Solved I just a big virus very weird

Broni

Malware Annihilator
Good :)

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 

user75

TS Enthusiast
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-08-2019
Ran by reznov (administrator) on DESKTOP-4F34DJR (Dell Inc. G3 3579) (26-08-2019 02:12:36)
Running from C:\Users\pirja\Downloads
Loaded Profiles: reznov (Available Profiles: reznov)
Platform: Windows 10 Pro Version 1809 17763.678 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Clipdiary\Clipdiary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apowersoft Ltd -> Apowersoft) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
(Atheros Communications, Inc.) [File not signed] C:\Program Files (x86)\Jumpstart\jswpbapi.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6788\Agent.exe
(Decentral Inc. -> decentral.ca) C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\Jaxx Liberty.exe
(Decentral Inc. -> decentral.ca) C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\Jaxx Liberty.exe
(Decentral Inc. -> decentral.ca) C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\Jaxx Liberty.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Discord Inc. -> Discord Inc.) C:\Users\pirja\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\pirja\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\pirja\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\pirja\AppData\Local\Discord\app-0.0.305\Discord.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\79.4.143\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\79.4.143\QtWebEngineProcess.exe
(Druide Informatique Inc. -> Druide informatique inc.) [File not signed] C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\AgentAntidote.exe
(Druide Informatique Inc. -> Druide informatique inc.) [File not signed] C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.13\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.13\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_db953c52208ada71\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_db953c52208ada71\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2f4c7fcb86976beb\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2f4c7fcb86976beb\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Mega Limited -> Mega Limited) C:\Users\pirja\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\Display.NvContainer\NVDisplay.Container.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Osiris Development -> Osiris Development) C:\Program Files\BatteryBar\BatteryBar.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\pcdrwi.exe
(Privax Limited -> Privax Limited) C:\Program Files (x86)\HMA! Pro VPN\VpnSvc.exe
(PushBullet Inc -> Pushbullet Inc) C:\Users\pirja\AppData\Local\Pushbullet\bin\pushbullet_client.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Spotify AB -> Spotify Ltd) C:\Users\pirja\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\pirja\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\pirja\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\pirja\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\pirja\AppData\Roaming\Spotify\Spotify.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(The Wise Dev -> OtohitsNetwork) C:\OtohitsNetwork\OtohitsApp\Otohits.App.exe
(The Wise Dev -> OtohitsNetwork) C:\OtohitsNetwork\OtohitsApp\Otohits.Viewer.exe
(The Wise Dev -> OtohitsNetwork) C:\OtohitsNetwork\OtohitsApp\Otohits.Viewer.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===========================
 

user75

TS Enthusiast
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [881768 2019-06-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe [1222536 2018-12-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [AgentAntidote32] => C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\AgentAntidote.exe [1653352 2017-09-12] (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
HKLM\...\Run: [AgentAntidote64] => C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe [1797736 2017-09-12] (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-08-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [61370712 2019-03-15] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [jswtrayutil] => C:\Program Files (x86)\Jumpstart\jswtrayutil.exe [528384 2008-09-26] (Atheros Communications, Inc.) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [Pushbullet] => D:\program\pushbullet\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc) [File not signed]
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [ApowersoftScreenRecorder] => C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe [3016344 2018-09-29] (Apowersoft Ltd -> Apowersoft)
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [Clipdiary] => C:\Program Files (x86)\Clipdiary\clipdiary.exe [6735360 2019-05-06] () [File not signed]
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [Discord] => C:\Users\pirja\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [NoxDaemon] => C:\Users\pirja\AppData\Roaming\NoxSrv\NoxSrv.exe [116736 2019-07-12] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1294336 2003-01-20] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-21] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-06-30]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
Startup: C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BatteryBar.lnk [2019-08-07]
ShortcutTarget: BatteryBar.lnk -> C:\Program Files\BatteryBar\BatteryBar.exe (Osiris Development -> Osiris Development)
Startup: C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-02-15]
ShortcutTarget: MEGAsync.lnk -> C:\Users\pirja\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ProtonMail Bridge.lnk [2019-03-30]
ShortcutTarget: ProtonMail Bridge.lnk -> C:\Program Files\Proton Technologies AG\ProtonMail Bridge\Desktop-Bridge.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13B68E53-CF6D-4AA8-85DC-629FC7D0AC7C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1878EDF5-1632-403F-A028-AC4C216B81AE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {207127DF-9415-4730-A259-9032E04BD93D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-05-24] (Dell Inc. -> Dell Inc.)
Task: {2FE2F2C0-2D96-465D-9161-825648EABC8C} - System32\Tasks\HMA! Pro VPN Update => C:\Program Files (x86)\HMA! Pro VPN\VpnUpdate.exe [1474672 2019-08-12] (Privax Limited -> Privax Limited)
Task: {32156E94-9975-4D29-B7F5-41F8F7848459} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177680 2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3769C2A2-4973-42B2-AE69-C38C65C0D66F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D771F87-9A88-436F-8581-BBD7E3AE81B0} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-pirjackoy@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {40AF7EAF-47F5-412F-9681-4135DB56ED61} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {580DC558-C208-4789-8996-AB2F8A0A05F3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {5A427DE9-CDBB-47FA-B674-D30FE9767246} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-15] (Adobe Inc. -> Adobe)
Task: {5C143FB3-8CA5-4C9C-96BE-633F937C5FF3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5E4BA37F-E9AA-47D1-9706-E00F0E29CCB0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6A291EBA-7B4F-4EB4-A388-A056D477321A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {6F5045D0-65AD-4FE4-979B-E2CDE5724ACA} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {7C3EFB71-D38E-4262-97E0-A406A38FB76A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177680 2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C928B29-D7FF-4120-A320-9C1B35655A85} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27278352 2019-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8DA6AC64-1220-4330-A214-06BB117C457F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_pepper.exe [1452600 2019-08-15] (Adobe Inc. -> Adobe)
Task: {914ECA99-5ED2-4E79-8667-D8DDD48C8E10} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27278352 2019-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0D8644E-3276-437E-B6CD-D5801F32D631} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {AD7DE0FE-6A79-448F-A791-AB570B94A398} - System32\Tasks\ConsoleAct => C:\Windows\ConsoleAct_x64.exe [840560 2018-08-01] (WZTeam -> MSFree Inc., Ratiborus) [File not signed]
Task: {B16CE096-57EC-4EF1-A56A-B33770180AA6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B4567719-ACFD-4506-80F7-6624F95EBF92} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA1999BD-1A1A-4ADA-BA50-0081B8E35F21} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6299792 2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE946BDA-0920-4667-A228-35A3795AE37B} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe
Task: {D3D4E141-E983-4796-85FA-8AFD2C096EF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-14] (Google Inc -> Google Inc.)
Task: {D69D2A2D-0E9E-42BE-9995-718F3C2E9EC7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E198A33F-D1E3-4613-AEA8-B9A618A6E94C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E21018B4-48B8-4B77-9261-A9E5EF26385E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9A6A25D-10E4-4300-AC39-5E930CBB0E6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-14] (Google Inc -> Google Inc.)
Task: {F317E543-52CE-4825-A7BE-17584584FC3C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F91E75A9-37FD-4EC7-899E-C05A65B81A1E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6299792 2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDA69153-E823-46C8-ABEC-F5E64A1D0C12} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{05f2a3dc-162b-4b5b-9d7a-4cf257aedc9f}: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{ab954629-d7b3-48f5-8e9a-6319c0a11212}: [NameServer] 100.120.56.1
Tcpip\..\Interfaces\{b999b08f-b0aa-4129-b051-c5fb43bd634c}: [DhcpNameServer] 4.2.2.1

Internet Explorer:
==================
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-408333896-3164079283-3827766986-1001 -> DefaultScope {61555BF3-C566-45DC-BD27-8F997BFA5C89} URL =
SearchScopes: HKU\S-1-5-21-408333896-3164079283-3827766986-1001 -> {61555BF3-C566-45DC-BD27-8F997BFA5C89} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH -> Eyeo GmbH) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH -> Eyeo GmbH) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\pirja\Downloads

FireFox:
========
FF DefaultProfile: 2e3397mj.default
FF DefaultProfile: x50lax2a.default
FF ProfilePath: C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11 [2019-08-25]
FF Homepage: Mozilla\Firefox\Profiles\ayiflckg.Default User11 -> about:blank
FF Extension: (TorGuard VPN Extension) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\@VPNetworksLLC.xpi [2019-08-07]
FF Extension: (Antidote) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\antidote9_firefox@druide.com.xpi [2017-11-30] [UpdateUrl:hxxps://www.druide.com/telecharger/texteurs/Mozilla/commun/maj_antidote_mozilla.php?id=%ITEM_ID%&version=%ITEM_VERSION%&appid=%APP_ID%&appversion=%APP_VERSION%&appos=%APP_OS%&appabi=%APP_ABI%&applocale=%APP_LOCALE%;&itemstatus=%ITEM_STATUS%]
FF Extension: (ReCaptcha Solver) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\doz4@hotmail.com.xpi [2019-08-07]
FF Extension: (TubeBuddy for YouTube) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2019-08-23]
FF Extension: (SaveFrom.net helper) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\helper@savefrom.net.xpi [2019-08-20]
FF Extension: (HTTPS Everywhere) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\https-everywhere@eff.org.xpi [2019-08-07]
FF Extension: (Pushbullet) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\jid1-BYcQOfYfmBMd9A@jetpack.xpi [2019-08-07]
FF Extension: (Pandora Extended Shortcuts) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\pandora@bbradley.net.xpi [2019-08-07]
FF Extension: (User-Agent Switcher) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\user-agent-switcher@ninetailed.ninja.xpi [2019-08-16]
FF Extension: (minerBlock) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\xd4rker@gmail.com.xpi [2019-08-07]
FF Extension: (Stylish - Custom themes for any website) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2019-08-07]
FF Extension: (Bh Dark Mode) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{62281241-d81e-4922-9c3e-b99fd1ebfcb2}.xpi [2019-08-07]
FF Extension: (DarkTheme) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{99c277af-d778-4a0b-9faa-b1d8165f0a55}.xpi [2019-08-07]
FF Extension: (Dark Fox) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-08-07]
FF Extension: (FTP System c.a.) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{ffca2acd-c848-4961-ab1a-14d45d2c9c22}.xpi [2019-08-07]
FF ProfilePath: C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default [2019-08-07]
FF user.js: detected! => C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\user.js [2019-02-15]
FF Homepage: Mozilla\Firefox\Profiles\2e3397mj.default -> about:blank
FF NewTab: Mozilla\Firefox\Profiles\2e3397mj.default -> about:blank
FF Extension: (TorGuard VPN Extension) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\@VPNetworksLLC.xpi [2019-07-01]
FF Extension: (Antidote-Firefox) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\antidote9_firefox@druide.com [2019-02-15] [Legacy]
FF Extension: (Antidote) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\antidote9_firefox@druide.com.xpi [2017-11-30] [UpdateUrl:hxxps://www.druide.com/telecharger/texteurs/Mozilla/commun/maj_antidote_mozilla.php?id=%ITEM_ID%&version=%ITEM_VERSION%&appid=%APP_ID%&appversion=%APP_VERSION%&appos=%APP_OS%&appabi=%APP_ABI%&applocale=%APP_LOCALE%;&itemstatus=%ITEM_STATUS%]
FF Extension: (ReCaptcha Solver) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\doz4@hotmail.com.xpi [2019-07-10]
FF Extension: (Spanish (Spain) Dictionary) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\es-es@dictionaries.addons.mozilla.org.xpi [2019-02-23]
FF Extension: (French spelling dictionary) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2019-04-01]
FF Extension: (SaveFrom.net helper) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\helper@savefrom.net.xpi [2019-08-05]
FF Extension: (HTTPS Everywhere) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\https-everywhere@eff.org.xpi [2019-07-08]
FF Extension: (Privacy Settings) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\jid1-CKHySAadH4nL6Q@jetpack.xpi [2019-06-16]
FF Extension: (English (GB) Language Pack) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2019-07-24]
FF Extension: (Español (España) Language Pack) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\langpack-es-ES@firefox.mozilla.org.xpi [2019-07-24]
FF Extension: (Français Language Pack) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-07-24]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\marcoagpinto@mail.telepac.pt.xpi [2019-07-29]
FF Extension: (minerBlock) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\xd4rker@gmail.com.xpi [2019-06-21]
FF Extension: (Kolotibablo bot) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\{228118ac-98b5-4b8f-9ed9-7c18b15c23c4}.xpi [2019-08-05] [UpdateUrl:hxxps://antcpt.com/downloads/kolotibablo/firefox/update_manifest.json]
FF Extension: (Fake video news debunker by InVID) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\{b86b6076-1d0f-4ef1-bd24-16bfe94e3eb5}.xpi [2019-07-27]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-05]
FF Extension: (Save time by asking Buster to solve captchas for you.) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\{e58d3966-3d76-4cd9-8552-1582fbc800c1}.xpi [2019-06-21]
FF ProfilePath: C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\oahddy53.default-release [2019-08-26]
FF Extension: (Antidote) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\oahddy53.default-release\Extensions\antidote9_firefox@druide.com.xpi [2019-08-09] [UpdateUrl:hxxps://www.druide.com/telecharger/texteurs/Mozilla/commun/maj_antidote_mozilla.php?id=%ITEM_ID%&version=%ITEM_VERSION%&appid=%APP_ID%&appversion=%APP_VERSION%&appos=%APP_OS%&appabi=%APP_ABI%&applocale=%APP_LOCALE%;&itemstatus=%ITEM_STATUS%]
FF Extension: (French spelling dictionary) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\oahddy53.default-release\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2019-08-10]
FF Extension: (Français Language Pack) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\oahddy53.default-release\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-08-10]
FF ProfilePath: C:\Users\pirja\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\x50lax2a.default [2019-05-30]
FF Extension: (Adblock Plus - free ad blocker) - C:\Program Files\Mozilla Firefox\browser\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2019-02-15]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-08-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-08-05] (Google Inc -> Google LLC)
FF Plugin-x32: @Tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-408333896-3164079283-3827766986-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin HKU\S-1-5-21-408333896-3164079283-3827766986-1001: @turbo.net/Turbo.net Plugin 3.33 -> C:\Users\pirja\AppData\Local\Turbo\19.4.1964.21\npMozillaTurboPlugin.dll [No File]
StartMenuInternet: Firefox-CA9422711AE1A81C - C:\Program Files\Firefox Developer Edition\firefox.exe

Chrome:
 

user75

TS Enthusiast
=======
CHR Profile: C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default [2019-08-26]
CHR Extension: (Slides) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-17]
CHR Extension: (Docs) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-17]
CHR Extension: (Google Drive) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-17]
CHR Extension: (YouTube) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-17]
CHR Extension: (Honey) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-08-25]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-20]
CHR Extension: (Sheets) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-17]
CHR Extension: (Google Docs Offline) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-20]
CHR Extension: (ReCaptcha Solver) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\hapgiopokcmcnjmakciaeaocceodcjdn [2019-07-12]
CHR Extension: (Antidote) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbojggafdepnclikhiapkpinbfdhbdoi [2019-02-17]
CHR Extension: (TorGuard VPN Extension) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnfchpadaikneonajggpooeppnmdolhc [2019-08-13]
CHR Extension: (Buster: Captcha Solver for Humans) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpbjkejclgfgadiemmefgebjfooflfhl [2019-06-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-17]
CHR Extension: (Gmail) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-05]
CHR HKLM\...\Chrome\Extension: [lbojggafdepnclikhiapkpinbfdhbdoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lbojggafdepnclikhiapkpinbfdhbdoi] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-03-06] (BattlEye Innovations e.K. -> )
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2019-08-23] (Microsoft Windows -> Microsoft Corporation)
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2019-06-30] (GuinpinSoft inc) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11587592 2019-08-15] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-08-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
R2 Dell Digital Delivery Services; c:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [34976 2018-12-05] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe [1050952 2019-07-11] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{7EF782A9-9B4D-4D1D-8F51-2449D32827BA} [21304 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{7EF782A9-9B4D-4D1D-8F51-2449D32827BA} [21304 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [26984 2019-07-25] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [80744 2019-07-25] (IDSA Production signing key -> Intel)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1892512 2018-12-14] (Intel Corporation -> Intel Corporation)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel(R) Software Development Products -> )
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2019-08-07] (FUTUREMARK INC -> Futuremark)
S4 HfcDisableService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\HfcDisableService.exe [1881672 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 HmaProVpn; C:\Program Files (x86)\HMA! Pro VPN\VpnSvc.exe [6939760 2019-08-12] (Privax Limited -> Privax Limited)
S3 iaStorAfsService; C:\Windows\System32\iaStorAfsService.exe [2859592 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [530208 2019-05-28] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [214672 2018-01-31] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 jswpbapi; C:\Program Files (x86)\Jumpstart\jswpbapi.exe [265216 2008-09-26] (Atheros Communications, Inc.) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\Jumpstart\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-20] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe [2156616 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [881768 2019-06-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-05-24] (Dell Inc. -> Dell Inc.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [205112 2019-05-15] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel(R) Software Development Products -> )
R2 WavesSysSvc; C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe [884616 2018-12-05] (Waves Inc -> Waves Audio Ltd.)
S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-06-11] (Microsoft Corporation -> Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-20] (Intel Corporation -> Intel® Corporation)
S3 dcpm-notify; "C:\Program Files\Dell\CommandPowerManager\NotifyService.exe" [X]
S2 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]
S2 DellClientManagementService; "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (Anvsoft Inc. -> AnvSoft Inc.)
S3 cykbfltrService; C:\Windows\system32\DRIVERS\cykbfltr.sys [19968 2013-09-13] (Cypress Semiconductor, Inc.) [File not signed]
S3 cymfltrService; C:\Windows\system32\DRIVERS\cymfltr.sys [99328 2013-09-13] (Cypress Semiconductor, Inc.) [File not signed]
R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [78832 2018-12-14] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [75248 2018-12-14] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [403440 2018-12-14] (Intel Corporation -> Intel Corporation)
S3 HfAudio; C:\Windows\System32\drivers\HfAudio.sys [91200 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 HidEventFilter; C:\Windows\System32\DriverStore\FileRepository\hideventfilter.inf_amd64_1ed78f101bc29129\HidEventFilter.sys [84104 2018-11-20] (Intel(R) Software -> Intel Corporation)
R3 hmatap; C:\Windows\System32\drivers\hmatap.sys [36456 2018-09-05] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 hswultpep; C:\Windows\System32\drivers\hswultpep.sys [62968 2013-02-08] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-05-06] (Martin Malik - REALiX -> REALiX(tm))
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [128608 2019-05-22] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1033288 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [72776 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\Windows\System32\drivers\ibtusb.sys [15033120 2019-05-28] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 JSWPSLWF; C:\Windows\system32\DRIVERS\jswpslwfx.sys [26624 2008-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 MEIx64; C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-18] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 Netwtw06; C:\Windows\System32\drivers\Netwtw06.sys [8723968 2018-09-15] (Microsoft Windows -> Intel Corporation)
R3 Netwtw08; C:\Windows\System32\drivers\Netwtw08.sys [9237792 2019-08-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\nvlddmkm.sys [22347976 2019-08-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-08-16] (NVIDIA Corporation -> NVIDIA Corporation)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1158944 2019-08-21] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [442664 2019-03-05] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 ScrHIDDriver2; C:\Windows\System32\drivers\ScrHIDDriver2.sys [75800 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2019-05-15] (Intel Corporation -> )
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46776 2019-05-24] (SteelSeries ApS -> )
R3 sshid; C:\Windows\System32\drivers\sshid.sys [47824 2019-05-24] (SteelSeries ApS -> SteelSeries ApS)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [44976 2018-09-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-08-25] (Adlice -> )
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
U5 vsock; C:\Windows\System32\Drivers\vsock.sys [92040 2018-06-22] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-07-12] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-26 02:12 - 2019-08-26 02:12 - 001613312 _____ (Farbar) C:\Users\pirja\Downloads\FRST64 (1).exe
2019-08-25 23:01 - 2019-08-25 23:01 - 000375176 _____ C:\Users\pirja\Downloads\andresen2012.pdf
2019-08-25 19:49 - 2019-08-25 19:51 - 000000000 ____D C:\AdwCleaner
2019-08-25 19:49 - 2019-08-25 19:49 - 007623880 _____ (Malwarebytes) C:\Users\pirja\Downloads\AdwCleaner.exe
2019-08-25 17:46 - 2019-08-25 17:46 - 064067859 _____ C:\Users\pirja\Downloads\Malwarebytes Anti-Malware Premium 3.7.1.2839 - Repack elchupacabra [4REALTORRENTZ.COM].zip
2019-08-25 17:41 - 2019-08-25 17:41 - 000000000 ____D C:\Users\pirja\AppData\Local\mbamtray
2019-08-25 17:41 - 2019-08-25 17:41 - 000000000 ____D C:\Users\pirja\AppData\Local\mbam
2019-08-25 17:40 - 2019-08-25 17:40 - 000000000 ____D C:\Windows\system32\Drivers\etc\BACKUP
2019-08-25 17:40 - 2019-08-25 17:40 - 000000000 ____D C:\Program Files (x86)\Malwarebytes
2019-08-25 17:39 - 2019-08-25 17:39 - 000019968 _____ C:\Users\pirja\Downloads\Malwarebytes PREMIUM 3.7.1.2839-Repack [Win FR].torrent
2019-08-25 16:03 - 2019-08-25 16:03 - 000028272 _____ C:\Windows\system32\Drivers\truesight.sys
2019-08-25 15:52 - 2019-08-25 15:52 - 032930224 _____ (Adlice Software ) C:\Users\pirja\Downloads\RogueKiller_setup_ref3.exe
2019-08-25 02:24 - 2019-08-25 02:24 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-08-25 02:23 - 2019-08-25 15:47 - 000000000 ____D C:\ProgramData\AVAST Software
2019-08-25 02:20 - 2019-08-25 02:22 - 355469864 _____ (AVAST Software) C:\Users\pirja\Downloads\avast_free_antivirus_setup_offline.exe
2019-08-25 02:00 - 2019-08-25 02:02 - 000124949 _____ C:\Users\pirja\Downloads\Addition.txt
2019-08-25 01:59 - 2019-08-26 02:13 - 000062208 _____ C:\Users\pirja\Downloads\FRST.txt
2019-08-25 01:57 - 2019-08-26 02:12 - 000000000 ____D C:\FRST
2019-08-25 01:57 - 2019-08-25 01:57 - 001612800 _____ (Farbar) C:\Users\pirja\Downloads\FRST64.exe
2019-08-23 23:45 - 2019-08-23 23:45 - 000000000 ____D C:\Program Files\Windows Identity Foundation
2019-08-23 20:36 - 2019-08-23 20:37 - 123477920 _____ (NVIDIA Corporation New) C:\Users\pirja\Downloads\GeForce_Experience_v3.19.0.107.exe
2019-08-23 18:30 - 2019-08-23 18:30 - 000196016 _____ C:\Users\pirja\Downloads\test.pdf
2019-08-23 18:14 - 2019-08-23 18:14 - 001194225 _____ C:\Users\pirja\Downloads\Demande de révision du prêt de 2018-2019-converted-fusionné.pdf
2019-08-23 18:08 - 2019-08-23 18:08 - 001129922 _____ C:\Users\pirja\Downloads\20190822103411877(1).pdf
2019-08-23 18:04 - 2019-08-23 18:04 - 000065603 _____ C:\Users\pirja\Downloads\Demande de révision du prêt de 2018-2019-converted.pdf
2019-08-23 00:02 - 2019-08-23 00:02 - 000000000 ____D C:\Users\pirja\AppData\Roaming\NVIDIA
2019-08-22 23:58 - 2019-08-22 23:58 - 000551172 _____ C:\Users\pirja\Downloads\4_6046298128577987784.mp4
2019-08-22 22:27 - 2019-08-22 22:28 - 116596248 _____ (decentral.ca) C:\Users\pirja\Downloads\Jaxx.Liberty-setup-2.2.5.exe
2019-08-22 21:23 - 2018-06-16 00:36 - 003936393 _____ C:\Users\pirja\Downloads\pass.7z
2019-08-22 16:51 - 2019-08-22 16:51 - 000012376 _____ C:\Users\pirja\AppData\Local\recently-used.xbel
2019-08-22 16:50 - 2019-08-22 16:51 - 004349883 _____ C:\Users\pirja\Documents\Unt1111111111111111111111111111111111111111111itled.jpeg
2019-08-22 16:26 - 2019-08-22 16:33 - 2780496356 _____ C:\Users\pirja\Downloads\facebook-guillaumedoyon117_2.7z
2019-08-22 16:17 - 2019-08-22 16:17 - 000156987 _____ C:\Users\pirja\Downloads\Complete_LinkedInDataExport_08-22-2019.zip
2019-08-22 15:56 - 2019-08-22 16:10 - 3002734127 _____ C:\Users\pirja\Downloads\Unconfirmed 706984.crdownload
2019-08-22 15:47 - 2019-08-22 15:47 - 001567169 _____ C:\Users\pirja\Documents\lllllllllllllllllllllllll.jpeg
2019-08-22 12:52 - 2019-08-22 12:52 - 001129922 _____ C:\Users\pirja\Downloads\20190822103411877.pdf
2019-08-21 19:10 - 2019-08-21 19:10 - 000000012 _____ C:\Users\pirja\Desktop\New Text Document (4).txt
2019-08-21 18:08 - 2019-08-21 18:08 - 001151544 _____ (Google LLC) C:\Users\pirja\Downloads\ChromeSetup.exe
2019-08-21 17:15 - 2019-08-21 17:26 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Somiibo
2019-08-21 16:11 - 2019-08-21 16:11 - 005509505 _____ C:\Users\pirja\Downloads\SetupTheBestSpinner3.exe
2019-08-21 15:53 - 2019-08-21 15:53 - 001424328 _____ (Microsoft Corporation) C:\Users\pirja\Downloads\NDP461-KB3102438-Web.exe
 

user75

TS Enthusiast
2019-08-21 00:59 - 2019-08-21 00:59 - 000000000 ____D C:\Users\pirja\Downloads\WiFi_21.30.3_Driver64_Win10
2019-08-21 00:59 - 2019-08-21 00:59 - 000000000 ____D C:\Program Files\DIFX
2019-08-21 00:58 - 2019-08-21 00:59 - 022143703 _____ C:\Users\pirja\Downloads\WiFi_21.30.3_Driver64_Win10.zip
2019-08-21 00:57 - 2019-08-21 00:57 - 011069014 _____ C:\Users\pirja\Downloads\Install_Win10_10036_07222019(1).zip
2019-08-21 00:57 - 2019-08-21 00:57 - 000000000 ____D C:\Users\pirja\Downloads\Install_Win10_10036_07222019(1)
2019-08-21 00:54 - 2019-08-21 00:54 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2019-08-21 00:53 - 2019-08-16 19:52 - 000075600 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2019-08-21 00:51 - 2019-08-17 17:26 - 001012432 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 001012432 _____ C:\Windows\system32\vulkan-1.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000876240 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000876240 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000447368 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000352136 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000301264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-08-21 00:51 - 2019-08-17 17:26 - 000301264 _____ C:\Windows\system32\vulkaninfo.exe
2019-08-21 00:51 - 2019-08-17 17:26 - 000273104 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-08-21 00:51 - 2019-08-17 17:26 - 000273104 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-08-21 00:51 - 2019-08-17 17:25 - 011560536 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-08-21 00:51 - 2019-08-17 17:25 - 009935776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 017300360 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 014921096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 005478336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 005358016 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 004696512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 002051032 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 001550480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 001477512 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 001247832 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 001140424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000999632 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000959904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000824200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000813496 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000676552 _____ C:\Windows\system32\nvofapi64.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000659360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000633224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000571864 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2019-08-21 00:51 - 2019-08-17 17:24 - 000544648 _____ C:\Windows\SysWOW64\nvofapi.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000523712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000450304 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2019-08-21 00:51 - 2019-08-17 17:23 - 040441280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-08-21 00:51 - 2019-08-17 17:23 - 035331008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-08-21 00:51 - 2019-08-17 17:23 - 005002008 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-08-21 00:51 - 2019-08-17 17:23 - 004263808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-08-21 00:51 - 2019-08-17 17:23 - 000858504 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2019-08-21 00:51 - 2019-08-16 19:52 - 000104564 _____ C:\Windows\system32\nvidia-smi.1.pdf
2019-08-21 00:51 - 2019-08-16 19:52 - 000073648 _____ C:\Windows\system32\nvinfo.pb
2019-08-20 23:16 - 2019-08-20 23:16 - 000116770 _____ C:\Users\pirja\Downloads\mydata.1566354890401_2.7z
2019-08-20 23:15 - 2019-08-20 23:15 - 000150418 _____ C:\Users\pirja\Downloads\Basic_LinkedInDataExport_08-21-2019_2.7z
2019-08-20 22:44 - 2019-08-20 22:46 - 387921972 _____ C:\Users\pirja\Downloads\polvojack_20190820_2.7z
2019-08-20 18:22 - 2019-08-21 00:53 - 000008457 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2019-08-20 02:09 - 2019-08-20 02:09 - 007948008 _____ (Tim Kosse) C:\Users\pirja\Downloads\FileZilla_3.44.2_win64-setup.exe
2019-08-20 01:49 - 2019-08-20 01:49 - 000002072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WickrMe.lnk
2019-08-20 01:49 - 2019-08-20 01:49 - 000002066 _____ C:\Users\Public\Desktop\WickrMe.lnk
2019-08-20 01:49 - 2019-08-20 01:49 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Wickr, LLC
2019-08-20 01:49 - 2019-08-20 01:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WickrMe
2019-08-20 00:04 - 2019-08-20 00:04 - 000560292 _____ C:\Users\pirja\Downloads\Game.of.Thrones.The.Last.Watch.2019.DOC.SUBFRENCH.1080p.HDTV.H264-ELEARNiNG.torrent
2019-08-20 00:03 - 2019-08-20 00:03 - 000023507 _____ C:\Users\pirja\Downloads\RAMIN DJAWADI • 2019 • Game of Thrones - Season 8.torrent
2019-08-20 00:03 - 2019-08-20 00:03 - 000017645 _____ C:\Users\pirja\Downloads\Game.Of.Thrones.S07.Les.Coulisses.Ep02.VOSTFR.HDTV.720P.AVC.AC3-Nikomimi.mkv.torrent
2019-08-20 00:03 - 2019-08-20 00:03 - 000010985 _____ C:\Users\pirja\Downloads\Game.Of.Thrones.S07.Les.Coulisses.EP07.VOSTFR.HDTV.720P.AVC.AC3-Nikomimi.mkv.torrent
2019-08-20 00:03 - 2019-08-20 00:03 - 000009037 _____ C:\Users\pirja\Downloads\Game.Of.Thrones.S07.Les.Coulisses.EP03.HDTV.720P.AVC.AC3-Nikomimi.mkv.torrent
2019-08-20 00:02 - 2019-08-20 00:02 - 000022661 _____ C:\Users\pirja\Downloads\G2ameoThro5nesSE-EA-elamigos.torrent
2019-08-20 00:01 - 2019-08-20 00:01 - 000011873 _____ C:\Users\pirja\Downloads\zScience & Vie Game of Trones N°1 Avril 2019.pdf.torrent
2019-08-18 15:51 - 2019-08-18 15:51 - 000000000 ____D C:\Users\pirja\AppData\Roaming\MediaInfo
2019-08-18 15:43 - 2019-08-18 15:44 - 633725014 _____ C:\Users\pirja\Downloads\UN.PARALLÈLE.PLUS.TARD.2014.VFQ.Web-DL.x264.mp4
2019-08-18 15:22 - 2019-08-18 15:23 - 117199600 _____ (decentral.ca) C:\Users\pirja\Downloads\Jaxx.Liberty-setup-2.2.4.exe
2019-08-15 19:20 - 2019-08-15 19:20 - 000000000 ____D C:\Users\pirja\Downloads\Soundnode
2019-08-15 19:18 - 2019-08-15 19:18 - 000000981 _____ C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soundnode.exe - Shortcut.lnk
2019-08-15 18:30 - 2019-08-15 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-08-13 18:51 - 2019-08-13 18:51 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 023453696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 020816896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 019011584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 012939776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 012244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 011724288 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 009941504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 008900608 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 007921664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 007871488 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006925312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006544552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006308016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006065152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 005587968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 004628992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 004344832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 003978240 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 003818632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 003656704 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002942976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002926096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 002778760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002765312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002700792 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002346496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002298880 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002278792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002177336 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-08-13 18:51 - 2019-08-13 18:51 - 002073232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002017792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-08-13 18:51 - 2019-08-13 18:51 - 001966904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 001733120 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001711104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001701880 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-08-13 18:51 - 2019-08-13 18:51 - 001668752 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001506304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001483872 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001477432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001472568 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001465984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001391096 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001344960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-08-13 18:51 - 2019-08-13 18:51 - 001290752 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001280000 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001278808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001257472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001222160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001221528 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001182240 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001180464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000956416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000882688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000806024 _____ (Microsoft Corporation) C:\Windows\system32\BioIso.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000791040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000783184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000763392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000730112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000684032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000658944 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000535056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000522104 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000515440 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
 

user75

TS Enthusiast
2019-08-13 18:51 - 2019-08-13 18:51 - 000501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000495104 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000440320 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000425984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000398928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000383504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2PGraph.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000349184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingDiagSpp.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\ComposableShellProxyStub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000297984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Diagnostics.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000264704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShellCommonCommonProxyStub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-08-13 18:51 - 2019-08-13 18:51 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\p2pnetsh.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000180736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-08-13 18:51 - 2019-08-13 18:51 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\p2pnetsh.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000173216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000165888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComposableShellProxyStub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000152576 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSoftwareInstallationClient.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000121656 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000114128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\CoreShellExtFramework.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000092832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvsetup.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Groupinghc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000058882 _____ C:\Windows\system32\srms.dat
2019-08-13 18:51 - 2019-08-13 18:51 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hmkd.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 007687784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 005570968 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 004737536 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 004351656 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 004056576 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 003635200 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 003567104 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 003385856 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 003363856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 003335224 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 003333632 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002999808 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002842112 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002767160 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 002593544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002438576 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002421760 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002031104 _____ C:\Windows\system32\rdpnano.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002022096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001892864 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001715712 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001674752 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001662264 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001479184 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001466880 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001321784 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001294488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001267712 _____ (Microsoft Corporation) C:\Windows\system32\APMon.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001260560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001232384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 001205248 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001171968 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001160704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001098272 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001048376 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001038336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001020416 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001004544 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000980992 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000900096 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000895792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000888832 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000869888 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000864568 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000850976 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000833024 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000799784 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000794040 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000788480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000771072 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000764416 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000732168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000684544 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000678680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000652088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000622080 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000603280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000586256 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000580024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000574464 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\ShellCommonCommonProxyStub.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000519168 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000508968 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000482104 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000449576 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000444728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000394240 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000387832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000375752 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000371200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Diagnostics.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\LicensingDiagSpp.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000349696 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000310072 _____ (Microsoft Corporation) C:\Windows\system32\computestorage.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000305664 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000294512 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000278624 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000270848 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000253256 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000248120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000230848 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000212792 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000203064 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000200504 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SIUF.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000193040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000189712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\appsruprov.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000152080 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000141736 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000125016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000118480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pmem.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\drvsetup.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-08-13 18:50 - 2019-08-13 18:50 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\DiskSnapshot.exe
 

user75

TS Enthusiast
___ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\hmkd.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\WindowsUpdateElevatedInstaller.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000032784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000032568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uefi.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\kdcpw.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-08-13 17:24 - 2019-08-13 17:24 - 000000206 _____ C:\Users\pirja\Downloads\github-recovery-codes (1).txt
2019-08-13 17:21 - 2019-08-13 17:21 - 000000206 _____ C:\Users\pirja\Downloads\github-recovery-codes.txt
2019-08-13 16:39 - 2019-08-13 16:39 - 000293341 _____ C:\Users\pirja\Downloads\nvidiaInspector.zip
2019-08-13 16:39 - 2019-08-13 16:39 - 000000000 ____D C:\Users\pirja\Downloads\nvidiaInspector
2019-08-13 16:21 - 2019-08-13 16:21 - 000000000 ____D C:\Program Files (x86)\Futuremark
2019-08-13 16:20 - 2019-08-13 16:20 - 000917486 _____ C:\Users\pirja\Downloads\4.3.1 (2).zip
2019-08-13 07:49 - 2019-08-13 07:49 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-08-13 07:49 - 2019-08-13 07:49 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-08-13 07:49 - 2019-08-13 07:49 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-08-13 07:49 - 2019-08-13 07:49 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-08-13 01:49 - 2019-08-20 18:22 - 000007650 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2019-08-13 00:55 - 2019-07-23 11:33 - 000110064 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2019-08-13 00:54 - 2019-08-13 00:54 - 000097176 ____H (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCMON24.SYS
2019-08-12 18:19 - 2019-08-20 05:09 - 000007660 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2019-08-12 02:39 - 2019-08-19 10:24 - 000008031 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2019-08-11 23:49 - 2019-08-11 23:49 - 000917486 _____ C:\Users\pirja\Downloads\4.3.1 (1).zip
2019-08-11 13:59 - 2019-08-19 02:35 - 000008039 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2019-08-10 23:41 - 2019-08-10 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tap'Touche Junior
2019-08-10 23:41 - 2019-08-10 23:41 - 000000000 ____D C:\Program Files (x86)\Tap'Touche Junior
2019-08-10 14:36 - 2019-08-11 13:59 - 000009831 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2019-08-10 03:52 - 2019-08-10 14:36 - 000008031 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2019-08-09 14:31 - 2019-08-17 04:05 - 000007673 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2019-08-09 13:53 - 2019-08-09 13:53 - 005762696 _____ (MediaArea.net) C:\Users\pirja\Downloads\MediaInfo_GUI_19.07_Windows.exe
2019-08-09 13:53 - 2019-08-09 13:53 - 000000885 _____ C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2019-08-09 13:53 - 2019-08-09 13:53 - 000000000 ____D C:\Program Files\MediaInfo
2019-08-09 13:45 - 2019-08-09 13:45 - 002094710 _____ C:\Users\pirja\Downloads\iNFekt-v1.0.1-64bit-Portable.rar
2019-08-09 13:45 - 2019-08-09 13:45 - 000000000 ____D C:\Users\pirja\Downloads\iNFekt-v1.0.1-64bit-Portable
2019-08-09 13:43 - 2019-08-09 13:44 - 002422143 _____ C:\Users\pirja\Downloads\NFOlux.zip
2019-08-09 13:39 - 2019-08-09 13:45 - 077766821 _____ C:\Users\pirja\Downloads\Killer-Ethernet-Wireless_INF_2019-08-02(1).zip
2019-08-09 13:38 - 2019-08-09 13:38 - 000000000 ____D C:\Users\pirja\Downloads\Killer-Ethernet-Wireless_INF_2019-08-02
2019-08-09 13:37 - 2019-08-09 13:37 - 000000000 ____D C:\Users\pirja\Downloads\Install_Win10_10036_07222019
2019-08-09 13:28 - 2019-08-09 13:28 - 001624440 _____ (Tous Les Drivers) C:\Users\pirja\Downloads\Mes_Drivers_3.0.4(2).exe
2019-08-09 12:51 - 2019-08-09 12:51 - 077766821 _____ C:\Users\pirja\Downloads\Killer-Ethernet-Wireless_INF_2019-08-02.zip
2019-08-09 12:51 - 2019-08-09 12:51 - 011069014 _____ C:\Users\pirja\Downloads\Install_Win10_10036_07222019.zip
2019-08-09 12:50 - 2019-08-09 12:50 - 001624440 _____ (Tous Les Drivers) C:\Users\pirja\Downloads\Mes_Drivers_3.0.4(1).exe
2019-08-08 07:04 - 2019-08-08 07:04 - 000000220 _____ C:\Users\pirja\Downloads\LinksParaDownload - Baixar Premium.txt
2019-08-07 14:48 - 2019-08-07 14:48 - 000000000 ____D C:\Program Files\BatteryBar
2019-08-07 14:44 - 2019-08-07 14:45 - 000001491 _____ C:\Users\pirja\Desktop\BatteryBar.exe - Shortcut.lnk
2019-08-07 14:14 - 2019-08-07 14:14 - 000000000 ____D C:\Users\pirja\Downloads\BatteryBar Pro
2019-08-07 14:13 - 2019-08-07 14:13 - 001576940 _____ C:\Users\pirja\Downloads\BatteryBar Pro.rar
2019-08-07 13:58 - 2019-08-07 14:49 - 000000000 ____D C:\Users\pirja\AppData\Roaming\BatteryBar
2019-08-07 13:14 - 2019-08-23 17:10 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2019-08-07 13:14 - 2019-08-23 17:10 - 000000000 ____D C:\Program Files\Firefox Developer Edition
2019-08-07 13:14 - 2019-08-07 13:14 - 000001065 _____ C:\Users\Public\Desktop\Firefox Developer Edition.lnk
2019-08-07 11:59 - 2019-08-07 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2019-08-07 11:59 - 2019-08-07 11:59 - 000000000 ____D C:\Program Files\qBittorrent
2019-08-06 12:39 - 2019-08-06 12:39 - 000318401 _____ C:\Users\pirja\Downloads\CV_2018_Guilla11ume11.pdf
2019-08-05 18:57 - 2019-08-05 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twitch Leecher
2019-08-05 18:57 - 2019-08-05 18:57 - 000000000 ____D C:\Program Files\Twitch Leecher
2019-08-05 18:55 - 2019-08-05 18:55 - 000772176 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000622832 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000433448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000087296 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000083768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000032816 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000029232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000017968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000017968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2019-08-05 18:53 - 2019-08-05 18:53 - 094388235 _____ (Franiac) C:\Users\pirja\Downloads\TwitchLeecher_1.7.exe
2019-08-05 16:11 - 2019-08-05 17:03 - 000000122 _____ C:\Users\pirja\Desktop\New Text Document.txt
2019-08-05 15:59 - 2019-08-05 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Desktop Manager
2019-08-05 15:59 - 2019-08-05 15:59 - 000000000 ____D C:\Program Files (x86)\Devolutions
2019-08-05 15:13 - 2019-08-05 15:25 - 669877316 _____ C:\Users\pirja\Downloads\LA CHIENNE.mp4
2019-08-05 15:12 - 2019-08-05 15:32 - 2557296291 _____ C:\Users\pirja\Downloads\20170426_GAME_OF_DEATH_FILM_ONLINE_23976_HD_PR4444_179_H264_STEREO_709.mp4
2019-08-05 15:11 - 2019-08-05 15:23 - 621069553 _____ C:\Users\pirja\Downloads\UN PARALLÈLE PLUS TARD.mov
2019-08-03 23:57 - 2019-08-04 01:57 - 000000000 ____D C:\Users\1\AppData\Local\Packages
2019-08-01 01:57 - 2019-07-31 20:01 - 211912436 _____ C:\Users\pirja\Downloads\2yxa_ru_djeiyrsfehgec_31037721149.mp4
2019-07-30 21:37 - 2019-07-30 21:37 - 025065784 _____ (Intel Corporation) C:\Windows\system32\mfxplugin64_hw.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 021083760 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll
 

user75

TS Enthusiast
2019-07-30 21:37 - 2019-07-30 21:37 - 019988112 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 011911984 _____ (Intel Corporation) C:\Windows\SysWOW64\mfxplugin32_hw.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 003196768 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_h265ve_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 003189992 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_vp9ve_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 003176944 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_h264ve_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 003007288 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_mjpgvd_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002972128 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_encrypt_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002589184 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_h265ve_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002584504 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_vp9ve_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002575648 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_h264ve_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002439472 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_mjpgvd_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002418832 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_encrypt_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000212672 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000184352 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000183096 _____ C:\Windows\SysWOW64\libGLESv2.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000148272 _____ C:\Windows\SysWOW64\libGLESv1_CM.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000147256 _____ C:\Windows\SysWOW64\libEGL.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000121136 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000108344 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000072405 _____ C:\Windows\SysWOW64\h265e_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000071912 _____ C:\Windows\SysWOW64\vp9e_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000070745 _____ C:\Windows\SysWOW64\he_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000065793 _____ C:\Windows\SysWOW64\mj_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000057143 _____ C:\Windows\SysWOW64\dev_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000056359 _____ C:\Windows\system32\dev_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000014121 _____ C:\Windows\system32\h265e_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000013956 _____ C:\Windows\system32\vp9e_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000013545 _____ C:\Windows\system32\he_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000013281 _____ C:\Windows\system32\mj_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000001125 _____ C:\Windows\SysWOW64\cpa_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000001125 _____ C:\Windows\system32\cpa_64.vp
2019-07-27 22:42 - 2019-07-27 22:42 - 000113695 _____ C:\Users\pirja\Downloads\wittenberger-fraktur-mt.zip

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-26 02:13 - 2019-02-15 19:07 - 000000000 ____D C:\Users\pirja\AppData\Local\Battle.net
2019-08-26 01:02 - 2019-02-15 18:50 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Spotify
2019-08-25 23:47 - 2019-02-14 22:46 - 000000000 ____D C:\Users\pirja\AppData\LocalLow\Mozilla
2019-08-25 23:07 - 2019-02-21 18:03 - 000000000 ____D C:\Users\pirja\AppData\Local\Warframe
2019-08-25 22:05 - 2019-02-15 16:36 - 000000000 ____D C:\Windows\system32\MRT
2019-08-25 22:03 - 2019-02-15 16:36 - 134272480 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-08-25 21:42 - 2019-02-16 15:11 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Discord
2019-08-25 21:34 - 2019-01-28 10:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-08-25 20:15 - 2019-01-28 10:52 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2019-08-25 20:12 - 2019-02-14 22:46 - 000000000 ____D C:\Program Files (x86)\Steam
2019-08-25 20:02 - 2019-01-28 10:51 - 000893674 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-25 20:02 - 2018-09-15 03:31 - 000000000 ____D C:\Windows\INF
2019-08-25 19:59 - 2019-01-28 10:50 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-25 19:58 - 2019-03-05 15:38 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Clipdiary
2019-08-25 19:58 - 2019-02-23 05:47 - 000000526 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-08-25 19:58 - 2019-02-15 17:06 - 000000000 ____D C:\Users\pirja\AppData\Local\Pushbullet
2019-08-25 19:57 - 2019-04-29 15:40 - 000008143 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2019-08-25 19:57 - 2019-04-28 15:27 - 000012446 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2019-08-25 19:57 - 2019-04-28 15:27 - 000008588 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2019-08-25 19:57 - 2019-01-28 10:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-25 19:57 - 2018-09-15 03:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-08-25 19:57 - 2018-09-15 02:09 - 000786432 _____ C:\Windows\system32\config\BBI
2019-08-25 19:51 - 2019-05-06 19:34 - 000000000 ____D C:\Users\pirja\AppData\Roaming\IObit
2019-08-25 19:51 - 2019-05-06 19:34 - 000000000 ____D C:\ProgramData\IObit
2019-08-25 19:51 - 2019-01-28 11:02 - 000000000 ____D C:\Program Files (x86)\Dell
2019-08-25 19:51 - 2019-01-28 10:58 - 000000000 ____D C:\ProgramData\Dell
2019-08-25 19:51 - 2019-01-28 10:49 - 000000000 ____D C:\Program Files\Dell
2019-08-25 19:43 - 2019-03-07 02:19 - 000000000 ____D C:\Users\pirja\AppData\Roaming\qBittorrent
2019-08-25 15:50 - 2019-02-15 22:02 - 000000000 ____D C:\Users\pirja\AppData\Local\Dxtory Software
2019-08-25 14:53 - 2019-03-07 16:15 - 000000000 ____D C:\Windows\AAct_Tools
2019-08-25 02:49 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\AppReadiness
2019-08-25 02:40 - 2019-02-14 21:36 - 000000000 ____D C:\Users\pirja\AppData\Local\PlaceholderTileLogoFolder
2019-08-25 01:43 - 2019-06-03 00:39 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-08-24 15:31 - 2019-02-14 23:32 - 000000000 ____D C:\Users\pirja\AppData\Local\Packages
2019-08-24 15:31 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-24 15:29 - 2019-02-14 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-08-23 23:46 - 2018-09-15 03:23 - 000000000 ____D C:\Windows\CbsTemp
2019-08-23 23:44 - 2019-03-07 17:56 - 000000000 ____D C:\Users\pirja\AppData\Local\ElevatedDiagnostics
2019-08-23 20:50 - 2019-05-23 14:25 - 000000000 ___HD C:\adobeTemp
2019-08-23 20:50 - 2019-05-09 06:33 - 000000000 ____D C:\Users\pirja\.android
2019-08-23 20:49 - 2019-02-23 04:45 - 000000000 ____D C:\Users\pirja\AppData\Local\4kdownload.com
2019-08-23 20:39 - 2019-02-15 17:00 - 000000000 ____D C:\Users\pirja\AppData\Local\D3DSCache
2019-08-23 20:38 - 2019-05-27 16:39 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-05-27 16:39 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-05-27 16:39 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-05-27 16:39 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-04-13 17:07 - 000001445 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-08-23 20:38 - 2019-04-13 17:01 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-04-13 17:01 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-04-13 17:01 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-04-13 17:01 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-01-28 10:50 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-01-28 10:50 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-01-28 10:50 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-08-23 20:38 - 2019-01-28 10:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-08-23 20:38 - 2019-01-28 10:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-08-23 20:35 - 2019-02-15 18:51 - 000000000 ____D C:\Users\pirja\AppData\Local\Spotify
2019-08-23 17:22 - 2019-02-15 19:05 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-08-23 12:46 - 2019-04-28 15:27 - 000010168 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2019-08-23 00:39 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-08-23 00:02 - 2019-02-14 22:57 - 000000000 ____D C:\Users\pirja\AppData\Local\NVIDIA
2019-08-22 23:41 - 2019-02-18 12:53 - 000000000 ____D C:\Users\pirja\Documents\Overwatch
2019-08-22 22:28 - 2019-02-16 14:04 - 000002407 _____ C:\Users\pirja\Desktop\Jaxx Liberty.lnk
2019-08-22 20:37 - 2019-02-20 21:28 - 000000000 ____D C:\Users\pirja\AppData\Local\babl-0.1
2019-08-22 16:50 - 2019-02-20 21:30 - 000000000 ____D C:\Users\pirja\AppData\Local\gtk-2.0
2019-08-22 16:32 - 2019-02-24 02:22 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Anvsoft
2019-08-22 07:10 - 2019-02-15 16:57 - 000000000 ____D C:\Users\pirja\AppData\Local\MEGAsync
2019-08-21 18:08 - 2019-02-14 22:39 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-21 18:08 - 2019-02-14 22:39 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-21 16:29 - 2019-02-14 22:43 - 000000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-08-21 16:29 - 2019-02-14 22:43 - 000000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-08-21 16:29 - 2019-02-14 22:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-08-21 15:10 - 2019-05-01 00:03 - 000000918 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-08-21 04:41 - 2019-02-14 22:43 - 000003998 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2019-08-21 04:41 - 2019-02-14 22:43 - 000003766 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2019-08-21 00:59 - 2019-07-11 02:43 - 021473952 _____ C:\Windows\system32\Drivers\Netwfw08.dat
2019-08-21 00:59 - 2019-02-14 23:52 - 009237792 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwtw08.sys
2019-08-21 00:59 - 2019-02-14 23:52 - 001089312 _____ (Intel Corporation) C:\Windows\system32\IntelWifiIhv08.dll
2019-08-21 00:57 - 2019-01-28 10:51 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-08-21 00:57 - 2019-01-28 10:31 - 001158944 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2019-08-20 22:31 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-20 22:31 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-08-20 22:30 - 2019-02-14 22:20 - 000000000 ____D C:\Program Files\Microsoft Office
2019-08-20 22:28 - 2019-02-14 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2019-08-20 22:28 - 2019-02-14 22:41 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2019-08-20 17:58 - 2019-03-13 15:34 - 000000000 ____D C:\Windows\files
2019-08-20 04:36 - 2019-02-15 17:03 - 000000000 ____D C:\Users\pirja\AppData\Roaming\FileZilla
2019-08-20 02:59 - 2019-03-15 20:40 - 000000000 ____D C:\Users\pirja\AppData\Local\cache
2019-08-18 17:41 - 2019-03-06 21:08 - 000000000 ____D C:\Users\pirja\AppData\Roaming\VoiceAttack
2019-08-18 15:26 - 2019-02-24 18:26 - 000000911 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Angry IP Scanner.lnk
2019-08-18 15:26 - 2019-02-24 18:26 - 000000000 ____D C:\Program Files\Angry IP Scanner
2019-08-18 14:43 - 2019-06-17 18:36 - 000004248 _____ C:\Windows\System32\Tasks\HMA! Pro VPN Update
2019-08-17 00:21 - 2019-02-14 22:06 - 000000000 ____D C:\Users\pirja\AppData\Local\CrashDumps
2019-08-16 23:07 - 2019-02-24 21:43 - 000000000 ____D C:\Users\pirja\AppData\Roaming\TIDAL
2019-08-15 21:59 - 2019-04-28 20:00 - 000007645 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2019-08-15 20:41 - 2019-02-24 17:47 - 000000000 ____D C:\Users\pirja\AppData\Local\Soundnode
2019-08-15 19:44 - 2019-02-14 22:41 - 000004550 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-08-15 19:44 - 2019-02-14 22:41 - 000004370 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-08-15 19:44 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-08-15 19:44 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\system32\Macromed
2019-08-15 19:43 - 2019-02-14 22:40 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-08-15 19:43 - 2019-02-14 22:40 - 000000995 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-08-15 18:30 - 2019-02-14 22:43 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-08-15 18:27 - 2019-02-14 22:46 - 000000000 ____D C:\Users\pirja\AppData\Local\Greenshot
2019-08-14 23:30 - 2019-06-17 18:36 - 000000000 ____D C:\Program Files (x86)\HMA! Pro VPN
2019-08-14 23:30 - 2019-02-14 23:32 - 000000000 ___RD C:\Users\pirja\3D Objects
2019-08-14 23:30 - 2019-01-28 10:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-14 23:30 - 2019-01-28 10:46 - 005285704 _____ C:\Windows\system32\FNTCACHE.DAT
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ___SD C:\Windows\system32\UNP
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\system32\oobe
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\Provisioning
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\bcastdvr
2019-08-13 17:51 - 2019-03-06 19:21 - 000000000 ____D C:\Users\pirja\Documents\3DMark
2019-08-13 01:23 - 2019-03-07 20:07 - 000000000 ____D C:\Users\pirja\AppData\Roaming\.minecraft
2019-08-13 01:07 - 2019-03-17 13:58 - 000000000 ____D C:\Users\pirja\AppData\Local\Ubisoft Game Launcher
2019-08-13 00:55 - 2019-02-15 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-08-13 00:52 - 2019-04-15 18:05 - 000000000 ____D C:\Program Files (x86)\Yubico
2019-08-13 00:52 - 2019-04-15 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yubico
2019-08-13 00:52 - 2019-02-24 18:03 - 000000000 ____D C:\Program Files (x86)\Gpg4win
2019-08-13 00:51 - 2019-06-18 14:16 - 000000000 ____D C:\Program Files (x86)\GnuPG
2019-08-13 00:50 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\system32\NDF
2019-08-12 18:15 - 2019-07-22 23:57 - 000000000 ____D C:\Users\pirja\Downloads\111
2019-08-12 18:10 - 2019-01-28 11:08 - 000000000 ____D C:\ProgramData\Packages
2019-08-09 14:31 - 2019-05-09 14:19 - 000006586 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2019-08-09 13:57 - 2019-01-28 10:27 - 000000000 ____D C:\Windows\Panther
2019-08-09 13:31 - 2019-02-14 23:32 - 000000000 ____D C:\Users\pirja\AppData\Local\Publishers
2019-08-09 13:29 - 2019-01-28 10:49 - 000000000 ____D C:\ProgramData\Package Cache
2019-08-08 13:31 - 2019-04-28 21:56 - 000004514 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2019-08-08 13:23 - 2019-03-07 20:07 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2019-08-08 01:56 - 2019-02-24 21:43 - 000000000 ____D C:\Users\pirja\AppData\Local\TIDAL
2019-08-05 16:00 - 2019-02-14 22:43 - 000001421 _____ C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UpdateInstaller.lnk
2019-08-05 16:00 - 2019-02-14 22:43 - 000001316 _____ C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UpdateGenerator.lnk
2019-08-05 15:58 - 2019-02-14 22:39 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-08-05 15:58 - 2019-02-14 22:39 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-08-05 15:36 - 2019-02-15 21:05 - 000000000 ____D C:\Users\pirja\AppData\Roaming\PotPlayerMini64
2019-08-05 15:33 - 2019-02-25 12:06 - 000000000 ____D C:\Users\pirja\AppData\Roaming\vlc
2019-08-05 15:33 - 2019-02-15 21:05 - 000001020 _____ C:\Users\Public\Desktop\PotPlayer 64 bit.lnk
2019-08-04 01:57 - 2019-04-08 21:55 - 000000000 ____D C:\Users\1
2019-08-04 00:08 - 2019-03-15 20:39 - 000000000 ____D C:\Users\pirja\AppData\Roaming\steelseries-engine-3-client
2019-08-04 00:06 - 2019-03-04 17:46 - 000003648 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask

==================== Files in the root of some directories ================

2019-06-01 17:51 - 2019-06-01 17:51 - 000000000 _____ () C:\Users\pirja\AppData\Local\oobelibMkey.log
2019-08-22 16:51 - 2019-08-22 16:51 - 000012376 _____ () C:\Users\pirja\AppData\Local\recently-used.xbel
2019-03-03 20:30 - 2019-03-03 20:30 - 000001464 _____ () C:\Users\pirja\AppData\Local\root72.cer
2019-03-03 20:30 - 2019-03-03 20:30 - 000001708 _____ () C:\Users\pirja\AppData\Local\root72.key
2019-03-03 20:30 - 2019-04-08 14:49 - 000000016 _____ () C:\Users\pirja\AppData\Local\root72.md5
2019-06-14 00:35 - 2019-06-14 00:58 - 000000071 _____ () C:\Users\pirja\AppData\Local\update_progress.txt

==================== FLock ================

2019-01-28 11:28 C:\Recovery

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
 

user75

TS Enthusiast
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2019
Ran by reznov (26-08-2019 02:13:25)
Running from C:\Users\pirja\Downloads
Windows 10 Pro Version 1809 17763.678 (X64) (2019-02-15 03:27:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-408333896-3164079283-3827766986-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-408333896-3164079283-3827766986-503 - Limited - Disabled)
Guest (S-1-5-21-408333896-3164079283-3827766986-501 - Limited - Disabled)
reznov (S-1-5-21-408333896-3164079283-3827766986-1001 - Administrator - Enabled) => C:\Users\pirja
WDAGUtilityAccount (S-1-5-21-408333896-3164079283-3827766986-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

20XX (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\495310509382565890) (Version: - )
4K Stogram 2.7 (HKLM\...\{2AB82C7A-9389-40F5-B6BC-9EC7CC04B015}) (Version: 2.7.2.1795 - Open Media LLC)
4K Video Downloader 4.5 (HKLM\...\{180B9AE1-F87B-4107-8C68-4265E927D6A8}) (Version: 4.5.0.2482 - Open Media LLC)
4K YouTube to MP3 3.4 (HKLM\...\{93F13E7C-9562-494F-8762-FD13263812AD}) (Version: 3.4.0.1964 - Open Media LLC)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Acapela Synthèse de la Parole pour le WordQ 4 (français) (HKLM-x32\...\{F0ADA798-6CB1-49FB-A2D3-060FFA25D60E}) (Version: 9.1.1 - Quillsoft Ltd.)
Acapela Text to Speech for WordQ 4 (Core) (HKLM-x32\...\{EE2AA629-F3EC-412E-8A14-5DD9BAD490D2}) (Version: 9.1.1 - Quillsoft)
Acapela Text to Speech for WordQ 4(North America) (HKLM-x32\...\{1D08C682-F619-4E89-8291-1C13A346DAD9}) (Version: 9.1.1 - Quillsoft Ltd.)
Acapela Text-to-Speech for WordQ 4(Canadian French) (HKLM-x32\...\{98B997C5-8A5C-4EB2-B8DE-7CBAAAFAF2A0}) (Version: 9.1.1 - Quillsoft Ltd.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_1_0) (Version: 14.1.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\{73534489-BFE7-4E2D-9769-FDBA5C886DC2}) (Version: 32.0.0.238 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AE CC x64 (HKLM\...\{672FEEBA-F29C-4363-A8D0-8EBA61265B88}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.6.0 - Angry IP Scanner)
Antidote 9 (HKLM-x32\...\{D98F9F54-E310-4F57-93F5-0F42EFAA3847}) (Version: 9.5.3407 - Druide informatique inc.)
Any Video Converter Ultimate 5.9.3 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Apowersoft Screen Recorder Pro V2.3.8 (HKLM-x32\...\{dc9006db-6b05-4f0f-833b-79ef3f284c24}_is1) (Version: 2.3.8 - APOWERSOFT LIMITED)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assistant de téléchargement (HKLM-x32\...\{93154A3C-9BB7-49D7-A571-4EB6373FA600}) (Version: 6.1.0 - Druide informatique inc.)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
CDBurnerXP (64 bit) (HKLM\...\{1339087A-69AA-4A1E-8236-3B6DC9349C63}) (Version: 4.5.8.7042 - Canneverbe Limited)
Clipdiary 5.3 (HKLM-x32\...\Clipdiary) (Version: 5.3 - Tiushkov Nikolay)
CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{A646748A-7A2A-495F-9EE5-90B3646FEB7E}) (Version: 4.0.15.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{806422F1-FC4E-4D7C-8855-05748AEFC031}) (Version: 3.2.2.119 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{03C35F56-A9AD-4B59-B061-B8CE41C4C22B}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{f4ee83d8-d901-4c1a-b5a2-288427598fe2}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{9BEF4D9A-592C-4073-B202-30234347B3DA}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{286db51f-336c-4d5e-b1e2-3fbc3becd693}) (Version: 4.1.0.6830 - Dell Inc.)
Discord (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 79.4.143 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
FileZilla Client 3.44.2 (HKLM-x32\...\FileZilla Client) (Version: 3.44.2 - Tim Kosse)
Firefox Developer Edition 69.0 (x64 en-US) (HKLM\...\Firefox Developer Edition 69.0 (x64 en-US)) (Version: 69.0 - Mozilla)
Futuremark SystemInfo (HKLM-x32\...\{60EF2ECF-1DFA-48D1-972E-FDE84D7E917A}) (Version: 5.20.720.0 - Futuremark)
GIMP 2.10.12 (HKLM\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team)
Google Chrome (HKLM\...\{86B1D736-F1F4-3367-9B39-C2E176B68239}) (Version: 76.0.3809.100 - Google LLC)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HCS Tools version 1.06 (HKLM-x32\...\{D3659B78-75B0-4571-A23D-899D23C6A2C9}_is1) (Version: 1.06 - HCS VoicePacks Ltd)
HCS VoicePacks Ltd VENUS version 1.6.5 (HKLM-x32\...\{56C400CA-0D41-4ACD-A5E3-B14C5F38CCBF}_is1) (Version: 1.6.5 - HCS VoicePacks Ltd)
HMA! Pro VPN (HKLM\...\{60A560F2-CB75-4C94-9C36-39AD2161DE73}_is1) (Version: 4.6.154 - Privax)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel Driver && Support Assistant (HKLM-x32\...\{CF18558A-3642-4C4D-A551-23275D1FCE16}) (Version: 19.7.30.2 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{85B6BF0F-EF1B-4F0F-892D-E68BD798950C}) (Version: 2.4.04669 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{0fdd3c9a-20e1-444d-8d00-8c413c83f824}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{d7a872bf-e69e-4300-8537-086dc6abbf23}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.20.0.4 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{12d2d1d9-5223-431d-96ac-6a82d3a1391c}) (Version: 19.7.30.2 - Intel)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{06b2cd73-b5f5-47a1-9f49-23d0ef75d568}) (Version: 20.50.0 - Intel Corporation)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Jaxx Liberty 2.2.5 (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\5947781c-9863-579f-b9db-91554a22cc65) (Version: 2.2.5 - decentral.ca)
Joggernauts (HKLM-x32\...\{51F2D354-61AD-4243-8404-D2FDC111FC4E}) (Version: - Graffiti Games)
Jumpstart Installation Program (HKLM-x32\...\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}) (Version: - Atheros)
Killer Drivers (HKLM\...\{EBB59744-F0A2-47F5-83F6-83A128A0E204}) (Version: 2.0.2373 - Rivet Networks)
King of the Hat (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\460940655984771072) (Version: - )
KingRoot version 3.5.0.1157 (HKLM-x32\...\{FA3B7324-9EB4-4ADC-84D0-5461BE113832}_is1) (Version: 3.5.0.1157 - KingRoot)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Little Nightmares - Fox mask (HKLM-x32\...\1828170949_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Hideaway (HKLM-x32\...\1675156362_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares (HKLM-x32\...\1433377508_is1) (Version: 1.0.43.1 - GOG.com)
Macromedia Flash Player (HKLM-x32\...\{27579b3c-5470-4496-be6c-0c872674f19f}) (Version: 7.0.19.0 - Macromedia, Inc.)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{33B6A911-B0DC-4528-96C3-54A607EFFBDC}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MakeMKV v1.14.4 (HKLM-x32\...\MakeMKV) (Version: v1.14.4 - GuinpinSoft inc)
MediaInfo 19.07 (HKLM\...\MediaInfo) (Version: 19.07 - MediaArea.net)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
 

user75

TS Enthusiast
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\Proplus2019Retail - en-us) (Version: 16.0.12015.20004 - Microsoft Corporation)
Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\Proplus2019Retail - fr-fr) (Version: 16.0.12015.20004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.20.27508 (HKLM-x32\...\{7b178cda-9740-4701-a92a-f168d213b343}) (Version: 14.20.27508.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
MKVToolNix 34.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 34.0.0 - Moritz Bunkus)
Mozilla Firefox 68.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 68.0.2 (x64 en-US)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
Mozilla Thunderbird 60.8.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 60.8.0 (x86 en-US)) (Version: 60.8.0 - Mozilla)
Music Maker (HKLM\...\{DC21CFD5-02AC-4C89-8D35-85506A9FEB55}) (Version: 28.0.0.12 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{DC21CFD5-02AC-4C89-8D35-85506A9FEB55}) (Version: 28.0.1.17 - MAGIX Software GmbH)
Music Maker Update (HKLM\...\{E678D5F8-10AE-4F7A-A29C-ECAA771ADCAD}) (Version: 28.0.1.17 - MAGIX Software GmbH) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.3.0.2 - Duodian Technology Co. Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Graphics Driver 436.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.02 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12015.20004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12015.20004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12015.20004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.12015.20004 - Microsoft Corporation) Hidden
OtohitsApp (HKLM-x32\...\{9B85C70F-D649-4290-8C1D-5356A5262066}_is1) (Version: 3.1.1.0 - Otohits Network)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PDF Annotator 6.1.0.605 (HKLM-x32\...\PDFAnnotator_is1) (Version: 6.1.0.605 - GRAHL software design)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.198.0 - Tracker Software Products Ltd)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.13.0 - )
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.19955 - Kakao Corp.)
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Pushbullet version 338 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc)
PuTTY release 0.72 (64-bit) (HKLM\...\{8EFBA1C7-A8B8-4FB9-BEC0-6CEC6C7145DE}) (Version: 0.72.0.0 - Simon Tatham)
qBittorrent 4.1.7 (HKLM-x32\...\qBittorrent) (Version: 4.1.7 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.36.701.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8720.1 - Realtek Semiconductor Corp.)
Remote Desktop Connection Manager (HKLM-x32\...\{0240359E-6A4C-4884-9E94-B397A02D893C}) (Version: 2.7.14060 - Microsoft Corporation)
Remote Desktop Manager (HKLM-x32\...\{AFA06011-2357-4E9D-8DD8-9FFC7A8BF1C3}) (Version: 2019.1.41.0 - Devolutions inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SpeakQ 4 (HKLM-x32\...\{FBD8FBC5-EC77-4CA9-9B77-6AE6C36FE997}) (Version: 4.1.16 - Quillsoft Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Splinter Cell Conviction (HKLM-x32\...\Uplay Install 2) (Version: - Ubisoft)
Spotify (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Spotify) (Version: 1.1.12.451.gdb77255f - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.15.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.15.1 - SteelSeries ApS)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales from the Borderlands (HKLM-x32\...\{B24F49F9-D7FE-40B6-8F4D-65B0C6BF6A6B}) (Version: - Telltale Games)
Tap'Touche Junior (HKLM-x32\...\Tap'Touche Junior) (Version: 3.0 - De Marque inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
The Evil Within (HKLM-x32\...\The Evil Within_is1) (Version: - )
TheBestSpinner3 (HKLM-x32\...\TheBestSpinner3) (Version: - )
TIDAL (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\TIDAL) (Version: 2.6.0 - TIDAL Music AS)
Tom Clancy's Splinter Cell (HKLM-x32\...\Uplay Install 109) (Version: - Ubisoft)
Twitch (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Twitch Leecher 1.7 (HKLM\...\{66B757A2-0906-4DDE-BDF6-AD9EC73A7F91}) (Version: 1.7.0.0 - Franiac) Hidden
Twitch Leecher 1.7 (HKLM-x32\...\{d1c2c779-f1ef-41e0-926a-443b289eaefd}) (Version: 1.7.0.0 - Franiac)
Uplay (HKLM-x32\...\Uplay) (Version: 86.0 - Ubisoft)
VIP72 Socks Client 1.8.7.2 (HKLM-x32\...\{EBF089E1-4E2E-426A-916D-6DCBE5540774}_is1) (Version: 1.8.7.2 - VIP Technologies)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
Visuel intégré (HKLM-x32\...\{91257374-4FAA-4FF3-B3BC-C17521EBA169}) (Version: 1.0 - Druide informatique inc.)
Vita Concert Grand LE (HKLM\...\{78999604-A81E-4ACF-9799-74F52D07A367}) (Version: 2.4.0.96 - MAGIX Software GmbH) Hidden
Vita String Ensemble (HKLM\...\{96086C90-6320-416B-92B2-4ADC88169967}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita World Flutes (HKLM\...\{04320A69-83CD-4223-9446-D62569D4B54D}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VPNetwork LLC - TorGuard - Online Privacy Protection Services (HKLM-x32\...\VPNetwork LLC TorGuard) (Version: "3.96.1" - "VPNetwork LLC")
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
VVVVVV (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\491427544134975498) (Version: - )
War Thunder Launcher 1.0.3.151 (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WickrMe (HKLM-x32\...\{7BBECFD4-2AF4-4C7B-ABE7-02054CF86274}) (Version: 5.28.9 - Wickr Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\WinDirStat) (Version: - )
Windows Driver Package - Intel (Netwtw04) net (06/05/2019 19.51.23.1) (HKLM\...\E19D1F69FB464FD73972CE1CFAF32241D038D705) (Version: 06/05/2019 19.51.23.1 - Intel)
Windows Driver Package - Intel (Netwtw06) net (06/29/2019 20.70.11.3) (HKLM\...\7759A35637AD2CF4ADDA097EDCF9F12092149989) (Version: 06/29/2019 20.70.11.3 - Intel)
Windows Driver Package - Intel (Netwtw08) net (07/07/2019 21.30.3.2) (HKLM\...\BC30F975C8061BDB7A6CCBBFF677DBB4B328AA06) (Version: 07/07/2019 21.30.3.2 - Intel)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WordQ 4 (HKLM-x32\...\{40042175-CB48-4D51-8BAF-D66BAE867676}) (Version: 4.1.16 - Quillsoft Ltd.)
WordQ Pro CF Templates (HKLM-x32\...\{9E88CEC9-9160-417C-8647-C98D261E803B}) (Version: 4.1.1 - Quillsoft Ltd.)
WordQ4 Pro CF Dictionary (HKLM-x32\...\{AFEF30D7-DA5D-4D57-A72C-B64E5F9CD26E}) (Version: 4.1.1 - Quillsoft Ltd.)
XSplit Broadcaster (HKLM-x32\...\{F0500E94-F6E6-4472-ACAF-F240F8362970}) (Version: 3.7.1902.0712 - SplitmediaLabs)
XSplit Gamecaster (HKLM-x32\...\{7F0DC866-BE32-4AE8-8242-A1F5753176B8}) (Version: 3.4.1812.0304 - SplitmediaLabs)
Yubico Authenticator (HKLM-x32\...\yubioath-desktop) (Version: 4.3.5 - Yubico AB)
YubiKey Manager (HKLM-x32\...\yubikey-manager) (Version: 1.1.1 - Yubico AB)

Packages:
=========
Dell SupportAssist for PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.2.5.0_x64__htrsf667h5kn2 [2019-06-11] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-08-23] (Dolby Laboratories)
Dolby Atmos for Headphones -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforHeadphones_2.3.303.0_x64__rz1tebttyb220 [2019-08-24] (Dolby Laboratories)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1682.0_x64__8j3eq9eme6ctt [2019-08-20] (INTEL CORP)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-08-09] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-30] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.955.0_x64__56jybvy8sckqj [2019-08-20] (NVIDIA Corp.)
Pandora -> C:\Program Files\WindowsApps\PandoraMediaInc.29680B314EFC2_13.0.39.0_x64__n619g4d5j0fnw [2019-02-25] (Pandora Media Inc)
SoundCloud for Windows (Beta) -> C:\Program Files\WindowsApps\SoundcloudLtd.SoundCloudforWindowsBeta_1.1.36.0_x64__2xc63xn306dnw [2019-08-16] (Soundcloud Ltd.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\pirja\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\MoteurIntegration.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\MoteurIntegration.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\pirja\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{7C90AB68-DA79-41D1-9A76-FCD780D4AC8D} -> [mega] => D:\mega [2019-02-15 16:58]
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\pirja\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> "C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\MaxxAudioPro.exe" => No File
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [Dropbox] => D:\dropbox\Dropbox [2019-02-15 17:00]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
 

user75

TS Enthusiast
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\nvshext.dll [2019-08-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\pirja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)

ShortcutWithArgument: C:\Users\pirja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> -incognito

==================== Loaded Modules (Whitelisted) ==============

2019-05-28 00:42 - 2016-05-11 16:25 - 049782784 _____ () [File not signed] C:\OtohitsNetwork\OtohitsApp\libcef.dll
2019-02-16 02:34 - 2018-07-18 16:39 - 042781710 _____ () [File not signed] C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\libffmpeg.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 085602816 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\libcef.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000089600 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\libEGL.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 003841536 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\libGLESv2.dll
2018-12-05 18:38 - 2018-12-05 18:38 - 000018432 _____ () [File not signed] c:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2019-08-23 20:16 - 2019-08-23 20:16 - 000948736 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220\e_sqlite3.dll
2019-08-22 22:28 - 2019-08-15 15:09 - 001830912 _____ () [File not signed] C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\ffmpeg.dll
2019-08-22 22:28 - 2019-08-15 15:09 - 000017408 _____ () [File not signed] C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\libegl.dll
2019-08-22 22:28 - 2019-08-15 15:09 - 003852288 _____ () [File not signed] C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\libglesv2.dll
2019-08-22 08:36 - 2019-08-22 08:36 - 000773120 _____ () [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LinqBridge\e224e921dba0c162a203658014291bfd\LinqBridge.ni.dll
2019-08-23 20:16 - 2019-08-23 20:16 - 032393728 _____ (Dolby) [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220\DolbyUWP.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 001463808 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\fmod.dll
2019-08-22 08:36 - 2019-08-22 08:36 - 001936896 _____ (Greenshot) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\GreenshotPlugin\27c76356d3219d0035bcd426204f6bfa\GreenshotPlugin.ni.dll
2019-03-06 14:18 - 2019-03-06 14:18 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2019-03-06 14:18 - 2019-03-06 14:18 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2019-02-24 17:53 - 2019-02-21 12:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-08-23 20:16 - 2019-08-23 20:16 - 000769536 _____ (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220\x64\DolbyHrtfEnc.dll
2019-08-22 08:34 - 2019-08-22 08:34 - 003833344 _____ (Newtonsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\543351ec503706800afb6ff792a98556\Newtonsoft.Json.ni.dll
2019-08-22 22:28 - 2019-08-15 15:09 - 018573824 _____ (Node.js) [File not signed] C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\node.dll
2019-05-15 20:01 - 2019-05-15 20:01 - 001635840 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2019-05-15 20:01 - 2019-05-15 20:01 - 001878528 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\sqlite3.DLL
2019-05-15 20:01 - 2019-05-15 20:01 - 001878528 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2019-08-22 08:36 - 2019-08-22 08:36 - 000740352 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\log4net\ff857dd78336b4d8b0621bc0699e20ca\log4net.ni.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000596992 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\chrome_elf.dll
2019-05-28 00:42 - 2017-09-29 10:49 - 000687104 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\OtohitsNetwork\OtohitsApp\libcurl.dll
2019-06-17 18:36 - 2018-09-05 22:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\HMA! Pro VPN\libcrypto-1_1.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\platforms\qwindows.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\audio\qtaudio_windows.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qgif.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qico.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qjpeg.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qmng.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qsvg.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qtiff.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\platforms\qwindows.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQml\Models.2\modelsplugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick.2\qtquick2plugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Window.2\windowplugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Core.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Gui.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Multimedia.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Network.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Qml.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Quick.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5QuickControls2.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5QuickTemplates2.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Svg.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Widgets.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5WinExtras.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\pirja\Local Settings:4tPCoG1RIl7lWVuwdeG [2426]
AlternateDataStreams: C:\Users\pirja\AppData\Local:4tPCoG1RIl7lWVuwdeG [2426]
AlternateDataStreams: C:\Users\pirja\AppData\Local\Application Data:4tPCoG1RIl7lWVuwdeG [2426]
AlternateDataStreams: C:\Users\pirja\AppData\Local\Temporary Internet Files:v5dywXspbU8AMWBsjgI2w [2302]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 03:31 - 2019-08-25 17:40 - 000000878 _____ C:\Windows\system32\drivers\etc\hosts

0.0.0.0 serius.mwbsys.com
0.0.0.0 keystone.mwbsys.com
 

user75

TS Enthusiast
2019-02-23 05:47 - 2019-08-25 19:58 - 000000526 _____ C:\Windows\system32\drivers\etc\hosts.ics

192.168.137.1 DESKTOP-4F34DJR.mshome.net # 2024 8 5 23 23 58 15 462
192.168.137.13 G7-ThinQ.mshome.net # 2019 9 0 1 23 58 15 462
3 21 32 146

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\ProgramData\chocolatey\bin;C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\;C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\PuTTY\
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pirja\Downloads\InShot_20190722_105520615.jpg
DNS Servers: 192.168.2.1 - 207.164.234.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: jswpbapi => 2
MSCONFIG\Services: jswpsapi => 3
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\Services: VMwareHostd => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "jswtrayutil"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\StartupFolder: => "ProtonMail Bridge.lnk"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "4K Stogram"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "WallpaperEngine"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "ShowBatteryBar"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ACCBDA2C-D058-4B53-ABD3-A27C68CA49D2}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{B62A6817-C7B3-4D23-937F-04166E9F90C2}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{169789FC-918E-4DD9-BC77-55745678DAF4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [TCP Query User{04E01B97-48E9-4702-A828-C64C84DC6F55}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe] => (Allow) C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe No File
FirewallRules: [UDP Query User{706207A0-2D27-4E11-B3CB-A936D24D4D62}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe] => (Allow) C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe No File
FirewallRules: [TCP Query User{83A1F158-9916-4A76-A80D-ABB59BD98203}C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe] => (Allow) C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{AA0CA70C-CC03-411D-A40F-1CFFA851EC2C}C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe] => (Allow) C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe No File
FirewallRules: [{F8E4C584-78ED-4681-9396-CC4519086F1F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BD819DBE-35F4-4804-AE4F-C298BFDF1E61}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F28A409F-663F-4C35-B0E5-D2CAF1EDD070}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6A5049AF-7A83-440F-BA91-84EA0FE3C151}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{901CD39B-0330-4F2D-AAEE-00511754BC5C}C:\users\pirja\appdata\roaming\vip72 socks client\vip72socks.exe] => (Allow) C:\users\pirja\appdata\roaming\vip72 socks client\vip72socks.exe (UNIC-UK LTD -> )
FirewallRules: [UDP Query User{33A79DE7-707D-4559-97C4-758965EB4A4C}C:\users\pirja\appdata\roaming\vip72 socks client\vip72socks.exe] => (Allow) C:\users\pirja\appdata\roaming\vip72 socks client\vip72socks.exe (UNIC-UK LTD -> )
FirewallRules: [TCP Query User{BA755CE2-CD8C-4C55-8625-DAAB00EDA031}C:\users\pirja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pirja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E31E98A4-6739-4A4F-AAF3-27C885A0E73A}C:\users\pirja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pirja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2A8059B3-ED0F-4B1B-86D7-B150F1321349}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7AD81FD3-73A3-46E5-8F6B-C1BF37CD25B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{D9515F72-9B5D-4987-8FAA-2FB376171B95}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{0EEC25F5-7A68-40E9-B7FA-3CA2B00FDE08}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{57330337-B909-4584-8FF5-3134227A6E2D}] => (Allow) D:\SteamLibrary\steamapps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{DE60556A-BBDC-4F8B-8FE6-6649648FC23F}] => (Allow) D:\SteamLibrary\steamapps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{FA59E7C3-0768-414B-8570-7D906F68C074}] => (Allow) D:\SteamLibrary\steamapps\common\Crawl\Crawl.exe () [File not signed]
FirewallRules: [{6167F3AA-1C50-41E7-87A0-A6ED9C85DB31}] => (Allow) D:\SteamLibrary\steamapps\common\Crawl\Crawl.exe () [File not signed]
FirewallRules: [{A1A6A1CE-D411-4522-9563-FA2EC49E36BC}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{3C6002D6-948E-4FFF-8E78-2902F7373D4C}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
 

user75

TS Enthusiast
FirewallRules: [{8DCCFBD8-570E-4768-8C0F-A63FA7CB1FE6}] => (Allow) D:\SteamLibrary\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [{55F405C2-C8A1-4105-8EB9-AD514663CFFE}] => (Allow) D:\SteamLibrary\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [{139FBF50-DD6A-4CA3-A170-29B27C958D45}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C515B0F3-DA47-41D8-AD62-B065F908DA9D}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{24F3A831-F643-44DC-87CC-C20F6BBAA6F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DeathRoadToCanada\prog.exe () [File not signed]
FirewallRules: [{6DA40F82-632C-4356-92C7-D0CC18FE515F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DeathRoadToCanada\prog.exe () [File not signed]
FirewallRules: [{38F223EA-B8B1-4754-A14F-1B6CD74483FC}] => (Allow) D:\SteamLibrary\steamapps\common\TxP\TormentorXPunisher.exe ( ) [File not signed]
FirewallRules: [{129F6564-ABC9-49BC-A07D-17E124066065}] => (Allow) D:\SteamLibrary\steamapps\common\TxP\TormentorXPunisher.exe ( ) [File not signed]
FirewallRules: [{EA2E40BF-6BEE-4184-9FD4-882695EB6E4A}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{D30A2F1C-1423-4438-A84E-1AB7DC28EBE1}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{F22095E1-FF84-4587-A69B-48FF5284BFD0}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]
FirewallRules: [{3ED6D662-1870-442B-860B-B37BE175E9C5}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]
FirewallRules: [{AF01CF92-8E54-4CA3-8F23-AB8F5BAD8CB1}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{8BAF7A45-7CBC-4973-AAB7-56789B5F0C47}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6FFECF07-2AC9-4D35-843B-E560C4D1FE3B}] => (Allow) D:\SteamLibrary\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe () [File not signed]
FirewallRules: [{91BE860B-4D2C-4236-9D98-101A1507E1FE}] => (Allow) D:\SteamLibrary\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe () [File not signed]
FirewallRules: [{EFC2C4E2-E11D-47DA-B91D-C6D53F9E2288}] => (Allow) D:\SteamLibrary\steamapps\common\Geometry Dash\GeometryDash.exe () [File not signed]
FirewallRules: [{774ADB8F-E733-4736-8373-6E0BD3E314CD}] => (Allow) D:\SteamLibrary\steamapps\common\Geometry Dash\GeometryDash.exe () [File not signed]
FirewallRules: [{1C175D2C-F62C-48BC-867F-D9B1A38D66F3}] => (Allow) D:\SteamLibrary\steamapps\common\Nyan Cat Lost In Space\bin_x86\NyanCat.exe () [File not signed]
FirewallRules: [{110CA274-F49D-4269-8D7E-D6CF6483F52E}] => (Allow) D:\SteamLibrary\steamapps\common\Nyan Cat Lost In Space\bin_x86\NyanCat.exe () [File not signed]
FirewallRules: [{8E990BEF-7C69-4C6F-AF6E-30A6900C2AFA}] => (Allow) D:\SteamLibrary\steamapps\common\BEEP\BEEP.exe () [File not signed]
FirewallRules: [{8F0C9E12-885D-4D9C-9E31-CDD31B802093}] => (Allow) D:\SteamLibrary\steamapps\common\BEEP\BEEP.exe () [File not signed]
FirewallRules: [{2A66D313-C024-46DE-9581-E6AA12ED6925}] => (Allow) D:\SteamLibrary\steamapps\common\RaceTheSun\RaceTheSun.exe () [File not signed]
FirewallRules: [{4F03EEEA-7F25-4F37-B309-C6BEA668BAC0}] => (Allow) D:\SteamLibrary\steamapps\common\RaceTheSun\RaceTheSun.exe () [File not signed]
FirewallRules: [{05F04537-28A0-401D-A21F-5FB413E56768}] => (Allow) D:\SteamLibrary\steamapps\common\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.) [File not signed]
FirewallRules: [{389DFBE9-1814-4B19-BEF6-54EF809E67F3}] => (Allow) D:\SteamLibrary\steamapps\common\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.) [File not signed]
FirewallRules: [{B6FB65D5-168D-426B-AE98-D108D67CA36F}] => (Allow) D:\SteamLibrary\steamapps\common\Kingdom New Lands\Kingdom.exe () [File not signed]
FirewallRules: [{9C2E1DD4-4565-4A08-A1C1-2E5C75B6A083}] => (Allow) D:\SteamLibrary\steamapps\common\Kingdom New Lands\Kingdom.exe () [File not signed]
FirewallRules: [{596E7EAC-8E28-4CEC-B4E0-DBB33D7761FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe () [File not signed]
FirewallRules: [{7C2DBB87-208D-4BF8-A3BF-9BF559E877AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe () [File not signed]
FirewallRules: [{A83468A0-DC18-4CA2-8348-62E36D1D604F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rivals of Aether\RivalsofAether.exe (Dan Fornace) [File not signed]
FirewallRules: [{E1501154-C387-4300-8EEA-FA79488C1A22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rivals of Aether\RivalsofAether.exe (Dan Fornace) [File not signed]
FirewallRules: [{B95B9D92-D0BE-4DD5-995A-74F53F751745}] => (Allow) D:\SteamLibrary\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe () [File not signed]
FirewallRules: [{CB36AFCD-ADE8-4050-8D24-D80557440AED}] => (Allow) D:\SteamLibrary\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe () [File not signed]
FirewallRules: [{CBD2F6FF-F8B0-486A-A216-CA10950DCDB2}] => (Allow) D:\SteamLibrary\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{DB43A504-EF12-4AF9-A572-08689EE44068}] => (Allow) D:\SteamLibrary\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{2328EA0B-7D77-4F9D-915C-C5165ECEE01D}] => (Allow) D:\SteamLibrary\steamapps\common\DrinkBox_Game4\Game.exe () [File not signed]
FirewallRules: [{43CE1BF9-776F-4533-AA48-7901C51EB116}] => (Allow) D:\SteamLibrary\steamapps\common\DrinkBox_Game4\Game.exe () [File not signed]
FirewallRules: [{6F359836-4041-4420-B4D4-63C653E3EFE6}] => (Allow) D:\SteamLibrary\steamapps\common\Riptide GP Renegade\Game_x64.exe () [File not signed]
FirewallRules: [{CA858D55-D8A1-41DF-AA46-CCADFF88E04B}] => (Allow) D:\SteamLibrary\steamapps\common\Riptide GP Renegade\Game_x64.exe () [File not signed]
FirewallRules: [{BF5A927C-FEA5-47C9-9205-C1452248ED3A}] => (Allow) D:\SteamLibrary\steamapps\common\Besiege\Besiege.exe () [File not signed]
FirewallRules: [{61A02397-FC48-4451-8465-E37406D687A4}] => (Allow) D:\SteamLibrary\steamapps\common\Besiege\Besiege.exe () [File not signed]
FirewallRules: [{513038E7-EC36-4A3D-89A7-58D934BE6022}] => (Allow) D:\SteamLibrary\steamapps\common\Riptide GP2\GameWin32RetailSteam.exe () [File not signed]
FirewallRules: [{6082EF92-BC73-4FCD-A3A3-82DDFB1D90DC}] => (Allow) D:\SteamLibrary\steamapps\common\Riptide GP2\GameWin32RetailSteam.exe () [File not signed]
FirewallRules: [{BE75CC63-5B6D-4208-96F3-C005D719D35E}] => (Allow) D:\SteamLibrary\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe () [File not signed]
FirewallRules: [{3122E88C-F65A-4C7E-953D-34840F7E7D9C}] => (Allow) D:\SteamLibrary\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe () [File not signed]
FirewallRules: [{E27D7E98-F278-4C01-A0C4-6A5790751B85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{D21DD10B-B904-463F-9FEF-4EA37F3F0202}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [TCP Query User{0EBFFFFD-D6F5-4097-834F-AFEC1FFF9253}D:\batlenet\overwatch\overwatch.exe] => (Allow) D:\batlenet\overwatch\overwatch.exe No File
FirewallRules: [UDP Query User{50E82EE0-96D1-4E39-8472-9F087F0FDFF1}D:\batlenet\overwatch\overwatch.exe] => (Allow) D:\batlenet\overwatch\overwatch.exe No File
FirewallRules: [{2DA1FD8F-05A0-4347-B38E-3D3C1480AB3C}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{B7FCC5B8-E476-493E-8FBA-F89B399F0CA1}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{ACA19936-B962-4210-8983-1421A35F89B6}] => (Allow) D:\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7DB37DE9-DE73-4C44-9002-3596DB4DDB36}] => (Allow) D:\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{33825233-E6EC-4DC0-94C3-7B87C02E1BB4}] => (Allow) D:\SteamLibrary\steamapps\common\FLUID\PCE2.exe () [File not signed]
FirewallRules: [{1050367B-86C6-4B7A-83C6-A16B4070D077}] => (Allow) D:\SteamLibrary\steamapps\common\FLUID\PCE2.exe () [File not signed]
FirewallRules: [{00DB4113-4737-4D33-AD9C-D0CAB1B85867}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1B39848A-CC4B-40B4-BB48-81CCC4BE3ECF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8A755849-5A1C-49D0-ADC7-D435A02E8414}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{3C26C8B9-D08B-4F42-88A0-6D00049E6E33}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{C613C4F9-5903-42C7-97DC-E557E633C705}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{F58488BF-B1D4-4F7C-BE80-5CF0CA17107F}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{818604B8-84E1-4893-992E-25ACCE25166A}] => (Allow) D:\xplit\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{46EDCAE2-AEC9-4210-B42A-C7B429A101D5}] => (Allow) D:\xplit\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{E3A0D16D-5E1D-49C6-8871-729CA90F90AD}] => (Allow) D:\xplit\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{A9AA093D-46AE-4492-93E0-92745BF5E82A}] => (Allow) D:\xplit\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{381D90B7-F192-4006-B292-D633FF834550}] => (Allow) D:\SteamLibrary\steamapps\common\grid 2\grid2.exe (Valve Corp. -> Codemasters Software Company Limited) [File not signed]
FirewallRules: [{8F97F399-6341-4D17-8014-6F24753E6622}] => (Allow) D:\SteamLibrary\steamapps\common\grid 2\grid2.exe (Valve Corp. -> Codemasters Software Company Limited) [File not signed]
FirewallRules: [{D13FB200-7A72-45C2-A4C4-C28944BEF70A}] => (Allow) D:\SteamLibrary\steamapps\common\Renegade Ops\RenegadeOps.exe (Sega Europe Limited -> Avalanche Studios)
FirewallRules: [{F9F4D00C-92EC-4B21-950C-DAA33DEC9836}] => (Allow) D:\SteamLibrary\steamapps\common\Renegade Ops\RenegadeOps.exe (Sega Europe Limited -> Avalanche Studios)
FirewallRules: [{8F957A60-B0EE-4A75-96A6-8F18AD237698}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{F4CD9387-0757-413F-B351-BED71CDB3DB5}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{ABE40D3C-3311-4219-9F7C-D1D41A89A09B}] => (Allow) D:\SteamLibrary\steamapps\common\Hurtworld\Hurtworld.exe (EasyAntiCheat Ltd) [File not signed]
FirewallRules: [{109BDA20-AE69-4ECF-8E46-3CEBD4DEB8B5}] => (Allow) D:\SteamLibrary\steamapps\common\Hurtworld\Hurtworld.exe (EasyAntiCheat Ltd) [File not signed]
FirewallRules: [TCP Query User{6BA36E39-1772-456C-90AB-6F73D990F30F}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [UDP Query User{2BF12D27-A76B-48C2-A0EA-3AE83FD8D71B}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [{D0F84A5F-1318-4659-98A4-72EA461CED35}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe (SQUARE ENIX LIMITED) [File not signed]
FirewallRules: [{616A5073-15FB-4115-93F9-3F885463A991}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe (SQUARE ENIX LIMITED) [File not signed]
FirewallRules: [{08915965-A19C-4E96-B14E-2C4C09694ACD}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{A7E6BD3D-4054-4AA5-B064-92089B5171EA}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{8EF23CA7-BB6A-4A25-8A65-417EE4082A62}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{628E55C4-6D11-4A44-BB6E-B5030ACEEA82}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{8E89F074-F179-4B0F-B2EA-D82EDD5E6570}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{D90345AE-1951-43B9-BE96-5E605D7F3F42}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{4D2295E6-E573-49D2-AC9F-C1A9F5D16F8F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{E51AD6DB-AD2F-44A5-A8C9-96986E89B22D}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{C4B76D08-E5CA-46F0-964D-F507D8A39566}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{61A83B27-38CB-4B56-AF9F-D10258FCE8B2}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{D2EA1B40-47BE-4275-BB43-B6FFDA433ED8}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{974F800E-3BC6-48F3-BB0D-B7C30B97F89F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [TCP Query User{5336F8D1-1DA7-4825-A3AF-3DA37C18E7BC}D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{F35DDE18-F341-48E5-A4D0-BF199E18D929}D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [{D9FD0790-2404-4853-AA69-F71B20450A01}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe No File
FirewallRules: [{498D126B-C87B-4086-A2EA-FDB6BD7BEF76}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe No File
FirewallRules: [{C0FC25EB-18FD-4A2D-B006-CE26F5FE69CB}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe No File
FirewallRules: [{E1A086D9-1DE7-49DA-8809-FC2B45F13E1F}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe No File
FirewallRules: [{BD10748A-3280-4961-A359-F18B45F4B08E}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{3909A23A-69D4-4C5B-A12C-2A3800580B16}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [TCP Query User{16908574-27CE-4860-AC78-40527C9AA9CA}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{7C1582DE-47B2-4C25-B037-16B206019CB3}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{999EF6AA-E386-4213-AE4C-28CEA1D58CB0}D:\program\gta\gta5.exe] => (Allow) D:\program\gta\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{7C5F1D30-F9B3-44C6-AE93-745CA2909532}D:\program\gta\gta5.exe] => (Allow) D:\program\gta\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{7874B3DD-9C2C-4CAA-AE7E-1197088DA157}C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe] => (Allow) C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe No File
FirewallRules: [UDP Query User{04B835EB-7C0F-499B-A343-64B3860A3E49}C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe] => (Allow) C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe No File
FirewallRules: [{2D2AD2CE-35A8-481B-B33F-0022967CFCDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B0C52E86-813D-4FA4-B07F-7A514D5C6B7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{7CD3B898-F379-4D31-B360-232BE092B72B}D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe No File
FirewallRules: [UDP Query User{87E26DF4-34EB-4E56-BE4B-E44DD31917C9}D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe No File
FirewallRules: [TCP Query User{9FD3AA32-F7BF-4302-805B-5FC31778380A}D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe No File
FirewallRules: [UDP Query User{DFDD5A91-88CC-437B-AEBF-415064866235}D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe No File
FirewallRules: [TCP Query User{DB9456A3-F950-4DD1-AFC4-25314D5EB81D}C:\program files\daum\potplayer\potplayermini64.exe] => (Allow) C:\program files\daum\potplayer\potplayermini64.exe (Kakao corp. -> Kakao)
FirewallRules: [UDP Query User{71D3D973-CEE4-4F32-AF02-A0F5DB301686}C:\program files\daum\potplayer\potplayermini64.exe] => (Allow) C:\program files\daum\potplayer\potplayermini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{7E12B850-6B29-4646-BC1F-902DC93125D3}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\x64\XSplit.Core.exe (SplitmediaLabs Limited -> SplitMediaLabs)
FirewallRules: [{7260AD63-6CA3-4701-AAE6-981C725CD517}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\x64\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{15472AAA-EA12-4343-8A4F-3A6FB1DA6747}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\x64\XSplit.Core.exe (SplitmediaLabs Limited -> SplitMediaLabs)
FirewallRules: [{09534C07-D5C6-4ED8-873E-30EE4110E1D2}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\x64\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{4FD57777-5AC8-4606-9994-82A54BE8DE3B}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{F26A5825-8A77-4136-8E9A-03D98A6CB5FA}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [TCP Query User{7D0E2790-10DE-4332-9ED9-DD1FDFEB34F7}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe No File
FirewallRules: [UDP Query User{CE99D30F-6258-4E1F-9728-3E0B5DE5FF66}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe No File
FirewallRules: [TCP Query User{96EE2FC0-5034-4BA2-B257-64FCA247AE5D}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [UDP Query User{42B6D126-D9AA-4C45-A93B-4385E74752C9}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{91FFE6BA-6FA1-4F11-B3F5-838E807BB2E5}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe No File
FirewallRules: [{2CE819E9-28FE-4129-8C05-A56624C576A4}] => (Allow) D:\SteamLibrary\steamapps\common\Northern Lights\Northern Lights.exe () [File not signed]
FirewallRules: [{DF088491-F0FF-4BEE-A8EB-831D6ABA059D}] => (Allow) D:\SteamLibrary\steamapps\common\Northern Lights\Northern Lights.exe () [File not signed]
FirewallRules: [{19452999-4C49-426F-812E-B301D5165197}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe (Tripwire Interactive, LLC.) [File not signed]
FirewallRules: [{AEBDE48B-03E3-4474-827D-33778729670C}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe (Tripwire Interactive, LLC.) [File not signed]
FirewallRules: [{1330D366-A6F9-4BBB-95E6-D3C6F540A903}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lakeview Cabin Collection\Lakeview Cabin Collection.exe () [File not signed]
FirewallRules: [{F33A1005-921E-4E8B-A790-671FCA99A4F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lakeview Cabin Collection\Lakeview Cabin Collection.exe () [File not signed]
FirewallRules: [TCP Query User{15950D11-6F8E-4D9B-8696-35D6EB93D43C}C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe No File
FirewallRules: [UDP Query User{4DA24A6C-48EC-4363-9D24-722991E28259}C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe No File
FirewallRules: [{1B4063DD-84D4-4CCF-82B3-640D71E5B6FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CPUCores\cpucores.exe (Tim Sullivan -> )
FirewallRules: [{5459044C-F861-4020-8E04-9B8B183F555E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CPUCores\cpucores.exe (Tim Sullivan -> )
FirewallRules: [{F826CEA8-778E-4747-9E29-00100A49AAD8}] => (Allow) D:\program\ubi\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{7DB6C556-D3B9-4AA5-8FD9-435886F9682C}] => (Allow) D:\program\ubi\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{9198F1ED-5D20-40A7-8107-81327A1F070F}] => (Allow) D:\program\ubi\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{5EBF6119-C0B2-4B56-95C6-E79B6B0B34F1}] => (Allow) D:\program\ubi\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{30C80BA1-3846-41A1-9086-C265A23ED4B1}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{D42EAFC1-7A27-4F76-B333-5C6D7E99E302}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{763C73BF-D6E7-401D-A415-67256C1B63AF}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{41C4AC78-CE7F-4FD4-9674-C3E136EDE661}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{AAEB2F30-F481-444A-AA79-785250EF27E7}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{5EC6EC71-0D92-4512-8B89-19449A43082D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{93279646-FB2B-498D-B782-DB2A55E617DA}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker\28\MusicMaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{D51C6A45-0150-4DE8-B461-9CD9D8D0EFEB}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{A66EC505-ED5C-4336-A180-3FA3A80B2C59}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [TCP Query User{76E0F8D6-FCBC-48F1-AF4C-BB54E6759995}D:\batlenet\overwatch\_retail_\overwatch.exe] => (Allow) D:\batlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{483BAA28-BC59-493E-84E4-3375CEAAD6CA}D:\batlenet\overwatch\_retail_\overwatch.exe] => (Allow) D:\batlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{E975E324-3CC4-4C83-BDFC-7FDE37BB32B2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{65436467-8BB1-40B7-8DB4-BC3C01CBF797}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{E7A382BF-EE5B-482D-94D6-9023DDC0EBF9}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{2BFB9EBB-3CBF-42CF-9260-BFB473A24C30}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5A3C631B-960A-4616-B857-2F222F7EA698}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{26B7BCCB-48F7-4846-82A9-75F0BC2703AA}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{3CF3A2C7-A562-4ABE-A083-B62788B2D709}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{9E4EF5C2-619F-49AD-B41F-7DAB06035E51}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{AAFE464D-911F-4D37-8C4E-8D2ABE20AF73}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{9C07A49A-F54A-4986-B19C-012B0243754A}] => (Allow) D:\SteamLibrary\steamapps\common\Hurtworld\experimental\Hurtworld.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{09A6C8D3-ECE2-42BF-B048-1726A1FC432E}] => (Allow) D:\SteamLibrary\steamapps\common\Hurtworld\experimental\Hurtworld.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{F5D35F11-1800-471C-9EDB-7EBA50CEE251}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5DE07C15-12CC-4407-A48E-B97313224443}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C4F4CC7B-35EA-47C3-870B-1B9345BE0F14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4750F3DB-1889-482A-BC60-98F0EBD7C31C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42A6F39F-8EFB-4EA7-95C1-21074153FAC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{79FFC79A-C8C9-4F62-977F-DA8B23C2F51C}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AA5279DF-7E0C-4DCE-BA58-8A031D44997D}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8459AC4C-3A71-4010-B5E6-BC475F6CEBD2}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)

==================== Restore Points =========================
 

user75

TS Enthusiast
25-08-2019 22:03:21 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/25/2019 08:01:56 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/25/2019 07:56:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AdwCleaner.exe version 7.4.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 4004

Start Time: 01d55b9fc8ecc659

Termination Time: 4294967295

Application Path: C:\Users\pirja\Downloads\AdwCleaner.exe

Report Id: 4489012b-7525-4de9-833f-cf0cc2dfc4e7

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (08/25/2019 07:51:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (08/25/2019 07:49:37 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (08/25/2019 05:35:55 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/25/2019 05:33:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe".Error in manifest or policy file "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe.Config" on line 12.
Invalid Xml syntax.

Error: (08/25/2019 03:51:31 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/25/2019 03:49:06 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe".Error in manifest or policy file "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe.Config" on line 12.
Invalid Xml syntax.


System errors:
=============
Error: (08/25/2019 11:26:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/25/2019 11:15:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/25/2019 09:42:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/25/2019 09:36:53 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/25/2019 09:36:52 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/25/2019 09:36:52 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/25/2019 08:12:53 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/25/2019 08:02:02 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================

Date: 2019-08-25 17:51:35.257
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-25 17:51:35.033
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-25 17:51:34.376
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-25 17:51:34.366
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-25 17:51:29.986
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-25 17:51:29.981
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-25 17:51:29.977
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-25 17:51:29.969
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.10.0 05/23/2019
Motherboard: Dell Inc. 03TF0Y
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 55%
Total physical RAM: 16228.23 MB
Available physical RAM: 7168.92 MB
Total Virtual: 29825.21 MB
Available Virtual: 15283.27 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:222.64 GB) (Free:12.7 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:68.99 GB) NTFS

\\?\Volume{f166cb81-c9a3-47e8-93c0-23d8a612fe54}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.54 GB) NTFS
\\?\Volume{dd347ca0-6d92-4465-b4c9-e2d13ccfff5d}\ (Image) (Fixed) (Total:12.95 GB) (Free:0.16 GB) NTFS
\\?\Volume{6cfdf4f0-11f1-4e67-9d90-d8df36629996}\ (DELLSUPPORT) (Fixed) (Total:1.14 GB) (Free:0.48 GB) NTFS
\\?\Volume{8f901f1e-474e-4236-8e9c-a27419479e4f}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 37E2FF25)

Partition: GPT.

========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 37E2F790)

Partition: GPT.

==================== End of Addition.txt ============================
 

Broni

Malware Annihilator
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

user75

TS Enthusiast
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-08-2019
Ran by reznov (26-08-2019 03:29:17) Run:1
Running from C:\Users\pirja\Pictures\test
Loaded Profiles: reznov (Available Profiles: reznov)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [AdobeBridge] => [X]
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-408333896-3164079283-3827766986-1001 -> DefaultScope {61555BF3-C566-45DC-BD27-8F997BFA5C89} URL =
SearchScopes: HKU\S-1-5-21-408333896-3164079283-3827766986-1001 -> {61555BF3-C566-45DC-BD27-8F997BFA5C89} URL =
S3 dcpm-notify; "C:\Program Files\Dell\CommandPowerManager\NotifyService.exe" [X]
S2 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]
S2 DellClientManagementService; "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe" [X]
2019-06-01 17:51 - 2019-06-01 17:51 - 000000000 _____ () C:\Users\pirja\AppData\Local\oobelibMkey.log
2019-08-22 16:51 - 2019-08-22 16:51 - 000012376 _____ () C:\Users\pirja\AppData\Local\recently-used.xbel
2019-03-03 20:30 - 2019-03-03 20:30 - 000001464 _____ () C:\Users\pirja\AppData\Local\root72.cer
2019-03-03 20:30 - 2019-03-03 20:30 - 000001708 _____ () C:\Users\pirja\AppData\Local\root72.key
2019-03-03 20:30 - 2019-04-08 14:49 - 000000016 _____ () C:\Users\pirja\AppData\Local\root72.md5
2019-06-14 00:35 - 2019-06-14 00:58 - 000000071 _____ () C:\Users\pirja\AppData\Local\update_progress.txt
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\pirja\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\pirja\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\pirja\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> "C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\MaxxAudioPro.exe" => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Users\pirja\Local Settings:4tPCoG1RIl7lWVuwdeG [2426]
AlternateDataStreams: C:\Users\pirja\AppData\Local:4tPCoG1RIl7lWVuwdeG [2426]
AlternateDataStreams: C:\Users\pirja\AppData\Local\Application Data:4tPCoG1RIl7lWVuwdeG [2426]
AlternateDataStreams: C:\Users\pirja\AppData\Local\Temporary Internet Files:v5dywXspbU8AMWBsjgI2w [2302]
FirewallRules: [{B62A6817-C7B3-4D23-937F-04166E9F90C2}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{169789FC-918E-4DD9-BC77-55745678DAF4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [TCP Query User{04E01B97-48E9-4702-A828-C64C84DC6F55}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe] => (Allow) C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe No File
FirewallRules: [UDP Query User{706207A0-2D27-4E11-B3CB-A936D24D4D62}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe] => (Allow) C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe No File
FirewallRules: [TCP Query User{83A1F158-9916-4A76-A80D-ABB59BD98203}C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe] => (Allow) C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{AA0CA70C-CC03-411D-A40F-1CFFA851EC2C}C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe] => (Allow) C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe No File
FirewallRules: [{2A8059B3-ED0F-4B1B-86D7-B150F1321349}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7AD81FD3-73A3-46E5-8F6B-C1BF37CD25B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{0EBFFFFD-D6F5-4097-834F-AFEC1FFF9253}D:\batlenet\overwatch\overwatch.exe] => (Allow) D:\batlenet\overwatch\overwatch.exe No File
FirewallRules: [UDP Query User{50E82EE0-96D1-4E39-8472-9F087F0FDFF1}D:\batlenet\overwatch\overwatch.exe] => (Allow) D:\batlenet\overwatch\overwatch.exe No File
FirewallRules: [TCP Query User{6BA36E39-1772-456C-90AB-6F73D990F30F}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [UDP Query User{2BF12D27-A76B-48C2-A0EA-3AE83FD8D71B}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [{08915965-A19C-4E96-B14E-2C4C09694ACD}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{8EF23CA7-BB6A-4A25-8A65-417EE4082A62}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{4D2295E6-E573-49D2-AC9F-C1A9F5D16F8F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{C4B76D08-E5CA-46F0-964D-F507D8A39566}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [TCP Query User{5336F8D1-1DA7-4825-A3AF-3DA37C18E7BC}D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{F35DDE18-F341-48E5-A4D0-BF199E18D929}D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [{D9FD0790-2404-4853-AA69-F71B20450A01}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe No File
FirewallRules: [{498D126B-C87B-4086-A2EA-FDB6BD7BEF76}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe No File
FirewallRules: [{C0FC25EB-18FD-4A2D-B006-CE26F5FE69CB}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe No File
FirewallRules: [{E1A086D9-1DE7-49DA-8809-FC2B45F13E1F}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe No File
FirewallRules: [{BD10748A-3280-4961-A359-F18B45F4B08E}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{3909A23A-69D4-4C5B-A12C-2A3800580B16}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [TCP Query User{16908574-27CE-4860-AC78-40527C9AA9CA}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{7C1582DE-47B2-4C25-B037-16B206019CB3}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{7874B3DD-9C2C-4CAA-AE7E-1197088DA157}C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe] => (Allow) C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe No File
FirewallRules: [UDP Query User{04B835EB-7C0F-499B-A343-64B3860A3E49}C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe] => (Allow) C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe No File
FirewallRules: [TCP Query User{7CD3B898-F379-4D31-B360-232BE092B72B}D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe No File
FirewallRules: [UDP Query User{87E26DF4-34EB-4E56-BE4B-E44DD31917C9}D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe No File
FirewallRules: [TCP Query User{9FD3AA32-F7BF-4302-805B-5FC31778380A}D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe No File
FirewallRules: [UDP Query User{DFDD5A91-88CC-437B-AEBF-415064866235}D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe No File
FirewallRules: [TCP Query User{7D0E2790-10DE-4332-9ED9-DD1FDFEB34F7}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe No File
FirewallRules: [UDP Query User{CE99D30F-6258-4E1F-9728-3E0B5DE5FF66}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe No File
FirewallRules: [{91FFE6BA-6FA1-4F11-B3F5-838E807BB2E5}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe No File
FirewallRules: [TCP Query User{15950D11-6F8E-4D9B-8696-35D6EB93D43C}C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe No File
FirewallRules: [UDP Query User{4DA24A6C-48EC-4363-9D24-722991E28259}C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe No File

*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-408333896-3164079283-3827766986-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKU\S-1-5-21-408333896-3164079283-3827766986-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{61555BF3-C566-45DC-BD27-8F997BFA5C89} => removed successfully
HKLM\Software\Classes\CLSID\{61555BF3-C566-45DC-BD27-8F997BFA5C89} => not found
HKLM\System\CurrentControlSet\Services\dcpm-notify => removed successfully
dcpm-notify => service removed successfully
HKLM\System\CurrentControlSet\Services\Dell SupportAssist Remediation => removed successfully
Dell SupportAssist Remediation => service removed successfully
HKLM\System\CurrentControlSet\Services\DellClientManagementService => removed successfully
DellClientManagementService => service removed successfully
C:\Users\pirja\AppData\Local\oobelibMkey.log => moved successfully
C:\Users\pirja\AppData\Local\recently-used.xbel => moved successfully
C:\Users\pirja\AppData\Local\root72.cer => moved successfully
C:\Users\pirja\AppData\Local\root72.key => moved successfully
C:\Users\pirja\AppData\Local\root72.md5 => moved successfully
C:\Users\pirja\AppData\Local\update_progress.txt => moved successfully
HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
C:\Users\pirja\Local Settings => ":4tPCoG1RIl7lWVuwdeG" ADS removed successfully
"C:\Users\pirja\AppData\Local" => ":4tPCoG1RIl7lWVuwdeG" ADS not found.
"C:\Users\pirja\AppData\Local\Application Data" => ":4tPCoG1RIl7lWVuwdeG" ADS not found.
C:\Users\pirja\AppData\Local\Temporary Internet Files => ":v5dywXspbU8AMWBsjgI2w" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B62A6817-C7B3-4D23-937F-04166E9F90C2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{169789FC-918E-4DD9-BC77-55745678DAF4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{04E01B97-48E9-4702-A828-C64C84DC6F55}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{706207A0-2D27-4E11-B3CB-A936D24D4D62}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{83A1F158-9916-4A76-A80D-ABB59BD98203}C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AA0CA70C-CC03-411D-A40F-1CFFA851EC2C}C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A8059B3-ED0F-4B1B-86D7-B150F1321349}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7AD81FD3-73A3-46E5-8F6B-C1BF37CD25B4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0EBFFFFD-D6F5-4097-834F-AFEC1FFF9253}D:\batlenet\overwatch\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{50E82EE0-96D1-4E39-8472-9F087F0FDFF1}D:\batlenet\overwatch\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6BA36E39-1772-456C-90AB-6F73D990F30F}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2BF12D27-A76B-48C2-A0EA-3AE83FD8D71B}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{08915965-A19C-4E96-B14E-2C4C09694ACD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8EF23CA7-BB6A-4A25-8A65-417EE4082A62}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4D2295E6-E573-49D2-AC9F-C1A9F5D16F8F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4B76D08-E5CA-46F0-964D-F507D8A39566}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5336F8D1-1DA7-4825-A3AF-3DA37C18E7BC}D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F35DDE18-F341-48E5-A4D0-BF199E18D929}D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D9FD0790-2404-4853-AA69-F71B20450A01}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{498D126B-C87B-4086-A2EA-FDB6BD7BEF76}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0FC25EB-18FD-4A2D-B006-CE26F5FE69CB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1A086D9-1DE7-49DA-8809-FC2B45F13E1F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD10748A-3280-4961-A359-F18B45F4B08E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3909A23A-69D4-4C5B-A12C-2A3800580B16}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{16908574-27CE-4860-AC78-40527C9AA9CA}C:\windows\files\bin\kmss.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7C1582DE-47B2-4C25-B037-16B206019CB3}C:\windows\files\bin\kmss.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7874B3DD-9C2C-4CAA-AE7E-1197088DA157}C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{04B835EB-7C0F-499B-A343-64B3860A3E49}C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7CD3B898-F379-4D31-B360-232BE092B72B}D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{87E26DF4-34EB-4E56-BE4B-E44DD31917C9}D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9FD3AA32-F7BF-4302-805B-5FC31778380A}D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DFDD5A91-88CC-437B-AEBF-415064866235}D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7D0E2790-10DE-4332-9ED9-DD1FDFEB34F7}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CE99D30F-6258-4E1F-9728-3E0B5DE5FF66}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{91FFE6BA-6FA1-4F11-B3F5-838E807BB2E5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{15950D11-6F8E-4D9B-8696-35D6EB93D43C}C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4DA24A6C-48EC-4363-9D24-722991E28259}C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe" => removed successfully


The system needed a reboot.

==== End of Fixlog 03:29:24 ====
 

Broni

Malware Annihilator
Last scans...

Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 

user75

TS Enthusiast
Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
`````````Anti-malware/Other Utilities Check:`````````
VirusTotal Uploader 2.2
Java version 32-bit out of Date!
Mozilla Thunderbird (60.8.0)
Google Chrome (76.0.3809.100)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
 

user75

TS Enthusiast
Farbar Service Scanner Version: 27-01-2016
Ran by reznov (administrator) on 26-08-2019 at 18:55:34
Running from "C:\Users\pirja\Downloads"
Microsoft Windows 10 Home (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Destination is unreachable
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Security Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv: "%systemroot%\system32\svchost.exe -k netsvcs -p".
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 

Broni

Malware Annihilator
Your computer is clean https://www.bleepstatic.com/fhost/uploads/6/snag-0004.jpg[/URL]]

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
[COLOR=#ff0000][B]This is a very crucial step so make sure you don't skip it.[/B][/COLOR]
Download [IMG]http://www.imgdumper.nl/uploads6/51a5ce45267c1/51a5ce45263de-delfix.pngDelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings
Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

6. Run Temporary File Cleaner (TFC) and AdwCleaner weekly (you need to redownload these tools since they were removed by DelFix).

7. (optional) If you want to keep all your programs up to date, download and install FileHippo App Manager.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

8. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

9. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry3187642

10. Please, let me know, how your computer is doing.
 

user75

TS Enthusiast
I have a little problem I think I have take another virus

ì§CfþïѲ® ÀO¹8m desktop-4f34djr F£
òZÇE¤]|=Ÿ,› R1Ó¢\Õ › › ÿÿÿÿ ›



! " # ! $ " % # & $ ' % ( & ) ' * ( + ) , * - + . , / - 0 . 1 / 2 0 3 1 4 2 5 3 6 4 7 5 8 6 9 7 : 8 ; 9 < : = ; > < ? = @ > A ? B @ C A D B E C F D G E H F I G J H K I L J M K N L O M P N Q O R P S Q T R U S V T W U X V Y W Z X [ Y \ Z ] [ ^ \ _ ] ` ^ a _ b ` c a d b e c f d g e h f I g j h k I l j m k n l o m p n q o r p s q t r u s v t w u x v y w z x { y | z } { ~ |  } € ~   ‚ € ƒ  „ ‚ … ƒ † „ ‡ … ˆ † ‰ ‡ Š ˆ ‹ ‰ Œ Š  ‹ Ž Œ    Ž ‘  ’  “ ‘ ” ’ • “ – ” — • ˜ – ™ — š ˜ › ™ š