Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Experiencing random apps closing and sporadic pc behavior


  • This topic is locked This topic is locked
3 replies to this topic

#1 respiren19

respiren19

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 13 October 2018 - 07:43 PM

hello! I've been having my pc stutter, have sluggish internet, and behave randomly for a bit now. I also have a few odd processes that appear, but I'm not exactly sure of what's going on. I'm hoping it's just some driver issues or remnants of uninstalled programs or something, but I'm hoping you guys can confirm whether or not it's a computer infection. thank you so so so much!!! I don't have many specifics, but I'll occasionally have processes in my task manager that'll seem unlisted (no name, or 'name not available') 
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Sonic (administrator) on EARTH (13-10-2018 20:34:50)
Running from C:\Users\Sonic\Desktop
Loaded Profiles: Sonic (Available Profiles: Sonic)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
() C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Scarlet.Crush Productions) C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(none) C:\WLAN Optimizer\WLAN Optimizer.exe
(f.lux Software LLC) C:\Users\Sonic\AppData\Local\FluxSoftware\Flux\flux.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Scarlet.Crush Productions) C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\TrayTipAgentE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(Discord Inc.) C:\Users\Sonic\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Sonic\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Sonic\AppData\Local\Discord\app-0.0.301\Discord.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\Everything\Everything.exe
() C:\Program Files\Everything\Everything.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Audacity Team) C:\Program Files (x86)\Audacity\audacity.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Open Media LLC) D:\Program Files (x86)\4KDownload\4kvideodownloader\4kvideodownloader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2197608 2017-06-06] ()
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Greenshot)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17987704 2017-10-19] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\Run: [Discord] => C:\Users\Sonic\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\Run: [WLAN Optimizer] => C:\WLAN Optimizer\WLAN Optimizer.exe [109056 2009-08-07] (none)
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\Run: [f.lux] => C:\Users\Sonic\AppData\Local\FluxSoftware\Flux\flux.exe [1806344 2018-07-03] (f.lux Software LLC)
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26881624 2018-10-13] (Microsoft Corporation)
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\Run: [TIDAL] => C:\Users\Sonic\AppData\Local\TIDAL\update.exe [1902376 2018-09-03] ()
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\Run: [EpicGamesLauncher] => D:\Fortnite\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [34884496 2018-10-09] (Epic Games, Inc.)
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [1332736 2017-12-22] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2018-01-07]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions)
GroupPolicy: Restriction ? <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2195e26c-d58f-4872-a6c3-97e84627f2eb}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-10-13] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_152\bin\ssv.dll [2018-01-04] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_152\bin\jp2ssv.dll [2018-01-04] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-09-07] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-10-13] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-10-13] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-10-13] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-10-13] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.152.2 -> C:\Program Files\Java\jre1.8.0_152\bin\dtplugin\npDeployJava1.dll [2018-01-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.152.2 -> C:\Program Files\Java\jre1.8.0_152\bin\plugin2\npjp2.dll [2018-01-04] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-07] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-09-07] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-05-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-05-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://calendar.google.com/calendar/r"
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default [2018-10-13]
CHR Extension: (Slides) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-22]
CHR Extension: (Popup Blocker (strict)) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aefkmifgmaafnojlojpnekbpbmjiiogg [2018-09-01]
CHR Extension: (Duolingo on the Web) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2018-02-01]
CHR Extension: (BetterTTV) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-12-22]
CHR Extension: (Docs) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-22]
CHR Extension: (Google Drive) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-22]
CHR Extension: (YouTube) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-22]
CHR Extension: (Honey) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-09-01]
CHR Extension: (uBlock Origin) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-09-28]
CHR Extension: (Full Page Screen Capture) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2018-09-16]
CHR Extension: (Sheets) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-22]
CHR Extension: (Google Docs Offline) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Google Calendar) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2018-09-04]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-10-09]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2018-09-25]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2018-05-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-22]
CHR Extension: (Chrome Media Router) - C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-08]
CHR Profile: C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-01-04]
CHR Profile: C:\Users\Sonic\AppData\Local\Google\Chrome\User Data\System Profile [2018-06-11]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-09-20] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9677088 2018-09-29] (Microsoft Corporation)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [394944 2016-04-12] (Scarlet.Crush Productions)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-09-20] (EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [146864 2017-07-21] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (Microsoft)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [117680 2017-07-13] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [183480 2017-08-10] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-19] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [123312 2017-07-21] (GIGA-BYTE TECHNOLOGY CO., LTD.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-09-25] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-09-25] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [1764296 2017-12-13] (Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34696 2017-10-10] (Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2017-10-16] (Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137104 2017-11-07] (Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriver1.0.0; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [70312 2017-03-27] (Advanced Micro Devices)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-02-22] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-02-22] (Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34368 2018-01-17] ()
R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [30320 2017-11-23] (Windows ® Codename Longhorn DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-09-11] (Malwarebytes)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed]
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [232976 2017-08-10] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-10-19] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [200232 2018-10-11] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [118584 2018-10-11] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [58400 2018-10-11] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260384 2018-10-11] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [110424 2018-10-13] (Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2018-04-11] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f32bf428bbff8aa5\nvlddmkm.sys [17194584 2018-05-23] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-07] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-09-19] (Realtek )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [42856 2016-03-27] (Nefarius Software Solutions)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [171664 2016-07-14] (Ray Hinchliffe)
S3 usbaudio2; C:\WINDOWS\system32\DRIVERS\usbaudio2.sys [229888 2018-04-11] (Microsoft Corporation)
R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows ® Win 7 DDK provider)
R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2018-08-15] (Windows ® Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2018-08-15] (Windows ® Win 7 DDK provider)
R3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [44784 2015-05-05] (Shaul Eizikovich)
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [115192 2017-11-21] (Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-09-25] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [352424 2018-09-25] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-09-25] (Microsoft Corporation)
R3 ysusb_w10_64; C:\WINDOWS\system32\drivers\ysusb_w10_64.sys [173536 2018-05-17] (Yamaha Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-10-13 13:55 - 2018-10-13 13:55 - 000000000 ____D C:\Users\Sonic\Desktop\good beats
2018-10-11 08:29 - 2018-10-13 20:32 - 000110424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-10-11 08:29 - 2018-10-11 16:23 - 000118584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-10-11 08:29 - 2018-10-11 16:23 - 000058400 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-10-11 08:29 - 2018-10-11 08:29 - 000260384 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-10-11 08:29 - 2018-10-11 08:29 - 000200232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-10-11 08:29 - 2018-10-11 08:29 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-11 08:29 - 2018-10-11 08:29 - 000000000 ____D C:\Users\Sonic\AppData\Local\mbamtray
2018-10-11 08:29 - 2018-10-11 08:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-11 08:29 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-10-10 14:04 - 2018-10-10 14:04 - 000001681 _____ C:\Users\Sonic\AppData\Local\recently-used.xbel
2018-10-10 09:27 - 2018-09-21 00:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-10 09:27 - 2018-09-21 00:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-10 09:27 - 2018-09-21 00:09 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-10-10 09:27 - 2018-09-21 00:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-10 09:27 - 2018-09-21 00:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-10-10 09:27 - 2018-09-21 00:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-10 09:27 - 2018-09-21 00:08 - 000261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-10 09:27 - 2018-09-20 23:39 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-10 09:27 - 2018-09-20 23:36 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-10-10 09:27 - 2018-09-20 23:36 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-10-10 09:27 - 2018-09-20 05:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-10 09:27 - 2018-09-20 05:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-10 09:27 - 2018-09-20 04:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-10 09:27 - 2018-09-20 04:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-10 09:27 - 2018-09-20 00:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-10 09:27 - 2018-09-20 00:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-10 09:27 - 2018-09-20 00:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-10 09:27 - 2018-09-19 23:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-10 09:27 - 2018-09-07 23:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-10-10 09:27 - 2018-09-07 23:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-10-10 09:27 - 2018-09-07 23:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-10 09:27 - 2018-09-07 23:25 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-10-10 09:27 - 2018-09-07 23:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-10 09:27 - 2018-09-07 23:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-10-10 09:26 - 2018-09-21 05:18 - 021386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-10 09:26 - 2018-09-21 05:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-10 09:26 - 2018-09-21 04:22 - 020381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-10 09:26 - 2018-09-21 04:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-10 09:26 - 2018-09-21 00:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-10 09:26 - 2018-09-21 00:12 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-10 09:26 - 2018-09-21 00:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-10 09:26 - 2018-09-21 00:09 - 001062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-10-10 09:26 - 2018-09-21 00:08 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-10 09:26 - 2018-09-21 00:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-10 09:26 - 2018-09-21 00:08 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-10-10 09:26 - 2018-09-21 00:08 - 001257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-10-10 09:26 - 2018-09-21 00:08 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-10-10 09:26 - 2018-09-21 00:08 - 000982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-10-10 09:26 - 2018-09-21 00:08 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-10-10 09:26 - 2018-09-21 00:08 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-10-10 09:26 - 2018-09-21 00:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-10 09:26 - 2018-09-20 23:58 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-10-10 09:26 - 2018-09-20 23:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-10 09:26 - 2018-09-20 23:57 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-10-10 09:26 - 2018-09-20 23:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-10 09:26 - 2018-09-20 23:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-10 09:26 - 2018-09-20 23:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-10 09:26 - 2018-09-20 23:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-10 09:26 - 2018-09-20 23:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-10 09:26 - 2018-09-20 23:41 - 003396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-10 09:26 - 2018-09-20 23:40 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-10 09:26 - 2018-09-20 23:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-10 09:26 - 2018-09-20 23:39 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-10-10 09:26 - 2018-09-20 23:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-10-10 09:26 - 2018-09-20 23:38 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-10 09:26 - 2018-09-20 23:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-10 09:26 - 2018-09-20 23:37 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-10 09:26 - 2018-09-20 23:37 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-10 09:26 - 2018-09-20 23:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-10 09:26 - 2018-09-20 23:37 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-10-10 09:26 - 2018-09-20 23:36 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-10-10 09:26 - 2018-09-20 23:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-10 09:26 - 2018-09-20 23:36 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-10-10 09:26 - 2018-09-20 05:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-10 09:26 - 2018-09-20 05:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-10 09:26 - 2018-09-20 05:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-10 09:26 - 2018-09-20 05:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-10 09:26 - 2018-09-20 05:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-10 09:26 - 2018-09-20 05:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-10 09:26 - 2018-09-20 05:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-10 09:26 - 2018-09-20 05:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-10 09:26 - 2018-09-20 05:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-10 09:26 - 2018-09-20 04:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-10 09:26 - 2018-09-20 04:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-10 09:26 - 2018-09-20 04:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-10 09:26 - 2018-09-20 04:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-10 09:26 - 2018-09-20 04:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-10 09:26 - 2018-09-20 04:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-10 09:26 - 2018-09-20 02:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-10 09:26 - 2018-09-20 01:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-10 09:26 - 2018-09-20 00:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-10 09:26 - 2018-09-20 00:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-10 09:26 - 2018-09-20 00:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-10 09:26 - 2018-09-20 00:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-10 09:26 - 2018-09-20 00:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-10 09:26 - 2018-09-20 00:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-10 09:26 - 2018-09-20 00:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-10 09:26 - 2018-09-20 00:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-10 09:26 - 2018-09-20 00:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-10 09:26 - 2018-09-20 00:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-10 09:26 - 2018-09-20 00:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-10 09:26 - 2018-09-20 00:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-10 09:26 - 2018-09-20 00:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-10 09:26 - 2018-09-20 00:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-10 09:26 - 2018-09-20 00:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-10 09:26 - 2018-09-20 00:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-10 09:26 - 2018-09-20 00:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-10 09:26 - 2018-09-20 00:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-10 09:26 - 2018-09-20 00:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-10 09:26 - 2018-09-20 00:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-10 09:26 - 2018-09-20 00:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-10 09:26 - 2018-09-20 00:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-10 09:26 - 2018-09-20 00:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-10 09:26 - 2018-09-20 00:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-10 09:26 - 2018-09-20 00:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-10 09:26 - 2018-09-20 00:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-10 09:26 - 2018-09-20 00:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-10 09:26 - 2018-09-20 00:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-10 09:26 - 2018-09-20 00:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-10 09:26 - 2018-09-20 00:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-10 09:26 - 2018-09-20 00:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 09:26 - 2018-09-20 00:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-10 09:26 - 2018-09-20 00:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-10 09:26 - 2018-09-20 00:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-10 09:26 - 2018-09-20 00:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-10 09:26 - 2018-09-20 00:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-10 09:26 - 2018-09-20 00:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-10 09:26 - 2018-09-20 00:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-10 09:26 - 2018-09-20 00:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-10 09:26 - 2018-09-19 23:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-10 09:26 - 2018-09-19 23:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-10 09:26 - 2018-09-19 23:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-10 09:26 - 2018-09-19 23:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 09:26 - 2018-09-19 23:43 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-10 09:26 - 2018-09-19 23:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-10 09:26 - 2018-09-19 23:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-10 09:26 - 2018-09-19 23:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-10 09:26 - 2018-09-19 23:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-10 09:26 - 2018-09-19 23:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-10 09:26 - 2018-09-19 23:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-10 09:26 - 2018-09-19 23:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-10 09:26 - 2018-09-19 23:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-10 09:26 - 2018-09-19 23:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-10 09:26 - 2018-09-19 23:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-10 09:26 - 2018-09-19 23:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 09:26 - 2018-09-19 23:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 09:26 - 2018-09-19 23:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-10 09:26 - 2018-09-19 23:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-10 09:26 - 2018-09-19 23:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-10 09:26 - 2018-09-19 22:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-10 09:26 - 2018-09-19 21:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-10 09:26 - 2018-09-08 04:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-10 09:26 - 2018-09-08 04:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-10 09:26 - 2018-09-08 04:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-10 09:26 - 2018-09-08 04:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-10 09:26 - 2018-09-08 04:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-10 09:26 - 2018-09-08 04:07 - 000612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-10-10 09:26 - 2018-09-08 04:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-10 09:26 - 2018-09-08 04:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-10 09:26 - 2018-09-08 04:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-10 09:26 - 2018-09-08 04:02 - 000645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-10 09:26 - 2018-09-08 04:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-10 09:26 - 2018-09-08 03:58 - 001639352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-10-10 09:26 - 2018-09-08 03:58 - 001520744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-10-10 09:26 - 2018-09-08 03:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-10 09:26 - 2018-09-08 03:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-10 09:26 - 2018-09-08 03:43 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-10-10 09:26 - 2018-09-08 03:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-10 09:26 - 2018-09-08 03:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-10 09:26 - 2018-09-08 03:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-10 09:26 - 2018-09-08 03:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-10 09:26 - 2018-09-08 03:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-10 09:26 - 2018-09-08 03:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-10 09:26 - 2018-09-08 03:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-10 09:26 - 2018-09-08 03:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-10 09:26 - 2018-09-08 03:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-10 09:26 - 2018-09-08 03:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-10 09:26 - 2018-09-08 03:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-10 09:26 - 2018-09-08 03:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-10 09:26 - 2018-09-08 03:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-10 09:26 - 2018-09-08 03:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-10 09:26 - 2018-09-08 03:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-10 09:26 - 2018-09-08 03:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-10 09:26 - 2018-09-08 03:38 - 001288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-10 09:26 - 2018-09-08 03:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-10 09:26 - 2018-09-08 03:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-10 09:26 - 2018-09-08 03:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-10 09:26 - 2018-09-08 03:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-10 09:26 - 2018-09-08 03:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-10 09:26 - 2018-09-08 03:16 - 000482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-10 09:26 - 2018-09-08 03:14 - 001328056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-10-10 09:26 - 2018-09-08 03:13 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-10-10 09:26 - 2018-09-08 03:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-10 09:26 - 2018-09-08 03:03 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-10-10 09:26 - 2018-09-08 03:03 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-10 09:26 - 2018-09-08 03:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-10 09:26 - 2018-09-08 03:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-10 09:26 - 2018-09-08 02:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-10 09:26 - 2018-09-08 02:59 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-10-10 09:26 - 2018-09-08 02:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-10 09:26 - 2018-09-08 02:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-10 09:26 - 2018-09-08 02:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-10 09:26 - 2018-09-08 02:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-10 09:26 - 2018-09-08 02:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-10 09:26 - 2018-09-08 02:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-10 09:26 - 2018-09-08 02:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-10 09:26 - 2018-09-08 02:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-10 09:26 - 2018-09-08 02:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-10 09:26 - 2018-09-08 02:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-10 09:26 - 2018-09-08 00:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-10 09:26 - 2018-09-07 23:59 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-10 09:26 - 2018-09-07 23:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-10 09:26 - 2018-09-07 23:58 - 000744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-10 09:26 - 2018-09-07 23:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-10 09:26 - 2018-09-07 23:58 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-10-10 09:26 - 2018-09-07 23:57 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-10-10 09:26 - 2018-09-07 23:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-10 09:26 - 2018-09-07 23:57 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-10 09:26 - 2018-09-07 23:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-10 09:26 - 2018-09-07 23:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-10 09:26 - 2018-09-07 23:57 - 000267576 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-10-10 09:26 - 2018-09-07 23:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-10 09:26 - 2018-09-07 23:45 - 000295416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-10-10 09:26 - 2018-09-07 23:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-10 09:26 - 2018-09-07 23:44 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-10-10 09:26 - 2018-09-07 23:44 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-10 09:26 - 2018-09-07 23:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-10 09:26 - 2018-09-07 23:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-10 09:26 - 2018-09-07 23:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-10 09:26 - 2018-09-07 23:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-10 09:26 - 2018-09-07 23:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-10 09:26 - 2018-09-07 23:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-10 09:26 - 2018-09-07 23:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-10 09:26 - 2018-09-07 23:30 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-10 09:26 - 2018-09-07 23:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-10 09:26 - 2018-09-07 23:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-10 09:26 - 2018-09-07 23:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-10 09:26 - 2018-09-07 23:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-10 09:26 - 2018-09-07 23:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-10 09:26 - 2018-09-07 23:29 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-10 09:26 - 2018-09-07 23:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-10 09:26 - 2018-09-07 23:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-10 09:26 - 2018-09-07 23:28 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-10-10 09:26 - 2018-09-07 23:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-10 09:26 - 2018-09-07 23:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-10 09:26 - 2018-09-07 23:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-10 09:26 - 2018-09-07 23:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-10 09:26 - 2018-09-07 23:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-10 09:26 - 2018-09-07 23:27 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-10-10 09:26 - 2018-09-07 23:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-10 09:26 - 2018-09-07 23:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-10 09:26 - 2018-09-07 23:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-10 09:26 - 2018-09-07 23:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-10 09:26 - 2018-09-07 23:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-10 09:26 - 2018-09-07 23:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-10 09:26 - 2018-09-07 23:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-10 09:26 - 2018-09-07 23:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-10 09:26 - 2018-09-07 23:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-10 09:26 - 2018-09-07 23:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-10 09:26 - 2018-09-07 23:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-10 09:26 - 2018-09-07 23:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-10 09:26 - 2018-09-07 23:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-10 09:26 - 2018-09-07 23:24 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-10 09:26 - 2018-09-07 23:24 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-10-10 09:26 - 2018-09-07 23:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-10 09:26 - 2018-09-07 23:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-10 09:26 - 2018-09-07 23:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-10 09:26 - 2018-09-07 23:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-10 09:26 - 2018-09-07 23:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-10 09:26 - 2018-09-07 23:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-09 16:30 - 2018-10-09 16:31 - 001862180 _____ C:\WINDOWS\Minidump\100918-9531-01.dmp
2018-09-20 15:04 - 2018-09-20 15:04 - 000000000 ____D C:\Users\Sonic\AppData\Roaming\The Creative Assembly
2018-09-20 14:57 - 2018-09-20 14:57 - 000000000 ____D C:\Users\Sonic\AppData\Local\BattlEye
2018-09-20 12:05 - 2018-09-20 12:05 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-09-20 10:40 - 2018-09-20 10:40 - 000000613 _____ C:\Users\Public\Desktop\Total War - Warhammer 2.lnk
2018-09-14 19:09 - 2018-10-13 11:31 - 000000000 ____D C:\Users\Sonic\AppData\Local\Spectrasonics
2018-09-14 18:59 - 2018-09-14 18:59 - 000000872 _____ C:\Users\Public\Desktop\Omnisphere.lnk
2018-09-14 18:59 - 2018-09-14 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spectrasonics
2018-09-14 18:31 - 2018-09-14 19:08 - 000000000 ____D C:\ProgramData\Spectrasonics
2018-09-14 18:08 - 2018-09-14 18:08 - 000000536 _____ C:\Users\Sonic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\music.lnk
2018-09-13 00:11 - 2018-09-13 00:11 - 000000000 ____D C:\Users\Sonic\AppData\Roaming\iZotope
2018-09-13 00:06 - 2018-09-13 00:11 - 000000000 ____D C:\Users\Sonic\Documents\iZotope
2018-09-13 00:06 - 2018-09-13 00:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope
2018-09-13 00:06 - 2018-09-13 00:06 - 000000000 ____D C:\Program Files (x86)\iZotope
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-10-13 20:35 - 2018-03-21 20:40 - 000028892 _____ C:\Users\Sonic\Desktop\FRST.txt
2018-10-13 20:34 - 2018-03-21 20:40 - 000000000 ____D C:\FRST
2018-10-13 20:33 - 2018-03-21 20:40 - 002414592 _____ (Farbar) C:\Users\Sonic\Desktop\FRST64.exe
2018-10-13 20:30 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-13 19:27 - 2018-01-03 18:17 - 000000000 ____D C:\Users\Sonic\AppData\Roaming\WTablet
2018-10-13 17:00 - 2017-12-22 21:59 - 000000000 ____D C:\Users\Sonic\AppData\Roaming\vlc
2018-10-13 13:55 - 2018-04-20 21:47 - 000000000 ____D C:\Users\Sonic\Desktop\New folder
2018-10-13 10:35 - 2018-01-14 17:37 - 000000000 ____D C:\Users\Sonic\AppData\Roaming\audacity
2018-10-13 10:26 - 2018-01-08 02:29 - 000000000 ____D C:\Program Files\Microsoft Office
2018-10-13 08:11 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-11 18:35 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-11 08:16 - 2018-07-25 07:55 - 000485800 _____ C:\WINDOWS\system32\perfh011.dat
2018-10-11 08:16 - 2018-07-25 07:55 - 000132262 _____ C:\WINDOWS\system32\perfc011.dat
2018-10-11 08:16 - 2018-07-25 04:16 - 001447762 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-11 08:16 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-11 08:12 - 2017-12-22 01:47 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-11 08:11 - 2018-07-25 04:05 - 000440088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-11 08:11 - 2018-06-25 20:08 - 000000000 ____D C:\Users\Sonic\AppData\Roaming\TIDAL
2018-10-11 08:11 - 2017-12-22 02:02 - 000026192 ____N (Windows ® Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2018-10-11 08:11 - 2017-12-22 01:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-11 08:11 - 2017-12-22 01:56 - 000000000 ___RD C:\Users\Sonic\3D Objects
2018-10-11 08:10 - 2018-07-25 04:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-11 02:04 - 2018-04-11 17:04 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2018-10-11 02:03 - 2018-04-11 19:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-11 02:03 - 2018-04-11 19:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-11 02:03 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-11 02:03 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-11 02:03 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-11 02:03 - 2018-04-11 19:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-11 02:02 - 2018-07-25 04:08 - 000000000 ____D C:\Users\Sonic
2018-10-11 02:00 - 2017-12-22 03:17 - 000000000 ____D C:\Users\Sonic\AppData\Local\Everything
2018-10-11 02:00 - 2017-12-22 02:27 - 000000000 ____D C:\Users\Sonic\AppData\Roaming\Everything
2018-10-10 09:30 - 2017-12-22 05:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-10 09:29 - 2017-12-22 05:30 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-10 09:28 - 2018-04-11 19:34 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-10-09 16:36 - 2017-12-22 02:39 - 000000000 ____D C:\Users\Sonic\AppData\Roaming\discord
2018-10-09 16:31 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-10-09 16:30 - 2018-07-27 18:20 - 000000000 ____D C:\WINDOWS\Minidump
2018-10-09 16:30 - 2018-07-25 04:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-09 10:16 - 2017-12-23 00:45 - 000000000 ____D C:\Users\Sonic\AppData\Local\CrashDumps
2018-10-07 11:01 - 2017-12-22 20:16 - 000000000 ____D C:\Users\Sonic\AppData\Local\UnrealEngine
2018-10-06 16:03 - 2017-12-29 06:43 - 000000000 ____D C:\Users\Sonic\AppData\Roaming\obs-studio
2018-10-06 15:53 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-10-04 11:40 - 2018-07-25 04:12 - 000003938 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1521588904
2018-10-04 11:40 - 2018-03-20 19:35 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2018-10-04 11:40 - 2018-03-20 19:34 - 000000000 ____D C:\Program Files\Opera
2018-10-03 19:56 - 2018-04-10 23:15 - 000000000 ____D C:\Users\Sonic\AppData\Roaming\foobar2000
2018-10-02 16:13 - 2018-04-11 19:41 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-10-02 16:13 - 2018-04-11 19:41 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-28 14:58 - 2018-07-25 04:12 - 000004212 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-09-28 14:45 - 2018-06-08 19:19 - 000000000 ____D C:\Users\Sonic\AppData\Local\ElevatedDiagnostics
2018-09-28 03:18 - 2017-12-22 02:42 - 000000000 ____D C:\Users\Sonic\AppData\Local\NVIDIA Corporation
2018-09-27 23:21 - 2018-01-09 21:53 - 000001966 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2018-09-27 23:21 - 2018-01-09 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-09-27 23:15 - 2018-07-25 04:12 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-27 23:15 - 2018-07-25 04:12 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-27 23:15 - 2018-07-25 04:12 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-27 23:15 - 2018-07-25 04:12 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-27 23:15 - 2018-07-25 04:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-27 23:15 - 2018-07-25 04:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-27 23:15 - 2018-07-25 04:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-27 23:15 - 2018-07-25 04:12 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-27 23:15 - 2018-07-25 04:12 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-27 23:15 - 2018-07-25 04:12 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-27 23:15 - 2018-07-25 04:12 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-27 23:15 - 2017-12-22 02:42 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-09-27 23:15 - 2017-12-22 01:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-09-27 23:15 - 2017-12-22 01:47 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-09-27 23:15 - 2017-12-22 01:47 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-09-25 10:43 - 2018-02-28 22:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-09-20 15:03 - 2017-12-22 02:27 - 000000000 ____D C:\Program Files (x86)\Steam
2018-09-19 21:50 - 2018-01-29 18:33 - 000000000 ____D C:\Users\Sonic\AppData\Roaming\deluge
2018-09-17 15:35 - 2017-12-22 02:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-17 15:35 - 2017-12-22 02:24 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-13 00:06 - 2018-04-06 23:49 - 000000000 ____D C:\Program Files\Common Files\VST3
 
==================== Files in the root of some directories =======
 
2018-04-12 23:06 - 2018-04-12 23:06 - 002722286 _____ () C:\Program Files (x86)\Auto-Tune 8 Manual.pdf
2018-04-12 23:06 - 2018-04-12 23:06 - 000056051 _____ () C:\Program Files (x86)\VST PC Read Me.pdf
2018-08-15 15:28 - 2018-08-15 17:46 - 000034159 _____ () C:\Users\Sonic\AppData\Roaming\VoiceMeeterBananaDefault.xml
2018-08-15 14:24 - 2018-08-15 14:24 - 000004652 _____ () C:\Users\Sonic\AppData\Roaming\VoiceMeeterDefault.xml
2018-01-07 20:15 - 2018-01-07 21:24 - 001065984 _____ () C:\Users\Sonic\AppData\Local\file__0.localstorage
2018-10-10 14:04 - 2018-10-10 14:04 - 000001681 _____ () C:\Users\Sonic\AppData\Local\recently-used.xbel
2017-12-22 02:58 - 2018-04-02 10:09 - 000007605 _____ () C:\Users\Sonic\AppData\Local\resmon.resmoncfg
 
Some files in TEMP:
====================
2018-09-20 14:58 - 2018-09-20 14:58 - 000000017 _____ () C:\Users\Sonic\AppData\Local\Temp\8ea9870a5902ecd70bac72293f48e2c5.dll
2015-05-30 11:00 - 2015-05-30 11:00 - 000028672 _____ () C:\Users\Sonic\AppData\Local\Temp\R2RTOOL.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-07-25 04:05
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Sonic (13-10-2018 20:35:27)
Running from C:\Users\Sonic\Desktop
Windows 10 Home Version 1803 17134.345 (X64) (2018-07-25 08:12:29)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2095927863-3120209340-1161690377-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2095927863-3120209340-1161690377-503 - Limited - Disabled)
Guest (S-1-5-21-2095927863-3120209340-1161690377-501 - Limited - Disabled)
Sonic (S-1-5-21-2095927863-3120209340-1161690377-1001 - Administrator - Enabled) => C:\Users\Sonic
WDAGUtilityAccount (S-1-5-21-2095927863-3120209340-1161690377-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.17.0710.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.17.0710.1 - GIGABYTE)
4K Video Downloader 4.4 (HKLM-x32\...\{17CEAB50-0275-4D5E-9C11-CF2963C59FA1}) (Version: 4.4.6.2295 - Open Media LLC)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
AMD Ryzen Master (HKLM\...\{03213877-8001-4F2C-8917-26B127DE1540}) (Version: 1.0.1.0239 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.17.0913.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.17.0913.1 - GIGABYTE)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
AutoHotkey 1.1.26.01 (HKLM\...\AutoHotkey) (Version: 1.1.26.01 - Lexikos)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BIOS Setup (HKLM-x32\...\{9D48202D-C767-40E7-8A4E-C14BD7328168}) (Version: 1.00.0000 - GIGABYTE) Hidden
BIOS Setup (HKLM-x32\...\InstallShield_{9D48202D-C767-40E7-8A4E-C14BD7328168}) (Version: 1.00.0000 - GIGABYTE)
Blackboard Collaborate Launcher (HKLM-x32\...\{AEED1D32-C837-405A-8009-6660E3883C9E}) (Version: 1.6.4.0 - Blackboard)
Blender (HKLM\...\{B1DF3793-1651-4AE5-9CA0-E845DD8B526B}) (Version: 2.79.0 - Blender Foundation)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
CLIP STUDIO 1.7.1 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.7.1 - CELSYS)
CLIP STUDIO PAINT 1.7.2 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.7.2 - CELSYS)
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.6.1.117 - MAGIX Software GmbH)
Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version:  - )
Destiny 2 (HKLM-x32\...\Destiny 2) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.93 - NVIDIA Corporation) Hidden
EaseUS Partition Master 12.9 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.17.0712.1 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.17.0712.1 - GIGABYTE)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.17.0721.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.17.0721.1 - GIGABYTE)
Epic Games Launcher (HKLM-x32\...\{8F89B0CF-8144-43EE-AB9F-B7F8F23D85FB}) (Version: 1.1.135.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Everything 1.4.1.877 (x64) (HKLM\...\Everything) (Version: 1.4.1.877 (x64) - David Carpenter)
f.lux (HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\Flux) (Version:  - f.lux Software LLC)
Fast Boot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.17.0712.1 - GIGABYTE) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.17.0712.1 - GIGABYTE)
FINAL FANTASY XV (HKLM-x32\...\FINAL FANTASY XV_is1) (Version:  - )
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
FlacSquisher 1.3.8 (HKLM-x32\...\FlacSquisher) (Version: 1.3.8 - FlacSquisher)
foobar2000 v1.3.17 (HKLM-x32\...\foobar2000) (Version: 1.3.17 - Peter Pawlowski)
GigabyteFirmwareUpdateUtility (HKLM-x32\...\{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.17.0628.1 - GIGABYTE) Hidden
GigabyteFirmwareUpdateUtility (HKLM-x32\...\InstallShield_{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.17.0628.1 - GIGABYTE)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1202.1 - GIGABYTE)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.295 - SurfRight B.V.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Java 8 Update 152 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180152F0}) (Version: 8.0.1520.16 - Oracle Corporation)
K-Lite Codec Pack 13.7.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.5 - KLCP)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.01.0111 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.10827.20150 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.14.160.1208 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.6.6.16 - Native Instruments)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 2.0.0 - Nexon)
Ni no Kuni II: Revenant Kingdom (HKLM-x32\...\Ni no Kuni II: Revenant Kingdom_is1) (Version:  - )
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 397.93 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Graphics Driver 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.93 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.3 - OBS Project)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2171 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2171 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.9001.2171 - Microsoft Corporation) Hidden
Opera Stable 56.0.3051.36 (HKLM-x32\...\Opera 56.0.3051.36) (Version: 56.0.3051.36 - Opera Software)
osu! (HKLM-x32\...\{a21a3ba2-dcb7-46cc-940d-27f43c981293}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Ozone 8 Elements (HKLM-x32\...\Ozone 8 Elements) (Version: 8.00 - iZotope, Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1022.0 - Passmark Software)
Pulover's Macro Creator version 5.0.5 (HKLM\...\{223FFB42-2D49-4AF6-9EF2-82B7D0CAF8B4}_is1) (Version: 5.0.5 - Rodolfo U. Batista)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
ScpToolkit (HKLM\...\{1EA84ED4-28D4-4836-BF8B-0E31BF1704C5}) (Version: 1.7.277.16103 - Nefarius Software Solutions)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.0.0 - ShareX Team)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.17.0713.1 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.17.0713.1 - GIGABYTE)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sylenth1 v2.21 (HKLM-x32\...\Sylenth1_is1) (Version:  - )
The Elder Scrolls III - Morrowind GotY (HKLM-x32\...\1435828767_is1) (Version: 2.0.0.7 - GOG.com)
The Elder Scrolls IV - Oblivion GOTY version 1.0 (HKLM-x32\...\The Elder Scrolls IV - Oblivion GOTY_is1) (Version: 1.0 - Darck Repacks)
TIDAL (HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\TIDAL) (Version: 2.1.22 - TIDAL Music AS)
Total War - Warhammer 2 (HKLM-x32\...\Total War - Warhammer 2_is1) (Version:  - )
Twitch Leecher 1.4.3 (HKLM\...\{8A2657AC-EFBB-4D51-BE2D-E0F0AB925E51}) (Version: 1.4.3.0 - Fake Smile Revolution) Hidden
Twitch Leecher 1.4.3 (HKLM-x32\...\{d1af0234-a673-40e0-ba0d-ae6096326bfc}) (Version: 1.4.3.0 - Fake Smile Revolution)
Unity (HKLM-x32\...\Unity) (Version: 5.6.3p1 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{479E8CC7-CD68-4EB4-BB04-34A5C2C74102}) (Version: 2.46.0.0 - Microsoft Corporation)
USB DAC-UP2 (HKLM-x32\...\{3F99EB82-D129-4B27-9ECF-B5F549FCC53B}) (Version: 1.16.1013 - GIGABYTE) Hidden
USB DAC-UP2 (HKLM-x32\...\InstallShield_{3F99EB82-D129-4B27-9ECF-B5F549FCC53B}) (Version: 1.16.1013 - GIGABYTE)
Vampyr (HKLM-x32\...\Vampyr_is1) (Version:  - )
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{8BA11E80-4FB0-11E7-9B6D-A9EF5249FCEF}) (Version: 14.0.270 - VEGAS)
VEGAS Pro 15.0 (HKLM\...\{49E71611-2094-11E8-B9B5-B1014689BFCC}) (Version: 15.0.321 - VEGAS)
Visual Studio Community 2017 (HKLM\...\dac71034) (Version: 15.5.27130.2010 - Microsoft Corporation)
vJoy Device Driver 0.2.0.5 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 0.2.0.5 - Shaul Eizikovich)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
vs_minshellmsi (HKLM-x32\...\{9CDD69A2-765A-4970-AB6B-595A740C614F}) (Version: 15.0.27019 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
VTuner (HKLM-x32\...\{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.17.0710.1 - GIGABYTE) Hidden
VTuner (HKLM-x32\...\InstallShield_{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.17.0710.1 - GIGABYTE)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.27-2 - Wacom Technology Corp.)
Wii U USB GCN adapter version 3.2.1 (HKLM-x32\...\{B3898604-95BA-4EBA-A8D7-C4C2BDC2712A}_is1) (Version: 3.2.1 - Matt Cunningham)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinDirStat 1.1.2 (HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\WinDirStat) (Version:  - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Yamaha Steinberg USB Driver (HKLM\...\{B291AFD1-72C6-40E8-823F-3FA483B119BC}) (Version: 1.10.1 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\yUninstall_{2938B185-2D57-47B0-9FC8-C90A67BA9277}) (Version: 1.10.1 - Yamaha Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => D:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => D:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-05-22] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => D:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {06B4B44C-D2D3-46A0-8D2C-157D62247870} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-09-25] (Microsoft Corporation)
Task: {12E9DEF3-8F8E-4CF5-A652-791E84C2ED92} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2095927863-3120209340-1161690377-1001 => C:\Users\Sonic\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {212577B8-97FD-4EB0-942E-E2EED72248AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-10-13] (Microsoft Corporation)
Task: {2834DAB8-4F78-4E77-8EB2-BD2F0A6F1569} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {526AA30C-A5EC-4220-A613-A2A27CA79988} - System32\Tasks\ScpUpdater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [2016-04-12] (Nefarius Software Solutions)
Task: {597BC06E-E741-460F-813C-D9D0F443781E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-09-25] (Microsoft Corporation)
Task: {5B3A9AF5-AD89-4096-8ABE-6B399C1C0760} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation)
Task: {61BD5D48-3E98-4D32-A8A5-3BFD02326EC5} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {6F746288-2ED8-4951-8EC9-C92C8691591F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-09-12] (NVIDIA Corporation)
Task: {7570CFDE-AC01-443D-8259-FDCA330E3E40} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [2017-12-11] (Advanced Micro Devices, Inc.)
Task: {7A71AD8A-E261-45E5-9E4C-686288454662} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-22] (Google Inc.)
Task: {7FF2EEEE-9194-4E81-A10C-3C43A5AE41E2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-10-13] (Microsoft Corporation)
Task: {8C55FAB1-DD68-4493-AB7B-4C047CEE5162} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-12-20] ()
Task: {8DEFC179-73F2-49E4-8FAE-191C23336558} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [2017-08-02] (MAGIX Software GmbH)
Task: {94D23B64-BE6C-4FD4-9A92-7FAA206CA893} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {97D940FF-4969-4F21-8538-E847D136FBC7} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [2017-07-13] (GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {9D037856-5CE7-430F-ACFE-51815C9E4A32} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {A08DB57E-C665-4A5E-96A7-C8597B4F5AA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-22] (Google Inc.)
Task: {AA7BAAE1-7135-4AE6-876A-3C71A4316D9E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)
Task: {B01B9ED6-DEF6-448E-8360-0D86DC237A6F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-09-25] (Microsoft Corporation)
Task: {B3EBB3F1-42E9-4F77-8F4F-6CC886D2E4C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-09-25] (Microsoft Corporation)
Task: {B9B02E63-7D2F-4D63-B2DB-D37F89A58B1F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {BD72FDF6-1FFE-4FB9-9E14-FF7EC0EA5887} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {C7298493-B4FA-40A2-B9BF-1B0F5D40BE06} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-13] (Microsoft Corporation)
Task: {CEDB26E7-A725-4FDF-A108-25DFADACFC0E} - System32\Tasks\Opera scheduled Autoupdate 1521588904 => C:\Program Files\Opera\launcher.exe [2018-10-02] (Opera Software)
Task: {D10E8871-5A72-4D28-B3A3-121821FB090B} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [2017-07-21] (GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {D6CF3ECA-7B8B-4858-9302-86FC21A1E16E} - System32\Tasks\V-Tuner => C:\Program Files (x86)\GIGABYTE\VTuner\VTuner.exe [2017-07-10] (GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {D88ABBF7-7E10-4667-8977-FCF934F199CF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation)
Task: {DAE121CA-9F10-4503-8F0A-3DE613DA2ED7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation)
Task: {DB6F32A2-544D-441B-8712-EC86B5BD31AF} - System32\Tasks\BlueStacksHelper => E:\BS\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {DDDA2075-FA7B-4B2D-AE2B-459B3E51CDBB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-22] (Adobe Systems Incorporated)
Task: {E1F45E58-9466-4B34-8A0C-83E4B4FB759F} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {E6EC81DE-3B42-463A-809B-C4330A210F4B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd)
Task: {E8313139-1F1F-4E8B-963A-3EE46FC978AA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-13] (Microsoft Corporation)
Task: {EAC312A0-7641-492F-A747-316542E0B697} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-13] (Microsoft Corporation)
Task: {EE71E73E-631B-4A20-99CD-ECDB012CAE68} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-09-12] (NVIDIA Corporation)
Task: {F7256CC4-DAFD-4A6F-A9F3-96F99965DA59} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-09-12] (NVIDIA Corporation)
Task: {FDEAD4D3-D9E4-42F2-8DBC-9DC77823F8D0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation)
Task: {FDEE093E-BA23-4A53-A9BE-20785D38FC85} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [2017-03-01] (GIGA-BYTE TECHNOLOGY CO., LTD.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
Task: C:\WINDOWS\Tasks\ScpUpdater.job => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\badfollower13 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 21"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\badfollower14 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 22"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\badfollower15 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 23"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\bettererpete - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 10"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\betterestpete - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 11"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\betterpete - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 9"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\bitboyz - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\bjornironhides - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 15"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\cappytappy14 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 12"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\darkesthope1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\doctorsourcream - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 16"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\elderdragon14 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 13"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\funnyfunnytot - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 19"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\haxvspeepee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\hermanbits - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\petypoty - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 17"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 25"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete3 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete4 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 27"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete5 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 28"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete6 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 29"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete7 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 30"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\respiren - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\respirenmh - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\richardbert - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 14"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\venityorch - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 18"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower16 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 31"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower17 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 32"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower18 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 33"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower19 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 34"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower20 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 35"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower21 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 36"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower22 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 38"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower23 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 39"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower24 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 40"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower25 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 41"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower26 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 42"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower27 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 43"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower28 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 44"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower29 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 46"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower30 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 47"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower31 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 48"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower32 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 49"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower33 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 50"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower34 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 51"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower35 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 52"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower36 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 53"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ff13ca23fee04978\bitboyz - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f64d3603c29a95a7\bjornironhides - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 15"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f36b4a13a07e79c7\badfollower14 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 22"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f0936695556e8bf\badfollower13 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 21"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\de0b1d243227e473\venityorch - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 18"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d76736477ba15566\bettererpete - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 10"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\puppypete3 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d2414a571945b906\puppypete4 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 27"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bd751de9f96ba530\petypoty - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 17"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\puppypete2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b13f4a9ad209f845\puppypete5 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 28"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a2f4a7937b204df\doctorsourcream - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 16"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d40ac93c46abd42\puppypete7 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 30"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9c5f1dad405065f1\cappytappy14 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 12"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\997961bd22b48991\puppypete1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 25"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\respirenmh - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\respiren - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69514ab4fcfe459c\funnyfunnytot - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 19"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6651d0a1cd059aa\puppypete6 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 29"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\603d61d7b578f489\betterestpete - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 11"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\600fb694c0849943\betterpete - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 9"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\haxvspeepee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\44311d836ea7d828\badfollower15 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 23"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\411761930c433448\richardbert - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 14"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\hermanbits - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2b054a3d8e89c41e\elderdragon14 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 13"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\darkesthope1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-06-25 10:45 - 2015-06-25 10:45 - 000017920 _____ () C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
2014-05-02 13:52 - 2014-05-02 13:52 - 000599040 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
2014-05-02 08:55 - 2014-05-02 08:55 - 000185344 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll
2014-05-02 08:05 - 2014-05-02 08:05 - 000173056 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-06-04 21:51 - 2018-09-12 07:45 - 001315024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-09-13 17:40 - 2017-09-13 17:40 - 002509744 _____ () C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
2018-10-10 09:26 - 2018-09-19 23:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-19 01:18 - 2018-06-19 01:18 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-06-19 01:18 - 2018-06-19 01:18 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-06-19 01:18 - 2018-06-19 01:18 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-06-19 01:18 - 2018-06-19 01:18 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-19 01:18 - 2018-06-19 01:18 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-01-03 18:16 - 2017-12-13 14:49 - 002288072 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2018-01-03 09:33 - 2018-01-03 09:33 - 000061920 _____ () C:\Program Files\CCleaner\branding.dll
2018-04-07 18:59 - 2014-11-18 14:44 - 000255072 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\TrayTipAgentE.exe
2018-09-17 15:35 - 2018-09-15 04:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-17 15:35 - 2018-09-15 04:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2018-06-04 21:51 - 2018-09-12 07:45 - 101252304 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-06-04 21:51 - 2018-09-12 07:45 - 002673360 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-06-04 21:51 - 2018-09-12 07:45 - 000138960 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-04-12 05:23 - 2018-04-12 05:23 - 000475136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-04-12 05:23 - 2018-04-12 05:23 - 023358976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-04-12 05:23 - 2018-04-12 05:23 - 015622144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-04-12 05:23 - 2018-04-12 05:23 - 003101696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-04-12 05:23 - 2018-04-12 05:23 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-11 08:29 - 2018-09-12 11:35 - 002701064 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-11 08:29 - 2018-09-12 17:57 - 002785784 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-12-22 02:27 - 2017-06-06 21:42 - 002197608 _____ () C:\Program Files\Everything\Everything.exe
2017-12-22 02:27 - 2017-09-24 09:26 - 000358912 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\libunarr-ics.dll
2016-12-08 18:18 - 2016-12-08 18:18 - 001804800 _____ () C:\Program Files (x86)\GIGABYTE\AppCenter\BDR_info.dll
2017-04-14 15:39 - 2017-04-14 15:39 - 000133632 _____ () C:\Program Files (x86)\GIGABYTE\AppCenter\ycc.dll
2018-06-04 21:51 - 2018-09-12 07:45 - 001032912 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-02-17 02:47 - 2015-02-17 02:47 - 000105472 _____ () C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\ycc.dll
2018-04-07 18:59 - 2014-02-13 15:27 - 000222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\traynet.dll
2018-04-07 18:59 - 2014-02-13 15:27 - 000275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\libcurl.dll
2018-04-07 18:59 - 2014-02-13 15:27 - 000113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\zlib1.dll
2018-04-07 18:59 - 2014-02-13 15:27 - 000249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\uexper.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2018-05-11 13:05 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\Sonic\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-05-11 13:05 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\Sonic\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-05-11 13:05 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\Sonic\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-05-11 13:05 - 2018-09-01 22:09 - 011321176 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-05-11 13:05 - 2018-09-16 17:42 - 001615704 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-05-11 13:05 - 2018-05-11 13:05 - 001910104 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-05-11 13:05 - 2018-05-11 13:05 - 000422744 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-05-11 13:05 - 2018-05-11 13:05 - 000145240 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-05-11 13:05 - 2018-05-11 13:05 - 000512856 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-05-11 13:05 - 2018-08-12 16:30 - 001641304 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-10-07 10:36 - 2018-10-11 08:16 - 009621848 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_cloudsync\discord_cloudsync.node
2018-05-11 13:05 - 2018-05-11 13:05 - 002722648 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-08-12 16:30 - 2018-10-07 10:36 - 001253720 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
2018-08-12 16:30 - 2018-10-11 08:16 - 024798552 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
2018-05-11 13:05 - 2018-05-11 13:05 - 002760536 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-05-11 13:05 - 2018-05-11 13:05 - 001249112 _____ () \\?\C:\Users\Sonic\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2017-12-22 02:24 - 2017-12-22 02:25 - 068214160 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\libcef.dll
2017-12-22 02:24 - 2017-12-22 02:25 - 003112848 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\libglesv2.dll
2017-12-22 02:24 - 2017-12-22 02:25 - 000089488 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\libegl.dll
2018-03-09 13:15 - 2018-03-09 13:15 - 000646416 _____ () D:\Program Files (x86)\4KDownload\4kvideodownloader\libportaudio-2.dll
2018-03-09 13:15 - 2018-03-09 13:15 - 001553536 _____ () D:\Program Files (x86)\4KDownload\4kvideodownloader\libstdc++-6.dll
2018-03-09 13:15 - 2018-03-09 13:15 - 000133248 _____ () D:\Program Files (x86)\4KDownload\4kvideodownloader\libgcc_s_dw2-1.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-09-29 09:46 - 2018-02-22 00:14 - 000002885 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nstac.net
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 feedback.search.microsoft.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2095927863-3120209340-1161690377-1001\...\StartupApproved\Run: => "Discord"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F82E4CCA-18B5-4DD1-B8C0-ACEBF909F7F0}] => (Allow) LPort=9009
FirewallRules: [{C8B4F6C7-E368-493B-85C4-F2B2AA222CAE}] => (Allow) LPort=9009
FirewallRules: [{D370BC9A-3B43-4557-8E19-CF6A831A65DA}] => (Allow) LPort=9009
FirewallRules: [{7E9277B7-DBD7-46DF-98FB-7B086B4B4033}] => (Allow) LPort=9009
FirewallRules: [{AA057854-B5C2-4156-915A-70E64FD1465F}] => (Allow) LPort=9009
FirewallRules: [{679202E8-B6D2-4B4F-B165-758C8FADC965}] => (Allow) E:\SteamLibrary\steamapps\common\Barony\editor.exe
FirewallRules: [{FF8691B3-B4CF-4001-AA72-1E35D238839A}] => (Allow) E:\SteamLibrary\steamapps\common\Barony\editor.exe
FirewallRules: [{C7BF9EA0-0E25-407C-94BB-EF1C1D48D85D}] => (Allow) E:\SteamLibrary\steamapps\common\Barony\barony.exe
FirewallRules: [{CA32D090-8F04-4F5E-B590-2126B6397C09}] => (Allow) E:\SteamLibrary\steamapps\common\Barony\barony.exe
FirewallRules: [{D48E223F-3C16-41A1-A4A5-B8B2DB9AB056}] => (Allow) LPort=9009
FirewallRules: [{F522A82C-E825-4AFE-9DD2-AC1810D2ADAB}] => (Allow) LPort=9009
FirewallRules: [{DE2D6F24-DCAF-413C-98EB-B6FBC14B5052}] => (Allow) LPort=9009
FirewallRules: [{4FBBD756-68FE-4666-95F2-ADD6841013EA}] => (Allow) LPort=9009
FirewallRules: [{995B1183-65E5-4431-84BB-106E0CC80E6F}] => (Allow) LPort=9009
FirewallRules: [{DDE5FCBF-8A35-4C7A-B0E6-0EBBDDF488E5}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{C22AAF8A-B5EA-47F4-BD8F-2D99A4FF72E7}D:\cemu\wiiu_usb_helper.exe] => (Allow) D:\cemu\wiiu_usb_helper.exe
FirewallRules: [TCP Query User{3CCE8FB9-D687-45BB-BB34-D707E5447262}D:\cemu\wiiu_usb_helper.exe] => (Allow) D:\cemu\wiiu_usb_helper.exe
FirewallRules: [{CF4028F1-E6B7-4B9E-9E5E-6ED4A7177BBF}] => (Allow) LPort=9009
FirewallRules: [{930FBB53-A747-40CC-BB21-12957F379918}] => (Allow) LPort=9009
FirewallRules: [{0C691F45-7046-4672-ABC1-8BAD8E9679D4}] => (Allow) LPort=9009
FirewallRules: [{668895D0-6F74-4C18-BDBD-1E75EA3E0E1B}] => (Allow) LPort=9009
FirewallRules: [{E54E8DCB-EA56-4C40-83C9-D7197CB4E7AE}] => (Allow) LPort=9009
FirewallRules: [{400F313F-0F1C-4F21-B90A-FF65677143C8}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
FirewallRules: [{C9C66FE8-5D12-40E0-BBB1-424561FA561C}] => (Allow) LPort=9009
FirewallRules: [{7C644661-F735-4BC3-A3F9-A81B8677C3BC}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{FE099DB1-9AC0-45B5-87C9-03A6AC865E11}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe
FirewallRules: [TCP Query User{F1C568CB-F5A7-42E5-9DC9-364C3CDDAC4C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe
FirewallRules: [{308CF2B5-EF7D-40C5-885F-27A4ADF6C235}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{ACB35446-5EB0-4718-9D45-1920ABDF5796}E:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) E:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe
FirewallRules: [TCP Query User{0F2F3649-65B8-429B-A8F6-208731941FDD}E:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) E:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe
FirewallRules: [{E99D4CE1-6792-4C74-BDD3-8EA534A6EED2}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{14A29860-8C1E-41C7-95CD-1623C7569CA7}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3B77F45A-E4AD-44DC-AB74-836ED4E4EE51}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{73B2801E-5B74-4123-99B2-DC705B815CAF}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{04B9EB67-EB04-44B9-9735-BF03BE63B492}] => (Allow) LPort=9009
FirewallRules: [{6F93E617-93F7-487E-AFA6-DF8778B7E073}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{959DC9CF-AB90-495A-95A1-3E50D1C817FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{44F20D87-BEEE-4B7C-9EB9-EF9EB2F9ABFD}] => (Allow) LPort=9009
FirewallRules: [{953A1B45-B3AC-498A-A7EC-8768BD49DF90}] => (Allow) LPort=9009
FirewallRules: [{873272FA-B303-44A1-ACD3-12274613489B}] => (Allow) LPort=9009
FirewallRules: [{C3F3870B-77FD-4F56-9D60-D0DF099432C1}] => (Allow) LPort=9009
FirewallRules: [{1E5CC17A-9473-4F56-9A7C-5C98A4FDA513}] => (Allow) LPort=9009
FirewallRules: [{DA0641E7-6625-4E7B-90BE-5589E15BEC7C}] => (Allow) LPort=9009
FirewallRules: [{3F3D3ECC-D948-4818-87F3-B0442443F213}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{27F31646-46C5-4876-B018-2513FA1D16AF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [TCP Query User{57E39426-533E-4F15-8249-4C5C2CC7D105}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [UDP Query User{235E7D16-22ED-40AF-83F0-4622DE934AB1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
FirewallRules: [TCP Query User{CE910358-FD86-4588-A62E-E12D449AA058}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
FirewallRules: [{484FB2F9-8099-4256-9CF7-20D757C797A1}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{BFAA8389-5C19-47F4-92E2-50832504BF89}E:\destiny 2\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny 2\destiny2.exe
FirewallRules: [TCP Query User{8106EC9B-F116-482B-847E-61C6F14056CA}E:\destiny 2\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny 2\destiny2.exe
FirewallRules: [UDP Query User{1A995CBF-327D-41CB-8125-C42EA7328E16}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [TCP Query User{18C1B88B-3CA1-4B9A-AA49-43E3EB268624}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [{5AA94F85-3FD7-497A-9517-9FC6945FAD85}] => (Allow) LPort=9009
FirewallRules: [{E88104F0-4D30-420C-AA14-0008C182EBFE}] => (Allow) LPort=9009
FirewallRules: [{4CB6F5A9-BAFE-412B-BF0D-4342D141AF24}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{2D3A5C7E-8EE2-45E5-B9FA-F16C892540BB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [TCP Query User{1B2D3B62-21A7-4FF7-BDD4-6D4B3B38A6EB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [{8EFA0862-19DE-407F-B05B-0F7919229302}] => (Allow) LPort=9009
FirewallRules: [{53FE954D-AAD9-47C1-83DF-A35B4345765A}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe
FirewallRules: [{5C4CFF7D-2E0F-4A00-913F-9234F620C4E3}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{AADC5790-5E2D-40BF-9748-B145094BF750}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [TCP Query User{DD684B4E-4EC2-4006-8937-607FE473EA0C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [{0F10BBF0-C6B1-47C8-B090-714D1853563B}] => (Allow) LPort=9009
FirewallRules: [{6DAC86FA-A88B-41FC-8868-A50A14E673CB}] => (Allow) LPort=9009
FirewallRules: [{C3ABAAAD-2F17-48C1-8F7B-6A447A1FCE7F}] => (Allow) LPort=9009
FirewallRules: [{45189A34-F637-45C8-BB95-AFCF5F0C57FB}] => (Allow) LPort=9009
FirewallRules: [{F3B21521-0F4F-41FA-90D5-5F50CDDBBCD1}] => (Allow) LPort=9009
FirewallRules: [{03F9AD8F-518C-4236-BFBE-ADBA7F017253}] => (Allow) LPort=9009
FirewallRules: [{8CE47661-4428-4DE7-80A6-A8773982A384}] => (Allow) LPort=9009
FirewallRules: [{34D398AE-813D-41EF-B24E-0E1B191D9A20}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{03D0C052-A831-4A9E-A554-1A73CC521CD2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [TCP Query User{85565C99-172F-4801-BB48-B3253E5649C8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [{BFCEC984-F422-4821-967E-A6D2F3AB6CF5}] => (Allow) LPort=9009
FirewallRules: [{1DDDD9FB-9320-41B2-BE42-C555278381AA}] => (Allow) LPort=9009
FirewallRules: [{C1CD4207-D405-4726-946E-1363E930F98D}] => (Allow) LPort=9009
FirewallRules: [{0AD36F26-1F58-446A-A550-A32937AB05AD}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{661BF4E2-0FD0-4C6D-A26A-8F3722EAADF4}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{54CEE8B6-05C0-41A1-96F1-4BE0F1342A45}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0238B21A-3C45-4F36-B34C-8436838E8D8B}] => (Allow) LPort=9009
FirewallRules: [{8E44B626-C3CF-425C-9161-1817D3DC83A5}] => (Allow) LPort=9009
FirewallRules: [{80FF79B5-FA92-44EE-8EAF-0786AD972364}] => (Allow) LPort=9009
FirewallRules: [{2852C495-91A0-4882-B68D-963CFB1F9C02}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{6B70A7EC-5C7D-48EE-A78C-4B15EC0CF37C}C:\users\sonic\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_80\bin\javaw.exe] => (Allow) C:\users\sonic\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_80\bin\javaw.exe
FirewallRules: [TCP Query User{BC4113DC-28CA-4546-AFEC-9801CD275D45}C:\users\sonic\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_80\bin\javaw.exe] => (Allow) C:\users\sonic\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_80\bin\javaw.exe
FirewallRules: [{412281C8-72BF-4F5B-A7E4-D3BF29FC359B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5045130E-C7F9-4585-A252-C8850ED01B83}] => (Allow) LPort=9009
FirewallRules: [{D8A861A1-C0CD-488B-A5A9-D24C84AB8028}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{25E35C91-EF87-4DF9-B010-6D2C2AFB6AC7}E:\program files (x86)\deluge\deluge.exe] => (Allow) E:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{A38A1855-083C-46D7-8C91-031FAD0DC809}E:\program files (x86)\deluge\deluge.exe] => (Allow) E:\program files (x86)\deluge\deluge.exe
FirewallRules: [{202313B0-F1FD-40BB-AFB5-486580AA30B0}] => (Allow) LPort=9009
FirewallRules: [{65ABCBF8-4CAB-4146-8C43-2BF3FF9F0138}] => (Allow) LPort=9009
FirewallRules: [{01086A1D-7312-4285-8D46-1B040C894144}] => (Allow) LPort=9009
FirewallRules: [{E5710C75-A5E8-4BD4-A55F-FCF120EA217E}] => (Allow) LPort=9009
FirewallRules: [{C9A1B7A5-D20A-4641-8CCB-224B19047A00}] => (Allow) LPort=9009
FirewallRules: [{A4724922-72E2-4CAE-8009-512A28F622AC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{028B3D3E-3985-4597-B6E0-0A62EF4E6B70}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D69B2C4D-7D49-4D90-AE85-F309909F2130}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BE39B1E9-6578-43A2-A867-67227961FF62}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5706903F-4028-4B67-856D-37E66803179E}] => (Allow) LPort=9009
FirewallRules: [{FA0CFAA9-CBD3-4532-A105-B49D7896D5CF}] => (Allow) LPort=9009
FirewallRules: [{381FED1E-744C-48B8-81C0-D2F445DD3C3F}] => (Allow) LPort=9009
FirewallRules: [{DAFCEAA9-D728-4871-BA45-CD87A3271D2F}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{27960BE3-F275-4E73-9FAE-5D372684D077}D:\cemu\wii u helper\wiiu_usb_helper.exe] => (Allow) D:\cemu\wii u helper\wiiu_usb_helper.exe
FirewallRules: [TCP Query User{3F353015-BBCE-4768-891E-549F69E1BED8}D:\cemu\wii u helper\wiiu_usb_helper.exe] => (Allow) D:\cemu\wii u helper\wiiu_usb_helper.exe
FirewallRules: [{419617AA-65A8-4271-9E8A-DC228A9C73C3}] => (Allow) LPort=9009
FirewallRules: [{F2AE1F7F-315F-4077-A691-A1A7A2364CDB}] => (Allow) LPort=9009
FirewallRules: [{4577097D-1F2D-47E8-8CB2-A191F1A001EE}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{212C686A-0586-443D-ACCD-FBB68734C344}D:\overwatch\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch\overwatch.exe
FirewallRules: [TCP Query User{C574B7E6-4753-4633-B6FF-1304AD785C2C}D:\overwatch\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch\overwatch.exe
FirewallRules: [{12404FC3-FD21-4771-813D-9C4D1BCD603C}] => (Allow) LPort=9009
FirewallRules: [{25C59CD1-C717-41D3-8A50-63BB5A21A7AB}] => (Allow) LPort=9009
FirewallRules: [{1118A2B1-BD39-486C-9CC7-796B0F23339E}] => (Allow) LPort=9009
FirewallRules: [{B259F50E-0417-4902-BB9D-4F6BC63A3EBE}] => (Allow) LPort=9009
FirewallRules: [{1E9E274D-CC80-4C75-A150-77F2561EFE57}] => (Allow) LPort=9009
FirewallRules: [{EBEAC894-3F7B-4B9F-90CB-A50A23A576DF}] => (Allow) LPort=9009
FirewallRules: [{0BD59D24-C97D-4EAA-A428-484ED934D9B7}] => (Allow) LPort=9009
FirewallRules: [{DB01CB58-229D-4DE9-B24A-B9E6FAE5DC45}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{4B24CFA9-8C6E-4DE7-AEAA-6F5CE6641658}C:\users\sonic\desktop\seleniumandcode\chromedriver.exe] => (Allow) C:\users\sonic\desktop\seleniumandcode\chromedriver.exe
FirewallRules: [TCP Query User{EE812BE0-FE20-4C99-B210-08A264FF2F3B}C:\users\sonic\desktop\seleniumandcode\chromedriver.exe] => (Allow) C:\users\sonic\desktop\seleniumandcode\chromedriver.exe
FirewallRules: [{125CC024-D1A8-472D-A5F3-13E815DB7270}] => (Allow) LPort=9009
FirewallRules: [{328BADBE-B506-4D18-8E88-AEF6C6AD5190}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{4A6A0EF1-1B74-4C58-827D-643B119AF496}D:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) D:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{090D8E55-5391-4B55-BBE0-234FCB384C68}D:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) D:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [{8BCB9765-C163-4037-B744-23FF2A4EEA2E}] => (Allow) LPort=9009
FirewallRules: [{0695CB5A-6485-4219-9770-88FA97E83225}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{E3B907F4-9286-4B65-8281-4A88096047E4}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{3A96E087-D0D4-47B9-A5D1-F2B815CBA6F0}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{9033BCFE-8840-42BF-B2E2-E47343ABE544}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{B9C6F802-5151-4AD4-8346-A391ED4FDE81}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{36E027DA-BFFA-4E92-BB5B-E8514B96CF86}] => (Allow) D:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{8C1F2B5F-D80F-448D-B597-E68DCA394EAF}] => (Allow) D:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{2580FAB7-83B1-48EF-9DA2-ED1122EE3D6D}] => (Allow) D:\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{F1716BBC-EFEE-408B-8076-216A393B76D1}] => (Allow) D:\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{B453A589-624D-417A-A808-7251E91F9E8D}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0F0FF3BB-0978-47FA-BB62-E6B80E4EEAE1}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [UDP Query User{069AE8C0-959A-427C-B744-08B22F760EC1}D:\program files\unity\editor\unity.exe] => (Block) D:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{B9106DE5-550F-48E6-AE1D-DEE44E0FB327}D:\program files\unity\editor\unity.exe] => (Block) D:\program files\unity\editor\unity.exe
FirewallRules: [{A532E615-01F2-4958-B01B-6D244002E372}] => (Allow) D:\SteamLibrary\steamapps\common\VRChat\VRChat.exe
FirewallRules: [{E24CF727-5197-4A05-AB5D-C0E5775F3AFB}] => (Allow) D:\SteamLibrary\steamapps\common\VRChat\VRChat.exe
FirewallRules: [{0DEC9C9F-A764-41CE-9CDF-E91BF0051582}] => (Allow) LPort=9009
FirewallRules: [{ACCA6BEA-BC1B-4ED8-952E-73D3F46DD8D3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4564E872-5F88-4454-B673-ABDA1B0D4E08}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [UDP Query User{356F2EA3-A00A-4342-AF26-34C363AB1047}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{238AABE0-94BF-4753-AB08-B360A061EE4F}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{D4A8FA9A-595B-4F79-840C-6882FA7B80F4}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{BA2B5F69-3446-45E6-9701-5FF061574EA6}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{B0150317-1EB7-41A0-ABE2-95F58608B45A}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{515DB802-FC8E-40C6-8025-A49E434C08BE}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{4FD7EB3F-DEF2-40AD-8829-6CF3B942F70D}] => (Allow) LPort=9009
FirewallRules: [{09113FB3-171B-4639-98A0-6E1B47788582}] => (Allow) LPort=9009
FirewallRules: [{F239A5C1-375E-48F0-B699-F5DBDBCD5339}] => (Allow) LPort=9009
FirewallRules: [{5106FD1E-F653-46F4-8B33-7B9942D1D3BB}] => (Allow) LPort=9009
FirewallRules: [{2B501179-C645-4933-8AB2-5A4A86F548EF}] => (Allow) LPort=9009
FirewallRules: [{7B960627-126C-4892-B822-FFD7A1097CA6}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{940C1A5F-F753-464E-8B0F-A7D3E9034AB9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{D3A0F07B-A868-4362-8D48-254759B5D069}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{44384D99-BF87-4E44-98EA-7DDD71CB78D7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1EA644C9-E752-41A8-A875-2F7915326B6C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9A3F10C4-1D16-4B7F-8868-CEA86E253380}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{C0F36325-AACD-4AF1-BF8A-83F03971A04F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{3F9E9B80-249D-4B58-A128-0A18CEE69C0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{FC89A650-AC16-4680-B05E-08577668D88C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1196BB4E-8427-4702-BAB6-94825A3820ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{2067D314-CE49-4293-96AB-1ED66F5EE43C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C19A1697-392E-43BF-8429-1A8051926BF1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{84D596EC-B110-452E-8993-5D60E768FB43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9650802A-C32C-4CD6-B26E-EC8FA6040205}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{DE9AAB97-5429-4C08-84CE-280DB6399176}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C6499780-3A8C-4F14-AD55-AB7546A5F8AA}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe
FirewallRules: [{071B1E04-52BD-4BA2-A9F6-57216E5F95B9}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
FirewallRules: [{7437A02D-BBFF-4CA2-9477-3998BC81BB02}] => (Allow) LPort=9009
FirewallRules: [{196A2C59-0076-4C8B-ADF5-2FB3E91E0486}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe
FirewallRules: [{6C7F6BF7-DC4C-48EA-994A-E201F780C9F3}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
FirewallRules: [{0F8FB278-8A0D-4CA1-96C7-2F02962AB95E}] => (Allow) C:\Program files (x86)\raidxpert2\apache\bin\httpd.exe
FirewallRules: [{0C69C44A-38F8-470A-9C20-9C190F67B65A}] => (Allow) C:\Program files (x86)\raidxpert2\apache\bin\httpd.exe
FirewallRules: [{404B4E48-FB40-4C96-B6EB-768A7239CE97}] => (Allow) LPort=9009
FirewallRules: [{C92FBC8E-B630-4147-AA72-24D5D17E6BBD}] => (Allow) LPort=9009
FirewallRules: [{BB150D89-0A8D-4C97-BB84-985361B96324}] => (Allow) LPort=9009
FirewallRules: [{B9870999-F0A4-4018-93CE-88191C4D5ADB}] => (Allow) LPort=9009
FirewallRules: [{59C8A450-C739-4B4D-802C-79C09A38A9CA}] => (Allow) LPort=9009
FirewallRules: [{FAE11266-1D36-40D2-8739-0A55530E3C61}] => (Allow) LPort=9009
FirewallRules: [{0D528F17-949A-4014-AAAA-F881B395D46F}] => (Allow) LPort=9009
FirewallRules: [{28B8B980-CC17-4EA4-B927-5B9B1C4332F7}] => (Allow) LPort=9009
FirewallRules: [{FA9B99BC-479C-4DFB-9F5D-351B6240BD38}] => (Allow) LPort=9009
FirewallRules: [{9B495D55-55F0-4B78-89CA-5420961AAEA8}] => (Allow) LPort=9009
FirewallRules: [{D94F92F8-9D66-4C14-A7CA-3F6FE808632D}] => (Allow) LPort=9009
FirewallRules: [{498C83AF-7D41-4887-89B6-E58C3DCEEF12}] => (Allow) LPort=9009
FirewallRules: [{AD4132EA-83A4-4ABA-8A94-A75C7BE348F2}] => (Allow) LPort=9009
FirewallRules: [{7A97446F-064D-48AB-8B2F-76C31C789825}] => (Allow) LPort=9009
FirewallRules: [{045E6747-B4E6-4954-B730-BC7C7245BCB6}] => (Allow) LPort=9009
FirewallRules: [{FB107A12-10FC-4B9F-9F89-F65FC24FBFE8}] => (Allow) LPort=9009
FirewallRules: [{1145333B-496E-4051-8DBA-AEF886C428F3}] => (Allow) LPort=9009
FirewallRules: [{66FB68C2-9597-49A6-8C75-656CEA87DB38}] => (Allow) LPort=9009
FirewallRules: [{F5DE7EEE-EABB-436D-817C-D15A44D3FDCC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slap City\Slap City.exe
FirewallRules: [{6E18DFC8-96CE-4C76-BED2-2DEF04EC5719}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slap City\Slap City.exe
FirewallRules: [{5C08CE10-94FF-4E12-9706-E58C151DB68B}] => (Allow) LPort=9009
FirewallRules: [{E4B0AFF0-2FD2-4690-9CC0-BEDFDAE2C04F}] => (Allow) LPort=9009
FirewallRules: [{FBEB1718-310B-4EDC-B1BC-944162BEC4D1}] => (Allow) LPort=9009
FirewallRules: [{4827A65C-8E8C-497D-BC22-5A510CABCD5E}] => (Allow) LPort=9009
FirewallRules: [{57281D81-B2DF-4660-B737-A2E4BCA8DBC9}] => (Allow) LPort=9009
FirewallRules: [{D0BF14C6-069F-449B-9F38-4E2331F7CC31}] => (Allow) LPort=9009
FirewallRules: [{78125644-4C6A-42D1-899A-6E44324F9F69}] => (Allow) LPort=9009
FirewallRules: [{B01FDDD3-E59E-4341-A704-420CFB116830}] => (Allow) LPort=9009
FirewallRules: [{5C966F72-FBE9-474C-860A-BC9DA74C0C6F}] => (Allow) LPort=9009
FirewallRules: [{5E7AC3F1-050F-4918-ACE8-BD5385D5DE39}] => (Allow) LPort=9009
FirewallRules: [{5B9E2F30-FB68-4D1E-B2D5-C217D1A24A6A}] => (Allow) LPort=9009
FirewallRules: [{E1DBB048-1797-40D2-BCD6-729CD61565A7}] => (Allow) LPort=9009
FirewallRules: [{5BF817BB-D667-4BB2-885B-98D893F9C195}] => (Allow) LPort=9009
FirewallRules: [{D223428C-3C6E-4D8B-9108-7D3D9AB9CA9B}] => (Allow) LPort=9009
FirewallRules: [{EE3E464E-C704-4523-9103-7AEBEB831097}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DB778A24-ED5D-4E28-A07E-ED1AF1914899}] => (Allow) C:\Program Files\Opera\55.0.2994.61\opera.exe
FirewallRules: [{3797DD65-CE63-4176-85D3-20CF8331A935}] => (Allow) LPort=9009
FirewallRules: [{9A9FC513-CE57-4978-AF05-4D50BCDB603C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{68567F34-AE57-42DA-9B72-43CD935C089C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{9C61D85A-6B13-4235-B226-832E8E26C4DE}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{3199F516-5DE6-4F4D-9860-91D2E0012A2E}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [TCP Query User{4C0A204E-83BC-431D-9A8B-210192F454B9}D:\games\total war - warhammer 2\warhammer2.exe] => (Block) D:\games\total war - warhammer 2\warhammer2.exe
FirewallRules: [UDP Query User{33EF5044-8335-4182-8FFE-F546D62195AE}D:\games\total war - warhammer 2\warhammer2.exe] => (Block) D:\games\total war - warhammer 2\warhammer2.exe
FirewallRules: [{EE3C3C78-E742-4B82-BDF1-C718F382D25F}] => (Allow) LPort=9009
FirewallRules: [{677D5A36-8A85-4E80-8E80-785C4BD84B0E}] => (Allow) LPort=9009
FirewallRules: [{DB493402-282B-4413-B692-F948B3DF582E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7556999C-E8E3-4379-84D4-7D7746F2605D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{44747E8C-4396-4832-A57C-E04A4DF0C17F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{449B2BF1-9E50-4EFD-ADC0-DAC77138F99D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44F22BF3-EECD-4455-8756-A2504CEEC794}] => (Allow) LPort=9009
FirewallRules: [{BFBC588A-E659-4D9F-A7E3-CA300A57C8E8}] => (Allow) LPort=9009
FirewallRules: [{78C96FA4-652F-41AA-8E96-F75A52F6AEEE}] => (Allow) C:\Program Files\Opera\56.0.3051.36\opera.exe
FirewallRules: [{4EE09AD1-0CD3-4AF0-9644-27A5639D9116}] => (Allow) LPort=9009
FirewallRules: [{7D16C2A3-B39E-485B-9DDA-EC64E874000C}] => (Allow) LPort=9009
FirewallRules: [{F074C021-2AE2-4F68-B505-E815726B1DA9}] => (Allow) LPort=9009
FirewallRules: [{D97B97DF-751B-45C7-8162-57C608A93025}] => (Allow) LPort=9009
FirewallRules: [{0138AC01-0BF7-4C31-A0A2-D13E862985D2}] => (Allow) LPort=9009
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/13/2018 08:07:15 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (10/12/2018 08:30:02 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (10/11/2018 04:23:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.2.0.704, time stamp: 0x5b9acf90
Faulting module name: arwlib.dll, version: 3.1.0.710, time stamp: 0x5b8eac27
Exception code: 0xc0000005
Fault offset: 0x000000000010a957
Faulting process id: 0x3204
Faulting application start time: 0x01d4615e163541bc
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
Report Id: 8bc3eb5b-4386-4389-89b6-adf5508f1ca3
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/11/2018 08:16:51 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (10/11/2018 08:11:17 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.345_none_fb429a5930656358.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.345_none_42efd13044e18c5e.manifest.
 
Error: (10/10/2018 08:23:45 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (10/09/2018 04:36:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.
 
Error: (10/09/2018 10:16:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RunUpd.exe, version: 1.0.0.0, time stamp: 0x56d556c0
Faulting module name: KERNELBASE.dll, version: 10.0.17134.165, time stamp: 0xfa43f4b2
Exception code: 0xc0020001
Fault offset: 0x0010ddc2
Faulting process id: 0x1cc8
Faulting application start time: 0x01d45fdaa8585b30
Faulting application path: C:\Program Files (x86)\GIGABYTE\AppCenter\RunUpd.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 6fbfaa20-2554-4036-b17c-bd3118bdc428
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (10/12/2018 08:15:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{0358B920-0AC7-461F-98F4-58E32CD89148}
 and APPID 
{3EB3C877-1F16-487C-9050-104DBCD66683}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/12/2018 08:15:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{0358B920-0AC7-461F-98F4-58E32CD89148}
 and APPID 
{3EB3C877-1F16-487C-9050-104DBCD66683}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/11/2018 04:23:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (10/11/2018 01:41:56 PM) (Source: DCOM) (EventID: 10016) (User: EARTH)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user EARTH\Sonic SID (S-1-5-21-2095927863-3120209340-1161690377-1001) from address LocalHost (Using LRPC) running in the application container SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0 SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/11/2018 12:28:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/11/2018 08:13:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscDataProtection
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/11/2018 08:13:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/11/2018 08:11:40 AM) (Source: DCOM) (EventID: 10016) (User: EARTH)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user EARTH\Sonic SID (S-1-5-21-2095927863-3120209340-1161690377-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2018-10-13 17:27:24.427
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {94EDBDE4-9615-45BC-9AF1-6ED5ED57689E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-10-12 12:11:34.904
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {61A16D25-DDEB-4FF6-8E1E-49AE9361BB22}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-10-11 18:35:09.708
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4C8DC113-5714-459F-910D-9B880A319DF9}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-10-11 01:57:37.018
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {2EE40434-B4B1-4F75-AE4B-C4D6299E0666}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-10-10 12:23:08.665
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A34D5E9F-5156-415C-9EEC-3F4EB818D0C4}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-09-28 15:02:22.064
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.277.225.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
==================== Memory info =========================== 
 
Processor: AMD Ryzen 5 1600 Six-Core Processor 
Percentage of memory in use: 77%
Total physical RAM: 16335.36 MB
Available physical RAM: 3692.87 MB
Total Virtual: 21986.13 MB
Available Virtual: 2385.14 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.19 GB) (Free:15.25 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:2794.39 GB) (Free:552.95 GB) NTFS
Drive e: (HD Drive) (Fixed) (Total:931.47 GB) (Free:24.9 GB) NTFS
 
\\?\Volume{99066a38-431b-4813-8a38-a2c272245f64}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{9692a95d-0a97-4031-a29f-04088d7846a3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 55611CFE)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: 0A18242F)
 
Partition: GPT.
 
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 56683742)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:48 AM

Posted 15 October 2018 - 08:39 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

ATTENTION: System Restore is disabled
Turn System Restore ON for Drives in Windows 10 - Immediately.
http://www.tenforums.com/tutorials/4533-system-protection-turn-off-drives-windows-10-a.html
===

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]

2018-09-20 14:58 - 2018-09-20 14:58 - 000000017 _____ () C:\Users\Sonic\AppData\Local\Temp\8ea9870a5902ecd70bac72293f48e2c5.dll
2015-05-30 11:00 - 2015-05-30 11:00 - 000028672 _____ () C:\Users\Sonic\AppData\Local\Temp\R2RTOOL.dll

Reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png or the 3 vertical dots located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset and clean up" > "Restore settings to their original defaults"
 
Restart Chrome.
<<<>>>

Let me know if the problem persists.

---

p.s.
Do you wish to keep all the numerous profiles in Chrome as your shortcut indicates?

#3 respiren19

respiren19
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 15 October 2018 - 11:11 AM

thank you so much!! and I do not wish to keep the numerous profiles in Chrome; I'd been making those to try something and subsequently deleting them from the people page in chrome... I wasn't aware there was any remnant of them ahahaha 

 

here's the fixlog text: edit: a few hours have passed and I can confirm that I'm experiencing the same issues, please let me know if you have any more suggestions or concerns, thank you so so much!!

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Sonic (15-10-2018 11:50:40) Run:1
Running from C:\Users\Sonic\Desktop
Loaded Profiles: Sonic (Available Profiles: Sonic)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
CreateRestorePoint:
CloseProcesses:
 
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
 
2018-09-20 14:58 - 2018-09-20 14:58 - 000000017 _____ () C:\Users\Sonic\AppData\Local\Temp\8ea9870a5902ecd70bac72293f48e2c5.dll
2015-05-30 11:00 - 2015-05-30 11:00 - 000028672 _____ () C:\Users\Sonic\AppData\Local\Temp\R2RTOOL.dll
 
Reboot:
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove, key could be protected
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
C:\Users\Public\AppData => ":CSM" ADS removed successfully
C:\Users\Sonic\AppData\Local\Temp\8ea9870a5902ecd70bac72293f48e2c5.dll => moved successfully
C:\Users\Sonic\AppData\Local\Temp\R2RTOOL.dll => moved successfully
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 15-10-2018 12:01:17)
 
 
Result of scheduled keys to remove after reboot:
 
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove, key could be protected
 
==== End of Fixlog 12:01:17 ====

Edited by respiren19, 15 October 2018 - 04:15 PM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:48 AM

Posted 16 October 2018 - 06:32 AM


Hi,

This should take care of the Chrome Shorcuts.

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
CloseProcesses:

Press the [b] Windows key + r[/b] on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.

[code]

Start

CreateRestorePoint:
CloseProcesses:

ShortcutWithArgument: C:\Users\Sonic\Desktop\users\badfollower13 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 21"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\badfollower14 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 22"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\badfollower15 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 23"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\bettererpete - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 10"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\betterestpete - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 11"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\betterpete - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 9"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\bitboyz - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\bjornironhides - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 15"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\cappytappy14 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 12"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\darkesthope1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\doctorsourcream - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 16"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\elderdragon14 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 13"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\funnyfunnytot - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 19"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\haxvspeepee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\hermanbits - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\petypoty - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 17"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 25"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete3 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete4 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 27"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete5 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 28"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete6 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 29"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\puppypete7 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 30"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\respiren - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\respirenmh - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\richardbert - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 14"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\venityorch - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 18"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower16 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 31"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower17 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 32"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower18 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 33"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower19 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 34"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower20 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 35"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower21 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 36"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower22 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 38"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower23 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 39"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower24 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 40"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower25 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 41"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower26 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 42"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower27 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 43"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower28 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 44"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower29 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 46"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower30 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 47"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower31 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 48"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower32 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 49"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower33 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 50"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower34 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 51"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower35 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 52"
ShortcutWithArgument: C:\Users\Sonic\Desktop\users\round 2\badfollower36 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 53"

ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ff13ca23fee04978\bitboyz - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f64d3603c29a95a7\bjornironhides - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 15"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f36b4a13a07e79c7\badfollower14 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 22"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f0936695556e8bf\badfollower13 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 21"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\de0b1d243227e473\venityorch - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 18"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d76736477ba15566\bettererpete - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 10"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\puppypete3 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d2414a571945b906\puppypete4 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 27"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bd751de9f96ba530\petypoty - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 17"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\puppypete2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b13f4a9ad209f845\puppypete5 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 28"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a2f4a7937b204df\doctorsourcream - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 16"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d40ac93c46abd42\puppypete7 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 30"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9c5f1dad405065f1\cappytappy14 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 12"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\997961bd22b48991\puppypete1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 25"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\respirenmh - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\respiren - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69514ab4fcfe459c\funnyfunnytot - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 19"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6651d0a1cd059aa\puppypete6 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 29"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\603d61d7b578f489\betterestpete - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 11"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\600fb694c0849943\betterpete - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 9"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\haxvspeepee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\44311d836ea7d828\badfollower15 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 23"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\411761930c433448\richardbert - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 14"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\hermanbits - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2b054a3d8e89c41e\elderdragon14 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 13"
ShortcutWithArgument: C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\darkesthope1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
C:\Users\Sonic\Desktop\users\round 2\badfollower*Chrome.lnk

C:\Users\Sonic\Desktop\users\badfollower*Chrome.lnk
C:\Users\Sonic\Desktop\users\bettererpete - Chrome.lnk
C:\Users\Sonic\Desktop\users\betterestpete - Chrome.lnk
C:\Users\Sonic\Desktop\users\betterpete - Chrome.lnk
C:\Users\Sonic\Desktop\users\bitboyz - Chrome.lnk
C:\Users\Sonic\Desktop\users\bjornironhides*Chrome.lnk
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f64d3603c29a95a7\bjornironhides - Chrome.lnk
C:\Users\Sonic\Desktop\users\cappytappy*Chrome.lnk
C:\Users\Sonic\Desktop\users\darkesthope1
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\darkesthope1 - Chrome.lnk
C:\Users\Sonic\Desktop\users\doctorsourcream - Chrome.lnk
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a2f4a7937b204df\doctorsourcream - Chrome.lnk
C:\Users\Sonic\Desktop\users\elderdragon14 - Chrome.lnk
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2b054a3d8e89c41e\elderdragon14 - Chrome.lnk
C:\Users\Sonic\Desktop\users\funnyfunnytot - Chrome.lnk
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69514ab4fcfe459c\funnyfunnytot - Chrome.lnk
C:\Users\Sonic\Desktop\users\haxvspeepee - Chrome.lnk
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\haxvspeepee - Chrome.lnk
C:\Users\Sonic\Desktop\users\hermanbits - Chrome.lnk
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\hermanbits - Chrome.lnk
C:\Users\Sonic\Desktop\users\petypoty
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bd751de9f96ba530\petypoty - Chrome.lnk
C:\Users\Sonic\Desktop\users\puppypete*Chrome.lnk
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\puppypete3 - Chrome.lnk
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d2414a571945b906\puppypete4 - Chrome.lnk 
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\puppypete2 - Chrome.lnk
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b13f4a9ad209f845\puppypete5 - Chrome.lnk
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d40ac93c46abd42\puppypete7 - Chrome.lnk
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6651d0a1cd059aa\puppypete6 - Chrome.lnk 
C:\Users\Sonic\Desktop\users\respiren*Chrome.lnk
C:\Users\Sonic\Desktop\users\richardbert - Chrome.lnk
C:\Users\Sonic\Desktop\users\venityorch - Chrome.lnk
C:\Users\Sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\de0b1d243227e473\venityorch - Chrome.lnk

Reboot:

End
[/code]
Save the file as [b]fixlist.txt[/b] in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run [b]FRST[/b] and click [b]Fix[/b] only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.

Please let me know what problem persists with this computer.

Reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Simple and easy ways to keep your computer safe and secure on the Internet.
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users