:36 - 000649672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2018-03-16 16:29 - 2018-02-02 10:36 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2018-03-16 16:29 - 2018-01-01 19:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-03-16 16:29 - 2018-01-01 19:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-03-16 16:29 - 2018-01-01 19:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-03-16 16:29 - 2018-01-01 19:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-03-16 16:29 - 2018-01-01 19:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-03-16 16:29 - 2018-01-01 19:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-03-16 16:29 - 2018-01-01 19:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-03-16 16:29 - 2018-01-01 19:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-03-16 16:29 - 2018-01-01 19:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-03-16 16:29 - 2018-01-01 19:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-03-16 16:29 - 2018-01-01 19:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-03-16 16:29 - 2018-01-01 19:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-03-16 16:29 - 2018-01-01 19:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-03-16 16:29 - 2018-01-01 19:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-03-16 16:29 - 2018-01-01 19:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-03-16 16:29 - 2018-01-01 19:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-03-16 16:29 - 2018-01-01 19:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-03-16 16:29 - 2018-01-01 19:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-03-16 16:29 - 2018-01-01 19:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-03-16 16:29 - 2018-01-01 19:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-03-16 16:29 - 2018-01-01 19:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-03-16 16:29 - 2018-01-01 19:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-03-16 16:29 - 2018-01-01 18:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-03-16 16:29 - 2018-01-01 18:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-03-16 16:29 - 2018-01-01 18:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-03-16 16:29 - 2018-01-01 18:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-03-16 16:29 - 2018-01-01 18:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-03-16 16:29 - 2018-01-01 18:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-03-16 16:29 - 2018-01-01 18:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-03-16 16:29 - 2018-01-01 18:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-03-16 16:29 - 2018-01-01 18:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-03-16 16:29 - 2018-01-01 18:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-03-16 16:29 - 2018-01-01 18:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-03-16 16:29 - 2018-01-01 18:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-03-16 16:29 - 2018-01-01 18:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-03-16 16:29 - 2018-01-01 18:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-03-16 16:29 - 2018-01-01 18:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-03-16 16:29 - 2018-01-01 18:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-03-16 16:29 - 2018-01-01 18:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-03-16 16:29 - 2018-01-01 18:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-03-16 16:29 - 2018-01-01 18:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-03-16 16:29 - 2018-01-01 18:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-03-16 16:29 - 2018-01-01 18:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-03-16 16:29 - 2018-01-01 18:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-03-16 16:29 - 2018-01-01 18:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-03-16 16:29 - 2018-01-01 18:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-03-16 16:29 - 2018-01-01 18:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-03-16 16:29 - 2018-01-01 18:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-03-16 16:29 - 2018-01-01 18:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-03-16 16:29 - 2018-01-01 18:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-03-16 16:29 - 2018-01-01 18:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-03-16 16:29 - 2018-01-01 18:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-03-16 16:29 - 2018-01-01 18:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-03-16 16:29 - 2018-01-01 18:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-03-16 16:29 - 2018-01-01 18:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-03-16 16:29 - 2018-01-01 18:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-03-16 16:29 - 2018-01-01 18:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-03-16 16:29 - 2018-01-01 18:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-03-16 16:29 - 2018-01-01 18:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-03-16 16:29 - 2018-01-01 18:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-03-16 16:29 - 2018-01-01 18:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-03-16 16:29 - 2018-01-01 18:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-03-16 16:29 - 2018-01-01 18:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-03-16 16:29 - 2018-01-01 18:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-03-16 16:29 - 2018-01-01 18:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-03-16 16:29 - 2018-01-01 18:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-03-16 16:29 - 2018-01-01 18:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-03-16 16:29 - 2018-01-01 18:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-03-16 16:29 - 2018-01-01 18:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-03-16 16:29 - 2018-01-01 18:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-03-16 16:29 - 2018-01-01 18:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-03-16 16:29 - 2018-01-01 18:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-03-16 16:29 - 2018-01-01 18:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-03-16 16:29 - 2018-01-01 18:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-03-16 16:29 - 2018-01-01 18:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-03-16 16:29 - 2018-01-01 18:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-03-16 16:29 - 2018-01-01 18:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-03-16 16:29 - 2018-01-01 18:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-03-16 16:29 - 2018-01-01 18:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-03-15 14:53 - 2018-03-15 14:53 - 000000667 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2018-03-15 14:51 - 2018-03-15 14:57 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\calibre-cache
2018-03-15 14:51 - 2018-03-15 14:52 - 069337088 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\calibre-64bit-3.19.0.msi
2018-03-15 14:50 - 2018-03-15 15:06 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Calibre Library
2018-03-15 14:50 - 2018-03-15 15:06 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\calibre
2018-03-15 06:36 - 2018-04-01 20:53 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\vlc
2018-03-14 22:02 - 2018-03-15 06:33 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\ElevatedDiagnostics
2018-03-13 21:22 - 2018-04-03 09:23 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Unity
2018-03-11 19:06 - 2018-03-11 19:06 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\DBG
2018-03-11 12:10 - 2018-03-30 08:11 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Skype
2018-03-11 12:10 - 2018-03-11 12:10 - 000002670 _____ C:\Users\Public\Desktop\Skype.lnk
2018-03-11 12:10 - 2018-03-11 12:10 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Tracing
2018-03-11 12:01 - 2018-03-11 12:01 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Adobe
2018-03-11 12:01 - 2018-03-11 12:01 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Adobe
2018-03-11 09:55 - 2018-03-11 09:55 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\IELTS unrestricted
2018-03-11 09:27 - 2016-05-14 18:03 - 000001395 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Movie Maker.lnk
2018-03-11 09:26 - 2016-01-09 12:58 - 000001155 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Uplay.lnk
2018-03-11 09:25 - 2018-01-16 12:05 - 000000838 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Photo Pos Pro 3.lnk
2018-03-11 09:25 - 2017-12-07 07:20 - 000000232 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\World in Conflict.url
2018-03-11 09:25 - 2016-03-26 19:23 - 000002040 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Silver Efex Pro 2 - Shortcut.lnk
2018-03-11 09:25 - 2016-03-26 19:23 - 000001972 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\RAW resharpener - Shortcut.lnk
2018-03-11 09:25 - 2016-03-26 19:23 - 000001735 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Viveza 2 - Shortcut.lnk
2018-03-11 09:25 - 2016-03-26 19:22 - 000001883 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\SHP3OS - Shortcut.lnk
2018-03-11 09:25 - 2016-03-22 07:42 - 000001103 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\WonderFox DVD Video Converter.lnk
2018-03-11 09:24 - 2018-03-14 21:47 - 000003053 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\BitTorrent.lnk
2018-03-11 09:24 - 2018-02-11 11:42 - 001889280 _____ (Fateful Productions) C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\CompactGUI.exe
2018-03-11 09:24 - 2016-03-26 19:22 - 000001332 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\HDR Efex Pro 2 - Shortcut.lnk
2018-03-11 09:24 - 2016-03-26 19:21 - 000001691 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Dfine2 - Shortcut.lnk
2018-03-11 09:24 - 2016-03-26 19:21 - 000001633 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Color Efex Pro 4 - Shortcut.lnk
2018-03-11 09:23 - 2018-03-11 12:06 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\PTE audio
2018-03-11 09:23 - 2018-03-11 09:23 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\online teaching stuff
2018-03-11 09:22 - 2018-03-14 14:47 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\IELTS pat hw
2018-03-11 07:15 - 2018-03-11 07:15 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Apps\2.0
2018-03-11 04:17 - 2018-03-11 04:21 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-03-11 04:16 - 2018-03-11 04:17 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-03-11 04:16 - 2018-03-11 04:16 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-03-11 04:14 - 2018-03-11 04:21 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-03-11 04:14 - 2018-03-11 04:14 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-03-11 04:14 - 2018-03-11 04:14 - 000000000 ____D C:\Program Files\MSBuild
2018-03-11 04:14 - 2018-03-11 04:14 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-03-11 04:14 - 2017-09-29 06:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-03-11 04:14 - 2017-09-29 06:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-03-11 04:14 - 2017-09-29 06:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-03-11 04:14 - 2017-09-23 09:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-03-11 04:14 - 2017-09-23 09:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-03-11 04:14 - 2017-09-23 09:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-03-10 18:02 - 2018-03-19 22:12 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Anvsoft
2018-03-10 18:02 - 2018-03-10 18:02 - 000001289 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop\Any Video Converter.lnk
2018-03-10 18:02 - 2018-03-10 18:02 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Any Video Converter
2018-03-10 18:02 - 2018-03-10 18:02 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2018-03-10 18:01 - 2018-03-10 18:01 - 051753632 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\Downloads\avc-free.exe
2018-03-10 15:54 - 2018-03-10 18:05 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Winamp
2018-03-10 14:37 - 2018-03-10 14:37 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\Avalanche Studios
2018-03-10 14:37 - 2018-03-10 14:37 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\RSG
2018-03-10 14:34 - 2018-03-19 19:06 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\Documents\My Games
2018-03-10 14:34 - 2018-03-10 14:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\HelloGames
2018-03-10 14:34 - 2018-03-10 14:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\Fishing Planet LLC
2018-03-10 14:34 - 2018-03-10 14:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\SniperElite4
2018-03-10 14:33 - 2018-03-31 08:05 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\NVIDIA
2018-03-10 14:33 - 2018-03-10 14:33 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Steam
2018-03-10 14:33 - 2018-03-10 14:33 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\CEF
2018-03-10 14:23 - 2018-03-10 14:23 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Publishers
2018-03-10 14:13 - 2018-03-10 14:15 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\MicrosoftEdge
2018-03-10 14:13 - 2018-03-10 14:13 - 000000000 ___HD C:\Users\lauri.DESKTOP-0OKN7NQ\MicrosoftEdgeBackups
2018-03-10 14:04 - 2018-03-10 14:27 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\PlaceholderTileLogoFolder
2018-03-10 14:01 - 2018-03-10 14:01 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Google
2018-03-10 13:50 - 2018-04-03 09:44 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\ClassicShell
2018-03-10 13:50 - 2018-03-10 13:50 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\ClassicShell
2018-03-10 13:48 - 2018-04-03 09:25 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-584912067-1683141588-1664888071-1001
2018-03-10 13:48 - 2018-03-10 13:48 - 000002418 _____ C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-03-10 13:47 - 2018-03-10 13:48 - 000000000 ___RD C:\Users\lauri.DESKTOP-0OKN7NQ\OneDrive
2018-03-10 13:46 - 2018-03-10 13:46 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-03-10 13:45 - 2018-03-26 10:36 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\IObit
2018-03-10 13:45 - 2018-03-26 10:36 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\LocalLow\IObit
2018-03-10 13:45 - 2018-03-10 13:45 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Cybereason
2018-03-10 13:45 - 2018-03-10 13:45 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Cybereason
2018-03-10 13:44 - 2018-04-03 07:24 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ
2018-03-10 13:44 - 2018-03-25 16:34 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Packages
2018-03-10 13:44 - 2018-03-16 16:47 - 000000000 ___RD C:\Users\lauri.DESKTOP-0OKN7NQ\3D Objects
2018-03-10 13:44 - 2018-03-14 11:13 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google
2018-03-10 13:44 - 2018-03-11 12:01 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Roaming\Adobe
2018-03-10 13:44 - 2018-03-10 21:05 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\ConnectedDevicesPlatform
2018-03-10 13:44 - 2018-03-10 14:28 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Comms
2018-03-10 13:44 - 2018-03-10 13:44 - 000000020 ___SH C:\Users\lauri.DESKTOP-0OKN7NQ\ntuser.ini
2018-03-10 13:44 - 2018-03-10 13:44 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\VirtualStore
2018-03-10 13:44 - 2016-10-09 15:05 - 000000000 ____D C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Microsoft Help
2018-03-10 13:43 - 2018-04-03 07:27 - 001121202 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-10 13:42 - 2018-04-03 09:25 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-03-10 13:42 - 2018-04-03 09:25 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-03-10 13:42 - 2018-04-03 09:25 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-03-10 13:42 - 2018-04-03 09:25 - 000002686 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_AutoAnalyze
2018-03-10 13:42 - 2018-04-03 09:25 - 000002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2018-03-10 13:42 - 2018-04-03 09:25 - 000002448 _____ C:\WINDOWS\System32\Tasks\IObitSelfCheckTask
2018-03-10 13:42 - 2018-04-03 09:25 - 000002444 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2018-03-10 13:42 - 2018-04-03 09:25 - 000002296 _____ C:\WINDOWS\System32\Tasks\{CFC189F3-E7BF-459F-A47E-1D2C147BC341}
2018-03-10 13:42 - 2018-04-03 09:25 - 000002262 _____ C:\WINDOWS\System32\Tasks\UMonitor Task
2018-03-10 13:42 - 2018-04-02 20:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-10 13:42 - 2018-03-10 13:42 - 000002328 _____ C:\WINDOWS\System32\Tasks\PDVDServ12 Task
2018-03-10 13:42 - 2018-03-10 13:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-03-10 13:42 - 2018-03-10 13:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2018-03-10 13:41 - 2018-03-10 13:42 - 000003813 _____ C:\WINDOWS\diagwrn.xml
2018-03-10 13:41 - 2018-03-10 13:42 - 000003813 _____ C:\WINDOWS\diagerr.xml
2018-03-10 13:35 - 2018-03-10 13:35 - 000000000 ____D C:\ProgramData\USOShared
2018-03-10 13:29 - 2018-03-10 13:29 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-03-10 13:27 - 2017-09-29 20:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-03-10 13:26 - 2018-03-10 13:26 - 000000000 ____D C:\Program Files\Dolby Digital Plus
2018-03-10 13:25 - 2018-03-23 15:25 - 000067584 ____S C:\WINDOWS\bootstat(723).dat
2018-03-10 13:24 - 2018-04-03 08:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-10 13:24 - 2018-03-23 15:23 - 000401424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-10 12:45 - 2018-03-10 12:45 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-03-10 12:17 - 2018-03-27 06:36 - 000000000 ___DC C:\WINDOWS\Panther
2018-03-10 12:15 - 2018-03-10 12:17 - 000000036 _____ C:\WINDOWS\progress.ini
2018-03-09 20:39 - 2018-03-09 20:39 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2018-03-09 07:16 - 2018-03-15 06:29 - 000000000 ____D C:\Windows10Upgrade
2018-03-09 07:16 - 2018-03-10 12:15 - 000000000 ___HD C:\$GetCurrent
2018-03-09 07:16 - 2018-03-10 12:12 - 000000840 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2018-03-09 07:10 - 2018-03-09 07:10 - 000001242 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2018-03-09 07:10 - 2017-03-09 13:53 - 000030744 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
2018-03-09 07:10 - 2016-03-25 14:33 - 000128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-04-03 10:02 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-04-03 09:43 - 2017-11-04 07:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cybereason RansomFree
2018-04-03 09:16 - 2016-01-03 09:37 - 000000000 ____D C:\Users\lauri\AppData\Roaming\BitTorrent
2018-04-03 08:23 - 2017-11-24 07:38 - 000001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-04-03 08:23 - 2017-11-24 07:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-04-03 08:23 - 2017-11-24 07:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-04-03 07:29 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-04-03 07:27 - 2017-05-13 11:02 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-02 19:18 - 2017-09-29 15:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-04-02 19:18 - 2016-01-25 09:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-04-02 18:46 - 2015-11-10 03:59 - 000000000 ____D C:\ProgramData\Package Cache
2018-04-02 18:39 - 2016-01-25 09:49 - 000000000 ____D C:\ProgramData\Avira
2018-03-31 19:55 - 2017-09-29 20:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-31 18:53 - 2016-01-07 11:21 - 000000000 ____D C:\ProgramData\Electronic Arts
2018-03-30 20:47 - 2015-12-31 13:32 - 000000000 ____D C:\ProgramData\ProductData
2018-03-28 10:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-03-28 10:23 - 2017-09-29 15:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-03-28 08:59 - 2016-02-02 09:09 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2018-03-27 15:42 - 2016-01-08 13:11 - 000215128 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2018-03-27 08:36 - 2016-05-15 02:40 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2018-03-27 07:17 - 2017-09-29 20:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-26 10:36 - 2017-09-29 15:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-03-26 10:36 - 2016-01-22 07:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2018-03-26 10:36 - 2015-12-31 13:21 - 000000000 ____D C:\Program Files\TAP-Windows
2018-03-26 10:34 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\InfusedApps
2018-03-26 10:30 - 2017-09-29 20:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-26 10:27 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\registration
2018-03-26 10:26 - 2015-11-10 03:53 - 000000000 ____D C:\ProgramData\Lenovo
2018-03-25 17:22 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-23 18:43 - 2017-09-29 15:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI(199)
2018-03-21 23:03 - 2017-05-13 11:02 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-21 23:02 - 2017-05-13 11:02 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-03-21 23:02 - 2017-05-13 11:02 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-03-21 22:48 - 2017-09-29 15:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI(724)
2018-03-21 22:48 - 2017-09-29 15:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI(374)
2018-03-21 22:48 - 2017-09-29 15:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI(352)
2018-03-21 06:48 - 2016-01-01 04:11 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-21 06:48 - 2016-01-01 04:11 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-18 23:57 - 2016-01-04 08:29 - 000076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-03-17 11:22 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\rescache
2018-03-17 08:52 - 2016-01-01 04:10 - 000000000 ____D C:\Program Files (x86)\Google
2018-03-16 16:47 - 2015-07-16 22:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-03-16 16:41 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-03-16 16:41 - 2017-09-29 15:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-03-16 06:14 - 2017-05-13 11:02 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-03-16 05:40 - 2017-05-13 11:03 - 005952640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-03-16 05:40 - 2017-05-13 11:03 - 002589576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-03-16 05:40 - 2017-05-13 11:03 - 001767816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-03-16 05:40 - 2017-05-13 11:03 - 000634256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-03-16 05:40 - 2017-05-13 11:03 - 000451040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-03-16 05:40 - 2017-05-13 11:03 - 000083072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-03-16 05:39 - 2017-05-13 11:03 - 008099202 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-03-15 14:53 - 2016-02-03 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2018-03-14 07:15 - 2016-01-01 07:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-14 07:13 - 2017-10-11 16:26 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-14 07:13 - 2016-01-01 07:35 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-11 12:10 - 2017-03-27 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-03-11 12:10 - 2016-01-01 04:24 - 000000000 ____D C:\ProgramData\Skype
2018-03-11 07:19 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-03-11 04:23 - 2017-09-29 20:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-03-11 04:21 - 2017-12-20 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oxenfree [GOG.com]
2018-03-11 04:21 - 2017-10-24 13:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-03-11 04:21 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-03-11 04:21 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-03-11 04:21 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\Help
2018-03-11 04:21 - 2017-09-29 20:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-03-11 04:21 - 2017-05-12 13:19 - 000000000 ____D C:\Program Files\UNP
2018-03-11 04:21 - 2017-03-19 04:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-03-11 04:21 - 2016-10-13 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2018-03-11 04:21 - 2016-08-12 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medal of Honor™ Warfighter
2018-03-11 04:21 - 2016-08-06 12:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2018-03-11 04:21 - 2016-07-19 16:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NOX
2018-03-11 04:21 - 2016-05-15 02:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2018-03-11 04:21 - 2016-05-14 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront
2018-03-11 04:21 - 2016-05-14 17:57 - 000000000 ____D C:\WINDOWS\en
2018-03-11 04:21 - 2016-04-29 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2018-03-11 04:21 - 2016-04-21 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2018-03-11 04:21 - 2016-04-09 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medal of Honor Pacific Assault™
2018-03-11 04:21 - 2016-04-09 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2018-03-11 04:21 - 2016-04-04 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BDAntiRansomware
2018-03-11 04:21 - 2016-04-03 12:17 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2018-03-11 04:21 - 2016-04-03 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP2700 series
2018-03-11 04:21 - 2016-03-22 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunesKit Audiobook Converter
2018-03-11 04:21 - 2016-03-20 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Superb Game Boost
2018-03-11 04:21 - 2016-02-22 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
2018-03-11 04:21 - 2016-02-05 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-03-11 04:21 - 2016-01-07 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Photo Resizer
2018-03-11 04:21 - 2016-01-07 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2018-03-11 04:21 - 2016-01-07 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bejeweled 3
2018-03-11 04:21 - 2016-01-06 13:04 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2018-03-11 04:21 - 2016-01-05 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Movie Maker
2018-03-11 04:21 - 2016-01-03 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-03-11 04:21 - 2016-01-03 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2018-03-11 04:21 - 2015-12-31 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-03-11 04:21 - 2015-12-31 13:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN Unlimited
2018-03-11 04:21 - 2015-11-10 04:33 - 000000000 ____D C:\Program Files\Intel
2018-03-11 04:21 - 2015-11-10 03:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-03-11 04:21 - 2015-11-10 03:57 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2018-03-11 04:21 - 2015-10-30 16:05 - 000000000 ____D C:\WINDOWS\ShellNew
2018-03-11 04:20 - 2017-09-29 20:49 - 000000000 ____D C:\WINDOWS\Setup
2018-03-11 04:20 - 2017-09-29 20:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-03-11 04:17 - 2017-12-20 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-03-11 04:17 - 2017-05-13 11:02 - 000000000 ____D C:\Program Files\Realtek
2018-03-11 04:17 - 2016-03-22 07:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2018-03-11 04:17 - 2016-01-04 08:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy
2018-03-11 04:17 - 2016-01-03 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2018-03-11 04:17 - 2016-01-01 08:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft
2018-03-11 04:13 - 2017-09-29 21:42 - 000000000 ____D C:\WINDOWS\OCR
2018-03-11 04:13 - 2017-09-29 20:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-03-10 13:41 - 2016-01-01 09:56 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-03-10 13:40 - 2017-09-29 20:46 - 000000000 __RSD C:\WINDOWS\media
2018-03-10 13:35 - 2017-09-29 20:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-03-10 13:30 - 2017-09-29 20:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-03-10 13:25 - 2017-05-13 11:02 - 000216221 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2018-03-10 13:25 - 2017-05-13 11:02 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-03-10 13:25 - 2017-05-13 11:02 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-03-10 13:03 - 2017-05-13 11:04 - 000000000 ____D C:\Users\lauri
2018-03-10 13:02 - 2016-01-05 09:49 - 000000000 ____D C:\Users\lauri\AppData\Local\ClassicShell
2018-03-09 20:36 - 2015-12-31 18:25 - 000000000 ____D C:\Users\lauri\AppData\Roaming\vlc
2018-03-09 11:12 - 2018-02-15 06:53 - 000000000 ____D C:\Program Files\rempl
2018-03-09 07:20 - 2016-01-01 04:06 - 000000000 ____D C:\Users\lauri\AppData\Local\Packages
2018-03-08 15:50 - 2016-03-26 12:06 - 000000000 ____D C:\Users\lauri\AppData\Local\ElevatedDiagnostics
2018-03-05 06:55 - 2017-11-24 07:38 - 000000000 ____D C:\Users\lauri\AppData\LocalLow\Mozilla
 
==================== Files in the root of some directories =======
 
2018-03-28 10:04 - 2018-03-28 10:04 - 000444258 _____ () C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\ars.cache
2018-03-27 08:37 - 2018-03-27 08:37 - 000000036 _____ () C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\housecall.guid.cache
2018-03-27 08:47 - 2018-03-28 09:39 - 000000010 _____ () C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\sponge.last.runtime.cache
 
Some files in TEMP:
====================
2018-03-28 08:59 - 2018-01-10 16:51 - 083316440 _____ (Malwarebytes                                                ) C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Temp\mbam-setup.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-03-31 07:51
 
==================== End of FRST.txt ============================
the addition file is in the next post...


#11 zyphodb

zyphodb
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 02 April 2018 - 10:22 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by lauri (03-04-2018 10:14:16)
Running from C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop
Windows 10 Home Single Language Version 1709 16299.309 (X64) (2018-03-10 06:43:48)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-584912067-1683141588-1664888071-500 - Administrator - Disabled)
ASPNET (S-1-5-21-584912067-1683141588-1664888071-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-584912067-1683141588-1664888071-503 - Limited - Disabled)
Guest (S-1-5-21-584912067-1683141588-1664888071-501 - Limited - Disabled)
lauri (S-1-5-21-584912067-1683141588-1664888071-1001 - Administrator - Enabled) => C:\Users\lauri.DESKTOP-0OKN7NQ
WDAGUtilityAccount (S-1-5-21-584912067-1683141588-1664888071-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Advanced SystemCare 11 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 11.2.0 - IObit)
Any Video Converter 6.2.2 (HKLM-x32\...\Any Video Converter) (Version: 6.2.2 - Anvsoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
Avira (HKLM-x32\...\{DBA89A98-6FF1-4FE3-8147-69DD2C5DE889}) (Version: 1.2.108.24268 - Avira Operations GmbH & Co. KG) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.53.52958 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version:  - Ubisoft)
calibre 64bit (HKLM\...\{332E0E14-41EE-4C18-B366-0CE1609A393A}) (Version: 3.19.0 - Kovid Goyal)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - Canon Inc.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.24 - NVIDIA Corporation) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Driver and Application Installation (HKLM-x32\...\{6EC299C6-074C-4529-8D5F-2798584BB27B}) (Version: 2.02.0803 - Lenovo)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
FastStone Photo Resizer 3.8 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.8 - FastStone Soft.)
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Earth Pro (HKLM\...\{D9EF644E-2FAE-493B-8180-5617CC774C4F}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.3.0.13 - IObit)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0701 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.4212 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.4212 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0011.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-584912067-1683141588-1664888071-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NOX (HKLM-x32\...\{BF152F35-9708-452C-862C-F7E3B62DF732}) (Version: 2.0.0.20 - Electronic Arts, Inc.)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.24 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Graphics Driver 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.24 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.15.44004 - Electronic Arts, Inc.)
Oxenfree (HKLM-x32\...\1457519353_is1) (Version: 2.6.0_cs_hotfix - GOG.com)
Photo Pos Pro 3 (HKLM\...\Photo Pos Pro 3) (Version: 3.30 - PowerOfSoftware Ltd.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.128 - Qualcomm Atheros)
Qualcomm Atheros 61x4 Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.0.041 - Qualcomm Atheros)
Russian Fishing 4 (HKU\S-1-5-21-584912067-1683141588-1664888071-1001\...\com.rf4game.rf4_launcher_en) (Version: 4.0.9224 - Russian Fishing Spb LLC)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.8.5 - IObit)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Tom Clancy's Splinter Cell (HKLM-x32\...\Uplay Install 109) (Version:  - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{BF492E7F-BD3F-4F33-932A-1DD0891968B0}) (Version: 2.13.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{B8B01E04-5393-4902-98E6-0E2787F03C80}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VPN Unlimited 4.0 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 4.0 - KeepSolid Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Essentials Pack (HKLM-x32\...\Winamp Essentials Pack) (Version: v5.64 - Christoph Grether)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows Driver Package - Genesys Logic (GeneStor) USB  (07/13/2015 4.5.0.6) (HKLM\...\AE2E6FAB44844413B4C6F53C908EACC8AFC838F0) (Version: 07/13/2015 4.5.0.6 - Genesys Logic)
Windows Driver Package - Intel (e1dexpress) Net  (06/18/2015 12.13.17.4) (HKLM\...\EB46E325A9A1BEC97608B27915959487E64F32B3) (Version: 06/18/2015 12.13.17.4 - Intel)
Windows Driver Package - NVIDIA (nvlddmkm) Display  (07/22/2015 10.18.13.5362) (HKLM\...\81C36D5B443FFB6F528F76BD424D750C53ADF10E) (Version: 07/22/2015 10.18.13.5362 - NVIDIA)
Windows Driver Package - NVIDIA Corporation (NVHDA) MEDIA  (04/16/2015 1.3.34.3) (HKLM\...\E1EF4D4E1E41BA85DB6DA51424B73AE1B3F0056A) (Version: 04/16/2015 1.3.34.3 - NVIDIA Corporation)
Windows Driver Package - Qualcomm Atheros Communications Inc. (Qcamain10x64) Net  (06/24/2015 12.0.0.102) (HKLM\...\4487BC319063A97DD4FDC3A8F68BADD5E5BA0B49) (Version: 06/24/2015 12.0.0.102 - Qualcomm Atheros Communications Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WonderFox DVD Video Converter 8.8 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 8.8 - WonderFox Soft, Inc.)
World in Conflict (HKLM-x32\...\Uplay Install 90) (Version:  - Ubisoft)
YoutubeMovieMaker (HKLM-x32\...\{E084C471-FA8F-4468-93F1-25B3A13ED942}) (Version: 12.26 - Youtube Movie Maker)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-28] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32-x32-x32-x32-x32-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-28] (AVAST Software)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-10-16] (Lenovo)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-28] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-10-16] (Lenovo)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-28] (AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2016-07-30] (IvoSoft)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0F8DDE97-6B2C-4577-8DF5-12EC3E65BDE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-01] (Google Inc.)
Task: {17E64663-B617-4FFA-9538-3F065A011E98} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {2B78A029-6D44-49BB-A607-B2765E2A4882} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {3695E470-7B11-49C2-922F-47CCDF730D62} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
Task: {417C29D4-38FA-4702-800B-F4416F08F2F8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {56DE9980-251A-4E1C-BF85-7B14EDE6949F} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {624D636E-2AEF-452D-A24A-34EC0F0ADF1A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {63AFD9E7-F7E0-463F-82E0-6457B45C9CD3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6AE92616-0C4F-47CA-9C50-65ABE80D516C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {702F5C54-2316-44EE-A4C8-0D4586E0D676} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {72DB62DD-D69F-4327-8D81-1EB233A722BC} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)
Task: {77CB3FE1-E1F8-4784-B4A8-AD56C04140A4} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-01-01] (Lenovo)
Task: {7EE2C694-B131-43D8-A374-0FB9A53F383E} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [2015-07-15] ()
Task: {82389A9A-6A5E-4301-A31B-119E795A3988} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)
Task: {8AD7BFC4-AF5F-46E0-8B48-E3DA8F332A6E} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {9163F97D-F0C0-42EC-86F6-200097B0E885} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-01] (Google Inc.)
Task: {93B35AD6-351B-4AB9-853D-3D0FFBC604F1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {9430792A-C536-4FEF-AEC2-BE19DFCDDB9F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-28] (AVAST Software)
Task: {9B3CD4E0-88B4-4A9C-A6B4-9A64FC4A1B6C} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-05-20] (CyberLink Corp.)
Task: {A1181141-0A81-40FD-9EA9-E33B1200757B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {A6F04644-8D98-4D6C-BE12-9E10D92777AE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {A7849079-B5FA-485D-A958-9DD2A719C624} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
Task: {A8AD428B-1BBD-4BA8-8548-BD1BF85656E8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-12-10] (Lenovo)
Task: {AE6AC89B-A43F-4759-9989-3967EA70B5BC} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {B2522C42-2EEF-4F82-B950-08B9D55979E1} - System32\Tasks\{CFC189F3-E7BF-459F-A47E-1D2C147BC341} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Winamp\winamp.exe" -d "C:\Program Files (x86)\Winamp"
Task: {B500F614-6D66-46C4-B7E3-71B036754766} - \Lenovo\Lenovo Service Bridge\S-1-5-21-584912067-1683141588-1664888071-1001 -> No File <==== ATTENTION
Task: {BAE1D0D9-C864-4977-8080-6DE2454FEB4E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {C0F35511-7321-496D-8324-A35438B60D35} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {C0FA9EC5-FC72-4F2B-BBA2-CC374467867B} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
Task: {E19EB859-048A-4D56-9403-33244EBECF92} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-03-21 23:02 - 2018-03-16 07:57 - 000544384 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2016-01-04 08:29 - 2018-03-18 23:57 - 000076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-11-10 04:37 - 2015-11-10 04:37 - 000024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
2018-03-21 22:52 - 2018-03-14 20:01 - 001268112 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-29 20:41 - 2017-09-29 20:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-11-10 04:33 - 2015-07-15 17:54 - 000053832 _____ () C:\WINDOWS\SysWOW64\UMonit64.exe
2018-03-16 16:30 - 2018-02-22 07:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-16 16:30 - 2018-02-22 07:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-10 14:36 - 2018-03-10 14:36 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-10 14:36 - 2018-03-10 14:36 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-10 14:36 - 2018-03-10 14:36 - 021824000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-10 14:36 - 2018-03-10 14:36 - 002529792 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\skypert.dll
2018-03-10 14:36 - 2018-03-10 14:36 - 000649216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2015-11-10 04:35 - 2011-08-17 11:46 - 000028672 _____ () C:\Windows\jmesoft\ServiceLoader.exe
2018-03-16 16:54 - 2018-03-16 16:54 - 000173568 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-03-10 14:34 - 2018-03-10 14:34 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-10 14:17 - 2018-03-10 14:21 - 027139072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-03-10 14:17 - 2018-03-10 14:20 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-03-10 14:17 - 2018-03-10 14:19 - 006687744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-10-09 19:01 - 2017-10-09 19:02 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-21 06:48 - 2018-03-20 13:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-21 06:48 - 2018-03-20 13:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2018-02-17 12:23 - 2017-05-22 11:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-02-17 12:23 - 2017-05-22 11:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-02-17 12:23 - 2017-05-22 11:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2018-03-21 22:52 - 2018-03-14 20:01 - 001041808 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-28 10:11 - 2018-03-28 10:11 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-03-28 10:11 - 2018-03-28 10:11 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-28 10:11 - 2018-03-28 10:11 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-03-28 10:10 - 2018-03-28 10:10 - 000275160 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-02-17 12:23 - 2018-01-25 17:02 - 000899856 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2018-02-17 12:23 - 2018-01-25 17:01 - 000631568 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2018-02-17 12:23 - 2017-05-22 11:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 18:04 - 2015-07-10 18:02 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-584912067-1683141588-1664888071-1001\Control Panel\Desktop\\Wallpaper -> D:\lauri\Pictures\Abigail 2016\DSCF8852.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdvancedSystemCareService10 => 2
MSCONFIG\Services: AdvancedSystemCareService9 => 2
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: JME Keyboard => 2
MSCONFIG\Services: MbaeSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: UpdateAgentService => 2
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{C4EB517D-3117-471D-B1DD-BC909AB03CB5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DC328B5E-5CA6-4D3C-919B-01074EF1CB9F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{92A26829-DB3E-457A-B4A4-6389284B1660}] => (Allow) D:\Program files\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{6BE0B183-CDBF-4C21-8002-9A73DDF9B7E5}] => (Allow) D:\Program files\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{8446220E-1077-4606-B69E-4B610E0DF3DA}] => (Allow) D:\Program files\steamapps\common\Polynomial 2\bin_w64\Polynomial2_64.exe
FirewallRules: [{6BFC9B2D-CBEA-476D-82A0-E8735564B510}] => (Allow) D:\Program files\steamapps\common\Polynomial 2\bin_w64\Polynomial2_64.exe
FirewallRules: [UDP Query User{FB32BF11-EC4F-4037-A43C-12273A70E33D}D:\program files\steamapps\common\fishing barents sea\fbs\binaries\win64\fbs-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\fishing barents sea\fbs\binaries\win64\fbs-win64-shipping.exe
FirewallRules: [TCP Query User{A20CDBAD-7933-47FA-A1CF-1A87EF3B91DE}D:\program files\steamapps\common\fishing barents sea\fbs\binaries\win64\fbs-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\fishing barents sea\fbs\binaries\win64\fbs-win64-shipping.exe
FirewallRules: [{31ABBB48-39F5-4A11-AAC2-DDF58296D97B}] => (Allow) D:\Program files\steamapps\common\Steep\steep.exe
FirewallRules: [{40D202F1-70AE-4365-B4EE-A8D0488DAB64}] => (Allow) D:\Program files\steamapps\common\Steep\steep.exe
FirewallRules: [{62F7039A-B7C1-4AC4-9C7C-4C2CF36C8945}] => (Allow) D:\Program files\steamapps\common\Fishing Barents Sea\FBS.exe
FirewallRules: [{AE723D42-7EB4-43C3-B18E-CCEAA5EBAFBF}] => (Allow) D:\Program files\steamapps\common\Fishing Barents Sea\FBS.exe
FirewallRules: [{D20444F1-DA89-46EB-950C-EAF727DEACD6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{17023FB9-5F87-4674-9492-16DBA9222A90}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{31BBFF24-7F39-43FC-B5F7-99A7F278A9D3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8BE2CA77-4EB3-4AAE-A2AF-5522DEED3575}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C32F7CF4-C652-4E56-8F4E-B9C4E88A6FE1}] => (Allow) D:\Program files\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{0FCF086E-7A8B-4E14-875C-50E6AFA89DB4}] => (Allow) D:\Program files\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{AA948359-36F8-4AC0-87AB-2B9210741FA2}] => (Allow) D:\Program files\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{6A2E7DCB-ED48-423B-B72C-A49F99F3C24E}] => (Allow) D:\Program files\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [UDP Query User{14D9B3B4-6343-448C-B451-2B10AB606D4D}D:\program files\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [TCP Query User{E2D22BD9-4B37-4328-A885-E385FD4329D2}D:\program files\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [{BBC21C75-8872-470F-9949-2BBEF11C7D21}] => (Allow) D:\Program files\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{AC6A642D-B1BD-4FCF-B82B-A71E5B650F4A}] => (Allow) D:\Program files\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [UDP Query User{B4BE4423-6A13-4B8A-B2F7-08BF57677070}C:\games\rf4_en\rf4launcher.exe] => (Allow) C:\games\rf4_en\rf4launcher.exe
FirewallRules: [TCP Query User{61FC65AD-9ADE-4074-B61E-7BB6D535BC4E}C:\games\rf4_en\rf4launcher.exe] => (Allow) C:\games\rf4_en\rf4launcher.exe
FirewallRules: [{89F1D0EA-F79A-4E2D-B5CA-023CD7A996BB}] => (Allow) D:\Program files\steamapps\common\Homefront_The_Revolution\Bin64\Homefront2_Release.exe
FirewallRules: [{53DA87F9-3309-452B-B24F-FA2DEA5365B0}] => (Allow) D:\Program files\steamapps\common\Homefront_The_Revolution\Bin64\Homefront2_Release.exe
FirewallRules: [{EA628109-83E6-4F48-AE8C-3C2A2F3F362D}] => (Allow) D:\Program files\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{0E1F34D0-FFEC-4A5D-96E6-6E1D9CC91FF6}] => (Allow) D:\Program files\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{F679E7B3-3808-43BE-A6D6-B660082A4E4C}] => (Allow) D:\Program files\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{FA73E468-E18B-4898-B389-D53924728EA7}] => (Allow) D:\Program files\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{EEF8EC86-5AF8-47C2-8B50-11DDFA796C4A}] => (Allow) D:\Program files\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{54BF5EC5-5A9C-457D-93BA-4B8A9F47BDCC}] => (Allow) D:\Program files\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{D0CC10F8-1A2B-475D-BA86-60C32F05AAA5}] => (Allow) D:\Program files\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{B0005629-6795-4E7E-8E24-F6D6328C4F4F}] => (Allow) D:\Program files\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{D6E0EE0E-4B2F-457C-8A91-96005C465DBB}] => (Allow) D:\Program files\steamapps\common\Valley\Valley.exe
FirewallRules: [{25533361-E764-468F-BE4E-39E1DB5AD358}] => (Allow) D:\Program files\steamapps\common\Valley\Valley.exe
FirewallRules: [{4E0BDE29-4DED-4985-B2CD-768C60326224}] => (Allow) D:\Program files\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{13795AEB-1C6F-46D5-A1DB-EA2A02812C97}] => (Allow) D:\Program files\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{69DE3369-51E2-4161-AC71-5A9A8BDEB04C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C5562A40-6E66-4E08-999B-33863DA6D35B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0EC4F455-C43C-4EDC-BBA4-477FFB0C394B}] => (Allow) D:\Program files\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{F7E957E2-2F4D-4A09-9EAC-9752E0130E19}] => (Allow) D:\Program files\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{5EFA038D-8FB0-42DC-9341-8ED1A7F1E81D}] => (Allow) D:\Program files\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{E4168DB8-CAA6-4308-B783-206160332542}] => (Allow) D:\Program files\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{864B366C-14AA-4451-91CE-40193752BC75}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{4C5706C5-5478-4DDE-9A3A-0ACB11FBCBB4}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{E399E5ED-8720-4B2D-B9C9-2A2CFE30A96D}] => (Allow) D:\Program files\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{88AC620C-BB9F-4D69-AB86-0EA849765C2A}] => (Allow) D:\Program files\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0C7E3556-14D2-49A8-BAD9-8A56F10DB80D}] => (Allow) D:\Program files\steamapps\common\Sniper Elite 4\Launcher\SniperElite4.exe
FirewallRules: [{11E3452F-53BE-43EE-A13F-364B43CBF82B}] => (Allow) D:\Program files\steamapps\common\Sniper Elite 4\Launcher\SniperElite4.exe
FirewallRules: [{696CF8EE-243A-4B29-8657-99B7267E9906}] => (Allow) D:\Program files\steamapps\common\theHunterCotW\theHunterCotW_F.exe
FirewallRules: [{C8C8AD90-BD79-4821-9774-0DF1D40D4B23}] => (Allow) D:\Program files\steamapps\common\theHunterCotW\theHunterCotW_F.exe
FirewallRules: [{5A3551B9-0919-4339-AD39-89A9B97A43F4}] => (Allow) D:\Program files\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{04BB63DD-0624-4EB8-A9AD-50D6520FE9B0}] => (Allow) D:\Program files\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{7AD98C26-DDB7-44CA-9D44-51056534E851}] => (Allow) D:\Program files\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{E0AD659F-E8FD-40D2-8E61-B777EF89637F}] => (Allow) D:\Program files\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{D6A9753C-5011-43B9-A281-AF7F188FFCD0}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{0588AD4D-5332-4417-8A0B-75941BC9CED7}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{60BC8BD5-FF50-4904-A1C9-C95D468AAE5F}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{F105A9AA-065B-44D5-ADA5-FEB3196D63AE}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{DD0D1CBC-3203-46C5-AB3A-50FB7B99A45E}] => (Allow) D:\Program files\steamapps\common\Tempest\Tempest.exe
FirewallRules: [{116A9BD1-BA75-41A2-BDCB-05F3C4AD6F4C}] => (Allow) D:\Program files\steamapps\common\Tempest\Tempest.exe
FirewallRules: [{3C2FECAE-E812-4474-A84B-C1D3E53B3D7E}] => (Allow) D:\Program files\steamapps\common\DDDA\DDDA.exe
FirewallRules: [{8B27B540-EF58-4AD4-B89A-FE622682AB36}] => (Allow) D:\Program files\steamapps\common\DDDA\DDDA.exe
FirewallRules: [{89B2C9EE-E5ED-4B2C-8342-21F9EEB1B625}] => (Allow) D:\Program files\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{FC661F53-7DCD-41FD-AC7C-A8FA5B5AC58A}] => (Allow) D:\Program files\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [UDP Query User{200DF08E-634F-47E1-9A51-26937D210B3D}D:\program files\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{C038825F-41EC-488F-979C-42F941FA2493}D:\program files\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{E0B46D7E-383D-4CBB-B8A7-E8E256A60A18}] => (Allow) D:\Program files\Origin Games\Medal of Honor Warfighter\MOHW.exe
FirewallRules: [{F091D8A2-36DB-4851-B695-B5E722E52F54}] => (Allow) D:\Program files\Origin Games\Medal of Honor Warfighter\MOHW.exe
FirewallRules: [UDP Query User{CB2CB62E-13AE-48E8-9F39-56ACA714977F}D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [TCP Query User{10F57AEE-13A8-48C7-93EA-BB757C90835E}D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{F016F7A8-E487-468C-AAD4-A82E569ADE1D}D:\vpn unlimited\vpn-unlimited.exe] => (Allow) D:\vpn unlimited\vpn-unlimited.exe
FirewallRules: [TCP Query User{6E42EF95-1993-4A4D-9F0B-18560A2A0F82}D:\vpn unlimited\vpn-unlimited.exe] => (Allow) D:\vpn unlimited\vpn-unlimited.exe
FirewallRules: [UDP Query User{61731F6C-BEA4-430F-90E7-BE1D1E280A41}D:\program files\steamapps\common\hunted\binaries\win32\p4dftre.dll] => (Allow) D:\program files\steamapps\common\hunted\binaries\win32\p4dftre.dll
FirewallRules: [TCP Query User{8226B348-18CC-4106-BED9-D92B69A0E267}D:\program files\steamapps\common\hunted\binaries\win32\p4dftre.dll] => (Allow) D:\program files\steamapps\common\hunted\binaries\win32\p4dftre.dll
FirewallRules: [UDP Query User{F09ACD80-8E99-4B9E-B93E-63DC46EF1514}D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{DA2E4589-0DE0-4541-9B7F-26F68533F8BE}D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{3B4A5DCE-B29D-4073-AB00-264ABE322B94}] => (Allow) D:\Program files\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{9C9C36A1-CC3E-41CF-9198-5E2A7EA97C52}] => (Allow) D:\Program files\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [UDP Query User{FD073BB4-729B-4D4E-A483-846D7B7DB68A}D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [TCP Query User{D2015385-E98B-4F92-854D-ED10B6691AA8}D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{A8AE1D36-F96C-4109-A805-F37912D10E38}D:\program files\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{B80FF2FE-5868-4DA3-828F-6EC47B4ADBD4}D:\program files\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files\origin games\battlefield 4\bf4.exe
FirewallRules: [{80849946-6B5A-492F-B221-8CB63AB62D16}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{93FAB6C6-AC1D-46DA-9680-0F3AFA9BA785}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{11FC38C8-5142-4F8D-B3E0-B2CDE5D9242D}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{A65C848A-80F5-48AD-A652-7C703A4D4E4A}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{C78CD944-7FBB-4F6B-ADA7-3C802B8D5178}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C68BA6C8-4B82-4B9E-A4F9-476A7A4867AA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6725DCE9-F3B5-47B9-BD38-A64C44A84558}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F7B367E5-1F07-47D1-AA4F-C522A91B5706}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4482C4B2-DC22-41E6-80DC-CB1BC418579B}] => (Allow) D:\Program files\steamapps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{1A2AC4CB-72E4-4A8F-BE0E-861F422F3D78}] => (Allow) D:\Program files\steamapps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{4C298886-6A11-4999-9AFF-A49BCF6AB9D9}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{ADED800B-BE01-426B-BC12-4134861D1208}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{D648DD03-5B4B-4174-BB5C-E7C9D2578660}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{CAAFD88E-03F5-4BED-B924-4C7AB787BCA5}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{5C709344-21AA-4E2B-B2FD-F5E71DF66091}] => (Allow) D:\Program files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E4D99CE7-D2E7-445D-A512-1F6E99381B58}] => (Allow) D:\Program files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DA5BFDB0-B967-4471-925F-F3193A48BF98}] => (Allow) D:\Program files\steamapps\common\Universe Sandbox 2\Universe Sandbox VR.exe
FirewallRules: [{850147A0-5718-4E39-91D6-88D4BFBAF46C}] => (Allow) D:\Program files\steamapps\common\Universe Sandbox 2\Universe Sandbox VR.exe
FirewallRules: [{114BE306-3A2A-46A1-806D-7135C3F61E63}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{211E804F-20BE-48AA-9566-EFF684F2A6FE}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{07B4F742-30BB-4271-AA22-33462A4F5A4D}] => (Allow) D:\Program files\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{CA643005-97CB-417F-927B-1969F0E2EFC7}] => (Allow) D:\Program files\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [UDP Query User{B968EE69-5B9B-491E-8884-F40232A88ED4}D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{681D7342-4B53-40C1-831E-0DA842BE6403}D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{8C6D52CE-11DD-4D45-B45D-C997F7F7636A}] => (Allow) D:\Program files\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{C0051B3C-A8BE-41FB-8548-91B7F2354AA9}] => (Allow) D:\Program files\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{936553AE-6343-41D5-9044-319938AC1B96}] => (Allow) D:\Program files\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{D1A37568-2025-4870-AC2C-EC5AECA5EE8D}] => (Allow) D:\Program files\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{8CA50BEA-F814-48FA-9F4E-DAF35F643311}] => (Allow) D:\Program files\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5C3E9600-26D0-4A2F-9D31-D3D3FA39F6D6}] => (Allow) D:\Program files\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{4860A63F-CCEB-45E5-97E3-459E0F44AB7F}] => (Allow) D:\Program files\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{698D092B-4F96-4579-8103-E420677DC68C}] => (Allow) D:\Program files\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{941FEBC4-E9F4-4DCD-AFBE-1B28507D72C9}] => (Allow) D:\Program files\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{D3453482-BA48-408D-BC08-C02C2E64B5A1}] => (Allow) D:\Program files\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{FFF1E4CF-6845-4101-9E34-329C66647957}] => (Allow) D:\Program files\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{D709F790-5333-46D7-8CC7-85E44CB69CDE}] => (Allow) D:\Program files\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{98EED11F-5516-4147-B997-A9ED6F33E1CA}] => (Allow) D:\Program files\steamapps\common\Dead Space\Dead Space.exe
FirewallRules: [{6E2E0A7E-258D-42AC-8C5A-350F50EFF30C}] => (Allow) D:\Program files\steamapps\common\Dead Space\Dead Space.exe
FirewallRules: [{86E351DB-5849-440B-B88B-E711B852CDC5}] => (Allow) D:\Program files\steamapps\common\Crysis Warhead\Bin32\Crysis.exe
FirewallRules: [{79B11F4F-5500-4A33-AF84-7592D4FB1946}] => (Allow) D:\Program files\steamapps\common\Crysis Warhead\Bin32\Crysis.exe
FirewallRules: [{18AC9262-31BF-4EF3-8B6C-126028B00A6C}] => (Allow) D:\Program files\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{5C4A0FFC-1B01-4A68-B1E8-33F5AA7FAEBC}] => (Allow) D:\Program files\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{55675F44-7665-4FFF-872B-10AAC7040B7F}] => (Allow) D:\Program files\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{B0C384ED-2B9C-4551-BBB7-4C7E7783EF1E}] => (Allow) D:\Program files\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{038627A1-B150-45CF-BD01-FF9BE7B5FCFA}] => (Allow) D:\Program files\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{C5AE46F3-3BA1-412A-A36E-4A9B73EA449D}] => (Allow) D:\Program files\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{3F6D13E5-887E-4CCD-8CBB-A47F6E9F5D21}] => (Allow) D:\Program files\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{E5C218D5-85DD-4C50-A7CA-11E199446843}] => (Allow) D:\Program files\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{1349887C-FAB4-41BE-A20F-7786D1732AFA}] => (Allow) D:\Program files\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{8DB8DB28-209F-4D17-BD69-15CE73495A7E}] => (Allow) D:\Program files\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{13F3FB45-1F5F-47A4-98BE-239A23CD344B}] => (Allow) D:\Program files\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{91F3B93C-251B-4D53-B344-A7025DC0FDAC}] => (Allow) D:\Program files\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{9642E6DE-FCAA-4F2D-B356-0B18E311E925}] => (Allow) D:\Program files\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{F9D2C055-6380-47C0-81DE-F633A370585A}] => (Allow) D:\Program files\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{43B7BF8F-FC3E-451A-B6AA-5C96B9C0C051}] => (Allow) D:\Program files\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{A8AE1EF9-9F41-4825-87CF-8B8CCD761FE8}] => (Allow) D:\Program files\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{8983D1FE-8326-45DD-9145-EE879743EAFE}] => (Allow) D:\Program files\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{948047E1-DC79-40CC-B840-89D46DD03FF2}] => (Allow) D:\Program files\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{4155C64B-7043-498C-9444-A97CE129F158}] => (Allow) D:\Program files\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{EB6D3C8F-47CA-40CD-AF09-6B00002D98ED}] => (Allow) D:\Program files\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{589A13CA-FD8C-4552-B8E5-397BEF5189E4}] => (Allow) D:\Program files\steamapps\common\Call of Duty 2\CoD2MP_s.exe
FirewallRules: [{BBAAB2CC-1B40-40B9-9954-946B435DCE57}] => (Allow) D:\Program files\steamapps\common\Call of Duty 2\CoD2MP_s.exe
FirewallRules: [{167372F8-51A6-4D95-9082-55DF135770FB}] => (Allow) D:\Program files\steamapps\common\Call of Duty 2\CoD2SP_s.exe
FirewallRules: [{5C5FBA4B-8149-4335-A0D6-DBFA9DB52BBE}] => (Allow) D:\Program files\steamapps\common\Call of Duty 2\CoD2SP_s.exe
FirewallRules: [{913774B4-E2B3-45A0-AC67-C91793801464}] => (Allow) D:\Program files\steamapps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{64621427-9B99-4D4E-9A5A-0202F6BB76BC}] => (Allow) D:\Program files\steamapps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{37F1B702-CEC0-4F86-8E70-40411578E8E2}] => (Allow) D:\Program files\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{349AC164-4DB2-48AF-8697-F5F5B959DE3B}] => (Allow) D:\Program files\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{A984A8AC-8948-42A6-A25F-7730C08EE4DC}] => (Allow) D:\Program files\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{67E9C678-585D-4A0B-A8DE-732848954A23}] => (Allow) D:\Program files\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{98C29A63-0472-496B-8AAD-584E48716BAA}] => (Allow) D:\Program files\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{D10EA609-761C-4A44-9393-D0A96CC120CB}] => (Allow) D:\Program files\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{E1BDE1D1-65AD-4614-97C8-C9B461AF583C}] => (Allow) D:\Program files\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{63D211AC-CD01-4102-B761-29FF8CC8F377}] => (Allow) D:\Program files\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{32565F91-B29F-46E9-9B71-B0BD8853A07A}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{1A5FE69E-9A48-4AF6-90BC-C1CCC15C64C5}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{6574CC47-D1C2-4BF8-BC6D-BA23199BC660}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{BBC3C4BB-6076-4799-A3ED-2E3FDCE0F426}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{42A13497-7305-448D-9E78-E80CAB8C5B32}] => (Allow) D:\Program files\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{7A18FBED-735D-4910-B021-EBAD5CD78038}] => (Allow) D:\Program files\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{8EC731E4-2B3F-469F-A622-43579E4A51BF}] => (Allow) D:\Program files\steamapps\common\RebelGalaxy\SteamLauncher.exe
FirewallRules: [{290FC246-D8BD-4682-9213-B4FD851304F8}] => (Allow) D:\Program files\steamapps\common\RebelGalaxy\SteamLauncher.exe
FirewallRules: [{DF9C372D-3A92-4ABB-B6F6-0A3F6E3870ED}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{144AED82-6AB1-4278-8837-809E754DFC2E}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{3A56C89C-21C2-479B-954C-A9FA623BA664}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{41BE2A52-9016-4C3E-9488-26A7D0A73031}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{C1813300-2FFC-466F-9F41-5B00CCD7200A}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{3E53BA7B-0817-4EDC-ACE0-84C8B18DA619}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{69761619-5B0D-43E0-888B-335B65BCA9B4}] => (Allow) D:\Program files\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{F13BD89F-6EA8-44DC-9C75-4802DD1BD87E}] => (Allow) D:\Program files\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{FE0F170B-49CD-4F65-9ED4-2F84660260D4}] => (Allow) D:\Program files\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{B3ACF2E5-4047-4D16-8236-04BA5B1F85BF}] => (Allow) D:\Program files\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{05FDB988-5C80-4668-91DC-64074466305B}] => (Allow) D:\Program files\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{75B12E55-64B6-4954-A0BD-D15B5059AC22}] => (Allow) D:\Program files\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{266BCB87-7489-4714-9C79-D4B4A69D3785}] => (Allow) D:\Program files\game.dat
FirewallRules: [{45AB811A-CC2A-4EE1-B544-32C46BD85CD8}] => (Allow) D:\Program files\game.dat
FirewallRules: [{36404B2A-74B2-4DC3-ACB5-D075C95D847D}] => (Allow) D:\Program files\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{66D6BBEB-2E17-46DB-975F-F7E683C70BB1}] => (Allow) D:\Program files\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{7FB4A5B4-1F95-4513-B883-A014D18FD627}] => (Allow) D:\Program files\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{B9494609-EDEC-46C0-822D-80449BB03F40}] => (Allow) D:\Program files\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{95825D22-366A-42EC-8A03-E8E51653C5A1}] => (Allow) D:\Program files\steamapps\common\Enemy Front\Bin32\DedicatedServer.exe
FirewallRules: [{95659016-6D08-4FCB-8536-5E1B5238A778}] => (Allow) D:\Program files\steamapps\common\Enemy Front\Bin32\DedicatedServer.exe
FirewallRules: [{6E090893-2227-48CF-B39F-9650BF0BBE9A}] => (Allow) D:\Program files\steamapps\common\Enemy Front\Bin32\EnemyFront.exe
FirewallRules: [{A721A48D-E2A0-4332-BD6F-71B40BCAE030}] => (Allow) D:\Program files\steamapps\common\Enemy Front\Bin32\EnemyFront.exe
FirewallRules: [{B3F2ABDB-B753-4464-9A06-CFF6DA59540D}] => (Allow) D:\Program files\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{F09D713C-2976-4111-9779-4216E5AE6835}] => (Allow) D:\Program files\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{7FE570F2-9F5D-4028-99FC-765ED063BE3D}] => (Allow) LPort=1900
FirewallRules: [{8FB03CE2-59EC-4F9C-9624-AD7A22D86528}] => (Allow) LPort=2869
FirewallRules: [{59D7E2A8-977E-4163-9BCD-7906CD7BA769}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BFF1FB30-2FA8-448A-ACBC-1AD2BDA5DA4D}] => (Allow) D:\Program files\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{1C59BE2D-5CD8-4F51-8301-42BF93078293}] => (Allow) D:\Program files\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{0E32066F-A538-427D-BAC5-5656602055D6}] => (Allow) D:\Program files\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{49A2A638-CCA7-4951-8A9F-0C4673FA04F9}] => (Allow) D:\Program files\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{3CAA67B6-6713-41C2-BC35-C4D646C16EAE}] => (Allow) D:\Program files\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{EC9D8A4B-3587-47E3-A8A9-99DE8A0D6A8F}] => (Allow) D:\Program files\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{13C535F8-8D8C-4F7E-B395-B4F062AB2AC9}] => (Allow) D:\Program files\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{1C3651B1-B52A-4A7C-B0A7-AED2EBE7ECC6}] => (Allow) D:\Program files\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{2F341DCC-D3E5-4B87-93C6-0A2E699FCCC3}] => (Allow) D:\Program files\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2A37B3B0-AD4C-4DFE-907B-80488CB8860D}] => (Allow) D:\Program files\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{BF46C409-FAB8-4D88-8F6D-688C394ADDDA}] => (Allow) D:\Program files\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{D969849C-DEDE-4B77-83C9-C0FE85B2F81F}] => (Allow) D:\Program files\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{7E564701-9B05-470E-8B88-FB638891FA49}] => (Allow) D:\Program files\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{B48F4628-E52A-4BAB-BE63-5E19A7D2AB95}] => (Allow) D:\Program files\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{2FE4BD59-7504-4FF4-8CA7-6B34E237C0B0}] => (Allow) D:\Program files\steamapps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{DDB443F3-35EE-4EBA-BDD0-F4B8F75CF25C}] => (Allow) D:\Program files\steamapps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{348B96AD-0F48-4DEB-B994-1BC6B5DA697C}] => (Allow) D:\Program files\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{6BA83878-7C26-4060-BF7E-D7EE72140609}] => (Allow) D:\Program files\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{60A18A7E-DB2A-43F2-9038-10B1F0817548}] => (Allow) D:\Program files\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{EB179371-9C1D-4D45-9997-195E41FE8601}] => (Allow) D:\Program files\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{A502A7FE-97D9-47F3-93F0-0D5BFABFFDF4}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B1321AF2-F307-4270-BC8E-1288AAC09FE4}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{3D515C28-990C-43F4-8FF5-B048F4B8DD2C}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{3D0EC9AA-17F5-463A-AC38-FA7BA86BE745}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{8D45F3E9-D3C9-4FAA-9990-DE0C941D4411}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A1497F58-AF8E-4A09-A943-3D6CCBBF9731}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{70B1050B-F539-4514-8FF3-6B015948DFA5}] => (Allow) D:\Program files\steamapps\common\Way of the Samurai 4\WayOfTheSamurai4.exe
FirewallRules: [{F218DF99-EC27-47A7-BD4D-C31099EFF0D1}] => (Allow) D:\Program files\steamapps\common\Way of the Samurai 4\WayOfTheSamurai4.exe
FirewallRules: [{10E23352-5C18-4974-A6C5-1353DA1CA1C7}] => (Allow) D:\Program files\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{FB95AD7A-9152-4E2F-9A37-877A7B642E66}] => (Allow) D:\Program files\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{9C7286F1-D7F1-4967-B334-10FF2FB05A4B}] => (Allow) D:\Program files\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{88A04E79-8263-49BE-9145-CAF433CA3BA4}] => (Allow) D:\Program files\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{FCA13A55-4F23-4BDB-A4F9-6E83E2D5C8FE}] => (Allow) D:\Program files\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{F1ECA28A-A9ED-48EE-A850-C06B6A8CFBE5}] => (Allow) D:\Program files\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{F9FF208D-07E0-4FE0-8F76-8FFFB0C53134}] => (Allow) D:\Program files\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{E34D0FA6-DDC1-477E-95EA-D44711ECDF3A}] => (Allow) D:\Program files\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{E4E39F9C-1641-4E6F-BAC5-CCC423C0D5DE}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoPortal\Lenovo.Portal.exe
FirewallRules: [{BBB309AA-BE13-4957-8A35-9C2416DD2E08}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{FE2516CE-AAEE-48ED-B6AB-7787550FCCD8}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{994389D0-B1A9-4D3E-96BC-1B41D0445A5D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{96B18693-74CF-457C-B9FB-7998995857DD}] => (Allow) D:\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{E23527BB-E329-474B-AEF0-4C0790A570C0}] => (Allow) D:\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{D2716C78-623D-4280-BCB7-0F75745353BF}] => (Allow) D:\VPN Unlimited\openvpn.exe
FirewallRules: [{144880FE-E307-4F80-9F06-92A63D2BE050}] => (Allow) D:\VPN Unlimited\openvpn.exe
FirewallRules: [{7819589E-5AC9-4A30-9FD5-2D0737C7B630}] => (Allow) D:\Program files\Steam.exe
FirewallRules: [{1B589443-8CA6-4405-8D7C-6AA40448D627}] => (Allow) D:\Program files\Steam.exe
FirewallRules: [{AFCFA2B5-627A-4AE2-8C7E-530D53DB4FE9}] => (Allow) D:\Program files\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{DBBADC7F-9E62-4FF4-9BB0-2CA1C744D34A}] => (Allow) D:\Program files\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{2557AA0D-6252-4BD0-ABC8-3500658B9FA4}] => (Allow) D:\Program files\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{640CB8F2-F196-4CDD-9BBD-D8977192E937}] => (Allow) D:\Program files\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [TCP Query User{8DBC766D-A068-4832-BC25-6F449C86B0F4}D:\program files\steamapps\common\watch_dogs\bin\watch_dogs.exe] => (Allow) D:\program files\steamapps\common\watch_dogs\bin\watch_dogs.exe
FirewallRules: [UDP Query User{3E634D2B-0500-4802-99A8-E350B5F8BFED}D:\program files\steamapps\common\watch_dogs\bin\watch_dogs.exe] => (Allow) D:\program files\steamapps\common\watch_dogs\bin\watch_dogs.exe
FirewallRules: [{B315C3CE-2CE5-4B18-88E6-F6A50CC5B92F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{6136AE92-8AB9-4A1A-933D-F195043DE3E9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{4190B3F8-5B23-4AEF-8737-69D92BE0BBBE}D:\program files\steamapps\common\everspace\rsg\binaries\win64\rsg-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\everspace\rsg\binaries\win64\rsg-win64-shipping.exe
FirewallRules: [UDP Query User{6141709E-30EB-4DFB-A128-9568929E87FC}D:\program files\steamapps\common\everspace\rsg\binaries\win64\rsg-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\everspace\rsg\binaries\win64\rsg-win64-shipping.exe
FirewallRules: [{626D57D2-B100-497C-86B3-0E414217DCD8}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{86893811-4E11-49D0-AC45-CA01ACE0BB4D}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [TCP Query User{505245C3-5B1B-4C9A-8BF7-96632554E399}D:\program files\steamapps\common\total war attila\attila.exe] => (Allow) D:\program files\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{1896D86E-E526-4E12-AFB1-5AD515BB980A}D:\program files\steamapps\common\total war attila\attila.exe] => (Allow) D:\program files\steamapps\common\total war attila\attila.exe
FirewallRules: [TCP Query User{EB4F8B10-19E3-4896-B894-02B714C7A4FE}D:\program files\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\program files\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe
FirewallRules: [UDP Query User{15647856-F7B7-40D6-97CE-5A65E2C66149}D:\program files\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\program files\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe
FirewallRules: [TCP Query User{7546D98D-84BE-4AD0-B42A-A5F5AEAC5169}D:\program files\steamapps\common\far cry primal\bin\fcprimal.exe] => (Allow) D:\program files\steamapps\common\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{F0D282C2-6C6A-4F24-A13A-01BD2D6D4DDD}D:\program files\steamapps\common\far cry primal\bin\fcprimal.exe] => (Allow) D:\program files\steamapps\common\far cry primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{63CBDBF6-B872-41F6-BC6A-01EAFF421B38}D:\program files\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\program files\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{B7647EDB-6064-460C-AE1E-A5E377ABCE1A}D:\program files\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\program files\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{4D9811DA-048B-458E-B313-867F6AAEE1FD}] => (Allow) D:\Program files\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{726D8F26-D93A-4140-87EB-E79E30CF1525}] => (Allow) D:\Program files\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{17A04860-7428-48FE-B5BA-006C2A0BD58C}] => (Allow) D:\Program files\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{E06E528A-A6C5-4975-8307-5021B4C81A02}] => (Allow) D:\Program files\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{02210263-9ADE-4630-AE26-7A8FB9B70F07}] => (Allow) D:\Program files\steamapps\common\Starpoint Gemini Warlords\GameLauncher.exe
FirewallRules: [{FDDF1D4A-6613-4656-A03B-FC527053F24F}] => (Allow) D:\Program files\steamapps\common\Starpoint Gemini Warlords\GameLauncher.exe
FirewallRules: [{54CF00E0-EEC4-4C4C-9AC5-BAFEAA5057F9}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{E8902CCE-E9F2-4E98-8E1B-8BB90B89FCBD}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{DEB55AF3-B3CF-40EB-A72F-CB94E841E99A}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{EB300AF2-214B-4C08-8547-084E21987307}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{56D99966-12CA-4F88-B4FF-07C85B323355}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{4C1C8E3D-BCC3-4F1E-96EE-8D06DC3CF9C4}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{F0725BA7-454C-486C-824E-CCAEA4C927AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0F1DB09B-5B22-4381-864F-57CA344952B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{31D426C0-CDC1-45BF-B82E-3EECF8953A59}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{38C30541-8C58-4515-9DB9-1502B3A2D19C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BCA0E7F3-6D9D-411A-A2A8-1262D35A9132}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E6B23DF4-0A5E-4551-AB5E-5ED5DE5983FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{42627B10-F584-4006-8BD5-D53853B79057}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D8837275-CE07-4CB1-A02E-5DB360B7C8F6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B4151755-2437-4F20-A7D7-E5CC9D46C91E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{90E9C1C9-CB7E-459E-980C-275A5B40D62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{CA364A99-567C-4C72-A30C-5CB60D030C6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8FB9D851-10FC-40BB-B1A7-2F013C8082A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D6B00D30-0BE4-4834-8D8D-64D27FE95C97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{68E84F29-279F-4E29-8A83-117A6517DA4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A4287A2D-745F-485F-8572-E18843DB341A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0AB7CCA9-2ECC-4935-B35D-1A016AC6D3DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FCBFEBC8-4D8D-422F-824C-F724EF2CB194}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9FCF7046-FAD2-4749-8112-4A20E40A8A50}] => (Allow) C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Temp\HouseCall\tmase\nmap\bonjour.exe
FirewallRules: [{6F6E666F-FB98-4534-A35E-0948EB193009}] => (Allow) D:\Program files\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{77BCBDDE-4021-4EF9-8FAD-2522D4AD4FF2}] => (Allow) D:\Program files\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{04CC92E1-36F0-48AA-82BA-352813EEDB55}] => (Allow) D:\Program files\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{42485088-8F7B-4949-AB35-07FD8EBFB2EE}] => (Allow) D:\Program files\Origin Games\Battlefield 1\bf1.exe
 
==================== Restore Points =========================
 
03-04-2018 09:43:01 Removed Cybereason RansomFree 2.2.3.0
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/02/2018 07:24:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.16299.248 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 184c
 
Start Time: 01d3ca7cf4f53403
 
Termination Time: 0
 
Application Path: C:\Windows\explorer.exe
 
Report Id: 5022bec1-8482-46d1-8f06-891cd4a9f13e
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (04/02/2018 06:45:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.16299.248 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: d8c
 
Start Time: 01d3ca7755e5fa39
 
Termination Time: 0
 
Application Path: C:\Windows\explorer.exe
 
Report Id: 93cc74e7-537d-4d18-aa15-0bc8765b0507
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (04/02/2018 06:40:25 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
 
Error: (04/02/2018 06:40:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (04/02/2018 03:43:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x8007001f, A device attached to the system is not functioning.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (04/02/2018 09:33:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Origin.exe, version: 10.5.15.44004, time stamp: 0x5aafed47
Faulting module name: Qt5WebEngineCore.dll, version: 5.8.0.0, time stamp: 0x5a30a1e8
Exception code: 0x80000003
Fault offset: 0x01f76c03
Faulting process id: 0xd88
Faulting application start time: 0x01d3ca2ae4dc0afe
Faulting application path: C:\Program Files (x86)\Origin\Origin.exe
Faulting module path: C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
Report Id: 4c6a01f3-4e25-430a-a8ab-415bfa01f03d
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/01/2018 06:55:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FbService.exe, version: 3.0.0.1, time stamp: 0x5591024d
Faulting module name: ntdll.dll, version: 10.0.16299.248, time stamp: 0xeffc9126
Exception code: 0xc0000374
Fault offset: 0x00000000000f87bb
Faulting process id: 0xdac
Faulting application start time: 0x01d3c9b04d2bc41b
Faulting application path: C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: e011662e-10f9-4a01-9ade-9d00e951f089
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/01/2018 09:21:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Origin.exe, version: 10.5.15.44004, time stamp: 0x5aafed47
Faulting module name: Qt5WebEngineCore.dll, version: 5.8.0.0, time stamp: 0x5a30a1e8
Exception code: 0x80000003
Fault offset: 0x01f76c03
Faulting process id: 0x2de0
Faulting application start time: 0x01d3c96011851058
Faulting application path: C:\Program Files (x86)\Origin\Origin.exe
Faulting module path: C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
Report Id: f83bd393-bad4-4386-905b-61cf27a18ba5
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (04/03/2018 09:31:37 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OKN7NQ)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-0OKN7NQ\lauri SID (S-1-5-21-584912067-1683141588-1664888071-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/03/2018 07:34:14 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OKN7NQ)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-0OKN7NQ\lauri SID (S-1-5-21-584912067-1683141588-1664888071-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/02/2018 08:36:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (04/02/2018 08:36:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Error: (04/02/2018 08:35:42 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (04/02/2018 08:35:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:59:45 PM on ‎4/‎2/‎2018 was unexpected.
 
Error: (04/02/2018 07:24:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.
 
Error: (04/02/2018 07:20:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 46%
Total physical RAM: 16322.39 MB
Available physical RAM: 8769.52 MB
Total Virtual: 18754.39 MB
Available Virtual: 10558.1 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:100 GB) (Free:19.22 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: () (Fixed) (Total:1731.17 GB) (Free:94.89 GB) NTFS
 
\\?\Volume{fff78e2c-dc23-414b-97fe-32265f25bb56}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
\\?\Volume{5b962e74-9e20-4de6-804c-f194399fb23e}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.59 GB) NTFS
\\?\Volume{b73deac6-68e0-4c5c-891e-48cd55b18e86}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:17.48 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 73CA0AEC)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 
My PC seems to be running ok apart from the inability to use Origin or play online games, but as I said earlier I don't know if this is the PC or the connection....
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by lauri (03-04-2018 10:14:16)
Running from C:\Users\lauri.DESKTOP-0OKN7NQ\Desktop
Windows 10 Home Single Language Version 1709 16299.309 (X64) (2018-03-10 06:43:48)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-584912067-1683141588-1664888071-500 - Administrator - Disabled)
ASPNET (S-1-5-21-584912067-1683141588-1664888071-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-584912067-1683141588-1664888071-503 - Limited - Disabled)
Guest (S-1-5-21-584912067-1683141588-1664888071-501 - Limited - Disabled)
lauri (S-1-5-21-584912067-1683141588-1664888071-1001 - Administrator - Enabled) => C:\Users\lauri.DESKTOP-0OKN7NQ
WDAGUtilityAccount (S-1-5-21-584912067-1683141588-1664888071-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Advanced SystemCare 11 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 11.2.0 - IObit)
Any Video Converter 6.2.2 (HKLM-x32\...\Any Video Converter) (Version: 6.2.2 - Anvsoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
Avira (HKLM-x32\...\{DBA89A98-6FF1-4FE3-8147-69DD2C5DE889}) (Version: 1.2.108.24268 - Avira Operations GmbH & Co. KG) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.53.52958 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version:  - Ubisoft)
calibre 64bit (HKLM\...\{332E0E14-41EE-4C18-B366-0CE1609A393A}) (Version: 3.19.0 - Kovid Goyal)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - Canon Inc.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.24 - NVIDIA Corporation) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Driver and Application Installation (HKLM-x32\...\{6EC299C6-074C-4529-8D5F-2798584BB27B}) (Version: 2.02.0803 - Lenovo)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
FastStone Photo Resizer 3.8 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.8 - FastStone Soft.)
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Earth Pro (HKLM\...\{D9EF644E-2FAE-493B-8180-5617CC774C4F}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.3.0.13 - IObit)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0701 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.4212 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.4212 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0011.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-584912067-1683141588-1664888071-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NOX (HKLM-x32\...\{BF152F35-9708-452C-862C-F7E3B62DF732}) (Version: 2.0.0.20 - Electronic Arts, Inc.)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.24 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Graphics Driver 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.24 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.15.44004 - Electronic Arts, Inc.)
Oxenfree (HKLM-x32\...\1457519353_is1) (Version: 2.6.0_cs_hotfix - GOG.com)
Photo Pos Pro 3 (HKLM\...\Photo Pos Pro 3) (Version: 3.30 - PowerOfSoftware Ltd.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.128 - Qualcomm Atheros)
Qualcomm Atheros 61x4 Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.0.041 - Qualcomm Atheros)
Russian Fishing 4 (HKU\S-1-5-21-584912067-1683141588-1664888071-1001\...\com.rf4game.rf4_launcher_en) (Version: 4.0.9224 - Russian Fishing Spb LLC)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.8.5 - IObit)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Tom Clancy's Splinter Cell (HKLM-x32\...\Uplay Install 109) (Version:  - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{BF492E7F-BD3F-4F33-932A-1DD0891968B0}) (Version: 2.13.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{B8B01E04-5393-4902-98E6-0E2787F03C80}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VPN Unlimited 4.0 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 4.0 - KeepSolid Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Essentials Pack (HKLM-x32\...\Winamp Essentials Pack) (Version: v5.64 - Christoph Grether)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows Driver Package - Genesys Logic (GeneStor) USB  (07/13/2015 4.5.0.6) (HKLM\...\AE2E6FAB44844413B4C6F53C908EACC8AFC838F0) (Version: 07/13/2015 4.5.0.6 - Genesys Logic)
Windows Driver Package - Intel (e1dexpress) Net  (06/18/2015 12.13.17.4) (HKLM\...\EB46E325A9A1BEC97608B27915959487E64F32B3) (Version: 06/18/2015 12.13.17.4 - Intel)
Windows Driver Package - NVIDIA (nvlddmkm) Display  (07/22/2015 10.18.13.5362) (HKLM\...\81C36D5B443FFB6F528F76BD424D750C53ADF10E) (Version: 07/22/2015 10.18.13.5362 - NVIDIA)
Windows Driver Package - NVIDIA Corporation (NVHDA) MEDIA  (04/16/2015 1.3.34.3) (HKLM\...\E1EF4D4E1E41BA85DB6DA51424B73AE1B3F0056A) (Version: 04/16/2015 1.3.34.3 - NVIDIA Corporation)
Windows Driver Package - Qualcomm Atheros Communications Inc. (Qcamain10x64) Net  (06/24/2015 12.0.0.102) (HKLM\...\4487BC319063A97DD4FDC3A8F68BADD5E5BA0B49) (Version: 06/24/2015 12.0.0.102 - Qualcomm Atheros Communications Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WonderFox DVD Video Converter 8.8 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 8.8 - WonderFox Soft, Inc.)
World in Conflict (HKLM-x32\...\Uplay Install 90) (Version:  - Ubisoft)
YoutubeMovieMaker (HKLM-x32\...\{E084C471-FA8F-4468-93F1-25B3A13ED942}) (Version: 12.26 - Youtube Movie Maker)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-28] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32-x32-x32-x32-x32-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-28] (AVAST Software)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-10-16] (Lenovo)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-28] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-10-16] (Lenovo)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-28] (AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2016-07-30] (IvoSoft)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0F8DDE97-6B2C-4577-8DF5-12EC3E65BDE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-01] (Google Inc.)
Task: {17E64663-B617-4FFA-9538-3F065A011E98} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {2B78A029-6D44-49BB-A607-B2765E2A4882} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {3695E470-7B11-49C2-922F-47CCDF730D62} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
Task: {417C29D4-38FA-4702-800B-F4416F08F2F8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {56DE9980-251A-4E1C-BF85-7B14EDE6949F} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {624D636E-2AEF-452D-A24A-34EC0F0ADF1A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {63AFD9E7-F7E0-463F-82E0-6457B45C9CD3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6AE92616-0C4F-47CA-9C50-65ABE80D516C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {702F5C54-2316-44EE-A4C8-0D4586E0D676} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {72DB62DD-D69F-4327-8D81-1EB233A722BC} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)
Task: {77CB3FE1-E1F8-4784-B4A8-AD56C04140A4} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-01-01] (Lenovo)
Task: {7EE2C694-B131-43D8-A374-0FB9A53F383E} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [2015-07-15] ()
Task: {82389A9A-6A5E-4301-A31B-119E795A3988} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)
Task: {8AD7BFC4-AF5F-46E0-8B48-E3DA8F332A6E} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {9163F97D-F0C0-42EC-86F6-200097B0E885} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-01] (Google Inc.)
Task: {93B35AD6-351B-4AB9-853D-3D0FFBC604F1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {9430792A-C536-4FEF-AEC2-BE19DFCDDB9F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-28] (AVAST Software)
Task: {9B3CD4E0-88B4-4A9C-A6B4-9A64FC4A1B6C} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-05-20] (CyberLink Corp.)
Task: {A1181141-0A81-40FD-9EA9-E33B1200757B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {A6F04644-8D98-4D6C-BE12-9E10D92777AE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {A7849079-B5FA-485D-A958-9DD2A719C624} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
Task: {A8AD428B-1BBD-4BA8-8548-BD1BF85656E8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-12-10] (Lenovo)
Task: {AE6AC89B-A43F-4759-9989-3967EA70B5BC} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {B2522C42-2EEF-4F82-B950-08B9D55979E1} - System32\Tasks\{CFC189F3-E7BF-459F-A47E-1D2C147BC341} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Winamp\winamp.exe" -d "C:\Program Files (x86)\Winamp"
Task: {B500F614-6D66-46C4-B7E3-71B036754766} - \Lenovo\Lenovo Service Bridge\S-1-5-21-584912067-1683141588-1664888071-1001 -> No File <==== ATTENTION
Task: {BAE1D0D9-C864-4977-8080-6DE2454FEB4E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {C0F35511-7321-496D-8324-A35438B60D35} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {C0FA9EC5-FC72-4F2B-BBA2-CC374467867B} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
Task: {E19EB859-048A-4D56-9403-33244EBECF92} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-03-21 23:02 - 2018-03-16 07:57 - 000544384 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2016-01-04 08:29 - 2018-03-18 23:57 - 000076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-11-10 04:37 - 2015-11-10 04:37 - 000024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
2018-03-21 22:52 - 2018-03-14 20:01 - 001268112 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-29 20:41 - 2017-09-29 20:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-11-10 04:33 - 2015-07-15 17:54 - 000053832 _____ () C:\WINDOWS\SysWOW64\UMonit64.exe
2018-03-16 16:30 - 2018-02-22 07:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-16 16:30 - 2018-02-22 07:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-10 14:36 - 2018-03-10 14:36 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-10 14:36 - 2018-03-10 14:36 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-10 14:36 - 2018-03-10 14:36 - 021824000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-10 14:36 - 2018-03-10 14:36 - 002529792 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\skypert.dll
2018-03-10 14:36 - 2018-03-10 14:36 - 000649216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2015-11-10 04:35 - 2011-08-17 11:46 - 000028672 _____ () C:\Windows\jmesoft\ServiceLoader.exe
2018-03-16 16:54 - 2018-03-16 16:54 - 000173568 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-03-10 14:34 - 2018-03-10 14:34 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-10 14:17 - 2018-03-10 14:21 - 027139072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-03-10 14:17 - 2018-03-10 14:20 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-03-10 14:17 - 2018-03-10 14:19 - 006687744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-10-09 19:01 - 2017-10-09 19:02 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-21 06:48 - 2018-03-20 13:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-21 06:48 - 2018-03-20 13:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2018-02-17 12:23 - 2017-05-22 11:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-02-17 12:23 - 2017-05-22 11:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-02-17 12:23 - 2017-05-22 11:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2018-03-21 22:52 - 2018-03-14 20:01 - 001041808 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-28 10:11 - 2018-03-28 10:11 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-03-28 10:11 - 2018-03-28 10:11 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-28 10:11 - 2018-03-28 10:11 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-03-28 10:10 - 2018-03-28 10:10 - 000275160 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-02-17 12:23 - 2018-01-25 17:02 - 000899856 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2018-02-17 12:23 - 2018-01-25 17:01 - 000631568 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2018-02-17 12:23 - 2017-05-22 11:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 18:04 - 2015-07-10 18:02 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-584912067-1683141588-1664888071-1001\Control Panel\Desktop\\Wallpaper -> D:\lauri\Pictures\Abigail 2016\DSCF8852.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdvancedSystemCareService10 => 2
MSCONFIG\Services: AdvancedSystemCareService9 => 2
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: JME Keyboard => 2
MSCONFIG\Services: MbaeSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: UpdateAgentService => 2
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{C4EB517D-3117-471D-B1DD-BC909AB03CB5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DC328B5E-5CA6-4D3C-919B-01074EF1CB9F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{92A26829-DB3E-457A-B4A4-6389284B1660}] => (Allow) D:\Program files\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{6BE0B183-CDBF-4C21-8002-9A73DDF9B7E5}] => (Allow) D:\Program files\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{8446220E-1077-4606-B69E-4B610E0DF3DA}] => (Allow) D:\Program files\steamapps\common\Polynomial 2\bin_w64\Polynomial2_64.exe
FirewallRules: [{6BFC9B2D-CBEA-476D-82A0-E8735564B510}] => (Allow) D:\Program files\steamapps\common\Polynomial 2\bin_w64\Polynomial2_64.exe
FirewallRules: [UDP Query User{FB32BF11-EC4F-4037-A43C-12273A70E33D}D:\program files\steamapps\common\fishing barents sea\fbs\binaries\win64\fbs-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\fishing barents sea\fbs\binaries\win64\fbs-win64-shipping.exe
FirewallRules: [TCP Query User{A20CDBAD-7933-47FA-A1CF-1A87EF3B91DE}D:\program files\steamapps\common\fishing barents sea\fbs\binaries\win64\fbs-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\fishing barents sea\fbs\binaries\win64\fbs-win64-shipping.exe
FirewallRules: [{31ABBB48-39F5-4A11-AAC2-DDF58296D97B}] => (Allow) D:\Program files\steamapps\common\Steep\steep.exe
FirewallRules: [{40D202F1-70AE-4365-B4EE-A8D0488DAB64}] => (Allow) D:\Program files\steamapps\common\Steep\steep.exe
FirewallRules: [{62F7039A-B7C1-4AC4-9C7C-4C2CF36C8945}] => (Allow) D:\Program files\steamapps\common\Fishing Barents Sea\FBS.exe
FirewallRules: [{AE723D42-7EB4-43C3-B18E-CCEAA5EBAFBF}] => (Allow) D:\Program files\steamapps\common\Fishing Barents Sea\FBS.exe
FirewallRules: [{D20444F1-DA89-46EB-950C-EAF727DEACD6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{17023FB9-5F87-4674-9492-16DBA9222A90}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{31BBFF24-7F39-43FC-B5F7-99A7F278A9D3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8BE2CA77-4EB3-4AAE-A2AF-5522DEED3575}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C32F7CF4-C652-4E56-8F4E-B9C4E88A6FE1}] => (Allow) D:\Program files\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{0FCF086E-7A8B-4E14-875C-50E6AFA89DB4}] => (Allow) D:\Program files\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{AA948359-36F8-4AC0-87AB-2B9210741FA2}] => (Allow) D:\Program files\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{6A2E7DCB-ED48-423B-B72C-A49F99F3C24E}] => (Allow) D:\Program files\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [UDP Query User{14D9B3B4-6343-448C-B451-2B10AB606D4D}D:\program files\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [TCP Query User{E2D22BD9-4B37-4328-A885-E385FD4329D2}D:\program files\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [{BBC21C75-8872-470F-9949-2BBEF11C7D21}] => (Allow) D:\Program files\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{AC6A642D-B1BD-4FCF-B82B-A71E5B650F4A}] => (Allow) D:\Program files\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [UDP Query User{B4BE4423-6A13-4B8A-B2F7-08BF57677070}C:\games\rf4_en\rf4launcher.exe] => (Allow) C:\games\rf4_en\rf4launcher.exe
FirewallRules: [TCP Query User{61FC65AD-9ADE-4074-B61E-7BB6D535BC4E}C:\games\rf4_en\rf4launcher.exe] => (Allow) C:\games\rf4_en\rf4launcher.exe
FirewallRules: [{89F1D0EA-F79A-4E2D-B5CA-023CD7A996BB}] => (Allow) D:\Program files\steamapps\common\Homefront_The_Revolution\Bin64\Homefront2_Release.exe
FirewallRules: [{53DA87F9-3309-452B-B24F-FA2DEA5365B0}] => (Allow) D:\Program files\steamapps\common\Homefront_The_Revolution\Bin64\Homefront2_Release.exe
FirewallRules: [{EA628109-83E6-4F48-AE8C-3C2A2F3F362D}] => (Allow) D:\Program files\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{0E1F34D0-FFEC-4A5D-96E6-6E1D9CC91FF6}] => (Allow) D:\Program files\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{F679E7B3-3808-43BE-A6D6-B660082A4E4C}] => (Allow) D:\Program files\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{FA73E468-E18B-4898-B389-D53924728EA7}] => (Allow) D:\Program files\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{EEF8EC86-5AF8-47C2-8B50-11DDFA796C4A}] => (Allow) D:\Program files\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{54BF5EC5-5A9C-457D-93BA-4B8A9F47BDCC}] => (Allow) D:\Program files\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{D0CC10F8-1A2B-475D-BA86-60C32F05AAA5}] => (Allow) D:\Program files\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{B0005629-6795-4E7E-8E24-F6D6328C4F4F}] => (Allow) D:\Program files\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{D6E0EE0E-4B2F-457C-8A91-96005C465DBB}] => (Allow) D:\Program files\steamapps\common\Valley\Valley.exe
FirewallRules: [{25533361-E764-468F-BE4E-39E1DB5AD358}] => (Allow) D:\Program files\steamapps\common\Valley\Valley.exe
FirewallRules: [{4E0BDE29-4DED-4985-B2CD-768C60326224}] => (Allow) D:\Program files\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{13795AEB-1C6F-46D5-A1DB-EA2A02812C97}] => (Allow) D:\Program files\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{69DE3369-51E2-4161-AC71-5A9A8BDEB04C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C5562A40-6E66-4E08-999B-33863DA6D35B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0EC4F455-C43C-4EDC-BBA4-477FFB0C394B}] => (Allow) D:\Program files\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{F7E957E2-2F4D-4A09-9EAC-9752E0130E19}] => (Allow) D:\Program files\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{5EFA038D-8FB0-42DC-9341-8ED1A7F1E81D}] => (Allow) D:\Program files\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{E4168DB8-CAA6-4308-B783-206160332542}] => (Allow) D:\Program files\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{864B366C-14AA-4451-91CE-40193752BC75}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{4C5706C5-5478-4DDE-9A3A-0ACB11FBCBB4}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{E399E5ED-8720-4B2D-B9C9-2A2CFE30A96D}] => (Allow) D:\Program files\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{88AC620C-BB9F-4D69-AB86-0EA849765C2A}] => (Allow) D:\Program files\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0C7E3556-14D2-49A8-BAD9-8A56F10DB80D}] => (Allow) D:\Program files\steamapps\common\Sniper Elite 4\Launcher\SniperElite4.exe
FirewallRules: [{11E3452F-53BE-43EE-A13F-364B43CBF82B}] => (Allow) D:\Program files\steamapps\common\Sniper Elite 4\Launcher\SniperElite4.exe
FirewallRules: [{696CF8EE-243A-4B29-8657-99B7267E9906}] => (Allow) D:\Program files\steamapps\common\theHunterCotW\theHunterCotW_F.exe
FirewallRules: [{C8C8AD90-BD79-4821-9774-0DF1D40D4B23}] => (Allow) D:\Program files\steamapps\common\theHunterCotW\theHunterCotW_F.exe
FirewallRules: [{5A3551B9-0919-4339-AD39-89A9B97A43F4}] => (Allow) D:\Program files\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{04BB63DD-0624-4EB8-A9AD-50D6520FE9B0}] => (Allow) D:\Program files\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{7AD98C26-DDB7-44CA-9D44-51056534E851}] => (Allow) D:\Program files\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{E0AD659F-E8FD-40D2-8E61-B777EF89637F}] => (Allow) D:\Program files\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{D6A9753C-5011-43B9-A281-AF7F188FFCD0}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{0588AD4D-5332-4417-8A0B-75941BC9CED7}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{60BC8BD5-FF50-4904-A1C9-C95D468AAE5F}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{F105A9AA-065B-44D5-ADA5-FEB3196D63AE}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{DD0D1CBC-3203-46C5-AB3A-50FB7B99A45E}] => (Allow) D:\Program files\steamapps\common\Tempest\Tempest.exe
FirewallRules: [{116A9BD1-BA75-41A2-BDCB-05F3C4AD6F4C}] => (Allow) D:\Program files\steamapps\common\Tempest\Tempest.exe
FirewallRules: [{3C2FECAE-E812-4474-A84B-C1D3E53B3D7E}] => (Allow) D:\Program files\steamapps\common\DDDA\DDDA.exe
FirewallRules: [{8B27B540-EF58-4AD4-B89A-FE622682AB36}] => (Allow) D:\Program files\steamapps\common\DDDA\DDDA.exe
FirewallRules: [{89B2C9EE-E5ED-4B2C-8342-21F9EEB1B625}] => (Allow) D:\Program files\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{FC661F53-7DCD-41FD-AC7C-A8FA5B5AC58A}] => (Allow) D:\Program files\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [UDP Query User{200DF08E-634F-47E1-9A51-26937D210B3D}D:\program files\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{C038825F-41EC-488F-979C-42F941FA2493}D:\program files\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{E0B46D7E-383D-4CBB-B8A7-E8E256A60A18}] => (Allow) D:\Program files\Origin Games\Medal of Honor Warfighter\MOHW.exe
FirewallRules: [{F091D8A2-36DB-4851-B695-B5E722E52F54}] => (Allow) D:\Program files\Origin Games\Medal of Honor Warfighter\MOHW.exe
FirewallRules: [UDP Query User{CB2CB62E-13AE-48E8-9F39-56ACA714977F}D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [TCP Query User{10F57AEE-13A8-48C7-93EA-BB757C90835E}D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{F016F7A8-E487-468C-AAD4-A82E569ADE1D}D:\vpn unlimited\vpn-unlimited.exe] => (Allow) D:\vpn unlimited\vpn-unlimited.exe
FirewallRules: [TCP Query User{6E42EF95-1993-4A4D-9F0B-18560A2A0F82}D:\vpn unlimited\vpn-unlimited.exe] => (Allow) D:\vpn unlimited\vpn-unlimited.exe
FirewallRules: [UDP Query User{61731F6C-BEA4-430F-90E7-BE1D1E280A41}D:\program files\steamapps\common\hunted\binaries\win32\p4dftre.dll] => (Allow) D:\program files\steamapps\common\hunted\binaries\win32\p4dftre.dll
FirewallRules: [TCP Query User{8226B348-18CC-4106-BED9-D92B69A0E267}D:\program files\steamapps\common\hunted\binaries\win32\p4dftre.dll] => (Allow) D:\program files\steamapps\common\hunted\binaries\win32\p4dftre.dll
FirewallRules: [UDP Query User{F09ACD80-8E99-4B9E-B93E-63DC46EF1514}D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{DA2E4589-0DE0-4541-9B7F-26F68533F8BE}D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{3B4A5DCE-B29D-4073-AB00-264ABE322B94}] => (Allow) D:\Program files\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{9C9C36A1-CC3E-41CF-9198-5E2A7EA97C52}] => (Allow) D:\Program files\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [UDP Query User{FD073BB4-729B-4D4E-A483-846D7B7DB68A}D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [TCP Query User{D2015385-E98B-4F92-854D-ED10B6691AA8}D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{A8AE1D36-F96C-4109-A805-F37912D10E38}D:\program files\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{B80FF2FE-5868-4DA3-828F-6EC47B4ADBD4}D:\program files\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files\origin games\battlefield 4\bf4.exe
FirewallRules: [{80849946-6B5A-492F-B221-8CB63AB62D16}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{93FAB6C6-AC1D-46DA-9680-0F3AFA9BA785}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{11FC38C8-5142-4F8D-B3E0-B2CDE5D9242D}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{A65C848A-80F5-48AD-A652-7C703A4D4E4A}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{C78CD944-7FBB-4F6B-ADA7-3C802B8D5178}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C68BA6C8-4B82-4B9E-A4F9-476A7A4867AA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6725DCE9-F3B5-47B9-BD38-A64C44A84558}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F7B367E5-1F07-47D1-AA4F-C522A91B5706}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4482C4B2-DC22-41E6-80DC-CB1BC418579B}] => (Allow) D:\Program files\steamapps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{1A2AC4CB-72E4-4A8F-BE0E-861F422F3D78}] => (Allow) D:\Program files\steamapps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{4C298886-6A11-4999-9AFF-A49BCF6AB9D9}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{ADED800B-BE01-426B-BC12-4134861D1208}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{D648DD03-5B4B-4174-BB5C-E7C9D2578660}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{CAAFD88E-03F5-4BED-B924-4C7AB787BCA5}] => (Allow) D:\Program files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{5C709344-21AA-4E2B-B2FD-F5E71DF66091}] => (Allow) D:\Program files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E4D99CE7-D2E7-445D-A512-1F6E99381B58}] => (Allow) D:\Program files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DA5BFDB0-B967-4471-925F-F3193A48BF98}] => (Allow) D:\Program files\steamapps\common\Universe Sandbox 2\Universe Sandbox VR.exe
FirewallRules: [{850147A0-5718-4E39-91D6-88D4BFBAF46C}] => (Allow) D:\Program files\steamapps\common\Universe Sandbox 2\Universe Sandbox VR.exe
FirewallRules: [{114BE306-3A2A-46A1-806D-7135C3F61E63}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{211E804F-20BE-48AA-9566-EFF684F2A6FE}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{07B4F742-30BB-4271-AA22-33462A4F5A4D}] => (Allow) D:\Program files\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{CA643005-97CB-417F-927B-1969F0E2EFC7}] => (Allow) D:\Program files\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [UDP Query User{B968EE69-5B9B-491E-8884-F40232A88ED4}D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{681D7342-4B53-40C1-831E-0DA842BE6403}D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{8C6D52CE-11DD-4D45-B45D-C997F7F7636A}] => (Allow) D:\Program files\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{C0051B3C-A8BE-41FB-8548-91B7F2354AA9}] => (Allow) D:\Program files\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{936553AE-6343-41D5-9044-319938AC1B96}] => (Allow) D:\Program files\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{D1A37568-2025-4870-AC2C-EC5AECA5EE8D}] => (Allow) D:\Program files\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{8CA50BEA-F814-48FA-9F4E-DAF35F643311}] => (Allow) D:\Program files\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5C3E9600-26D0-4A2F-9D31-D3D3FA39F6D6}] => (Allow) D:\Program files\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{4860A63F-CCEB-45E5-97E3-459E0F44AB7F}] => (Allow) D:\Program files\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{698D092B-4F96-4579-8103-E420677DC68C}] => (Allow) D:\Program files\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{941FEBC4-E9F4-4DCD-AFBE-1B28507D72C9}] => (Allow) D:\Program files\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{D3453482-BA48-408D-BC08-C02C2E64B5A1}] => (Allow) D:\Program files\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{FFF1E4CF-6845-4101-9E34-329C66647957}] => (Allow) D:\Program files\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{D709F790-5333-46D7-8CC7-85E44CB69CDE}] => (Allow) D:\Program files\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{98EED11F-5516-4147-B997-A9ED6F33E1CA}] => (Allow) D:\Program files\steamapps\common\Dead Space\Dead Space.exe
FirewallRules: [{6E2E0A7E-258D-42AC-8C5A-350F50EFF30C}] => (Allow) D:\Program files\steamapps\common\Dead Space\Dead Space.exe
FirewallRules: [{86E351DB-5849-440B-B88B-E711B852CDC5}] => (Allow) D:\Program files\steamapps\common\Crysis Warhead\Bin32\Crysis.exe
FirewallRules: [{79B11F4F-5500-4A33-AF84-7592D4FB1946}] => (Allow) D:\Program files\steamapps\common\Crysis Warhead\Bin32\Crysis.exe
FirewallRules: [{18AC9262-31BF-4EF3-8B6C-126028B00A6C}] => (Allow) D:\Program files\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{5C4A0FFC-1B01-4A68-B1E8-33F5AA7FAEBC}] => (Allow) D:\Program files\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{55675F44-7665-4FFF-872B-10AAC7040B7F}] => (Allow) D:\Program files\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{B0C384ED-2B9C-4551-BBB7-4C7E7783EF1E}] => (Allow) D:\Program files\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{038627A1-B150-45CF-BD01-FF9BE7B5FCFA}] => (Allow) D:\Program files\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{C5AE46F3-3BA1-412A-A36E-4A9B73EA449D}] => (Allow) D:\Program files\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{3F6D13E5-887E-4CCD-8CBB-A47F6E9F5D21}] => (Allow) D:\Program files\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{E5C218D5-85DD-4C50-A7CA-11E199446843}] => (Allow) D:\Program files\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{1349887C-FAB4-41BE-A20F-7786D1732AFA}] => (Allow) D:\Program files\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{8DB8DB28-209F-4D17-BD69-15CE73495A7E}] => (Allow) D:\Program files\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{13F3FB45-1F5F-47A4-98BE-239A23CD344B}] => (Allow) D:\Program files\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{91F3B93C-251B-4D53-B344-A7025DC0FDAC}] => (Allow) D:\Program files\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{9642E6DE-FCAA-4F2D-B356-0B18E311E925}] => (Allow) D:\Program files\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{F9D2C055-6380-47C0-81DE-F633A370585A}] => (Allow) D:\Program files\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{43B7BF8F-FC3E-451A-B6AA-5C96B9C0C051}] => (Allow) D:\Program files\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{A8AE1EF9-9F41-4825-87CF-8B8CCD761FE8}] => (Allow) D:\Program files\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{8983D1FE-8326-45DD-9145-EE879743EAFE}] => (Allow) D:\Program files\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{948047E1-DC79-40CC-B840-89D46DD03FF2}] => (Allow) D:\Program files\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{4155C64B-7043-498C-9444-A97CE129F158}] => (Allow) D:\Program files\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{EB6D3C8F-47CA-40CD-AF09-6B00002D98ED}] => (Allow) D:\Program files\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{589A13CA-FD8C-4552-B8E5-397BEF5189E4}] => (Allow) D:\Program files\steamapps\common\Call of Duty 2\CoD2MP_s.exe
FirewallRules: [{BBAAB2CC-1B40-40B9-9954-946B435DCE57}] => (Allow) D:\Program files\steamapps\common\Call of Duty 2\CoD2MP_s.exe
FirewallRules: [{167372F8-51A6-4D95-9082-55DF135770FB}] => (Allow) D:\Program files\steamapps\common\Call of Duty 2\CoD2SP_s.exe
FirewallRules: [{5C5FBA4B-8149-4335-A0D6-DBFA9DB52BBE}] => (Allow) D:\Program files\steamapps\common\Call of Duty 2\CoD2SP_s.exe
FirewallRules: [{913774B4-E2B3-45A0-AC67-C91793801464}] => (Allow) D:\Program files\steamapps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{64621427-9B99-4D4E-9A5A-0202F6BB76BC}] => (Allow) D:\Program files\steamapps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{37F1B702-CEC0-4F86-8E70-40411578E8E2}] => (Allow) D:\Program files\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{349AC164-4DB2-48AF-8697-F5F5B959DE3B}] => (Allow) D:\Program files\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{A984A8AC-8948-42A6-A25F-7730C08EE4DC}] => (Allow) D:\Program files\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{67E9C678-585D-4A0B-A8DE-732848954A23}] => (Allow) D:\Program files\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{98C29A63-0472-496B-8AAD-584E48716BAA}] => (Allow) D:\Program files\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{D10EA609-761C-4A44-9393-D0A96CC120CB}] => (Allow) D:\Program files\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{E1BDE1D1-65AD-4614-97C8-C9B461AF583C}] => (Allow) D:\Program files\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{63D211AC-CD01-4102-B761-29FF8CC8F377}] => (Allow) D:\Program files\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{32565F91-B29F-46E9-9B71-B0BD8853A07A}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{1A5FE69E-9A48-4AF6-90BC-C1CCC15C64C5}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{6574CC47-D1C2-4BF8-BC6D-BA23199BC660}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{BBC3C4BB-6076-4799-A3ED-2E3FDCE0F426}] => (Allow) D:\Program files\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{42A13497-7305-448D-9E78-E80CAB8C5B32}] => (Allow) D:\Program files\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{7A18FBED-735D-4910-B021-EBAD5CD78038}] => (Allow) D:\Program files\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{8EC731E4-2B3F-469F-A622-43579E4A51BF}] => (Allow) D:\Program files\steamapps\common\RebelGalaxy\SteamLauncher.exe
FirewallRules: [{290FC246-D8BD-4682-9213-B4FD851304F8}] => (Allow) D:\Program files\steamapps\common\RebelGalaxy\SteamLauncher.exe
FirewallRules: [{DF9C372D-3A92-4ABB-B6F6-0A3F6E3870ED}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{144AED82-6AB1-4278-8837-809E754DFC2E}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{3A56C89C-21C2-479B-954C-A9FA623BA664}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{41BE2A52-9016-4C3E-9488-26A7D0A73031}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{C1813300-2FFC-466F-9F41-5B00CCD7200A}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{3E53BA7B-0817-4EDC-ACE0-84C8B18DA619}] => (Allow) D:\Program files\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{69761619-5B0D-43E0-888B-335B65BCA9B4}] => (Allow) D:\Program files\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{F13BD89F-6EA8-44DC-9C75-4802DD1BD87E}] => (Allow) D:\Program files\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{FE0F170B-49CD-4F65-9ED4-2F84660260D4}] => (Allow) D:\Program files\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{B3ACF2E5-4047-4D16-8236-04BA5B1F85BF}] => (Allow) D:\Program files\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{05FDB988-5C80-4668-91DC-64074466305B}] => (Allow) D:\Program files\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{75B12E55-64B6-4954-A0BD-D15B5059AC22}] => (Allow) D:\Program files\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{266BCB87-7489-4714-9C79-D4B4A69D3785}] => (Allow) D:\Program files\game.dat
FirewallRules: [{45AB811A-CC2A-4EE1-B544-32C46BD85CD8}] => (Allow) D:\Program files\game.dat
FirewallRules: [{36404B2A-74B2-4DC3-ACB5-D075C95D847D}] => (Allow) D:\Program files\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{66D6BBEB-2E17-46DB-975F-F7E683C70BB1}] => (Allow) D:\Program files\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{7FB4A5B4-1F95-4513-B883-A014D18FD627}] => (Allow) D:\Program files\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{B9494609-EDEC-46C0-822D-80449BB03F40}] => (Allow) D:\Program files\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{95825D22-366A-42EC-8A03-E8E51653C5A1}] => (Allow) D:\Program files\steamapps\common\Enemy Front\Bin32\DedicatedServer.exe
FirewallRules: [{95659016-6D08-4FCB-8536-5E1B5238A778}] => (Allow) D:\Program files\steamapps\common\Enemy Front\Bin32\DedicatedServer.exe
FirewallRules: [{6E090893-2227-48CF-B39F-9650BF0BBE9A}] => (Allow) D:\Program files\steamapps\common\Enemy Front\Bin32\EnemyFront.exe
FirewallRules: [{A721A48D-E2A0-4332-BD6F-71B40BCAE030}] => (Allow) D:\Program files\steamapps\common\Enemy Front\Bin32\EnemyFront.exe
FirewallRules: [{B3F2ABDB-B753-4464-9A06-CFF6DA59540D}] => (Allow) D:\Program files\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{F09D713C-2976-4111-9779-4216E5AE6835}] => (Allow) D:\Program files\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{7FE570F2-9F5D-4028-99FC-765ED063BE3D}] => (Allow) LPort=1900
FirewallRules: [{8FB03CE2-59EC-4F9C-9624-AD7A22D86528}] => (Allow) LPort=2869
FirewallRules: [{59D7E2A8-977E-4163-9BCD-7906CD7BA769}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BFF1FB30-2FA8-448A-ACBC-1AD2BDA5DA4D}] => (Allow) D:\Program files\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{1C59BE2D-5CD8-4F51-8301-42BF93078293}] => (Allow) D:\Program files\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{0E32066F-A538-427D-BAC5-5656602055D6}] => (Allow) D:\Program files\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{49A2A638-CCA7-4951-8A9F-0C4673FA04F9}] => (Allow) D:\Program files\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{3CAA67B6-6713-41C2-BC35-C4D646C16EAE}] => (Allow) D:\Program files\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{EC9D8A4B-3587-47E3-A8A9-99DE8A0D6A8F}] => (Allow) D:\Program files\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{13C535F8-8D8C-4F7E-B395-B4F062AB2AC9}] => (Allow) D:\Program files\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{1C3651B1-B52A-4A7C-B0A7-AED2EBE7ECC6}] => (Allow) D:\Program files\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{2F341DCC-D3E5-4B87-93C6-0A2E699FCCC3}] => (Allow) D:\Program files\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2A37B3B0-AD4C-4DFE-907B-80488CB8860D}] => (Allow) D:\Program files\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{BF46C409-FAB8-4D88-8F6D-688C394ADDDA}] => (Allow) D:\Program files\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{D969849C-DEDE-4B77-83C9-C0FE85B2F81F}] => (Allow) D:\Program files\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{7E564701-9B05-470E-8B88-FB638891FA49}] => (Allow) D:\Program files\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{B48F4628-E52A-4BAB-BE63-5E19A7D2AB95}] => (Allow) D:\Program files\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{2FE4BD59-7504-4FF4-8CA7-6B34E237C0B0}] => (Allow) D:\Program files\steamapps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{DDB443F3-35EE-4EBA-BDD0-F4B8F75CF25C}] => (Allow) D:\Program files\steamapps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{348B96AD-0F48-4DEB-B994-1BC6B5DA697C}] => (Allow) D:\Program files\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{6BA83878-7C26-4060-BF7E-D7EE72140609}] => (Allow) D:\Program files\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{60A18A7E-DB2A-43F2-9038-10B1F0817548}] => (Allow) D:\Program files\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{EB179371-9C1D-4D45-9997-195E41FE8601}] => (Allow) D:\Program files\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{A502A7FE-97D9-47F3-93F0-0D5BFABFFDF4}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B1321AF2-F307-4270-BC8E-1288AAC09FE4}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{3D515C28-990C-43F4-8FF5-B048F4B8DD2C}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{3D0EC9AA-17F5-463A-AC38-FA7BA86BE745}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{8D45F3E9-D3C9-4FAA-9990-DE0C941D4411}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A1497F58-AF8E-4A09-A943-3D6CCBBF9731}] => (Allow) C:\Users\lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{70B1050B-F539-4514-8FF3-6B015948DFA5}] => (Allow) D:\Program files\steamapps\common\Way of the Samurai 4\WayOfTheSamurai4.exe
FirewallRules: [{F218DF99-EC27-47A7-BD4D-C31099EFF0D1}] => (Allow) D:\Program files\steamapps\common\Way of the Samurai 4\WayOfTheSamurai4.exe
FirewallRules: [{10E23352-5C18-4974-A6C5-1353DA1CA1C7}] => (Allow) D:\Program files\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{FB95AD7A-9152-4E2F-9A37-877A7B642E66}] => (Allow) D:\Program files\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{9C7286F1-D7F1-4967-B334-10FF2FB05A4B}] => (Allow) D:\Program files\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{88A04E79-8263-49BE-9145-CAF433CA3BA4}] => (Allow) D:\Program files\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{FCA13A55-4F23-4BDB-A4F9-6E83E2D5C8FE}] => (Allow) D:\Program files\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{F1ECA28A-A9ED-48EE-A850-C06B6A8CFBE5}] => (Allow) D:\Program files\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{F9FF208D-07E0-4FE0-8F76-8FFFB0C53134}] => (Allow) D:\Program files\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{E34D0FA6-DDC1-477E-95EA-D44711ECDF3A}] => (Allow) D:\Program files\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{E4E39F9C-1641-4E6F-BAC5-CCC423C0D5DE}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoPortal\Lenovo.Portal.exe
FirewallRules: [{BBB309AA-BE13-4957-8A35-9C2416DD2E08}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{FE2516CE-AAEE-48ED-B6AB-7787550FCCD8}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{994389D0-B1A9-4D3E-96BC-1B41D0445A5D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{96B18693-74CF-457C-B9FB-7998995857DD}] => (Allow) D:\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{E23527BB-E329-474B-AEF0-4C0790A570C0}] => (Allow) D:\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{D2716C78-623D-4280-BCB7-0F75745353BF}] => (Allow) D:\VPN Unlimited\openvpn.exe
FirewallRules: [{144880FE-E307-4F80-9F06-92A63D2BE050}] => (Allow) D:\VPN Unlimited\openvpn.exe
FirewallRules: [{7819589E-5AC9-4A30-9FD5-2D0737C7B630}] => (Allow) D:\Program files\Steam.exe
FirewallRules: [{1B589443-8CA6-4405-8D7C-6AA40448D627}] => (Allow) D:\Program files\Steam.exe
FirewallRules: [{AFCFA2B5-627A-4AE2-8C7E-530D53DB4FE9}] => (Allow) D:\Program files\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{DBBADC7F-9E62-4FF4-9BB0-2CA1C744D34A}] => (Allow) D:\Program files\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{2557AA0D-6252-4BD0-ABC8-3500658B9FA4}] => (Allow) D:\Program files\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{640CB8F2-F196-4CDD-9BBD-D8977192E937}] => (Allow) D:\Program files\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [TCP Query User{8DBC766D-A068-4832-BC25-6F449C86B0F4}D:\program files\steamapps\common\watch_dogs\bin\watch_dogs.exe] => (Allow) D:\program files\steamapps\common\watch_dogs\bin\watch_dogs.exe
FirewallRules: [UDP Query User{3E634D2B-0500-4802-99A8-E350B5F8BFED}D:\program files\steamapps\common\watch_dogs\bin\watch_dogs.exe] => (Allow) D:\program files\steamapps\common\watch_dogs\bin\watch_dogs.exe
FirewallRules: [{B315C3CE-2CE5-4B18-88E6-F6A50CC5B92F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{6136AE92-8AB9-4A1A-933D-F195043DE3E9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{4190B3F8-5B23-4AEF-8737-69D92BE0BBBE}D:\program files\steamapps\common\everspace\rsg\binaries\win64\rsg-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\everspace\rsg\binaries\win64\rsg-win64-shipping.exe
FirewallRules: [UDP Query User{6141709E-30EB-4DFB-A128-9568929E87FC}D:\program files\steamapps\common\everspace\rsg\binaries\win64\rsg-win64-shipping.exe] => (Allow) D:\program files\steamapps\common\everspace\rsg\binaries\win64\rsg-win64-shipping.exe
FirewallRules: [{626D57D2-B100-497C-86B3-0E414217DCD8}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{86893811-4E11-49D0-AC45-CA01ACE0BB4D}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [TCP Query User{505245C3-5B1B-4C9A-8BF7-96632554E399}D:\program files\steamapps\common\total war attila\attila.exe] => (Allow) D:\program files\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{1896D86E-E526-4E12-AFB1-5AD515BB980A}D:\program files\steamapps\common\total war attila\attila.exe] => (Allow) D:\program files\steamapps\common\total war attila\attila.exe
FirewallRules: [TCP Query User{EB4F8B10-19E3-4896-B894-02B714C7A4FE}D:\program files\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\program files\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe
FirewallRules: [UDP Query User{15647856-F7B7-40D6-97CE-5A65E2C66149}D:\program files\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\program files\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe
FirewallRules: [TCP Query User{7546D98D-84BE-4AD0-B42A-A5F5AEAC5169}D:\program files\steamapps\common\far cry primal\bin\fcprimal.exe] => (Allow) D:\program files\steamapps\common\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{F0D282C2-6C6A-4F24-A13A-01BD2D6D4DDD}D:\program files\steamapps\common\far cry primal\bin\fcprimal.exe] => (Allow) D:\program files\steamapps\common\far cry primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{63CBDBF6-B872-41F6-BC6A-01EAFF421B38}D:\program files\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\program files\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{B7647EDB-6064-460C-AE1E-A5E377ABCE1A}D:\program files\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\program files\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{4D9811DA-048B-458E-B313-867F6AAEE1FD}] => (Allow) D:\Program files\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{726D8F26-D93A-4140-87EB-E79E30CF1525}] => (Allow) D:\Program files\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{17A04860-7428-48FE-B5BA-006C2A0BD58C}] => (Allow) D:\Program files\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{E06E528A-A6C5-4975-8307-5021B4C81A02}] => (Allow) D:\Program files\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{02210263-9ADE-4630-AE26-7A8FB9B70F07}] => (Allow) D:\Program files\steamapps\common\Starpoint Gemini Warlords\GameLauncher.exe
FirewallRules: [{FDDF1D4A-6613-4656-A03B-FC527053F24F}] => (Allow) D:\Program files\steamapps\common\Starpoint Gemini Warlords\GameLauncher.exe
FirewallRules: [{54CF00E0-EEC4-4C4C-9AC5-BAFEAA5057F9}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{E8902CCE-E9F2-4E98-8E1B-8BB90B89FCBD}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{DEB55AF3-B3CF-40EB-A72F-CB94E841E99A}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{EB300AF2-214B-4C08-8547-084E21987307}] => (Allow) D:\Program files\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{56D99966-12CA-4F88-B4FF-07C85B323355}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{4C1C8E3D-BCC3-4F1E-96EE-8D06DC3CF9C4}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{F0725BA7-454C-486C-824E-CCAEA4C927AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0F1DB09B-5B22-4381-864F-57CA344952B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{31D426C0-CDC1-45BF-B82E-3EECF8953A59}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{38C30541-8C58-4515-9DB9-1502B3A2D19C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BCA0E7F3-6D9D-411A-A2A8-1262D35A9132}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E6B23DF4-0A5E-4551-AB5E-5ED5DE5983FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{42627B10-F584-4006-8BD5-D53853B79057}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D8837275-CE07-4CB1-A02E-5DB360B7C8F6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B4151755-2437-4F20-A7D7-E5CC9D46C91E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{90E9C1C9-CB7E-459E-980C-275A5B40D62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{CA364A99-567C-4C72-A30C-5CB60D030C6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8FB9D851-10FC-40BB-B1A7-2F013C8082A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D6B00D30-0BE4-4834-8D8D-64D27FE95C97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{68E84F29-279F-4E29-8A83-117A6517DA4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A4287A2D-745F-485F-8572-E18843DB341A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0AB7CCA9-2ECC-4935-B35D-1A016AC6D3DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FCBFEBC8-4D8D-422F-824C-F724EF2CB194}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9FCF7046-FAD2-4749-8112-4A20E40A8A50}] => (Allow) C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Temp\HouseCall\tmase\nmap\bonjour.exe
FirewallRules: [{6F6E666F-FB98-4534-A35E-0948EB193009}] => (Allow) D:\Program files\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{77BCBDDE-4021-4EF9-8FAD-2522D4AD4FF2}] => (Allow) D:\Program files\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{04CC92E1-36F0-48AA-82BA-352813EEDB55}] => (Allow) D:\Program files\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{42485088-8F7B-4949-AB35-07FD8EBFB2EE}] => (Allow) D:\Program files\Origin Games\Battlefield 1\bf1.exe
 
==================== Restore Points =========================
 
03-04-2018 09:43:01 Removed Cybereason RansomFree 2.2.3.0
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/02/2018 07:24:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.16299.248 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 184c
 
Start Time: 01d3ca7cf4f53403
 
Termination Time: 0
 
Application Path: C:\Windows\explorer.exe
 
Report Id: 5022bec1-8482-46d1-8f06-891cd4a9f13e
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (04/02/2018 06:45:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.16299.248 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: d8c
 
Start Time: 01d3ca7755e5fa39
 
Termination Time: 0
 
Application Path: C:\Windows\explorer.exe
 
Report Id: 93cc74e7-537d-4d18-aa15-0bc8765b0507
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (04/02/2018 06:40:25 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
 
Error: (04/02/2018 06:40:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (04/02/2018 03:43:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x8007001f, A device attached to the system is not functioning.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (04/02/2018 09:33:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Origin.exe, version: 10.5.15.44004, time stamp: 0x5aafed47
Faulting module name: Qt5WebEngineCore.dll, version: 5.8.0.0, time stamp: 0x5a30a1e8
Exception code: 0x80000003
Fault offset: 0x01f76c03
Faulting process id: 0xd88
Faulting application start time: 0x01d3ca2ae4dc0afe
Faulting application path: C:\Program Files (x86)\Origin\Origin.exe
Faulting module path: C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
Report Id: 4c6a01f3-4e25-430a-a8ab-415bfa01f03d
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/01/2018 06:55:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FbService.exe, version: 3.0.0.1, time stamp: 0x5591024d
Faulting module name: ntdll.dll, version: 10.0.16299.248, time stamp: 0xeffc9126
Exception code: 0xc0000374
Fault offset: 0x00000000000f87bb
Faulting process id: 0xdac
Faulting application start time: 0x01d3c9b04d2bc41b
Faulting application path: C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: e011662e-10f9-4a01-9ade-9d00e951f089
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/01/2018 09:21:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Origin.exe, version: 10.5.15.44004, time stamp: 0x5aafed47
Faulting module name: Qt5WebEngineCore.dll, version: 5.8.0.0, time stamp: 0x5a30a1e8
Exception code: 0x80000003
Fault offset: 0x01f76c03
Faulting process id: 0x2de0
Faulting application start time: 0x01d3c96011851058
Faulting application path: C:\Program Files (x86)\Origin\Origin.exe
Faulting module path: C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
Report Id: f83bd393-bad4-4386-905b-61cf27a18ba5
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (04/03/2018 09:31:37 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OKN7NQ)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-0OKN7NQ\lauri SID (S-1-5-21-584912067-1683141588-1664888071-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/03/2018 07:34:14 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OKN7NQ)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-0OKN7NQ\lauri SID (S-1-5-21-584912067-1683141588-1664888071-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/02/2018 08:36:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (04/02/2018 08:36:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Error: (04/02/2018 08:35:42 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (04/02/2018 08:35:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:59:45 PM on ‎4/‎2/‎2018 was unexpected.
 
Error: (04/02/2018 07:24:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.
 
Error: (04/02/2018 07:20:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 46%
Total physical RAM: 16322.39 MB
Available physical RAM: 8769.52 MB
Total Virtual: 18754.39 MB
Available Virtual: 10558.1 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:100 GB) (Free:19.22 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: () (Fixed) (Total:1731.17 GB) (Free:94.89 GB) NTFS
 
\\?\Volume{fff78e2c-dc23-414b-97fe-32265f25bb56}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
\\?\Volume{5b962e74-9e20-4de6-804c-f194399fb23e}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.59 GB) NTFS
\\?\Volume{b73deac6-68e0-4c5c-891e-48cd55b18e86}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:17.48 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 73CA0AEC)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 
My PC seems to be running ok apart from the inability to use Origin or play online games, but as I said earlier I don't know if this is the PC or the connection....


#12 zyphodb

zyphodb
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 02 April 2018 - 10:25 PM

Sorry you have got the addition file twice in the last post...



#13 RayS

RayS

  • Malware Response Team
  • 2,433 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:05 PM

Posted 05 April 2018 - 12:39 AM

Hi Z,


In my previous post I mentioned that you will not be allowed to enter safe mode if your machine is protected by a PIN. Although we don't need to use safe mode right now, this article will show you how to remove a PIN if that ever becomes necessary. We may need safe mode later. Of course, you will need to use your regular password when you perform the PIN removal process.


I uninstalled Avira again but it still came back on reboot so I went into C/programme files, found it & deleted the folder after switching it off in task manager, it seems to be permanently gone now.
You originally had two entries for Avira in your installed programs listing. One was hidden. You removed the one in plain view. Part of the script I am supplying below will un-hide the second listing. Use Control Panel as you did before to remove this second entry.


Consider the following:
  • No infection was found.
  • All your browsers work at least some of the time.
  • The Origin app worked normally before we made any changes to the system and it has worked intermittently again after our changes.
  • Origin is no longer crashing. The problem is that it now is timing out.
  • You are still able to play games using Steam although even that platform is intermittent.

You originally asked whether the symptoms you were experiencing were caused by an infection. The answer is no. I think your major problem is a weak internet connection. At certain times of day when other users are active or under inclement weather conditions, the quality of your connection will vary. Run a speed test of your Internet Service Provider (ISP) several times and send me a sampling of results.



Overview
  • Consider my warning about peer-to-peer file sharing.
  • Run FRST script.
  • Uninstall the revealed version of Avira.
  • Run Speed Test several times and send me a sampling of your results.
  • Run online scan with ESET.


Peer-to-Peer File Sharing Warning

Going over your logs, I noticed that you had BitTorrent installed. Please consider the following: 
  • Avoid pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and trojans spread across P2P file sharing networks, gaming, and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.


See quietman7's warning about P2P here.

It is pretty much certain that if you continue to use P2P programs, you will get infected.
I strongly recommend that you refrain from using all peer-to-peer file sharing programs, however, that choice is up to you.




Run Farbar Recovery Scan Tool (FRST) in FIX mode

Save your work and exit all programs because Farbar Recovery Scan Tool may reboot your computer. 
  • Double-click on FRST64.exe to open the Farbar Recovery Scan Tool window.
  • Select the entire contents of the following code box including the Start:: and End:: directives.
  • Now press Ctrl+C to copy the contents into your clipboard.
Start::

CloseProcesses:
Avira (HKLM-x32\...\{DBA89A98-6FF1-4FE3-8147-69DD2C5DE889}) (Version: 1.2.108.24268 - Avira Operations GmbH & Co. KG) Hidden
Folder: C:\Users\lauri.DESKTOP-0OKN7NQ\AppData\Local\Google\Chrome\User Data\Default\Extensions
S2 Avira.ServiceHost; "C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe" [X]

End::
  • Click the Fix button in the Farbar Recovery Scan Tool window.
  • Wait until the program completes execution.
  • The tool will create a log called Fixlog.txt. Please post it into your reply.


NOTICE: This script was written specifically for this user to be used on this particular machine. Running this script on another machine may cause damage to your operating system.
 

 

 

Uninstall Avira

  • Look for Avira in Control Panel\All Control Panel Items\Programs and Features.
  • Uninstall Avira (the previously hidden version should now be visible).
  • After uninstall is complete, restart your PC.

 


Test performance of your Internet Service Provider (ISP)

  • Please use any browser to visit http://speedtest.net.in.
  • Wait for the site to find the best server in your area. Then click Start.
  • After the test is complete, scroll to the bottom of the page and copy the web address under the heading, Direct image link:.
  • Repeat this test at different times of day and (if possible) under different weather conditions.
  • Send me a representative sample of the web addresses of your test result images.


ESET Online Scanner
Note: This process may may take well over an hour. That is normal. 
  • Click this link to open ESET Online Scanner.
  • Click SCAN NOW.
  • esetonlinescanner_enu.exe will be downloaded to your PC. Take note of the folder to which it is downloaded.
  • Double-click on esetonlinescanner_enu.exe.
  • On the Terms of use page, click Accept.
  • Click Yes if you see a User Account Control prompt.
  • In the Computer scan settings window, tic the radio button next to Enable detection of potentially unwanted applications.
  • Then click Advanced settings, and make sure there is a checkmark next to the first four items as follows. (uncheck everything else):

Enable detection of potentially unsafe applications

Enable detection of potentially suspicious applications

Scan archives
Enable Anti-Stealth technology
  • Click Scan. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take over an hour.
  • After the scan completes, click Save to text file... (only if any threats are detected) Select your desktop and name the file ESET-Apr-04.txt. Click Save. Include the contents of this report in your next reply.
  • Click Do not clean.
  • Do not click Finish. Instead, click the X icon in the upper right corner of the ESET window.
  • On the next window, click Close.


In your next reply... 
  • Copy and paste the entire contents of Fixlog.txt into the body of your message.
  • Copy and paste web addresses of speed test results into the body of your message.
  • Copy and paste the entire contents of ESET-Apr-04.txt into the body of your message.
  • Tell me how your PC is running now. Any additional symptoms?


Thank you,

Ray

Edit Avira uninstall instructions.

 


Edited by RayS, 05 April 2018 - 12:50 AM.

I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#14 RayS

RayS

  • Malware Response Team
  • 2,433 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:05 PM

Posted 07 April 2018 - 10:45 PM

Hi Z,

3 Day Bump

It has been 3 days since my last post.

  • Do you still need help with this? If not, please let me know as soon as possible. Other people are requesting my help.
  • If you will be away for an extended period, please let me know in advance.
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Thank you,

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#15 zyphodb

zyphodb
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 08 April 2018 - 02:55 AM

Hi Ray,

               I'm sorry I haven't been in touch, I have been away from any internet signal until today, something still possible in Thailand sry I didn't inform you first.

 

1. Yes I'm aware of the dangers of using file sharing software, in my defense I only d/l movie or music files with it, and none of the additional files that may come in the torrent & don't seed the files. I have been doing this for 15 years or so without any problems.

 

2. I have tried the speed test but I don't think it'll work with my type of internet connection as mine it beamed from a 3g phone mast 4 km away, not regular broadband, at it's best it d/led at 850kb/sec according to steam or BitTorrent so I really don't think the speed test result is relevant.  anyway this is what it came up with:- 

http://speedtest.net.in/result/18021259 

 I do, however accept that my connection speed is causing the problems as it was never this slow before, & in my absence there are now 3 other masts with receivers  in the village which weren't there before, which I'm sure are degrading my connection speed. I will be back to my place of work before the end of the month however & am cancelling this connection before I leave.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users