Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Game accounts hacked & sluggish performance, possible malware


  • This topic is locked This topic is locked
2 replies to this topic

#1 smeyad

smeyad

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:35 PM

Posted 15 July 2018 - 06:06 AM

Hey,

 

My computer has been running slower for a while and turning on right after restarting (not sure if relevant, but online fixes weren't helping) and just recently, after returning from a vacation, I found a game account hacked and another sending me warning emails regarding failed logins. The game, Path of Exile, sends an email when a new IP attempts to access the account, so clearly my email is compromised too, although I can't find this verification email. I must assume I have some malware on my computer, as I'm not sure how else I would've been hacked. 

 

FRST Logs

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by Josh (administrator) on DESKTOP-43EO9A7 (15-07-2018 20:50:19)
Running from C:\Users\Josh\Downloads
Loaded Profiles: Josh (Available Profiles: Josh)
Platform: Windows 10 Pro Version 1803 17134.112 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(f.lux Software LLC) C:\Users\Josh\AppData\Local\FluxSoftware\Flux\flux.exe
(Discord Inc.) C:\Users\Josh\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Josh\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Josh\AppData\Local\Discord\app-0.0.301\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Discord Inc.) C:\Users\Josh\AppData\Local\Discord\app-0.0.301\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1805.1201.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822016 2016-06-02] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17987704 2017-10-20] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-11] (Elaborate Bytes AG)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3201312 2018-06-09] (Valve Corporation)
HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\Run: [Spotify] => C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe [21074320 2018-03-28] (Spotify Ltd)
HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\Run: [f.lux] => C:\Users\Josh\AppData\Local\FluxSoftware\Flux\flux.exe [1806344 2018-07-04] (f.lux Software LLC)
HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\Run: [Discord] => C:\Users\Josh\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\Run: [Spotify Web Helper] => C:\Users\Josh\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-03-28] (Spotify Ltd)
HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\RunOnce: [Uninstall 18.065.0329.0002\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Josh\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\amd64"
HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\RunOnce: [Uninstall 18.065.0329.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Josh\AppData\Local\Microsoft\OneDrive\18.065.0329.0002"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-05-17]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-12-22]
ShortcutTarget: Twitch.lnk -> C:\Users\Josh\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1 192.168.20.1
Tcpip\..\Interfaces\{63875516-a4d6-48ab-9000-9e722e55c51d}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{63875516-a4d6-48ab-9000-9e722e55c51d}: [DhcpNameServer] 192.168.20.1 192.168.20.1
Tcpip\..\Interfaces\{75e80a62-3d9f-4988-8a52-16433c50c74e}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{75e80a62-3d9f-4988-8a52-16433c50c74e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bed7d040-65b7-4b8e-acd7-92a07565c2be}: [DhcpNameServer] 192.168.20.1 192.168.20.1
Tcpip\..\Interfaces\{e710f1e5-7439-42a9-83ea-7f06fb9c371b}: [DhcpNameServer] 192.168.42.129
 
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-15] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-26] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-26] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-15] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-04-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com.au/"
CHR DefaultSearchKeyword: Default -> google.com.au_
CHR Profile: C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default [2018-07-15]
CHR Extension: (Slides) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-16]
CHR Extension: (YouTube) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-16]
CHR Extension: (Honey) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-07-15]
CHR Extension: (uBlock Origin) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-07-15]
CHR Extension: (Free Rider 3) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\efgciaombdjbpmepfcndmfidlklafhcc [2018-05-10]
CHR Extension: (Sheets) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-16]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2018-05-26]
CHR Extension: (Blue/Green Cubes) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\iipbjjaibkibpabddphfcgbngfhhfkml [2017-09-12]
CHR Extension: (Zhongwen: Chinese-English Dictionary) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmlkkjojmombglmlpbpapmhcaljjkde [2018-07-15]
CHR Extension: (MetaMask) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2018-06-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (4chan X) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohnjgmpcibpbafdlkimncjhflgedgpam [2018-07-15]
CHR Extension: (Gmail) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-16]
CHR Extension: (Chrome Media Router) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-16]
CHR Profile: C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-01-06]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-06-19] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8765104 2018-06-30] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-08] (EasyAntiCheat Ltd)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-20] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-11] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-05-31] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-05-31] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-29] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-02-11] (Advanced Micro Devices)
R3 DSoftAPRtlWlanu; C:\WINDOWS\System32\drivers\DSoftAPrtwlanu.sys [5608960 2016-11-11] (Realtek Semiconductor Corporation )
S3 ffusb2audio; C:\WINDOWS\system32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.)
R3 FocusriteUSB; C:\WINDOWS\System32\drivers\FocusriteUSB.sys [96424 2017-06-08] (Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBAudio; C:\WINDOWS\system32\drivers\FocusriteUSBAudio.sys [54440 2017-06-08] (Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [97960 2017-06-08] (Focusrite Audio Engineering Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-22] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-10-20] (Logitech Inc.)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-06-21] (Malwarebytes)
R1 MpKslc9658970; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2DF8339A-E215-4C85-9A72-FFF2D99552F7}\MpKslc9658970.sys [58120 2018-07-15] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [45928 2017-01-10] (SteelSeries ApS)
R0 Tpkd; C:\Windows\System32\Drivers\Tpkd.sys [103272 2009-05-21] (PACE Anti-Piracy, Inc.) [File not signed]
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-05-31] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313384 2018-05-31] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-05-31] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-15 20:50 - 2018-07-15 20:51 - 000020548 _____ C:\Users\Josh\Downloads\FRST.txt
2018-07-15 20:49 - 2018-07-15 20:50 - 000000000 ____D C:\FRST
2018-07-15 20:49 - 2018-07-15 20:49 - 000050477 _____ C:\Users\Josh\Downloads\Defogger.exe
2018-07-15 20:49 - 2018-07-15 20:49 - 000000000 _____ C:\Users\Josh\defogger_reenable
2018-07-15 20:48 - 2018-07-15 20:49 - 002412544 _____ (Farbar) C:\Users\Josh\Downloads\FRST64.exe
2018-07-15 15:56 - 2018-07-15 15:56 - 000000000 ___HD C:\Users\Public\Shared Files
2018-07-15 15:16 - 2018-07-15 15:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-07-15 14:22 - 2018-07-15 14:22 - 000000000 ____D C:\ProgramData\Packages
2018-07-15 13:51 - 2018-07-15 13:51 - 000002405 _____ C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-19 22:30 - 2018-06-19 22:31 - 091895728 _____ C:\Users\Josh\Downloads\Ace_Stream_Media_3.1.28.exe
2018-06-18 11:18 - 2018-06-18 11:19 - 000248122 _____ C:\Users\Josh\Documents\SHANGHAI CHINA VISA JOSH LANE.pdf
2018-06-18 11:17 - 2018-06-18 11:17 - 000293799 _____ C:\Users\Josh\Downloads\ETKT_LANE_JOSHUADAVIDMR_2573278510.pdf
2018-06-18 11:17 - 2018-06-18 11:17 - 000293799 _____ C:\Users\Josh\Documents\SHANGHAI PLANE BOOKING.pdf
2018-06-18 11:16 - 2018-06-18 11:17 - 000171486 _____ C:\Users\Josh\Documents\SHANGHAI AIRBNB BOOKING.pdf
2018-06-17 19:27 - 2018-06-19 16:28 - 000000543 _____ C:\Users\Josh\Desktop\POETRADE.txt
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-15 20:49 - 2018-05-18 12:40 - 000000000 ____D C:\Users\Josh
2018-07-15 20:35 - 2018-04-12 09:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-15 20:15 - 2016-07-17 19:05 - 000000000 ____D C:\Program Files (x86)\Steam
2018-07-15 19:04 - 2018-05-18 12:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-15 15:50 - 2017-08-24 23:29 - 000000000 ____D C:\Users\Josh\AppData\Local\UnrealEngine
2018-07-15 15:16 - 2018-04-14 15:35 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-07-15 15:16 - 2018-04-14 15:35 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-07-15 15:16 - 2018-04-14 15:35 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-07-15 15:16 - 2018-04-14 15:35 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-07-15 15:16 - 2018-04-14 15:35 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-07-15 15:16 - 2018-04-14 15:35 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-07-15 15:16 - 2018-04-14 15:35 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-07-15 15:16 - 2018-04-14 15:35 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-07-15 15:15 - 2018-04-14 15:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-15 14:25 - 2018-04-12 09:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-15 14:25 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-15 14:01 - 2016-07-16 22:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-15 13:57 - 2016-07-16 22:29 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-15 13:56 - 2016-07-16 19:57 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-07-15 13:54 - 2018-05-18 12:55 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-281870630-3262064009-3073167586-1001
2018-07-15 13:51 - 2016-07-16 19:48 - 000000000 ___RD C:\Users\Josh\OneDrive
2018-07-15 13:49 - 2017-09-07 19:28 - 000000000 ____D C:\Users\Josh\AppData\Local\Adobe
2018-07-15 13:45 - 2017-09-29 03:53 - 000002196 _____ C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2018-06-21 16:36 - 2018-05-18 12:51 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-21 16:36 - 2018-04-12 09:36 - 000000000 ____D C:\WINDOWS\INF
2018-06-21 16:29 - 2018-06-07 18:00 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-06-21 16:29 - 2018-05-18 12:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-21 02:06 - 2018-04-12 07:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-06-21 02:06 - 2017-08-06 06:52 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-06-20 09:54 - 2017-12-19 09:24 - 000000000 ____D C:\Users\Josh\AppData\Local\Packages
2018-06-19 18:14 - 2018-06-14 16:34 - 000000000 ____D C:\WINDOWS\Minidump
 
==================== Files in the root of some directories =======
 
2017-08-01 22:28 - 2017-06-02 22:28 - 000000032 _____ () C:\ProgramData\hash.dat
2017-02-05 17:55 - 2017-02-05 17:55 - 000000008 _____ () C:\Users\Josh\AppData\Roaming\00000602001520
2018-05-26 11:55 - 2018-05-26 14:21 - 000000600 _____ () C:\Users\Josh\AppData\Local\PUTTY.RND
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-18 12:36
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Josh (15-07-2018 20:51:42)
Running from C:\Users\Josh\Downloads
Windows 10 Pro Version 1803 17134.112 (X64) (2018-05-18 02:56:33)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-281870630-3262064009-3073167586-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-281870630-3262064009-3073167586-503 - Limited - Disabled)
Guest (S-1-5-21-281870630-3262064009-3073167586-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-281870630-3262064009-3073167586-1003 - Limited - Enabled)
Josh (S-1-5-21-281870630-3262064009-3073167586-1001 - Administrator - Enabled) => C:\Users\Josh
WDAGUtilityAccount (S-1-5-21-281870630-3262064009-3073167586-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
A3Launcher version 0.1.5.8 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.5.8 - Maca134)
AAS - Lounge Lizard EP-4 (HKLM-x32\...\Lounge Lizard EP-4) (Version:  - Applied Acoustics Systems)
Ableton Live 9 Suite (HKLM\...\{7597F2DC-003A-476E-9281-774AB112B7BE}) (Version: 9.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Akai Professional MPK Mini MkII Editor (HKLM-x32\...\MPKminiMkIIEditor) (Version:  - )
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
Antares Auto-Tune Evo VST (HKLM-x32\...\{FFF74EC9-1FF4-4456-99E3-4F05129F4FAB}) (Version: 6.00.0009 - Antares Audio Technologies)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Balsamiq Mockups 3 (HKLM-x32\...\{B007473B-FAFA-8BE6-6940-DADA1144C774}) (Version: 3.5.14 - Balsamiq SRL) Hidden
Balsamiq Mockups 3 (HKLM-x32\...\BalsamiqMockups3.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 3.5.14 - Balsamiq SRL)
Binance version 1.0.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.0.0 - Binance)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
Conquer Online 3.0 (HKLM-x32\...\{78B51FD5-DA3F-4B48-8F3F-4E4068F25D89}_is1) (Version:  - TQ Digital Entertainment Inc.)
Dauntless (HKLM\...\{03AFDFA7-7A23-41B1-AAC2-3898591127D3}) (Version: 1.00.0000 - Phoenix Labs)
Destiny 2 (HKLM-x32\...\Destiny 2) (Version:  - Blizzard Entertainment)
Dexed version 0.9.4 (HKLM\...\Dexed_is1) (Version: 0.9.4 - Digital Suburban)
Discord (HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DJ Intro version 1.3.0 (HKLM-x32\...\{36625871-9D4B-4046-A837-677974F51CAC}_is1) (Version: 1.3.0 - Serato Audio Research)
D-Link DWA-131 - V5.04b03 (HKLM-x32\...\{B7C11488-750D-4E48-A9A4-7207A335984D}) (Version: 5.00.0000 - D-Link)
Electrum (HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\Electrum) (Version: 3.0.3 - Electrum Technologies GmbH)
Epic Games Launcher (HKLM-x32\...\{8F89B0CF-8144-43EE-AB9F-B7F8F23D85FB}) (Version: 1.1.135.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON XP-400 Series Printer Uninstall (HKLM\...\EPSON XP-400 Series) (Version:  - SEIKO EPSON Corporation)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
f.lux (HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\Flux) (Version:  - f.lux Software LLC)
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
Focusrite USB 4.36.0.484 (HKLM\...\Focusrite USB_is1) (Version: 4.36.0.484 - Focusrite Audio Engineering Ltd.)
foobar2000 v1.3.17 (HKLM-x32\...\foobar2000) (Version: 1.3.17 - Peter Pawlowski)
Freemake YouTube To MP3 Boom (HKLM-x32\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.4 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.10 - PACE Anti-Piracy)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
KB4023057 (HKLM\...\{27C6D60B-CAD4-4C70-A1F2-299C731EA8F7}) (Version: 2.0.0.0 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{861927A3-8B12-4BF8-9F2A-7A4ED4C40096}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
LibreOffice 6.0.1.1 (HKLM\...\{ACF8A736-E677-4C40-AE44-761DACFD31D0}) (Version: 6.0.1.1 - The Document Foundation)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.10228.20104 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Namecoin Core (64-bit) (HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\Namecoin Core (64-bit)) (Version: 0.13.99 - Namecoin Core project)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
OPPO USB Drivers 2.2.6.0 (HKLM\...\{60092746-6A0F-46A9-B9F1-53B62EC0E0A4}_is1) (Version: 2.2.6.0 - OPPO mobile telecommunications Corp., LTD)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Path of Building version 1.4.53 (HKLM-x32\...\{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.4.53 - Openarl)
Pioneer DDJ_SB Driver (HKLM-x32\...\Pioneer DDJ_SB ASIO) (Version: 1.100.000.001 - Pioneer DJ Corporation.)
Popcorn-Time (HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Puzzle Pirates (HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\Puzzle Pirates) (Version:  - )
Python 3.5.2 (32-bit) (HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation)
Python 3.5.2 Core Interpreter (32-bit) (HKLM-x32\...\{EB0611B2-7F10-4D97-BCF2-DCAAB1199498}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Development Libraries (32-bit) (HKLM-x32\...\{5DB2183B-62D3-407F-BBC1-EAD2F36283FA}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Documentation (32-bit) (HKLM-x32\...\{1FBA5182-78DD-4940-9F06-96E5042B7061}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Executables (32-bit) (HKLM-x32\...\{33B10015-A9B1-4210-B50A-26C6443979B0}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 pip Bootstrap (32-bit) (HKLM-x32\...\{9ADF9987-3327-48C6-91B3-B10900366491}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Standard Library (32-bit) (HKLM-x32\...\{FCBB04F4-D2CF-4F55-BE92-B3898696B318}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C1153533-FDC4-4922-892D-B71810F69566}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Test Suite (32-bit) (HKLM-x32\...\{9D50A6D7-410A-4469-87B7-35FA84CBD479}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Utility Scripts (32-bit) (HKLM-x32\...\{E6DEBF43-7ACF-4E88-9BBF-9B5945683281}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)
qBittorrent 4.1.0 (HKLM-x32\...\qBittorrent) (Version: 4.1.0 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
Serato DJ  (HKLM-x32\...\{8a5fa39a-fc35-443a-b1ae-b5d600daed1a}) (Version: 1.9.10.5170 - )
Serato DJ  (HKLM-x32\...\{941AF1A8-32BA-4E7D-9D04-ADDB39F58B53}) (Version: 1.9.10.5170 - Serato) Hidden
SoulseekQt version 2016.4.24 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2016.4.24 - Soulseek LLC)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Spotify (HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\Spotify) (Version: 1.0.69.336.g7edcc575 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.12.3 (HKLM\...\SteelSeries Engine 3) (Version: 3.12.3 - SteelSeries ApS)
Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version:  - )
TmUnitedForever Update 2010-03-15 (HKLM-x32\...\TmUnitedForever_is1) (Version:  - Nadeo)
Twitch (HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version:  - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
Waves Complete V9r15 (HKLM-x32\...\{91000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.1.15 - Waves)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
WinRAR 5.40 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.3 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: 1.12.1.5875 - Blizzard Entertainment)
Xfer Records LFOTool v1.29 Beta 6 x64 (HKLM\...\Xfer Records LFOTool v1.29 Beta 6 x64_is1) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-15] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-07-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-07-14] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-15] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-07-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-07-14] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {05EE9EF1-3751-4C63-BC86-2CFFA2AE1A86} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-19] (Piriform Ltd)
Task: {10DFB593-38BE-4231-B66F-0A1C8CF8AB6D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-15] (Microsoft Corporation)
Task: {19F65547-C719-41E7-B1E0-0D0E2CF0CB6A} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-07-15] (Microsoft Corporation)
Task: {33CCCEF5-CE4C-4153-A7FD-44512EF0FDDA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-09-22] (Advanced Micro Devices, Inc.)
Task: {617CCDC8-4981-4000-AC53-39BDA43E9607} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {7650F963-61A4-4619-8D19-9FE0277BDA0C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7798F076-8AD1-4376-B434-8B7BEF4977CB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-15] (Microsoft Corporation)
Task: {7EE140C5-DCE6-4A54-82C1-8EEF908A22E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {92DE4112-E7A2-4E6A-BC5F-850465CCCFDE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {A97C6BDD-A10D-43B9-9437-577FEC78BA2E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-15] (Microsoft Corporation)
Task: {B18812A4-83B5-418A-B231-9A3306EBFB00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-16] (Google Inc.)
Task: {B8B62DE0-ED56-4FE0-A70E-B6ADFCF4D0B8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-19] (Piriform Ltd)
Task: {B9AFC823-B6EC-4BEC-9D9A-CAB37B8FE35E} - System32\Tasks\S-1-5-21-281870630-3262064009-3073167586-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)
Task: {BB085A13-3BD4-40DA-BFB0-63A58B56F2CE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-15] (Microsoft Corporation)
Task: {C0871E58-5901-4A1E-9E7C-9E2880D1308C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {C71DB187-70BE-4B60-A677-CEFBE402D0FA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation)
Task: {C721C032-8568-4334-A79D-F818C71283E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-16] (Google Inc.)
Task: {D09F48B5-FFAA-4001-9B7A-84DE7290AD40} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation)
Task: {DC25AAF8-A10A-4374-B473-610D5BF1C173} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-07-15] (Microsoft Corporation)
Task: {E21A9512-B235-42B1-9C37-D8E928183972} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-43EO9A7-Josh => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-25] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-03-18 20:23 - 2018-06-14 20:34 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-12 09:34 - 2018-04-12 09:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 09:34 - 2018-04-12 09:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 09:34 - 2018-04-12 09:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-13 14:56 - 2018-06-08 18:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-23 10:58 - 2018-05-23 10:59 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-23 10:58 - 2018-05-23 10:59 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-23 10:58 - 2018-05-23 10:59 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-23 10:58 - 2018-05-23 10:59 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-12-29 01:33 - 2017-12-29 01:33 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2017-12-29 01:33 - 2017-12-29 01:33 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2017-12-29 01:33 - 2017-12-29 01:33 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-06-09 18:42 - 2018-06-09 18:42 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-09 18:42 - 2018-06-09 18:42 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-30 22:40 - 2017-09-30 22:41 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-25 22:23 - 2018-05-25 22:23 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-04 08:52 - 2018-05-04 08:53 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-25 22:23 - 2018-05-25 22:23 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-05-25 22:23 - 2018-05-25 22:23 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-03-30 09:38 - 2018-03-30 09:38 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-09 18:42 - 2018-06-09 18:42 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-25 22:23 - 2018-05-25 22:23 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-09 18:42 - 2018-06-09 18:42 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-25 22:23 - 2018-05-25 22:23 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-05-25 22:23 - 2018-05-25 22:23 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-25 22:23 - 2018-05-25 22:23 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-15 13:56 - 2018-07-15 13:58 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-15 13:56 - 2018-07-15 13:57 - 002449952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-15 13:56 - 2018-07-15 13:58 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-05-18 13:19 - 2018-05-18 13:19 - 004193792 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1805.1201.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-05-04 08:53 - 2018-05-04 08:53 - 000634880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1805.1201.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-15 13:56 - 2018-06-23 05:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-07-15 13:56 - 2018-06-23 05:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2016-07-17 19:31 - 2018-06-09 07:38 - 000788256 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-07-17 19:31 - 2018-06-09 09:39 - 002632992 _____ () C:\Program Files (x86)\Steam\video.dll
2016-07-17 19:31 - 2018-06-09 07:42 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-12-14 18:50 - 2018-06-09 07:40 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-14 18:50 - 2018-06-09 07:40 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-14 18:50 - 2018-06-09 07:40 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-14 18:50 - 2018-06-09 07:40 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-14 18:50 - 2018-06-09 07:40 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2016-07-17 19:31 - 2018-06-09 07:40 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-07-17 19:31 - 2018-06-09 07:40 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-07-17 19:31 - 2018-06-09 09:38 - 000979744 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-07-17 19:31 - 2018-06-09 07:40 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-05-05 22:45 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\Josh\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-05-05 22:45 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\Josh\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-05-05 22:45 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\Josh\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-05-05 22:45 - 2018-05-05 22:45 - 001910104 _____ () \\?\C:\Users\Josh\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-05-05 22:45 - 2018-05-05 22:45 - 000422744 _____ () \\?\C:\Users\Josh\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-05-05 22:45 - 2018-05-05 22:45 - 000145240 _____ () \\?\C:\Users\Josh\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-05-05 22:45 - 2018-07-15 13:46 - 011262808 _____ () \\?\C:\Users\Josh\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-05-05 22:45 - 2018-05-05 22:45 - 001530712 _____ () \\?\C:\Users\Josh\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-05-05 22:45 - 2018-05-05 22:45 - 000512856 _____ () \\?\C:\Users\Josh\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-05-05 22:45 - 2018-07-15 13:46 - 001648984 _____ () \\?\C:\Users\Josh\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-05-05 22:45 - 2018-07-15 13:46 - 001817432 _____ () \\?\C:\Users\Josh\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node
2018-05-05 22:45 - 2018-05-05 22:45 - 002722648 _____ () \\?\C:\Users\Josh\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-05-05 22:45 - 2018-05-05 22:45 - 002760536 _____ () \\?\C:\Users\Josh\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-05-05 22:45 - 2018-05-05 22:45 - 001249112 _____ () \\?\C:\Users\Josh\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2017-07-27 18:11 - 2018-06-09 07:39 - 000788256 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-01-28 11:07 - 2018-06-09 07:39 - 083524384 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-07-17 19:31 - 2018-06-09 07:42 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2017-07-27 18:11 - 2018-06-09 07:39 - 002253600 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2017-07-27 18:11 - 2018-06-09 07:39 - 000109856 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\AppData:CSM [470]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\sharepoint.com -> hxxps://unsw-files.sharepoint.com
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 17:24 - 2017-12-19 11:39 - 000001025 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-281870630-3262064009-3073167586-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.20.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-281870630-3262064009-3073167586-1001\...\StartupApproved\Run: => "Spotify Web Helper"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{C5ECE6C2-89E0-4C00-B94B-F79BC4B537F4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{68B29910-1D66-4165-80CC-D3B2CC0A0F6E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [UDP Query User{28BDC4A7-7EE9-4780-9810-A7B02DFE7572}C:\users\josh\desktop\halo online\eldorado.exe] => (Allow) C:\users\josh\desktop\halo online\eldorado.exe
FirewallRules: [TCP Query User{83F30E7E-8351-492A-ABCD-764258AA2145}C:\users\josh\desktop\halo online\eldorado.exe] => (Allow) C:\users\josh\desktop\halo online\eldorado.exe
FirewallRules: [UDP Query User{2818653B-8248-4E15-8577-D2D27FE15F42}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [TCP Query User{3FB7AC19-C745-4D17-94E4-913D9C087FAD}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [{C9F21E0D-1F86-4C3E-B434-A59EFBA58454}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{72BCED15-A7B5-4E38-853B-A6569634A78B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8E714A09-74A3-4C59-911F-C7827BA6739A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{16026F53-860D-4A53-9111-1BFA16F43771}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [TCP Query User{636B1644-5547-43BE-ADD7-F9BE4362D158}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [UDP Query User{6AA48E1B-6FC0-4619-A941-75620A58B75B}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{364129A3-3BC8-465C-BEFC-415043FCE85A}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{C6FFA5A8-FDF9-420F-BB21-7FD89353F9C0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [TCP Query User{C53196F7-CF0E-44C4-AC04-8BFC6B35A171}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [{08A51134-07C6-4467-A654-BAB6239A0D09}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\PortableWiFi.exe
FirewallRules: [{1FEE7645-721A-4CB7-A397-A5EAD54CCC52}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\RTLDHCP.exe
FirewallRules: [UDP Query User{0334F161-A435-4A06-94AB-44C4B568C315}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [TCP Query User{FBFEFE3A-92B2-4905-9DD6-4527467E67F7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [UDP Query User{2966B4A4-1DAA-4B0A-94B5-FE77C435C5A2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [TCP Query User{ABFDA317-8140-4A04-BDC8-925EE814D4B9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [{8E400871-B2D5-4A11-A363-94DD309541F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{E7CA0B78-8FDA-42C6-A7C2-9B1C0CFB5FE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{2C134A6A-0D04-4F5A-931F-4F337A3407F8}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{C5AC1514-3926-4DC5-90B2-BF395DE6B593}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Virtual Pool 4 Multiplayer\launcher.exe
FirewallRules: [{31E7808B-A057-462C-8ADE-B27C23492A3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Virtual Pool 4 Multiplayer\launcher.exe
FirewallRules: [UDP Query User{CFFABDCE-D81D-472E-9DC1-58F3B6B749C9}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{CBEC895E-D8AC-4320-B7E6-01FAB8BDE517}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{B0C3C982-B867-41D2-9FF2-0ABFB5F32811}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{EA789217-EDC7-4632-A3CD-EB7A70BF09D6}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{3C2FCDDE-C690-4123-A884-657E6C0D5A3D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{2D2DEFEB-4AA3-4B45-B965-07443002D976}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{28BF1416-5B1F-4E52-B785-B46055C38A79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{E410B879-932A-46D7-8049-72C188E8255B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{7F35EAE4-1EA7-4525-BCA7-B891FCBD6917}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{F067BEE0-7EBB-4575-847C-A24C0179849F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [UDP Query User{F78E999A-5968-4E3C-A094-6F28B0DAE0DB}F:\users\public\games\warcraft iii\war3.exe] => (Allow) F:\users\public\games\warcraft iii\war3.exe
FirewallRules: [TCP Query User{B7073D92-66B5-47B8-9617-E777E5006A34}F:\users\public\games\warcraft iii\war3.exe] => (Allow) F:\users\public\games\warcraft iii\war3.exe
FirewallRules: [UDP Query User{4752FEC2-C8D5-4842-98EA-194C0F7B2108}F:\program files\warcraft iii reign of chaos & the frozen throne\war3.exe] => (Block) F:\program files\warcraft iii reign of chaos & the frozen throne\war3.exe
FirewallRules: [TCP Query User{B4D0E7A6-A03B-4E29-98E6-0D73CCDBA06D}F:\program files\warcraft iii reign of chaos & the frozen throne\war3.exe] => (Block) F:\program files\warcraft iii reign of chaos & the frozen throne\war3.exe
FirewallRules: [UDP Query User{DEC9ADAF-0EE3-492E-B296-AB0D6D967C25}C:\program files\namecoin\namecoin-qt.exe] => (Block) C:\program files\namecoin\namecoin-qt.exe
FirewallRules: [TCP Query User{EABAD739-2C4F-4B16-AB91-49CE0A5FBFD4}C:\program files\namecoin\namecoin-qt.exe] => (Block) C:\program files\namecoin\namecoin-qt.exe
FirewallRules: [UDP Query User{77118246-B70B-4BD9-91BF-2F530284D6C4}F:\josh\mining\bitcoin\namecoind_v350_win32\namecoind.exe] => (Allow) F:\josh\mining\bitcoin\namecoind_v350_win32\namecoind.exe
FirewallRules: [TCP Query User{78D65063-4AD2-437C-82DB-4FAF25D3516B}F:\josh\mining\bitcoin\namecoind_v350_win32\namecoind.exe] => (Allow) F:\josh\mining\bitcoin\namecoind_v350_win32\namecoind.exe
FirewallRules: [UDP Query User{BB765B71-7A4F-45A1-8136-10E860C31C3D}F:\josh\mining\valuecoin\valuecoin-qt.exe] => (Allow) F:\josh\mining\valuecoin\valuecoin-qt.exe
FirewallRules: [TCP Query User{EB9A08BC-9A23-419A-8F55-9ACA1628C189}F:\josh\mining\valuecoin\valuecoin-qt.exe] => (Allow) F:\josh\mining\valuecoin\valuecoin-qt.exe
FirewallRules: [UDP Query User{94AC8DCA-2F4B-42B3-9EA9-6DEEDCEFCE12}F:\josh\mining\earthcoin\earthcoin-qt.exe] => (Allow) F:\josh\mining\earthcoin\earthcoin-qt.exe
FirewallRules: [TCP Query User{3EDBA629-E24E-4EA5-A1DC-905CB3372735}F:\josh\mining\earthcoin\earthcoin-qt.exe] => (Allow) F:\josh\mining\earthcoin\earthcoin-qt.exe
FirewallRules: [UDP Query User{CD24FC33-8E4B-4533-9199-4F6CF6151682}F:\josh\mining\litecoin\litecoin-qt.exe] => (Allow) F:\josh\mining\litecoin\litecoin-qt.exe
FirewallRules: [TCP Query User{DCD0F617-0813-474E-8EDD-E8EE4DAEA1EE}F:\josh\mining\litecoin\litecoin-qt.exe] => (Allow) F:\josh\mining\litecoin\litecoin-qt.exe
FirewallRules: [UDP Query User{317B75B3-073E-404A-A5DA-64CF89E40181}F:\josh\mining\bitcoin\bitcoin-qt.exe] => (Allow) F:\josh\mining\bitcoin\bitcoin-qt.exe
FirewallRules: [TCP Query User{B6ED5541-3169-4439-88AC-C7F84D71934A}F:\josh\mining\bitcoin\bitcoin-qt.exe] => (Allow) F:\josh\mining\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{74D01705-7157-44CD-BDB6-D9CFFEDADF62}F:\josh\mining\doge\dogecoin-qt.exe] => (Allow) F:\josh\mining\doge\dogecoin-qt.exe
FirewallRules: [TCP Query User{4E684A67-C975-4AB9-AA47-3E85BB5E325C}F:\josh\mining\doge\dogecoin-qt.exe] => (Allow) F:\josh\mining\doge\dogecoin-qt.exe
FirewallRules: [{A7251F19-C864-457F-9DF3-1A9CAEE9AE98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{0BD6A5C5-D5B2-4146-9EC7-D5B4E02876CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{53A2CC3C-7D0E-4BBF-B98C-0975471BF19A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{168CD627-9DA5-422D-89C6-8420C1BFF365}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{F76ACA11-7F49-4F00-B8C1-3FBA817A3AD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{E871FE65-26E4-4EB5-A288-AC976C2B02BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{5ABF3996-D78B-4C17-906E-92CCD6C67BFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{60BB446B-C7BC-4CC7-852F-98CA5D167EA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3F870EC7-D782-4A37-9984-F05E3F69870F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{E87216CD-90D4-4059-A8EC-0F80A4D82ADA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{5D57245D-204B-4504-93BA-053C5C0CAF90}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D8CB6F9B-09C7-49D4-9A51-32A2A920C7E6}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [UDP Query User{D7055CE8-FE3C-4A80-B069-0BFBE05E556A}C:\users\josh\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\josh\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{3A51637A-7484-4B5A-B5BF-60FBEFB3AC10}C:\users\josh\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\josh\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{819720BD-5459-4803-BD25-C5CEA56BC2EA}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{2CF2DD6D-9B44-4889-A1D7-907749666B6F}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{A3D1F8D4-EE02-4118-BB9C-06C47ADF3737}C:\users\josh\downloads\conquer_v6383_p2p.exe] => (Allow) C:\users\josh\downloads\conquer_v6383_p2p.exe
FirewallRules: [TCP Query User{F5A20FCE-707A-43DD-9352-2363B604E8E1}C:\users\josh\downloads\conquer_v6383_p2p.exe] => (Allow) C:\users\josh\downloads\conquer_v6383_p2p.exe
FirewallRules: [UDP Query User{CB195253-9FA0-43FC-B2E8-F935FE2286D9}C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [TCP Query User{3848DFD6-9531-4A60-BDB8-E262B599884E}C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [{DDD58140-5EB0-4906-AF37-FA0305B5EF0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{3D113EC4-53BB-4ACC-BAD8-B522756E41FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{4967B647-2C7D-4FFD-8984-1A9BAAB188BE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{60290C00-2D93-4B9D-991E-F2E1278A5AFE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{85A5C235-34AA-42C6-AD81-A5CE702BDBB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zezenia Online\Zezenia_Steam.exe
FirewallRules: [{1D75CBF4-EF6C-46FD-9EA0-E7E2B7FACF77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zezenia Online\Zezenia_Steam.exe
FirewallRules: [{068580B2-8649-4B7D-8DB4-A22A4BE5026A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{481EC23B-6518-4CF1-85A5-DFB86E3CADB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{F2CDF525-022C-49C7-AB6E-518A76A22125}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{37982066-252A-4D5F-9E47-D29894D692A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [UDP Query User{132E125F-C1E0-4F82-9AC5-83DAEFC3C5ED}C:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{703EEB36-1D62-4A1D-BE65-CAAFC17A44D8}C:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{8B58BD57-E92B-4E40-ADE4-6F779CA5DE6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{B5736600-27A5-4ECD-901D-0C72FF9C5E9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [UDP Query User{35C29529-6CA8-4ADB-BC84-E28988F1A254}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{FF8857DF-4FB5-4484-8814-605EE9AD9D35}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{26A8881D-88DB-45FD-897B-8F81C146EACC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{E19F06B8-7F07-43CC-9CAB-EBF84E6463E5}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{0E75DF69-2467-4F37-94ED-B6FF061D98FD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F3555E41-4046-4957-A75B-CB9215E59FBE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A5C2BFA5-44F2-428D-93B0-18B4F5BC81A0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{49508793-677A-4BD5-9FEE-35DD80EF1FE6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{098FE3C4-D000-47EF-A441-C6A11963FA12}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{ED5B8E04-824B-4A3F-9CC7-22F2E9AF1A15}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{70CEB7D5-224E-4159-A2A5-E677712BC9F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe
FirewallRules: [{89299456-1FE8-4815-AE26-170186F11C27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe
FirewallRules: [{F0EE9EB6-FB3A-42B8-A1B7-0ABBD7C508B4}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{AF46D6D0-65F1-40D1-9D69-A0076956D04C}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{10859F98-C376-45D9-B96C-2F8865D4A7BC}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\PortableWiFi.exe
FirewallRules: [{6345DC8B-B039-466B-A43F-3B6E6A967A01}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\RTLDHCP.exe
FirewallRules: [{203403A5-3524-4818-B1C4-0D64D277CCA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{B9B10FEA-AB3B-4190-8549-2FD3040A4BE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [TCP Query User{623656E6-C288-45B3-9374-B8AA8963F6C6}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe
FirewallRules: [UDP Query User{7D2849F6-B0E8-47EB-AF49-E7053DC05916}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe
FirewallRules: [TCP Query User{B020B6E6-E88A-4C4B-BAE7-80220F6E6027}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{79FD33D6-F8D7-4A5E-A34E-98BA58ABC475}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [TCP Query User{ABBD9C45-1C2C-43EC-8082-9CBC893A39A4}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{C0599518-6039-4122-A385-9C69F4D885D1}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{A1FB0D72-975B-45D9-8ABA-A6B8A81AFA5D}C:\users\josh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9D3C6437-02E6-46C5-8044-E092D3075769}C:\users\josh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3F483BB5-4CDE-4067-8565-C116A53CCF34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{1C71510A-2C54-4622-A2D0-1D42A5144119}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{B21BF0C9-9004-4533-8D1C-679EFA0FC285}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{A8C7F1EE-A998-448E-A903-E78D08979F53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{1526C2D8-4084-48F6-82CC-9D18657866D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OfGuardsAndThieves\OGAT.exe
FirewallRules: [{2BA4B57A-BD38-4BA1-B802-348166662038}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OfGuardsAndThieves\OGAT.exe
FirewallRules: [TCP Query User{E1798322-5D5E-4396-BAAD-7E67B6DAC097}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{87616D31-CBD5-489F-A74B-13A8A5E4ED2F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{C46317BD-D0A1-4061-AB3A-E76236182FC8}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{E207ADC2-169E-4F20-A78D-14713EDBF481}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{AC8A6541-D180-411D-9708-A910C3F79A06}C:\program files (x86)\java\jre1.8.0_144\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\jp2launcher.exe
FirewallRules: [UDP Query User{0280867B-31F2-44DF-B4BF-6302605ED49D}C:\program files (x86)\java\jre1.8.0_144\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\jp2launcher.exe
FirewallRules: [TCP Query User{61CC6327-D58E-4CF5-9A1E-F84F7BB05CFA}C:\program files (x86)\warcraft iii\warcraft iii.exe] => (Allow) C:\program files (x86)\warcraft iii\warcraft iii.exe
FirewallRules: [UDP Query User{3A6D042F-4479-4F54-9D78-2C387DCDEC29}C:\program files (x86)\warcraft iii\warcraft iii.exe] => (Allow) C:\program files (x86)\warcraft iii\warcraft iii.exe
FirewallRules: [{8EE3869A-519C-4F56-AA43-B4A9DB5860E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe
FirewallRules: [{BD859E45-C9D3-42AE-95FF-B79308BAA305}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe
FirewallRules: [{1786D732-0809-4493-A7A4-220B331967F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9E80A005-0E5E-49B6-8128-EFB08A9882BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{98114E1B-289C-48FA-9658-9532D2BB1A78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{0BEA9ECB-9615-40DE-9E0B-D85FC4ED758A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{3195915E-F04D-4CA2-BB51-3C0BD020F9AF}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{27EC5384-9178-4770-AC05-C4C87577A133}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{F5C72602-72D3-4A3A-AD71-DA905713EEA2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{0ABCEDA9-E34D-4053-A051-5AD5564A26AA}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{C579D8A5-06F3-4722-8EEE-4987ED8138D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{47132375-09BD-4700-93D4-29D24CE8C72B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{CDD963E4-580B-4AD6-BBC5-A8B9EB05DDFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{748E6345-98E8-4016-AE0B-8E56AFE3D636}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [TCP Query User{BCBF3A41-28C2-4C38-9A1D-75270231F45A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F17AB2D2-A066-4A94-9D1F-2234B42B669A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [{68DE6F27-375A-42A3-B50A-42E75DF3C8FB}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{B392E628-AED5-4A85-A3DC-9FBF37106DAE}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{AE5A460A-8EB9-4455-9A0E-31C0E9F2040B}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_144\bin\java.exe
FirewallRules: [{A0BE7DB1-D0CF-40E8-8981-F2FB9A36D39B}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_144\bin\java.exe
FirewallRules: [{14E1B4E8-DBDA-4766-9A71-DADDE56739C8}] => (Allow) C:\Users\Josh\Ubiquiti UniFi\bin\mongod.exe
FirewallRules: [{A3C73F5D-4CBC-4CCD-AF66-188E21DCA7FA}] => (Allow) C:\Users\Josh\Ubiquiti UniFi\bin\mongod.exe
FirewallRules: [TCP Query User{801394AB-9293-462B-B365-A84877B14AE5}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{45A08332-3440-4C49-9048-952A34C6DEB5}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [TCP Query User{59166172-7CB4-40A6-B24E-C4A6C1CF30EF}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [UDP Query User{2003699B-4AED-4567-96E6-FE4BF5276B45}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{4849DE8F-A8DC-41A3-97AE-F1271BA84C4F}C:\program files (x86)\java\jre1.8.0_171\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\java.exe
FirewallRules: [UDP Query User{C975182D-218E-428C-90A5-CB82A5A316C1}C:\program files (x86)\java\jre1.8.0_171\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\java.exe
FirewallRules: [TCP Query User{BB41443B-B394-4372-B843-888EAB20103A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F11B4776-7630-4157-9CA9-D58474114282}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [TCP Query User{E7E51CF4-2886-40AB-8BFF-C38C5588B22A}C:\users\josh\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\josh\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [UDP Query User{2E60E6B1-4D29-4FD6-A39B-2944546C2CBB}C:\users\josh\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\josh\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [{D92990C7-FDDF-45F1-A2F5-431DBC6F3C94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{AEA43968-D410-422D-8690-8BDD93C080D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [TCP Query User{E7F8B490-7D8E-453E-9D68-EABD9A65DD74}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [UDP Query User{BB04C71F-47A5-4842-B51B-C095330FB18C}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [{D1BF6322-12ED-41E7-A186-2FC37F01AC88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{32751325-6654-49CE-B2F7-E03678811C84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [TCP Query User{32234472-7799-496D-BDA9-11702AD140D5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [UDP Query User{8F2E9CDF-BB76-4CEC-8851-AC55E05D6F19}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [TCP Query User{04744460-54EC-4CE6-AF3E-08ED3C9DA7F2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [UDP Query User{01C3E78C-6E47-48B6-BDE2-9BCE33658687}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [{B8A12603-8754-472E-8EA7-02B7E6587211}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F0959D26-24C2-4822-A119-401632D381C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{91CBB2D4-00FB-4C86-8A2C-4EA2DF22C337}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{566EDB60-6849-42C0-92E7-60FF5A9F340C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe
FirewallRules: [{C5151AA4-8526-4B56-BC46-3373C9123B43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe
 
==================== Restore Points =========================
 
15-07-2018 13:56:59 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/15/2018 07:04:58 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (07/15/2018 01:51:40 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\Element App.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/15/2018 01:51:27 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\GTRSolo 3.5.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/15/2018 01:51:23 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\wlc.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/15/2018 01:51:20 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\GTR 3.5.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/15/2018 01:51:16 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/15/2018 01:49:15 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (07/15/2018 01:46:15 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
 
System errors:
=============
Error: (07/15/2018 08:33:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-43EO9A7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-43EO9A7\Josh SID (S-1-5-21-281870630-3262064009-3073167586-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/15/2018 08:33:40 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-43EO9A7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-43EO9A7\Josh SID (S-1-5-21-281870630-3262064009-3073167586-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/15/2018 05:50:28 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-43EO9A7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-43EO9A7\Josh SID (S-1-5-21-281870630-3262064009-3073167586-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/15/2018 03:17:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/15/2018 03:16:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/15/2018 01:53:47 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-43EO9A7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-43EO9A7\Josh SID (S-1-5-21-281870630-3262064009-3073167586-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/15/2018 01:52:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-43EO9A7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-43EO9A7\Josh SID (S-1-5-21-281870630-3262064009-3073167586-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/15/2018 01:45:30 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-43EO9A7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-43EO9A7\Josh SID (S-1-5-21-281870630-3262064009-3073167586-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2018-07-15 17:14:59.628
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C0947D96-87C5-4C6C-9F8A-13E67FEA18D2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-07-15 16:56:06.638
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {2E8CDA99-78A0-4F1E-B374-44E31A04B1C1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-22 00:46:27.967
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B1F7526C-115F-4097-9852-9C89AB97BE34}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-11 14:55:33.316
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {2A846BC4-1A37-4217-9FF9-AD1932599A53}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-06 16:07:17.718
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {064EE6EE-6635-4669-B741-072805EA9252}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-14 17:21:28.527
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.1145.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x800704cf
Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help. 
 
Date: 2018-06-14 16:45:10.852
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.1145.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x800704cf
Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help. 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-6100 CPU @ 3.70GHz
Percentage of memory in use: 30%
Total physical RAM: 16284.36 MB
Available physical RAM: 11242.68 MB
Total Virtual: 18716.36 MB
Available Virtual: 12122.28 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.96 GB) (Free:304.39 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Fixed) (Total:931.41 GB) (Free:44.94 GB) NTFS
 
\\?\Volume{405f4249-775d-4041-b9c8-b5586de2ccc1}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{89538609-c913-4690-b4f7-7249786d3d4e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 24EAC2A8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 20 July 2018 - 06:10 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/680637 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 25 July 2018 - 06:15 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users