Solved I just a big virus very weird

user75

TS Enthusiast
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-08-2019
Ran by reznov (administrator) on DESKTOP-4F34DJR (Dell Inc. G3 3579) (27-08-2019 02:55:56)
Running from C:\Users\pirja\Downloads
Loaded Profiles: reznov (Available Profiles: reznov)
Platform: Windows 10 Pro Version 1809 17763.678 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Clipdiary\Clipdiary.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apowersoft Ltd -> Apowersoft) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
(Atheros Communications, Inc.) [File not signed] C:\Program Files (x86)\Jumpstart\jswpbapi.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\79.4.143\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\79.4.143\QtWebEngineProcess.exe
(Druide Informatique Inc. -> Druide informatique inc.) [File not signed] C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\AgentAntidote.exe
(Druide Informatique Inc. -> Druide informatique inc.) [File not signed] C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.13\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.13\GoogleCrashHandler64.exe
(GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_db953c52208ada71\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_db953c52208ada71\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2f4c7fcb86976beb\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2f4c7fcb86976beb\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamtray.exe
(Mega Limited -> Mega Limited) C:\Users\pirja\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\Display.NvContainer\NVDisplay.Container.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Osiris Development -> Osiris Development) C:\Program Files\BatteryBar\BatteryBar.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\pcdrwi.exe
(Privax Limited -> Privax Limited) C:\Program Files (x86)\HMA! Pro VPN\VpnSvc.exe
(PushBullet Inc -> Pushbullet Inc) C:\Users\pirja\AppData\Local\Pushbullet\bin\pushbullet_client.exe
(Pushbullet inc) [File not signed] D:\program\pushbullet\Pushbullet\pushbullet.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTgui.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(VMware, Inc. -> ) D:\vm\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc. -> VMware, Inc.) D:\vm\vmware-authd.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [881768 2019-06-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe [1222536 2018-12-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [AgentAntidote32] => C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\AgentAntidote.exe [1653352 2017-09-12] (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
HKLM\...\Run: [AgentAntidote64] => C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe [1797736 2017-09-12] (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-08-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [61370712 2019-03-15] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [jswtrayutil] => C:\Program Files (x86)\Jumpstart\jswtrayutil.exe [528384 2008-09-26] (Atheros Communications, Inc.) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [vmware-tray.exe] => D:\vm\vmware-tray.exe [125872 2019-05-04] (VMware, Inc. -> VMware, Inc.)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [Pushbullet] => D:\program\pushbullet\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc) [File not signed]
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [ApowersoftScreenRecorder] => C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe [3016344 2018-09-29] (Apowersoft Ltd -> Apowersoft)
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [Clipdiary] => C:\Program Files (x86)\Clipdiary\clipdiary.exe [6735360 2019-05-06] () [File not signed]
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [Discord] => C:\Users\pirja\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1294336 2003-01-20] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-21] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-06-30]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
Startup: C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BatteryBar.lnk [2019-08-07]
ShortcutTarget: BatteryBar.lnk -> C:\Program Files\BatteryBar\BatteryBar.exe (Osiris Development -> Osiris Development)
Startup: C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-02-15]
ShortcutTarget: MEGAsync.lnk -> C:\Users\pirja\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ProtonMail Bridge.lnk [2019-03-30]
ShortcutTarget: ProtonMail Bridge.lnk -> C:\Program Files\Proton Technologies AG\ProtonMail Bridge\Desktop-Bridge.exe (No File)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {090703D2-B1E7-4334-8B07-D869542A593C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6311056 2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {0BAFF5F4-B4FB-4322-B0D1-852909688310} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [162856 2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {13B68E53-CF6D-4AA8-85DC-629FC7D0AC7C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1878EDF5-1632-403F-A028-AC4C216B81AE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2FE2F2C0-2D96-465D-9161-825648EABC8C} - System32\Tasks\HMA! Pro VPN Update => C:\Program Files (x86)\HMA! Pro VPN\VpnUpdate.exe [1474672 2019-08-12] (Privax Limited -> Privax Limited)
Task: {3769C2A2-4973-42B2-AE69-C38C65C0D66F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D771F87-9A88-436F-8581-BBD7E3AE81B0} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-pirjackoy@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {40AF7EAF-47F5-412F-9681-4135DB56ED61} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {50EFF2D0-223D-41E5-AD74-8DE4C2CC50C0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27276392 2019-08-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {580DC558-C208-4789-8996-AB2F8A0A05F3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {5A427DE9-CDBB-47FA-B674-D30FE9767246} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-15] (Adobe Inc. -> Adobe)
Task: {5B1DA194-F5F4-46E9-B8DB-16CF12A4FEFF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27276392 2019-08-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C143FB3-8CA5-4C9C-96BE-633F937C5FF3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5E4BA37F-E9AA-47D1-9706-E00F0E29CCB0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6A291EBA-7B4F-4EB4-A388-A056D477321A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {6F5045D0-65AD-4FE4-979B-E2CDE5724ACA} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {8DA6AC64-1220-4330-A214-06BB117C457F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_pepper.exe [1452600 2019-08-15] (Adobe Inc. -> Adobe)
Task: {9F439A88-F9D0-4A3A-8CC2-078126A29EFF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [162856 2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0D8644E-3276-437E-B6CD-D5801F32D631} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {AD7DE0FE-6A79-448F-A791-AB570B94A398} - System32\Tasks\ConsoleAct => C:\Windows\ConsoleAct_x64.exe [840560 2018-08-01] (WZTeam -> MSFree Inc., Ratiborus) [File not signed]
Task: {B16CE096-57EC-4EF1-A56A-B33770180AA6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B41D3337-7E8C-4522-B3A7-AEA120CB378C} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [34983480 2019-08-20] (Adlice -> )
Task: {B4567719-ACFD-4506-80F7-6624F95EBF92} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD4E8EEC-1CD9-4658-8FDD-5ED746194005} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177168 2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE946BDA-0920-4667-A228-35A3795AE37B} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe
Task: {D3D4E141-E983-4796-85FA-8AFD2C096EF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-14] (Google Inc -> Google Inc.)
Task: {D47079CE-E792-4DC5-A204-1DF4FD32C35F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177168 2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {D69D2A2D-0E9E-42BE-9995-718F3C2E9EC7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E198A33F-D1E3-4613-AEA8-B9A618A6E94C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E21018B4-48B8-4B77-9261-A9E5EF26385E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9A6A25D-10E4-4300-AC39-5E930CBB0E6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-14] (Google Inc -> Google Inc.)
Task: {F317E543-52CE-4825-A7BE-17584584FC3C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD78C67B-8775-4136-9C66-204A772E07BA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6311056 2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDA69153-E823-46C8-ABEC-F5E64A1D0C12} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{05f2a3dc-162b-4b5b-9d7a-4cf257aedc9f}: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{ab954629-d7b3-48f5-8e9a-6319c0a11212}: [NameServer] 100.120.0.1
Tcpip\..\Interfaces\{b999b08f-b0aa-4129-b051-c5fb43bd634c}: [DhcpNameServer] 4.2.2.1
 

user75

TS Enthusiast
Internet Explorer:
==================
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH -> Eyeo GmbH) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH -> Eyeo GmbH) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-26] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\pirja\Downloads

FireFox:
========
FF DefaultProfile: 2e3397mj.default
FF DefaultProfile: x50lax2a.default
FF ProfilePath: C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11 [2019-08-25]
FF Homepage: Mozilla\Firefox\Profiles\ayiflckg.Default User11 -> about:blank
FF Extension: (TorGuard VPN Extension) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\@VPNetworksLLC.xpi [2019-08-07]
FF Extension: (Antidote) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\antidote9_firefox@druide.com.xpi [2017-11-30] [UpdateUrl:hxxps://www.druide.com/telecharger/texteurs/Mozilla/commun/maj_antidote_mozilla.php?id=%ITEM_ID%&version=%ITEM_VERSION%&appid=%APP_ID%&appversion=%APP_VERSION%&appos=%APP_OS%&appabi=%APP_ABI%&applocale=%APP_LOCALE%;&itemstatus=%ITEM_STATUS%]
FF Extension: (ReCaptcha Solver) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\doz4@hotmail.com.xpi [2019-08-07]
FF Extension: (TubeBuddy for YouTube) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2019-08-23]
FF Extension: (SaveFrom.net helper) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\helper@savefrom.net.xpi [2019-08-20]
FF Extension: (HTTPS Everywhere) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\https-everywhere@eff.org.xpi [2019-08-07]
FF Extension: (Pushbullet) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\jid1-BYcQOfYfmBMd9A@jetpack.xpi [2019-08-07]
FF Extension: (Pandora Extended Shortcuts) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\pandora@bbradley.net.xpi [2019-08-07]
FF Extension: (User-Agent Switcher) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\user-agent-switcher@ninetailed.ninja.xpi [2019-08-16]
FF Extension: (minerBlock) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\xd4rker@gmail.com.xpi [2019-08-07]
FF Extension: (Stylish - Custom themes for any website) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2019-08-07]
FF Extension: (Bh Dark Mode) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{62281241-d81e-4922-9c3e-b99fd1ebfcb2}.xpi [2019-08-07]
FF Extension: (DarkTheme) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{99c277af-d778-4a0b-9faa-b1d8165f0a55}.xpi [2019-08-07]
FF Extension: (Dark Fox) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-08-07]
FF Extension: (FTP System c.a.) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{ffca2acd-c848-4961-ab1a-14d45d2c9c22}.xpi [2019-08-07]
FF ProfilePath: C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default [2019-08-07]
FF user.js: detected! => C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\user.js [2019-02-15]
FF Homepage: Mozilla\Firefox\Profiles\2e3397mj.default -> about:blank
FF NewTab: Mozilla\Firefox\Profiles\2e3397mj.default -> about:blank
FF Extension: (TorGuard VPN Extension) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\@VPNetworksLLC.xpi [2019-07-01]
FF Extension: (Antidote-Firefox) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\antidote9_firefox@druide.com [2019-02-15] [Legacy]
FF Extension: (Antidote) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\antidote9_firefox@druide.com.xpi [2017-11-30] [UpdateUrl:hxxps://www.druide.com/telecharger/texteurs/Mozilla/commun/maj_antidote_mozilla.php?id=%ITEM_ID%&version=%ITEM_VERSION%&appid=%APP_ID%&appversion=%APP_VERSION%&appos=%APP_OS%&appabi=%APP_ABI%&applocale=%APP_LOCALE%;&itemstatus=%ITEM_STATUS%]
FF Extension: (ReCaptcha Solver) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\doz4@hotmail.com.xpi [2019-07-10]
FF Extension: (Spanish (Spain) Dictionary) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\es-es@dictionaries.addons.mozilla.org.xpi [2019-02-23]
FF Extension: (French spelling dictionary) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2019-04-01]
FF Extension: (SaveFrom.net helper) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\helper@savefrom.net.xpi [2019-08-05]
FF Extension: (HTTPS Everywhere) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\https-everywhere@eff.org.xpi [2019-07-08]
FF Extension: (Privacy Settings) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\jid1-CKHySAadH4nL6Q@jetpack.xpi [2019-06-16]
FF Extension: (English (GB) Language Pack) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2019-07-24]
FF Extension: (Español (España) Language Pack) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\langpack-es-ES@firefox.mozilla.org.xpi [2019-07-24]
FF Extension: (Français Language Pack) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-07-24]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\marcoagpinto@mail.telepac.pt.xpi [2019-07-29]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\sp@avast.com.xpi [2019-08-27]
FF Extension: (Avast Online Security) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\wrc@avast.com.xpi [2019-08-27]
FF Extension: (minerBlock) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\xd4rker@gmail.com.xpi [2019-06-21]
FF Extension: (Kolotibablo bot) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\{228118ac-98b5-4b8f-9ed9-7c18b15c23c4}.xpi [2019-08-05] [UpdateUrl:hxxps://antcpt.com/downloads/kolotibablo/firefox/update_manifest.json]
FF Extension: (Fake video news debunker by InVID) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\{b86b6076-1d0f-4ef1-bd24-16bfe94e3eb5}.xpi [2019-07-27]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-05]
FF Extension: (Save time by asking Buster to solve captchas for you.) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\{e58d3966-3d76-4cd9-8552-1582fbc800c1}.xpi [2019-06-21]
FF ProfilePath: C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\oahddy53.default-release [2019-08-27]
FF Extension: (Antidote) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\oahddy53.default-release\Extensions\antidote9_firefox@druide.com.xpi [2019-08-09] [UpdateUrl:hxxps://www.druide.com/telecharger/texteurs/Mozilla/commun/maj_antidote_mozilla.php?id=%ITEM_ID%&version=%ITEM_VERSION%&appid=%APP_ID%&appversion=%APP_VERSION%&appos=%APP_OS%&appabi=%APP_ABI%&applocale=%APP_LOCALE%;&itemstatus=%ITEM_STATUS%]
FF Extension: (French spelling dictionary) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\oahddy53.default-release\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2019-08-10]
FF Extension: (Français Language Pack) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\oahddy53.default-release\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-08-10]
FF ProfilePath: C:\Users\pirja\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\x50lax2a.default [2019-05-30]
FF Extension: (Adblock Plus - free ad blocker) - C:\Program Files\Mozilla Firefox\browser\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2019-02-15]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-08-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-08-05] (Google Inc -> Google LLC)
FF Plugin-x32: @Tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-408333896-3164079283-3827766986-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin HKU\S-1-5-21-408333896-3164079283-3827766986-1001: @turbo.net/Turbo.net Plugin 3.33 -> C:\Users\pirja\AppData\Local\Turbo\19.4.1964.21\npMozillaTurboPlugin.dll [No File]
StartMenuInternet: Firefox-CA9422711AE1A81C - C:\Program Files\Firefox Developer Edition\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default [2019-08-26]
CHR Extension: (Slides) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-17]
CHR Extension: (Docs) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-17]
CHR Extension: (Google Drive) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-17]
CHR Extension: (YouTube) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-17]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-26]
CHR Extension: (Sheets) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-17]
CHR Extension: (Google Docs Offline) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-20]
CHR Extension: (ReCaptcha Solver) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\hapgiopokcmcnjmakciaeaocceodcjdn [2019-07-12]
CHR Extension: (Antidote) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbojggafdepnclikhiapkpinbfdhbdoi [2019-02-17]
CHR Extension: (TorGuard VPN Extension) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnfchpadaikneonajggpooeppnmdolhc [2019-08-13]
CHR Extension: (Buster: Captcha Solver for Humans) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpbjkejclgfgadiemmefgebjfooflfhl [2019-06-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-17]
CHR Extension: (Gmail) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-05]
CHR HKLM\...\Chrome\Extension: [lbojggafdepnclikhiapkpinbfdhbdoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lbojggafdepnclikhiapkpinbfdhbdoi] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKLM\SYSTEM\CurrentControlSet\Services\aswSP <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\aswSnx <==== ATTENTION (Rootkit!)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-03-06] (BattlEye Innovations e.K. -> )
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2019-08-23] (Microsoft Windows -> Microsoft Corporation)
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2019-06-30] (GuinpinSoft inc) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11597408 2019-08-22] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-08-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
R2 Dell Digital Delivery Services; c:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [34976 2018-12-05] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe [1050952 2019-07-11] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{7EF782A9-9B4D-4D1D-8F51-2449D32827BA} [21304 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{7EF782A9-9B4D-4D1D-8F51-2449D32827BA} [21304 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [26984 2019-07-25] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [80744 2019-07-25] (IDSA Production signing key -> Intel)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1892512 2018-12-14] (Intel Corporation -> Intel Corporation)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel(R) Software Development Products -> )
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2019-08-07] (FUTUREMARK INC -> Futuremark)
S4 HfcDisableService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\HfcDisableService.exe [1881672 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 HmaProVpn; C:\Program Files (x86)\HMA! Pro VPN\VpnSvc.exe [6939760 2019-08-12] (Privax Limited -> Privax Limited)
S3 iaStorAfsService; C:\Windows\System32\iaStorAfsService.exe [2859592 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [530208 2019-05-28] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [214672 2018-01-31] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 jswpbapi; C:\Program Files (x86)\Jumpstart\jswpbapi.exe [265216 2008-09-26] (Atheros Communications, Inc.) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\Jumpstart\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [File not signed]
R2 MBAMService; C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-20] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe [2156616 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [881768 2019-06-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R3 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [163680 2018-04-10] (Sophos Limited -> Sophos Limited)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-05-24] (Dell Inc. -> Dell Inc.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [205112 2019-05-15] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel(R) Software Development Products -> )
R2 VMAuthdService; D:\vm\vmware-authd.exe [100784 2019-05-04] (VMware, Inc. -> VMware, Inc.)
R2 VMwareHostd; D:\vm\vmware-hostd.exe [15446448 2019-05-04] (VMware, Inc. -> )
R2 WavesSysSvc; C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe [884616 2018-12-05] (Waves Inc -> Waves Audio Ltd.)
S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-06-11] (Microsoft Corporation -> Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-20] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (Anvsoft Inc. -> AnvSoft Inc.)
S3 cykbfltrService; C:\Windows\system32\DRIVERS\cykbfltr.sys [19968 2013-09-13] (Cypress Semiconductor, Inc.) [File not signed]
S3 cymfltrService; C:\Windows\system32\DRIVERS\cymfltr.sys [99328 2013-09-13] (Cypress Semiconductor, Inc.) [File not signed]
R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [78832 2018-12-14] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [75248 2018-12-14] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [403440 2018-12-14] (Intel Corporation -> Intel Corporation)
S3 HfAudio; C:\Windows\System32\drivers\HfAudio.sys [91200 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 HidEventFilter; C:\Windows\System32\DriverStore\FileRepository\hideventfilter.inf_amd64_1ed78f101bc29129\HidEventFilter.sys [84104 2018-11-20] (Intel(R) Software -> Intel Corporation)
R3 hmatap; C:\Windows\System32\drivers\hmatap.sys [36456 2018-09-05] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 hswultpep; C:\Windows\System32\drivers\hswultpep.sys [62968 2013-02-08] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-05-06] (Martin Malik - REALiX -> REALiX(tm))
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [128608 2019-05-22] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1033288 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [72776 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\Windows\System32\drivers\ibtusb.sys [15033120 2019-05-28] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 JSWPSLWF; C:\Windows\system32\DRIVERS\jswpslwfx.sys [26624 2008-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-08-27] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-08-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-18] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 Netwtw06; C:\Windows\System32\drivers\Netwtw06.sys [8723968 2018-09-15] (Microsoft Windows -> Intel Corporation)
R3 Netwtw08; C:\Windows\System32\drivers\Netwtw08.sys [9237792 2019-08-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\nvlddmkm.sys [22347976 2019-08-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-08-16] (NVIDIA Corporation -> NVIDIA Corporation)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1158944 2019-08-21] (Realtek Semiconductor Corp. -> Realtek )
 

user75

TS Enthusiast
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [442664 2019-03-05] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 ScrHIDDriver2; C:\Windows\System32\drivers\ScrHIDDriver2.sys [75800 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2019-05-15] (Intel Corporation -> )
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46776 2019-05-24] (SteelSeries ApS -> )
S3 sshid; C:\Windows\System32\drivers\sshid.sys [47824 2019-05-24] (SteelSeries ApS -> SteelSeries ApS)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [44976 2018-09-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-08-27] (Adlice -> )
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 vmkbd3; C:\Windows\system32\DRIVERS\vmkbd.sys [52288 2019-05-04] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [92040 2019-04-27] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-07-12] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-27 02:47 - 2019-08-27 02:47 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4c416b04b7971f02.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000478096 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4bbe86f720de18df.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000387176 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7a9da908d4e353a5.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000363912 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-08-27 02:47 - 2019-08-27 02:47 - 000282768 _____ (AVAST Software) C:\Windows\system32\Drivers\asw87acad183a84425c.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000263008 _____ (AVAST Software) C:\Windows\system32\Drivers\asw79084e6d75a2b51b.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswb97fc4c1116f3b28.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\asw77b3206ad83d868a.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\asw69190c406b00a7bc.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000169408 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0568ebd1deaa0099.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswb63093469ce7314c.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\asw777292e3cb288d58.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\asw96fec755756d41bf.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswc00af80245908f03.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswf70081f59f95b7f9.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000015488 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0f1a35591336512d.tmp
2019-08-27 02:47 - 2019-08-27 02:47 - 000001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-08-27 02:47 - 2019-08-27 02:47 - 000001969 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-08-27 02:47 - 2019-08-27 02:47 - 000000000 ____D C:\Users\pirja\AppData\Roaming\AVAST Software
2019-08-27 02:46 - 2019-08-27 02:46 - 000000000 ____D C:\Program Files\AVAST Software
2019-08-27 02:44 - 2019-08-27 02:44 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-08-27 02:33 - 2019-08-27 02:33 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-08-27 02:33 - 2019-08-27 02:33 - 000001355 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-27 02:33 - 2019-08-27 02:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-27 02:33 - 2019-08-27 02:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-27 02:33 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-08-27 02:33 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-08-27 02:32 - 2019-08-27 02:32 - 000000000 ____D C:\Users\pirja\Downloads\Malwarebytes Anti-Malware Premium 3.7.1.2839 - Repack elchupacabra [4REALTORRENTZ.COM]
2019-08-27 01:50 - 2019-08-27 01:50 - 000003158 _____ C:\Windows\System32\Tasks\RogueKiller Anti-Malware
2019-08-27 01:50 - 2019-08-27 01:50 - 000000000 ____D C:\ProgramData\RogueKiller
2019-08-27 01:50 - 2019-08-27 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-08-27 01:50 - 2019-08-27 01:50 - 000000000 ____D C:\Program Files\RogueKiller
2019-08-27 01:46 - 2019-08-27 01:46 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2019-08-26 20:23 - 2019-08-26 20:28 - 1184440320 _____ C:\Users\pirja\Downloads\tails-amd64-3.15.iso
2019-08-26 20:13 - 2019-08-26 20:13 - 000091524 _____ C:\Users\pirja\Downloads\tails-amd64-3.15.img (1).torrent
2019-08-26 19:13 - 2019-08-26 19:13 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2019-08-26 19:13 - 2019-08-26 19:13 - 000000000 ____D C:\ProgramData\Sophos
2019-08-26 19:13 - 2019-08-26 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2019-08-26 19:13 - 2019-08-26 19:13 - 000000000 ____D C:\Program Files (x86)\Sophos
2019-08-26 19:11 - 2019-08-26 19:12 - 217092016 _____ (Sophos Limited) C:\Users\pirja\Downloads\Sophos Virus Removal Tool.exe
2019-08-26 18:59 - 2019-08-26 18:59 - 000448512 _____ (OldTimer Tools) C:\Users\pirja\Downloads\TFC (1).exe
2019-08-26 18:56 - 2019-08-26 18:56 - 000448512 _____ (OldTimer Tools) C:\Users\pirja\Downloads\TFC.exe
2019-08-26 18:55 - 2019-08-26 18:55 - 000899584 _____ (Farbar) C:\Users\pirja\Downloads\FSS.exe
2019-08-26 18:55 - 2019-08-26 18:55 - 000003007 _____ C:\Users\pirja\Downloads\FSS.txt
2019-08-26 18:53 - 2019-08-26 18:53 - 000852798 _____ C:\Users\pirja\Downloads\SecurityCheck.exe
2019-08-26 18:49 - 2019-08-26 18:49 - 000010563 _____ C:\Users\pirja\AppData\Local\recently-used.xbel
2019-08-26 03:43 - 2019-08-26 03:43 - 000079788 _____ C:\Users\pirja\Downloads\ubuntu-18.04.3-desktop-amd64.iso.torrent
2019-08-26 03:38 - 2019-08-26 21:06 - 000000000 ____D C:\Users\pirja\AppData\Roaming\VMware
2019-08-26 03:38 - 2019-08-26 21:06 - 000000000 ____D C:\Users\pirja\AppData\Local\VMware
2019-08-26 03:36 - 2019-08-26 03:36 - 000000636 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk
2019-08-26 03:36 - 2019-08-26 03:36 - 000000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2019-08-26 03:36 - 2019-08-26 03:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2019-08-26 03:36 - 2019-08-26 03:36 - 000000000 ____D C:\Program Files\Common Files\VMware
2019-08-26 03:36 - 2019-08-26 03:36 - 000000000 ____D C:\Program Files (x86)\VMware
2019-08-26 03:36 - 2019-05-04 23:30 - 001266096 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2019-08-26 03:36 - 2019-05-04 23:29 - 000396208 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2019-08-26 03:36 - 2019-05-04 23:29 - 000374192 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2019-08-26 03:36 - 2019-05-04 23:29 - 000111632 _____ (VMware, Inc.) C:\Windows\system32\vnetinst.dll
2019-08-26 03:36 - 2019-05-04 23:29 - 000044048 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2019-08-26 03:36 - 2019-05-04 23:22 - 000099136 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2019-08-26 03:36 - 2019-05-04 23:22 - 000052288 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmkbd.sys
2019-08-26 03:36 - 2019-04-27 01:17 - 000046472 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2019-08-26 03:36 - 2019-04-27 01:17 - 000042376 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2019-08-26 03:36 - 2019-04-27 01:16 - 000092040 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2019-08-26 03:36 - 2018-11-02 05:21 - 000084752 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2019-08-26 03:33 - 2019-08-26 03:33 - 000009918 _____ C:\Users\pirja\Downloads\fixlist.txt
2019-08-26 03:29 - 2019-08-26 03:29 - 000009918 _____ C:\Users\pirja\Downloads\fixlist (1).txt
2019-08-26 03:15 - 2019-08-26 03:15 - 000041526 _____ C:\Users\pirja\Downloads\VMware.Workstation.Pro.v15.1.0.X64.Incl.Keys-AMPED.torrent
2019-08-26 03:00 - 2019-08-26 03:00 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2019-08-26 02:51 - 2019-08-26 02:53 - 000000133 _____ C:\Users\pirja\Downloads\rufus.ini
2019-08-26 02:51 - 2019-08-26 02:51 - 001136184 _____ (Akeo Consulting) C:\Users\pirja\Downloads\rufus-3.6p.exe
2019-08-26 02:44 - 2019-08-26 02:44 - 000091524 _____ C:\Users\pirja\Downloads\tails-amd64-3.15.img.torrent
2019-08-26 02:12 - 2019-08-26 02:12 - 001613312 _____ (Farbar) C:\Users\pirja\Downloads\FRST64 (1).exe
2019-08-25 23:01 - 2019-08-25 23:01 - 000375176 _____ C:\Users\pirja\Downloads\andresen2012.pdf
2019-08-25 19:49 - 2019-08-25 19:51 - 000000000 ____D C:\AdwCleaner
2019-08-25 19:49 - 2019-08-25 19:49 - 007623880 _____ (Malwarebytes) C:\Users\pirja\Downloads\AdwCleaner.exe
2019-08-25 17:46 - 2019-08-25 17:46 - 064067859 _____ C:\Users\pirja\Downloads\Malwarebytes Anti-Malware Premium 3.7.1.2839 - Repack elchupacabra [4REALTORRENTZ.COM].zip
2019-08-25 17:41 - 2019-08-25 17:41 - 000000000 ____D C:\Users\pirja\AppData\Local\mbamtray
2019-08-25 17:41 - 2019-08-25 17:41 - 000000000 ____D C:\Users\pirja\AppData\Local\mbam
2019-08-25 17:40 - 2019-08-25 17:40 - 000000000 ____D C:\Windows\system32\Drivers\etc\BACKUP
2019-08-25 17:40 - 2019-08-25 17:40 - 000000000 ____D C:\Program Files (x86)\Malwarebytes
2019-08-25 17:39 - 2019-08-25 17:39 - 000019968 _____ C:\Users\pirja\Downloads\Malwarebytes PREMIUM 3.7.1.2839-Repack [Win FR].torrent
2019-08-25 16:03 - 2019-08-27 01:51 - 000028272 _____ C:\Windows\system32\Drivers\truesight.sys
2019-08-25 15:52 - 2019-08-25 15:52 - 032930224 _____ (Adlice Software ) C:\Users\pirja\Downloads\RogueKiller_setup_ref3.exe
2019-08-25 02:24 - 2019-08-25 02:24 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-08-25 02:23 - 2019-08-27 02:46 - 000000000 ____D C:\ProgramData\AVAST Software
2019-08-25 02:20 - 2019-08-25 02:22 - 355469864 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_offline.exe
2019-08-25 02:20 - 2019-08-25 02:22 - 355469864 _____ (AVAST Software) C:\Users\pirja\Downloads\avast_free_antivirus_setup_offline.exe
2019-08-25 02:00 - 2019-08-26 02:14 - 000100524 _____ C:\Users\pirja\Downloads\Addition.txt
2019-08-25 01:59 - 2019-08-27 02:57 - 000058325 _____ C:\Users\pirja\Downloads\FRST.txt
2019-08-25 01:57 - 2019-08-27 02:55 - 000000000 ____D C:\FRST
2019-08-25 01:57 - 2019-08-25 01:57 - 001612800 _____ (Farbar) C:\Users\pirja\Downloads\FRST64.exe
2019-08-23 23:45 - 2019-08-23 23:45 - 000000000 ____D C:\Program Files\Windows Identity Foundation
2019-08-23 20:36 - 2019-08-23 20:37 - 123477920 _____ (NVIDIA Corporation New) C:\Users\pirja\Downloads\GeForce_Experience_v3.19.0.107.exe
2019-08-23 18:30 - 2019-08-23 18:30 - 000196016 _____ C:\Users\pirja\Downloads\test.pdf
2019-08-23 18:14 - 2019-08-23 18:14 - 001194225 _____ C:\Users\pirja\Downloads\Demande de révision du prêt de 2018-2019-converted-fusionné.pdf
2019-08-23 18:08 - 2019-08-23 18:08 - 001129922 _____ C:\Users\pirja\Downloads\20190822103411877(1).pdf
2019-08-23 18:04 - 2019-08-23 18:04 - 000065603 _____ C:\Users\pirja\Downloads\Demande de révision du prêt de 2018-2019-converted.pdf
2019-08-23 00:02 - 2019-08-23 00:02 - 000000000 ____D C:\Users\pirja\AppData\Roaming\NVIDIA
2019-08-22 23:58 - 2019-08-22 23:58 - 000551172 _____ C:\Users\pirja\Downloads\4_6046298128577987784.mp4
2019-08-22 22:27 - 2019-08-22 22:28 - 116596248 _____ (decentral.ca) C:\Users\pirja\Downloads\Jaxx.Liberty-setup-2.2.5.exe
2019-08-22 21:23 - 2018-06-16 00:36 - 003936393 _____ C:\Users\pirja\Downloads\pass.7z
2019-08-22 16:50 - 2019-08-22 16:51 - 004349883 _____ C:\Users\pirja\Documents\Unt1111111111111111111111111111111111111111111itled.jpeg
2019-08-22 16:26 - 2019-08-22 16:33 - 2780496356 _____ C:\Users\pirja\Downloads\facebook-guillaumedoyon117_2.7z
2019-08-22 16:17 - 2019-08-22 16:17 - 000156987 _____ C:\Users\pirja\Downloads\Complete_LinkedInDataExport_08-22-2019.zip
2019-08-22 15:56 - 2019-08-22 16:10 - 3002734127 _____ C:\Users\pirja\Downloads\Unconfirmed 706984.crdownload
2019-08-22 15:47 - 2019-08-22 15:47 - 001567169 _____ C:\Users\pirja\Documents\lllllllllllllllllllllllll.jpeg
2019-08-22 12:52 - 2019-08-22 12:52 - 001129922 _____ C:\Users\pirja\Downloads\20190822103411877.pdf
2019-08-21 19:10 - 2019-08-21 19:10 - 000000012 _____ C:\Users\pirja\Desktop\New Text Document (4).txt
2019-08-21 18:08 - 2019-08-21 18:08 - 001151544 _____ (Google LLC) C:\Users\pirja\Downloads\ChromeSetup.exe
2019-08-21 17:15 - 2019-08-21 17:26 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Somiibo
2019-08-21 16:11 - 2019-08-21 16:11 - 005509505 _____ C:\Users\pirja\Downloads\SetupTheBestSpinner3.exe
2019-08-21 15:53 - 2019-08-21 15:53 - 001424328 _____ (Microsoft Corporation) C:\Users\pirja\Downloads\NDP461-KB3102438-Web.exe
2019-08-21 00:59 - 2019-08-21 00:59 - 000000000 ____D C:\Users\pirja\Downloads\WiFi_21.30.3_Driver64_Win10
2019-08-21 00:59 - 2019-08-21 00:59 - 000000000 ____D C:\Program Files\DIFX
2019-08-21 00:58 - 2019-08-21 00:59 - 022143703 _____ C:\Users\pirja\Downloads\WiFi_21.30.3_Driver64_Win10.zip
2019-08-21 00:57 - 2019-08-21 00:57 - 011069014 _____ C:\Users\pirja\Downloads\Install_Win10_10036_07222019(1).zip
2019-08-21 00:57 - 2019-08-21 00:57 - 000000000 ____D C:\Users\pirja\Downloads\Install_Win10_10036_07222019(1)
2019-08-21 00:54 - 2019-08-21 00:54 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2019-08-21 00:53 - 2019-08-16 19:52 - 000075600 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2019-08-21 00:51 - 2019-08-17 17:26 - 001012432 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 001012432 _____ C:\Windows\system32\vulkan-1.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000876240 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000876240 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000447368 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000352136 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000301264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-08-21 00:51 - 2019-08-17 17:26 - 000301264 _____ C:\Windows\system32\vulkaninfo.exe
2019-08-21 00:51 - 2019-08-17 17:26 - 000273104 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-08-21 00:51 - 2019-08-17 17:26 - 000273104 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-08-21 00:51 - 2019-08-17 17:25 - 011560536 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-08-21 00:51 - 2019-08-17 17:25 - 009935776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 017300360 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 014921096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 005478336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 005358016 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 004696512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 002051032 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 001550480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 001477512 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 001247832 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 001140424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000999632 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000959904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000824200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000813496 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000676552 _____ C:\Windows\system32\nvofapi64.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000659360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000633224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000571864 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2019-08-21 00:51 - 2019-08-17 17:24 - 000544648 _____ C:\Windows\SysWOW64\nvofapi.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000523712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000450304 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2019-08-21 00:51 - 2019-08-17 17:23 - 040441280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-08-21 00:51 - 2019-08-17 17:23 - 035331008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-08-21 00:51 - 2019-08-17 17:23 - 005002008 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-08-21 00:51 - 2019-08-17 17:23 - 004263808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-08-21 00:51 - 2019-08-17 17:23 - 000858504 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2019-08-21 00:51 - 2019-08-16 19:52 - 000104564 _____ C:\Windows\system32\nvidia-smi.1.pdf
2019-08-21 00:51 - 2019-08-16 19:52 - 000073648 _____ C:\Windows\system32\nvinfo.pb
2019-08-20 23:16 - 2019-08-20 23:16 - 000116770 _____ C:\Users\pirja\Downloads\mydata.1566354890401_2.7z
2019-08-20 23:15 - 2019-08-20 23:15 - 000150418 _____ C:\Users\pirja\Downloads\Basic_LinkedInDataExport_08-21-2019_2.7z
2019-08-20 22:44 - 2019-08-20 22:46 - 387921972 _____ C:\Users\pirja\Downloads\polvojack_20190820_2.7z
2019-08-20 18:22 - 2019-08-21 00:53 - 000008457 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2019-08-20 02:09 - 2019-08-20 02:09 - 007948008 _____ (Tim Kosse) C:\Users\pirja\Downloads\FileZilla_3.44.2_win64-setup.exe
2019-08-20 01:49 - 2019-08-20 01:49 - 000002072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WickrMe.lnk
2019-08-20 01:49 - 2019-08-20 01:49 - 000002066 _____ C:\Users\Public\Desktop\WickrMe.lnk
2019-08-20 01:49 - 2019-08-20 01:49 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Wickr, LLC
2019-08-20 01:49 - 2019-08-20 01:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WickrMe
2019-08-20 00:04 - 2019-08-20 00:04 - 000560292 _____ C:\Users\pirja\Downloads\Game.of.Thrones.The.Last.Watch.2019.DOC.SUBFRENCH.1080p.HDTV.H264-ELEARNiNG.torrent
2019-08-20 00:03 - 2019-08-20 00:03 - 000023507 _____ C:\Users\pirja\Downloads\RAMIN DJAWADI • 2019 • Game of Thrones - Season 8.torrent
2019-08-20 00:03 - 2019-08-20 00:03 - 000017645 _____ C:\Users\pirja\Downloads\Game.Of.Thrones.S07.Les.Coulisses.Ep02.VOSTFR.HDTV.720P.AVC.AC3-Nikomimi.mkv.torrent
2019-08-20 00:03 - 2019-08-20 00:03 - 000010985 _____ C:\Users\pirja\Downloads\Game.Of.Thrones.S07.Les.Coulisses.EP07.VOSTFR.HDTV.720P.AVC.AC3-Nikomimi.mkv.torrent
2019-08-20 00:03 - 2019-08-20 00:03 - 000009037 _____ C:\Users\pirja\Downloads\Game.Of.Thrones.S07.Les.Coulisses.EP03.HDTV.720P.AVC.AC3-Nikomimi.mkv.torrent
2019-08-20 00:02 - 2019-08-20 00:02 - 000022661 _____ C:\Users\pirja\Downloads\G2ameoThro5nesSE-EA-elamigos.torrent
2019-08-20 00:01 - 2019-08-20 00:01 - 000011873 _____ C:\Users\pirja\Downloads\zScience & Vie Game of Trones N°1 Avril 2019.pdf.torrent
2019-08-18 15:51 - 2019-08-18 15:51 - 000000000 ____D C:\Users\pirja\AppData\Roaming\MediaInfo
2019-08-18 15:43 - 2019-08-18 15:44 - 633725014 _____ C:\Users\pirja\Downloads\UN.PARALLÈLE.PLUS.TARD.2014.VFQ.Web-DL.x264.mp4
2019-08-18 15:22 - 2019-08-18 15:23 - 117199600 _____ (decentral.ca) C:\Users\pirja\Downloads\Jaxx.Liberty-setup-2.2.4.exe
2019-08-15 19:20 - 2019-08-15 19:20 - 000000000 ____D C:\Users\pirja\Downloads\Soundnode
2019-08-15 19:18 - 2019-08-15 19:18 - 000000981 _____ C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soundnode.exe - Shortcut.lnk
2019-08-15 18:30 - 2019-08-15 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-08-13 18:51 - 2019-08-13 18:51 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 023453696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 020816896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 019011584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 012939776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 012244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 011724288 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 009941504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 008900608 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 007921664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 007871488 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006925312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006544552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006308016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006065152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 005587968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 004628992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 004344832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 003978240 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 003818632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 003656704 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002942976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002926096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 002778760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002765312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002700792 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002346496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002298880 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002278792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002177336 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-08-13 18:51 - 2019-08-13 18:51 - 002073232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002017792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-08-13 18:51 - 2019-08-13 18:51 - 001966904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 001733120 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001711104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001701880 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-08-13 18:51 - 2019-08-13 18:51 - 001668752 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001506304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001483872 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001477432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001472568 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001465984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001391096 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001344960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-08-13 18:51 - 2019-08-13 18:51 - 001290752 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001280000 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001278808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001257472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001222160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001221528 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001182240 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001180464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000956416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000882688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000806024 _____ (Microsoft Corporation) C:\Windows\system32\BioIso.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000791040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000783184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000763392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000730112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000684032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000658944 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000535056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000522104 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000515440 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000495104 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000440320 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000425984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000398928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000383504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2PGraph.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000349184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingDiagSpp.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\ComposableShellProxyStub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000297984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Diagnostics.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000264704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShellCommonCommonProxyStub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-08-13 18:51 - 2019-08-13 18:51 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\p2pnetsh.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000180736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-08-13 18:51 - 2019-08-13 18:51 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\p2pnetsh.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000173216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000165888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComposableShellProxyStub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000152576 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSoftwareInstallationClient.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000121656 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000114128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\CoreShellExtFramework.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000092832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvsetup.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Groupinghc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000058882 _____ C:\Windows\system32\srms.dat
2019-08-13 18:51 - 2019-08-13 18:51 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hmkd.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 007687784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 005570968 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 004737536 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 004351656 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 004056576 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 003635200 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 003567104 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 003385856 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 003363856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 003335224 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 003333632 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002999808 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002842112 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002767160 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 002593544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002438576 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002421760 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002031104 _____ C:\Windows\system32\rdpnano.dll
 

user75

TS Enthusiast
96 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001892864 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001715712 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001674752 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001662264 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001479184 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001466880 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001321784 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001294488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001267712 _____ (Microsoft Corporation) C:\Windows\system32\APMon.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001260560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001232384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 001205248 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001171968 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001160704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001098272 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001048376 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001038336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001020416 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001004544 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000980992 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000900096 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000895792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000888832 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000869888 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000864568 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000850976 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000833024 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000799784 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000794040 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000788480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000771072 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000764416 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000732168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000684544 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000678680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000652088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000622080 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000603280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000586256 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000580024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000574464 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\ShellCommonCommonProxyStub.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000519168 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000508968 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000482104 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000449576 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000444728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000394240 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000387832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000375752 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000371200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Diagnostics.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\LicensingDiagSpp.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000349696 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000310072 _____ (Microsoft Corporation) C:\Windows\system32\computestorage.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000305664 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000294512 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000278624 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000270848 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000253256 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000248120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000230848 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000212792 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000203064 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000200504 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SIUF.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000193040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000189712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\appsruprov.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000152080 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000141736 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000125016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000118480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pmem.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\drvsetup.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-08-13 18:50 - 2019-08-13 18:50 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\DiskSnapshot.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000087056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\hmkd.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\WindowsUpdateElevatedInstaller.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000032784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000032568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uefi.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\kdcpw.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-08-13 17:24 - 2019-08-13 17:24 - 000000206 _____ C:\Users\pirja\Downloads\github-recovery-codes (1).txt
2019-08-13 17:21 - 2019-08-13 17:21 - 000000206 _____ C:\Users\pirja\Downloads\github-recovery-codes.txt
2019-08-13 16:39 - 2019-08-13 16:39 - 000293341 _____ C:\Users\pirja\Downloads\nvidiaInspector.zip
2019-08-13 16:39 - 2019-08-13 16:39 - 000000000 ____D C:\Users\pirja\Downloads\nvidiaInspector
2019-08-13 16:21 - 2019-08-13 16:21 - 000000000 ____D C:\Program Files (x86)\Futuremark
2019-08-13 16:20 - 2019-08-13 16:20 - 000917486 _____ C:\Users\pirja\Downloads\4.3.1 (2).zip
2019-08-13 07:49 - 2019-08-13 07:49 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-08-13 07:49 - 2019-08-13 07:49 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-08-13 07:49 - 2019-08-13 07:49 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-08-13 07:49 - 2019-08-13 07:49 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-08-13 01:49 - 2019-08-20 18:22 - 000007650 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2019-08-13 00:55 - 2019-07-23 11:33 - 000110064 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2019-08-13 00:54 - 2019-08-13 00:54 - 000097176 ____H (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCMON24.SYS
2019-08-12 18:19 - 2019-08-20 05:09 - 000007660 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2019-08-12 02:39 - 2019-08-19 10:24 - 000008031 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2019-08-11 23:49 - 2019-08-11 23:49 - 000917486 _____ C:\Users\pirja\Downloads\4.3.1 (1).zip
2019-08-11 13:59 - 2019-08-19 02:35 - 000008039 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2019-08-10 23:41 - 2019-08-10 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tap'Touche Junior
2019-08-10 23:41 - 2019-08-10 23:41 - 000000000 ____D C:\Program Files (x86)\Tap'Touche Junior
2019-08-10 14:36 - 2019-08-11 13:59 - 000009831 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2019-08-10 03:52 - 2019-08-10 14:36 - 000008031 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2019-08-09 14:31 - 2019-08-17 04:05 - 000007673 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2019-08-09 13:53 - 2019-08-09 13:53 - 005762696 _____ (MediaArea.net) C:\Users\pirja\Downloads\MediaInfo_GUI_19.07_Windows.exe
2019-08-09 13:53 - 2019-08-09 13:53 - 000000885 _____ C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2019-08-09 13:53 - 2019-08-09 13:53 - 000000000 ____D C:\Program Files\MediaInfo
2019-08-09 13:45 - 2019-08-09 13:45 - 002094710 _____ C:\Users\pirja\Downloads\iNFekt-v1.0.1-64bit-Portable.rar
2019-08-09 13:45 - 2019-08-09 13:45 - 000000000 ____D C:\Users\pirja\Downloads\iNFekt-v1.0.1-64bit-Portable
2019-08-09 13:43 - 2019-08-09 13:44 - 002422143 _____ C:\Users\pirja\Downloads\NFOlux.zip
2019-08-09 13:39 - 2019-08-09 13:45 - 077766821 _____ C:\Users\pirja\Downloads\Killer-Ethernet-Wireless_INF_2019-08-02(1).zip
2019-08-09 13:38 - 2019-08-09 13:38 - 000000000 ____D C:\Users\pirja\Downloads\Killer-Ethernet-Wireless_INF_2019-08-02
2019-08-09 13:37 - 2019-08-09 13:37 - 000000000 ____D C:\Users\pirja\Downloads\Install_Win10_10036_07222019
2019-08-09 13:28 - 2019-08-09 13:28 - 001624440 _____ (Tous Les Drivers) C:\Users\pirja\Downloads\Mes_Drivers_3.0.4(2).exe
2019-08-09 12:51 - 2019-08-09 12:51 - 077766821 _____ C:\Users\pirja\Downloads\Killer-Ethernet-Wireless_INF_2019-08-02.zip
2019-08-09 12:51 - 2019-08-09 12:51 - 011069014 _____ C:\Users\pirja\Downloads\Install_Win10_10036_07222019.zip
2019-08-09 12:50 - 2019-08-09 12:50 - 001624440 _____ (Tous Les Drivers) C:\Users\pirja\Downloads\Mes_Drivers_3.0.4(1).exe
2019-08-08 07:04 - 2019-08-08 07:04 - 000000220 _____ C:\Users\pirja\Downloads\LinksParaDownload - Baixar Premium.txt
2019-08-07 14:48 - 2019-08-07 14:48 - 000000000 ____D C:\Program Files\BatteryBar
2019-08-07 14:44 - 2019-08-07 14:45 - 000001491 _____ C:\Users\pirja\Desktop\BatteryBar.exe - Shortcut.lnk
2019-08-07 14:14 - 2019-08-07 14:14 - 000000000 ____D C:\Users\pirja\Downloads\BatteryBar Pro
2019-08-07 14:13 - 2019-08-07 14:13 - 001576940 _____ C:\Users\pirja\Downloads\BatteryBar Pro.rar
2019-08-07 13:58 - 2019-08-07 14:49 - 000000000 ____D C:\Users\pirja\AppData\Roaming\BatteryBar
2019-08-07 13:14 - 2019-08-23 17:10 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2019-08-07 13:14 - 2019-08-23 17:10 - 000000000 ____D C:\Program Files\Firefox Developer Edition
2019-08-07 13:14 - 2019-08-07 13:14 - 000001065 _____ C:\Users\Public\Desktop\Firefox Developer Edition.lnk
2019-08-07 11:59 - 2019-08-07 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2019-08-07 11:59 - 2019-08-07 11:59 - 000000000 ____D C:\Program Files\qBittorrent
2019-08-06 12:39 - 2019-08-06 12:39 - 000318401 _____ C:\Users\pirja\Downloads\CV_2018_Guilla11ume11.pdf
2019-08-05 18:57 - 2019-08-05 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twitch Leecher
2019-08-05 18:57 - 2019-08-05 18:57 - 000000000 ____D C:\Program Files\Twitch Leecher
2019-08-05 18:55 - 2019-08-05 18:55 - 000772176 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000622832 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000433448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000087296 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000083768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000032816 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000029232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000017968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000017968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2019-08-05 18:53 - 2019-08-05 18:53 - 094388235 _____ (Franiac) C:\Users\pirja\Downloads\TwitchLeecher_1.7.exe
2019-08-05 16:11 - 2019-08-05 17:03 - 000000122 _____ C:\Users\pirja\Desktop\New Text Document.txt
2019-08-05 15:59 - 2019-08-05 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Desktop Manager
2019-08-05 15:59 - 2019-08-05 15:59 - 000000000 ____D C:\Program Files (x86)\Devolutions
2019-08-05 15:13 - 2019-08-05 15:25 - 669877316 _____ C:\Users\pirja\Downloads\LA CHIENNE.mp4
2019-08-05 15:12 - 2019-08-05 15:32 - 2557296291 _____ C:\Users\pirja\Downloads\20170426_GAME_OF_DEATH_FILM_ONLINE_23976_HD_PR4444_179_H264_STEREO_709.mp4
2019-08-05 15:11 - 2019-08-05 15:23 - 621069553 _____ C:\Users\pirja\Downloads\UN PARALLÈLE PLUS TARD.mov
2019-08-03 23:57 - 2019-08-04 01:57 - 000000000 ____D C:\Users\1\AppData\Local\Packages
2019-08-01 01:57 - 2019-07-31 20:01 - 211912436 _____ C:\Users\pirja\Downloads\2yxa_ru_djeiyrsfehgec_31037721149.mp4
2019-07-30 21:37 - 2019-07-30 21:37 - 025065784 _____ (Intel Corporation) C:\Windows\system32\mfxplugin64_hw.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 021083760 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 019988112 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 011911984 _____ (Intel Corporation) C:\Windows\SysWOW64\mfxplugin32_hw.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 003196768 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_h265ve_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 003189992 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_vp9ve_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 003176944 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_h264ve_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 003007288 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_mjpgvd_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002972128 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_encrypt_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002589184 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_h265ve_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002584504 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_vp9ve_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002575648 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_h264ve_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002439472 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_mjpgvd_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002418832 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_encrypt_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000212672 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000184352 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000183096 _____ C:\Windows\SysWOW64\libGLESv2.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000148272 _____ C:\Windows\SysWOW64\libGLESv1_CM.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000147256 _____ C:\Windows\SysWOW64\libEGL.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000121136 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000108344 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000072405 _____ C:\Windows\SysWOW64\h265e_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000071912 _____ C:\Windows\SysWOW64\vp9e_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000070745 _____ C:\Windows\SysWOW64\he_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000065793 _____ C:\Windows\SysWOW64\mj_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000057143 _____ C:\Windows\SysWOW64\dev_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000056359 _____ C:\Windows\system32\dev_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000014121 _____ C:\Windows\system32\h265e_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000013956 _____ C:\Windows\system32\vp9e_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000013545 _____ C:\Windows\system32\he_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000013281 _____ C:\Windows\system32\mj_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000001125 _____ C:\Windows\SysWOW64\cpa_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000001125 _____ C:\Windows\system32\cpa_64.vp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)
 

user75

TS Enthusiast
2019-08-27 02:48 - 2019-01-28 10:51 - 000897906 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-27 02:48 - 2018-09-15 03:31 - 000000000 ____D C:\Windows\INF
2019-08-27 02:47 - 2019-06-17 18:36 - 000004248 _____ C:\Windows\System32\Tasks\HMA! Pro VPN Update
2019-08-27 02:47 - 2018-09-15 03:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-08-27 02:46 - 2019-01-28 10:50 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-27 02:44 - 2019-03-05 15:38 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Clipdiary
2019-08-27 02:44 - 2019-02-24 18:25 - 000000000 ____D C:\ProgramData\VMware
2019-08-27 02:44 - 2019-02-15 17:06 - 000000000 ____D C:\Users\pirja\AppData\Local\Pushbullet
2019-08-27 02:44 - 2019-01-28 10:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-27 02:43 - 2019-04-29 15:40 - 000008564 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2019-08-27 02:43 - 2019-04-28 15:27 - 000017089 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2019-08-27 02:43 - 2019-04-28 15:27 - 000012913 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2019-08-27 02:43 - 2018-09-15 02:09 - 000786432 _____ C:\Windows\system32\config\BBI
2019-08-27 02:37 - 2019-02-14 22:06 - 000000000 ____D C:\Users\pirja\AppData\Local\CrashDumps
2019-08-27 02:18 - 2019-02-14 22:46 - 000000000 ____D C:\Users\pirja\AppData\LocalLow\Mozilla
2019-08-27 02:03 - 2019-01-28 10:52 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2019-08-27 01:45 - 2019-04-28 15:27 - 000007425 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2019-08-27 01:36 - 2019-02-15 18:51 - 000000000 ____D C:\Users\pirja\AppData\Local\Spotify
2019-08-27 01:35 - 2019-02-23 05:47 - 000000526 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-08-26 21:03 - 2019-02-15 19:07 - 000000000 ____D C:\Users\pirja\AppData\Local\Battle.net
2019-08-26 20:20 - 2019-03-07 02:19 - 000000000 ____D C:\Users\pirja\AppData\Roaming\qBittorrent
2019-08-26 19:54 - 2019-02-15 18:50 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Spotify
2019-08-26 19:32 - 2019-02-16 15:11 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Discord
2019-08-26 19:25 - 2019-02-14 22:46 - 000000000 ____D C:\Program Files (x86)\Steam
2019-08-26 18:50 - 2019-02-20 21:28 - 000000000 ____D C:\Users\pirja\AppData\Local\babl-0.1
2019-08-26 18:49 - 2019-02-20 21:30 - 000000000 ____D C:\Users\pirja\AppData\Local\gtk-2.0
2019-08-26 16:52 - 2019-02-14 22:20 - 000000000 ____D C:\Program Files\Microsoft Office
2019-08-26 16:52 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-26 16:52 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-08-26 03:36 - 2019-02-24 18:25 - 000915410 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-08-26 03:30 - 2019-02-27 15:43 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-08-26 03:29 - 2018-09-15 03:33 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-08-26 03:29 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-08-26 03:23 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\AppReadiness
2019-08-26 03:08 - 2019-01-28 10:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-08-25 23:07 - 2019-02-21 18:03 - 000000000 ____D C:\Users\pirja\AppData\Local\Warframe
2019-08-25 22:05 - 2019-02-15 16:36 - 000000000 ____D C:\Windows\system32\MRT
2019-08-25 22:03 - 2019-02-15 16:36 - 134272480 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-08-25 19:51 - 2019-05-06 19:34 - 000000000 ____D C:\Users\pirja\AppData\Roaming\IObit
2019-08-25 19:51 - 2019-05-06 19:34 - 000000000 ____D C:\ProgramData\IObit
2019-08-25 19:51 - 2019-01-28 11:02 - 000000000 ____D C:\Program Files (x86)\Dell
2019-08-25 19:51 - 2019-01-28 10:58 - 000000000 ____D C:\ProgramData\Dell
2019-08-25 19:51 - 2019-01-28 10:49 - 000000000 ____D C:\Program Files\Dell
2019-08-25 15:50 - 2019-02-15 22:02 - 000000000 ____D C:\Users\pirja\AppData\Local\Dxtory Software
2019-08-25 14:53 - 2019-03-07 16:15 - 000000000 ____D C:\Windows\AAct_Tools
2019-08-25 02:40 - 2019-02-14 21:36 - 000000000 ____D C:\Users\pirja\AppData\Local\PlaceholderTileLogoFolder
2019-08-25 01:43 - 2019-06-03 00:39 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-08-24 15:31 - 2019-02-14 23:32 - 000000000 ____D C:\Users\pirja\AppData\Local\Packages
2019-08-24 15:31 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-24 15:29 - 2019-02-14 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-08-24 15:28 - 2019-04-28 20:00 - 000009477 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2019-08-23 23:46 - 2018-09-15 03:23 - 000000000 ____D C:\Windows\CbsTemp
2019-08-23 23:44 - 2019-03-07 17:56 - 000000000 ____D C:\Users\pirja\AppData\Local\ElevatedDiagnostics
2019-08-23 20:50 - 2019-05-23 14:25 - 000000000 ___HD C:\adobeTemp
2019-08-23 20:50 - 2019-05-09 06:33 - 000000000 ____D C:\Users\pirja\.android
2019-08-23 20:49 - 2019-02-23 04:45 - 000000000 ____D C:\Users\pirja\AppData\Local\4kdownload.com
2019-08-23 20:39 - 2019-02-15 17:00 - 000000000 ____D C:\Users\pirja\AppData\Local\D3DSCache
2019-08-23 20:38 - 2019-05-27 16:39 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-05-27 16:39 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-05-27 16:39 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-05-27 16:39 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-04-13 17:07 - 000001445 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-08-23 20:38 - 2019-04-13 17:01 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-04-13 17:01 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-04-13 17:01 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-04-13 17:01 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-01-28 10:50 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-01-28 10:50 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-01-28 10:50 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-08-23 20:38 - 2019-01-28 10:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-08-23 20:38 - 2019-01-28 10:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-08-23 17:22 - 2019-02-15 19:05 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-08-23 00:39 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-08-23 00:02 - 2019-02-14 22:57 - 000000000 ____D C:\Users\pirja\AppData\Local\NVIDIA
2019-08-22 23:41 - 2019-02-18 12:53 - 000000000 ____D C:\Users\pirja\Documents\Overwatch
2019-08-22 22:28 - 2019-02-16 14:04 - 000002407 _____ C:\Users\pirja\Desktop\Jaxx Liberty.lnk
2019-08-22 16:32 - 2019-02-24 02:22 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Anvsoft
2019-08-22 07:10 - 2019-02-15 16:57 - 000000000 ____D C:\Users\pirja\AppData\Local\MEGAsync
2019-08-21 18:08 - 2019-02-14 22:39 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-21 18:08 - 2019-02-14 22:39 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-21 16:29 - 2019-02-14 22:43 - 000000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-08-21 16:29 - 2019-02-14 22:43 - 000000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-08-21 16:29 - 2019-02-14 22:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-08-21 15:10 - 2019-05-01 00:03 - 000000918 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-08-21 04:41 - 2019-02-14 22:43 - 000003998 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2019-08-21 04:41 - 2019-02-14 22:43 - 000003766 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2019-08-21 00:59 - 2019-07-11 02:43 - 021473952 _____ C:\Windows\system32\Drivers\Netwfw08.dat
2019-08-21 00:59 - 2019-02-14 23:52 - 009237792 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwtw08.sys
2019-08-21 00:59 - 2019-02-14 23:52 - 001089312 _____ (Intel Corporation) C:\Windows\system32\IntelWifiIhv08.dll
2019-08-21 00:57 - 2019-01-28 10:51 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-08-21 00:57 - 2019-01-28 10:31 - 001158944 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2019-08-20 22:28 - 2019-02-14 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2019-08-20 22:28 - 2019-02-14 22:41 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2019-08-20 17:58 - 2019-03-13 15:34 - 000000000 ____D C:\Windows\files
2019-08-20 04:36 - 2019-02-15 17:03 - 000000000 ____D C:\Users\pirja\AppData\Roaming\FileZilla
2019-08-20 02:59 - 2019-03-15 20:40 - 000000000 ____D C:\Users\pirja\AppData\Local\cache
2019-08-18 17:41 - 2019-03-06 21:08 - 000000000 ____D C:\Users\pirja\AppData\Roaming\VoiceAttack
2019-08-18 15:26 - 2019-02-24 18:26 - 000000911 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Angry IP Scanner.lnk
2019-08-18 15:26 - 2019-02-24 18:26 - 000000000 ____D C:\Program Files\Angry IP Scanner
2019-08-16 23:07 - 2019-02-24 21:43 - 000000000 ____D C:\Users\pirja\AppData\Roaming\TIDAL
2019-08-15 20:41 - 2019-02-24 17:47 - 000000000 ____D C:\Users\pirja\AppData\Local\Soundnode
2019-08-15 19:44 - 2019-02-14 22:41 - 000004550 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-08-15 19:44 - 2019-02-14 22:41 - 000004370 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-08-15 19:44 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-08-15 19:44 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\system32\Macromed
2019-08-15 19:43 - 2019-02-14 22:40 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-08-15 19:43 - 2019-02-14 22:40 - 000000995 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-08-15 18:30 - 2019-02-14 22:43 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-08-15 18:27 - 2019-02-14 22:46 - 000000000 ____D C:\Users\pirja\AppData\Local\Greenshot
2019-08-14 23:30 - 2019-06-17 18:36 - 000000000 ____D C:\Program Files (x86)\HMA! Pro VPN
2019-08-14 23:30 - 2019-02-14 23:32 - 000000000 ___RD C:\Users\pirja\3D Objects
2019-08-14 23:30 - 2019-01-28 10:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-14 23:30 - 2019-01-28 10:46 - 005285704 _____ C:\Windows\system32\FNTCACHE.DAT
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ___SD C:\Windows\system32\UNP
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\system32\oobe
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\Provisioning
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\bcastdvr
2019-08-13 17:51 - 2019-03-06 19:21 - 000000000 ____D C:\Users\pirja\Documents\3DMark
2019-08-13 01:23 - 2019-03-07 20:07 - 000000000 ____D C:\Users\pirja\AppData\Roaming\.minecraft
2019-08-13 01:07 - 2019-03-17 13:58 - 000000000 ____D C:\Users\pirja\AppData\Local\Ubisoft Game Launcher
2019-08-13 00:55 - 2019-02-15 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-08-13 00:52 - 2019-04-15 18:05 - 000000000 ____D C:\Program Files (x86)\Yubico
2019-08-13 00:52 - 2019-04-15 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yubico
2019-08-13 00:52 - 2019-02-24 18:03 - 000000000 ____D C:\Program Files (x86)\Gpg4win
2019-08-13 00:51 - 2019-06-18 14:16 - 000000000 ____D C:\Program Files (x86)\GnuPG
2019-08-13 00:50 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\system32\NDF
2019-08-12 18:15 - 2019-07-22 23:57 - 000000000 ____D C:\Users\pirja\Downloads\111
2019-08-12 18:10 - 2019-01-28 11:08 - 000000000 ____D C:\ProgramData\Packages
2019-08-09 14:31 - 2019-05-09 14:19 - 000006586 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2019-08-09 13:57 - 2019-01-28 10:27 - 000000000 ____D C:\Windows\Panther
2019-08-09 13:31 - 2019-02-14 23:32 - 000000000 ____D C:\Users\pirja\AppData\Local\Publishers
2019-08-09 13:29 - 2019-01-28 10:49 - 000000000 ____D C:\ProgramData\Package Cache
2019-08-08 13:31 - 2019-04-28 21:56 - 000004514 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2019-08-08 13:23 - 2019-03-07 20:07 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2019-08-08 01:56 - 2019-02-24 21:43 - 000000000 ____D C:\Users\pirja\AppData\Local\TIDAL
2019-08-05 16:00 - 2019-02-14 22:43 - 000001421 _____ C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UpdateInstaller.lnk
2019-08-05 16:00 - 2019-02-14 22:43 - 000001316 _____ C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UpdateGenerator.lnk
2019-08-05 15:58 - 2019-02-14 22:39 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-08-05 15:58 - 2019-02-14 22:39 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-08-05 15:36 - 2019-02-15 21:05 - 000000000 ____D C:\Users\pirja\AppData\Roaming\PotPlayerMini64
2019-08-05 15:33 - 2019-02-25 12:06 - 000000000 ____D C:\Users\pirja\AppData\Roaming\vlc
2019-08-05 15:33 - 2019-02-15 21:05 - 000001020 _____ C:\Users\Public\Desktop\PotPlayer 64 bit.lnk
2019-08-04 01:57 - 2019-04-08 21:55 - 000000000 ____D C:\Users\1
2019-08-04 00:08 - 2019-03-15 20:39 - 000000000 ____D C:\Users\pirja\AppData\Roaming\steelseries-engine-3-client
2019-08-04 00:06 - 2019-03-04 17:46 - 000003648 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask

==================== Files in the root of some directories ================

2019-08-26 18:49 - 2019-08-26 18:49 - 000010563 _____ () C:\Users\pirja\AppData\Local\recently-used.xbel

==================== FLock ================

2019-01-28 11:28 C:\Recovery

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
 

user75

TS Enthusiast
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2019
Ran by reznov (27-08-2019 02:57:40)
Running from C:\Users\pirja\Downloads
Windows 10 Pro Version 1809 17763.678 (X64) (2019-02-15 03:27:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-408333896-3164079283-3827766986-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-408333896-3164079283-3827766986-503 - Limited - Disabled)
Guest (S-1-5-21-408333896-3164079283-3827766986-501 - Limited - Disabled)
reznov (S-1-5-21-408333896-3164079283-3827766986-1001 - Administrator - Enabled) => C:\Users\pirja
WDAGUtilityAccount (S-1-5-21-408333896-3164079283-3827766986-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

20XX (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\495310509382565890) (Version: - )
4K Stogram 2.7 (HKLM\...\{2AB82C7A-9389-40F5-B6BC-9EC7CC04B015}) (Version: 2.7.2.1795 - Open Media LLC)
4K Video Downloader 4.5 (HKLM\...\{180B9AE1-F87B-4107-8C68-4265E927D6A8}) (Version: 4.5.0.2482 - Open Media LLC)
4K YouTube to MP3 3.4 (HKLM\...\{93F13E7C-9562-494F-8762-FD13263812AD}) (Version: 3.4.0.1964 - Open Media LLC)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Acapela Synthèse de la Parole pour le WordQ 4 (français) (HKLM-x32\...\{F0ADA798-6CB1-49FB-A2D3-060FFA25D60E}) (Version: 9.1.1 - Quillsoft Ltd.)
Acapela Text to Speech for WordQ 4 (Core) (HKLM-x32\...\{EE2AA629-F3EC-412E-8A14-5DD9BAD490D2}) (Version: 9.1.1 - Quillsoft)
Acapela Text to Speech for WordQ 4(North America) (HKLM-x32\...\{1D08C682-F619-4E89-8291-1C13A346DAD9}) (Version: 9.1.1 - Quillsoft Ltd.)
Acapela Text-to-Speech for WordQ 4(Canadian French) (HKLM-x32\...\{98B997C5-8A5C-4EB2-B8DE-7CBAAAFAF2A0}) (Version: 9.1.1 - Quillsoft Ltd.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_1_0) (Version: 14.1.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\{73534489-BFE7-4E2D-9769-FDBA5C886DC2}) (Version: 32.0.0.238 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AE CC x64 (HKLM\...\{672FEEBA-F29C-4363-A8D0-8EBA61265B88}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.6.0 - Angry IP Scanner)
Antidote 9 (HKLM-x32\...\{D98F9F54-E310-4F57-93F5-0F42EFAA3847}) (Version: 9.5.3407 - Druide informatique inc.)
Any Video Converter Ultimate 5.9.3 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Apowersoft Screen Recorder Pro V2.3.8 (HKLM-x32\...\{dc9006db-6b05-4f0f-833b-79ef3f284c24}_is1) (Version: 2.3.8 - APOWERSOFT LIMITED)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assistant de téléchargement (HKLM-x32\...\{93154A3C-9BB7-49D7-A571-4EB6373FA600}) (Version: 6.1.0 - Druide informatique inc.)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
CDBurnerXP (64 bit) (HKLM\...\{1339087A-69AA-4A1E-8236-3B6DC9349C63}) (Version: 4.5.8.7042 - Canneverbe Limited)
Clipdiary 5.3 (HKLM-x32\...\Clipdiary) (Version: 5.3 - Tiushkov Nikolay)
CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{A646748A-7A2A-495F-9EE5-90B3646FEB7E}) (Version: 4.0.15.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{806422F1-FC4E-4D7C-8855-05748AEFC031}) (Version: 3.2.2.119 - Dell Inc.)
Dell SupportAssist Remediation (HKLM-x32\...\{f4ee83d8-d901-4c1a-b5a2-288427598fe2}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{286db51f-336c-4d5e-b1e2-3fbc3becd693}) (Version: 4.1.0.6830 - Dell Inc.)
Discord (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 79.4.143 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
FileZilla Client 3.44.2 (HKLM-x32\...\FileZilla Client) (Version: 3.44.2 - Tim Kosse)
Firefox Developer Edition 69.0 (x64 en-US) (HKLM\...\Firefox Developer Edition 69.0 (x64 en-US)) (Version: 69.0 - Mozilla)
Futuremark SystemInfo (HKLM-x32\...\{60EF2ECF-1DFA-48D1-972E-FDE84D7E917A}) (Version: 5.20.720.0 - Futuremark)
GIMP 2.10.12 (HKLM\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team)
Google Chrome (HKLM\...\{86B1D736-F1F4-3367-9B39-C2E176B68239}) (Version: 76.0.3809.100 - Google LLC)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HCS Tools version 1.06 (HKLM-x32\...\{D3659B78-75B0-4571-A23D-899D23C6A2C9}_is1) (Version: 1.06 - HCS VoicePacks Ltd)
HCS VoicePacks Ltd VENUS version 1.6.5 (HKLM-x32\...\{56C400CA-0D41-4ACD-A5E3-B14C5F38CCBF}_is1) (Version: 1.6.5 - HCS VoicePacks Ltd)
HMA! Pro VPN (HKLM\...\{60A560F2-CB75-4C94-9C36-39AD2161DE73}_is1) (Version: 4.6.154 - Privax)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel Driver && Support Assistant (HKLM-x32\...\{CF18558A-3642-4C4D-A551-23275D1FCE16}) (Version: 19.7.30.2 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{85B6BF0F-EF1B-4F0F-892D-E68BD798950C}) (Version: 2.4.04669 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{0fdd3c9a-20e1-444d-8d00-8c413c83f824}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{d7a872bf-e69e-4300-8537-086dc6abbf23}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.20.0.4 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{12d2d1d9-5223-431d-96ac-6a82d3a1391c}) (Version: 19.7.30.2 - Intel)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{06b2cd73-b5f5-47a1-9f49-23d0ef75d568}) (Version: 20.50.0 - Intel Corporation)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Jaxx Liberty 2.2.5 (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\5947781c-9863-579f-b9db-91554a22cc65) (Version: 2.2.5 - decentral.ca)
Joggernauts (HKLM-x32\...\{51F2D354-61AD-4243-8404-D2FDC111FC4E}) (Version: - Graffiti Games)
Jumpstart Installation Program (HKLM-x32\...\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}) (Version: - Atheros)
Killer Drivers (HKLM\...\{EBB59744-F0A2-47F5-83F6-83A128A0E204}) (Version: 2.0.2373 - Rivet Networks)
King of the Hat (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\460940655984771072) (Version: - )
KingRoot version 3.5.0.1157 (HKLM-x32\...\{FA3B7324-9EB4-4ADC-84D0-5461BE113832}_is1) (Version: 3.5.0.1157 - KingRoot)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Little Nightmares - Fox mask (HKLM-x32\...\1828170949_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Hideaway (HKLM-x32\...\1675156362_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares (HKLM-x32\...\1433377508_is1) (Version: 1.0.43.1 - GOG.com)
Macromedia Flash Player (HKLM-x32\...\{27579b3c-5470-4496-be6c-0c872674f19f}) (Version: 7.0.19.0 - Macromedia, Inc.)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{33B6A911-B0DC-4528-96C3-54A607EFFBDC}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MakeMKV v1.14.4 (HKLM-x32\...\MakeMKV) (Version: v1.14.4 - GuinpinSoft inc)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MediaInfo 19.07 (HKLM\...\MediaInfo) (Version: 19.07 - MediaArea.net)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\Proplus2019Retail - en-us) (Version: 16.0.12022.20000 - Microsoft Corporation)
Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\Proplus2019Retail - fr-fr) (Version: 16.0.12022.20000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.20.27508 (HKLM-x32\...\{7b178cda-9740-4701-a92a-f168d213b343}) (Version: 14.20.27508.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
MKVToolNix 34.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 34.0.0 - Moritz Bunkus)
Mozilla Firefox 68.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 68.0.2 (x64 en-US)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
Mozilla Thunderbird 60.8.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 60.8.0 (x86 en-US)) (Version: 60.8.0 - Mozilla)
Music Maker (HKLM\...\{DC21CFD5-02AC-4C89-8D35-85506A9FEB55}) (Version: 28.0.0.12 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{DC21CFD5-02AC-4C89-8D35-85506A9FEB55}) (Version: 28.0.1.17 - MAGIX Software GmbH)
Music Maker Update (HKLM\...\{E678D5F8-10AE-4F7A-A29C-ECAA771ADCAD}) (Version: 28.0.1.17 - MAGIX Software GmbH) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.3.0.2 - Duodian Technology Co. Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Graphics Driver 436.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.02 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12022.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12022.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12022.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.12022.20000 - Microsoft Corporation) Hidden
OtohitsApp (HKLM-x32\...\{9B85C70F-D649-4290-8C1D-5356A5262066}_is1) (Version: 3.1.1.0 - Otohits Network)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PDF Annotator 6.1.0.605 (HKLM-x32\...\PDFAnnotator_is1) (Version: 6.1.0.605 - GRAHL software design)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.198.0 - Tracker Software Products Ltd)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.13.0 - )
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.19955 - Kakao Corp.)
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Pushbullet version 338 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc)
PuTTY release 0.72 (64-bit) (HKLM\...\{8EFBA1C7-A8B8-4FB9-BEC0-6CEC6C7145DE}) (Version: 0.72.0.0 - Simon Tatham)
qBittorrent 4.1.7 (HKLM-x32\...\qBittorrent) (Version: 4.1.7 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.36.701.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8720.1 - Realtek Semiconductor Corp.)
Remote Desktop Connection Manager (HKLM-x32\...\{0240359E-6A4C-4884-9E94-B397A02D893C}) (Version: 2.7.14060 - Microsoft Corporation)
Remote Desktop Manager (HKLM-x32\...\{AFA06011-2357-4E9D-8DD8-9FFC7A8BF1C3}) (Version: 2019.1.41.0 - Devolutions inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RogueKiller version 13.4.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.4.3.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
SpeakQ 4 (HKLM-x32\...\{FBD8FBC5-EC77-4CA9-9B77-6AE6C36FE997}) (Version: 4.1.16 - Quillsoft Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Splinter Cell Conviction (HKLM-x32\...\Uplay Install 2) (Version: - Ubisoft)
Spotify (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Spotify) (Version: 1.1.12.451.gdb77255f - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.15.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.15.1 - SteelSeries ApS)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales from the Borderlands (HKLM-x32\...\{B24F49F9-D7FE-40B6-8F4D-65B0C6BF6A6B}) (Version: - Telltale Games)
Tap'Touche Junior (HKLM-x32\...\Tap'Touche Junior) (Version: 3.0 - De Marque inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
The Evil Within (HKLM-x32\...\The Evil Within_is1) (Version: - )
TheBestSpinner3 (HKLM-x32\...\TheBestSpinner3) (Version: - )
TIDAL (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\TIDAL) (Version: 2.6.0 - TIDAL Music AS)
Tom Clancy's Splinter Cell (HKLM-x32\...\Uplay Install 109) (Version: - Ubisoft)
Twitch (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Twitch Leecher 1.7 (HKLM\...\{66B757A2-0906-4DDE-BDF6-AD9EC73A7F91}) (Version: 1.7.0.0 - Franiac) Hidden
Twitch Leecher 1.7 (HKLM-x32\...\{d1c2c779-f1ef-41e0-926a-443b289eaefd}) (Version: 1.7.0.0 - Franiac)
Uplay (HKLM-x32\...\Uplay) (Version: 86.0 - Ubisoft)
VIP72 Socks Client 1.8.7.2 (HKLM-x32\...\{EBF089E1-4E2E-426A-916D-6DCBE5540774}_is1) (Version: 1.8.7.2 - VIP Technologies)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
 

user75

TS Enthusiast
Visuel intégré (HKLM-x32\...\{91257374-4FAA-4FF3-B3BC-C17521EBA169}) (Version: 1.0 - Druide informatique inc.)
Vita Concert Grand LE (HKLM\...\{78999604-A81E-4ACF-9799-74F52D07A367}) (Version: 2.4.0.96 - MAGIX Software GmbH) Hidden
Vita String Ensemble (HKLM\...\{96086C90-6320-416B-92B2-4ADC88169967}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita World Flutes (HKLM\...\{04320A69-83CD-4223-9446-D62569D4B54D}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VMware Workstation (HKLM\...\{2B5DAA91-E0C9-4307-90B7-5688E910C894}) (Version: 15.1.0 - VMware, Inc.)
VPNetwork LLC - TorGuard - Online Privacy Protection Services (HKLM-x32\...\VPNetwork LLC TorGuard) (Version: "3.96.1" - "VPNetwork LLC")
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
VVVVVV (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\491427544134975498) (Version: - )
War Thunder Launcher 1.0.3.151 (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WickrMe (HKLM-x32\...\{7BBECFD4-2AF4-4C7B-ABE7-02054CF86274}) (Version: 5.28.9 - Wickr Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\WinDirStat) (Version: - )
Windows Driver Package - Intel (Netwtw04) net (06/05/2019 19.51.23.1) (HKLM\...\E19D1F69FB464FD73972CE1CFAF32241D038D705) (Version: 06/05/2019 19.51.23.1 - Intel)
Windows Driver Package - Intel (Netwtw06) net (06/29/2019 20.70.11.3) (HKLM\...\7759A35637AD2CF4ADDA097EDCF9F12092149989) (Version: 06/29/2019 20.70.11.3 - Intel)
Windows Driver Package - Intel (Netwtw08) net (07/07/2019 21.30.3.2) (HKLM\...\BC30F975C8061BDB7A6CCBBFF677DBB4B328AA06) (Version: 07/07/2019 21.30.3.2 - Intel)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WordQ 4 (HKLM-x32\...\{40042175-CB48-4D51-8BAF-D66BAE867676}) (Version: 4.1.16 - Quillsoft Ltd.)
WordQ Pro CF Templates (HKLM-x32\...\{9E88CEC9-9160-417C-8647-C98D261E803B}) (Version: 4.1.1 - Quillsoft Ltd.)
WordQ4 Pro CF Dictionary (HKLM-x32\...\{AFEF30D7-DA5D-4D57-A72C-B64E5F9CD26E}) (Version: 4.1.1 - Quillsoft Ltd.)
XSplit Broadcaster (HKLM-x32\...\{F0500E94-F6E6-4472-ACAF-F240F8362970}) (Version: 3.7.1902.0712 - SplitmediaLabs)
XSplit Gamecaster (HKLM-x32\...\{7F0DC866-BE32-4AE8-8242-A1F5753176B8}) (Version: 3.4.1812.0304 - SplitmediaLabs)
Yubico Authenticator (HKLM-x32\...\yubioath-desktop) (Version: 4.3.5 - Yubico AB)
YubiKey Manager (HKLM-x32\...\yubikey-manager) (Version: 1.1.1 - Yubico AB)

Packages:
=========
Dell SupportAssist for PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.2.5.0_x64__htrsf667h5kn2 [2019-06-11] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-08-23] (Dolby Laboratories)
Dolby Atmos for Headphones -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforHeadphones_2.3.303.0_x64__rz1tebttyb220 [2019-08-24] (Dolby Laboratories)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1682.0_x64__8j3eq9eme6ctt [2019-08-20] (INTEL CORP)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-08-09] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-30] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.955.0_x64__56jybvy8sckqj [2019-08-20] (NVIDIA Corp.)
Pandora -> C:\Program Files\WindowsApps\PandoraMediaInc.29680B314EFC2_13.0.39.0_x64__n619g4d5j0fnw [2019-02-25] (Pandora Media Inc)
SoundCloud for Windows (Beta) -> C:\Program Files\WindowsApps\SoundcloudLtd.SoundCloudforWindowsBeta_1.1.36.0_x64__2xc63xn306dnw [2019-08-16] (Soundcloud Ltd.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\MoteurIntegration.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\MoteurIntegration.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{7C90AB68-DA79-41D1-9A76-FCD780D4AC8D} -> [mega] => D:\mega [2019-02-15 16:58]
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [Dropbox] => D:\dropbox\Dropbox [2019-02-15 17:00]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => D:\vm\vmdkShellExt.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => D:\vm\x64\vmdkShellExt64.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\nvshext.dll [2019-08-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\pirja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)

ShortcutWithArgument: C:\Users\pirja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> -incognito

==================== Loaded Modules (Whitelisted) ==============

2019-02-16 02:34 - 2018-07-18 16:39 - 042781710 _____ () [File not signed] C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\libffmpeg.dll
2018-12-05 18:38 - 2018-12-05 18:38 - 000018432 _____ () [File not signed] c:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2019-08-22 08:36 - 2019-08-22 08:36 - 001936896 _____ (Greenshot) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\GreenshotPlugin\27c76356d3219d0035bcd426204f6bfa\GreenshotPlugin.ni.dll
2019-03-06 14:18 - 2019-03-06 14:18 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2019-03-06 14:18 - 2019-03-06 14:18 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2019-02-24 17:53 - 2019-02-21 12:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-05-15 20:01 - 2019-05-15 20:01 - 001878528 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2019-08-22 08:36 - 2019-08-22 08:36 - 000740352 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\log4net\ff857dd78336b4d8b0621bc0699e20ca\log4net.ni.dll
2019-06-17 18:36 - 2018-09-05 22:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\HMA! Pro VPN\libcrypto-1_1.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\platforms\qwindows.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-08-27 02:33 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-08-27 02:33 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 03:31 - 2019-08-27 02:32 - 000000878 _____ C:\Windows\system32\drivers\etc\hosts

0.0.0.0 serius.mwbsys.com
0.0.0.0 keystone.mwbsys.com

2019-02-23 05:47 - 2019-08-27 01:35 - 000000526 _____ C:\Windows\system32\drivers\etc\hosts.ics

3 21 32 146
 

user75

TS Enthusiast
==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\ProgramData\chocolatey\bin;C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\;C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\PuTTY\
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pirja\Downloads\InShot_20190722_105520615.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: jswpbapi => 2
MSCONFIG\Services: jswpsapi => 3
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\Services: VMwareHostd => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "jswtrayutil"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\StartupFolder: => "ProtonMail Bridge.lnk"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "4K Stogram"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "WallpaperEngine"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "ShowBatteryBar"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ACCBDA2C-D058-4B53-ABD3-A27C68CA49D2}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{F8E4C584-78ED-4681-9396-CC4519086F1F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BD819DBE-35F4-4804-AE4F-C298BFDF1E61}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F28A409F-663F-4C35-B0E5-D2CAF1EDD070}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6A5049AF-7A83-440F-BA91-84EA0FE3C151}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{901CD39B-0330-4F2D-AAEE-00511754BC5C}C:\users\pirja\appdata\roaming\vip72 socks client\vip72socks.exe] => (Allow) C:\users\pirja\appdata\roaming\vip72 socks client\vip72socks.exe (UNIC-UK LTD -> )
FirewallRules: [UDP Query User{33A79DE7-707D-4559-97C4-758965EB4A4C}C:\users\pirja\appdata\roaming\vip72 socks client\vip72socks.exe] => (Allow) C:\users\pirja\appdata\roaming\vip72 socks client\vip72socks.exe (UNIC-UK LTD -> )
FirewallRules: [TCP Query User{BA755CE2-CD8C-4C55-8625-DAAB00EDA031}C:\users\pirja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pirja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E31E98A4-6739-4A4F-AAF3-27C885A0E73A}C:\users\pirja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pirja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D9515F72-9B5D-4987-8FAA-2FB376171B95}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{0EEC25F5-7A68-40E9-B7FA-3CA2B00FDE08}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{57330337-B909-4584-8FF5-3134227A6E2D}] => (Allow) D:\SteamLibrary\steamapps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{DE60556A-BBDC-4F8B-8FE6-6649648FC23F}] => (Allow) D:\SteamLibrary\steamapps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{FA59E7C3-0768-414B-8570-7D906F68C074}] => (Allow) D:\SteamLibrary\steamapps\common\Crawl\Crawl.exe () [File not signed]
FirewallRules: [{6167F3AA-1C50-41E7-87A0-A6ED9C85DB31}] => (Allow) D:\SteamLibrary\steamapps\common\Crawl\Crawl.exe () [File not signed]
FirewallRules: [{A1A6A1CE-D411-4522-9563-FA2EC49E36BC}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{3C6002D6-948E-4FFF-8E78-2902F7373D4C}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{8DCCFBD8-570E-4768-8C0F-A63FA7CB1FE6}] => (Allow) D:\SteamLibrary\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [{55F405C2-C8A1-4105-8EB9-AD514663CFFE}] => (Allow) D:\SteamLibrary\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [{139FBF50-DD6A-4CA3-A170-29B27C958D45}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C515B0F3-DA47-41D8-AD62-B065F908DA9D}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{24F3A831-F643-44DC-87CC-C20F6BBAA6F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DeathRoadToCanada\prog.exe () [File not signed]
FirewallRules: [{6DA40F82-632C-4356-92C7-D0CC18FE515F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DeathRoadToCanada\prog.exe () [File not signed]
FirewallRules: [{38F223EA-B8B1-4754-A14F-1B6CD74483FC}] => (Allow) D:\SteamLibrary\steamapps\common\TxP\TormentorXPunisher.exe ( ) [File not signed]
FirewallRules: [{129F6564-ABC9-49BC-A07D-17E124066065}] => (Allow) D:\SteamLibrary\steamapps\common\TxP\TormentorXPunisher.exe ( ) [File not signed]
FirewallRules: [{EA2E40BF-6BEE-4184-9FD4-882695EB6E4A}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{D30A2F1C-1423-4438-A84E-1AB7DC28EBE1}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{F22095E1-FF84-4587-A69B-48FF5284BFD0}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]
FirewallRules: [{3ED6D662-1870-442B-860B-B37BE175E9C5}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]
FirewallRules: [{AF01CF92-8E54-4CA3-8F23-AB8F5BAD8CB1}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{8BAF7A45-7CBC-4973-AAB7-56789B5F0C47}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6FFECF07-2AC9-4D35-843B-E560C4D1FE3B}] => (Allow) D:\SteamLibrary\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe () [File not signed]
FirewallRules: [{91BE860B-4D2C-4236-9D98-101A1507E1FE}] => (Allow) D:\SteamLibrary\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe () [File not signed]
FirewallRules: [{EFC2C4E2-E11D-47DA-B91D-C6D53F9E2288}] => (Allow) D:\SteamLibrary\steamapps\common\Geometry Dash\GeometryDash.exe () [File not signed]
FirewallRules: [{774ADB8F-E733-4736-8373-6E0BD3E314CD}] => (Allow) D:\SteamLibrary\steamapps\common\Geometry Dash\GeometryDash.exe () [File not signed]
FirewallRules: [{1C175D2C-F62C-48BC-867F-D9B1A38D66F3}] => (Allow) D:\SteamLibrary\steamapps\common\Nyan Cat Lost In Space\bin_x86\NyanCat.exe () [File not signed]
FirewallRules: [{110CA274-F49D-4269-8D7E-D6CF6483F52E}] => (Allow) D:\SteamLibrary\steamapps\common\Nyan Cat Lost In Space\bin_x86\NyanCat.exe () [File not signed]
FirewallRules: [{8E990BEF-7C69-4C6F-AF6E-30A6900C2AFA}] => (Allow) D:\SteamLibrary\steamapps\common\BEEP\BEEP.exe () [File not signed]
FirewallRules: [{8F0C9E12-885D-4D9C-9E31-CDD31B802093}] => (Allow) D:\SteamLibrary\steamapps\common\BEEP\BEEP.exe () [File not signed]
FirewallRules: [{2A66D313-C024-46DE-9581-E6AA12ED6925}] => (Allow) D:\SteamLibrary\steamapps\common\RaceTheSun\RaceTheSun.exe () [File not signed]
FirewallRules: [{4F03EEEA-7F25-4F37-B309-C6BEA668BAC0}] => (Allow) D:\SteamLibrary\steamapps\common\RaceTheSun\RaceTheSun.exe () [File not signed]
FirewallRules: [{05F04537-28A0-401D-A21F-5FB413E56768}] => (Allow) D:\SteamLibrary\steamapps\common\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.) [File not signed]
FirewallRules: [{389DFBE9-1814-4B19-BEF6-54EF809E67F3}] => (Allow) D:\SteamLibrary\steamapps\common\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.) [File not signed]
FirewallRules: [{B6FB65D5-168D-426B-AE98-D108D67CA36F}] => (Allow) D:\SteamLibrary\steamapps\common\Kingdom New Lands\Kingdom.exe () [File not signed]
FirewallRules: [{9C2E1DD4-4565-4A08-A1C1-2E5C75B6A083}] => (Allow) D:\SteamLibrary\steamapps\common\Kingdom New Lands\Kingdom.exe () [File not signed]
FirewallRules: [{596E7EAC-8E28-4CEC-B4E0-DBB33D7761FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe () [File not signed]
FirewallRules: [{7C2DBB87-208D-4BF8-A3BF-9BF559E877AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe () [File not signed]
FirewallRules: [{A83468A0-DC18-4CA2-8348-62E36D1D604F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rivals of Aether\RivalsofAether.exe (Dan Fornace) [File not signed]
FirewallRules: [{E1501154-C387-4300-8EEA-FA79488C1A22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rivals of Aether\RivalsofAether.exe (Dan Fornace) [File not signed]
FirewallRules: [{B95B9D92-D0BE-4DD5-995A-74F53F751745}] => (Allow) D:\SteamLibrary\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe () [File not signed]
FirewallRules: [{CB36AFCD-ADE8-4050-8D24-D80557440AED}] => (Allow) D:\SteamLibrary\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe () [File not signed]
FirewallRules: [{CBD2F6FF-F8B0-486A-A216-CA10950DCDB2}] => (Allow) D:\SteamLibrary\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{DB43A504-EF12-4AF9-A572-08689EE44068}] => (Allow) D:\SteamLibrary\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{2328EA0B-7D77-4F9D-915C-C5165ECEE01D}] => (Allow) D:\SteamLibrary\steamapps\common\DrinkBox_Game4\Game.exe () [File not signed]
FirewallRules: [{43CE1BF9-776F-4533-AA48-7901C51EB116}] => (Allow) D:\SteamLibrary\steamapps\common\DrinkBox_Game4\Game.exe () [File not signed]
FirewallRules: [{6F359836-4041-4420-B4D4-63C653E3EFE6}] => (Allow) D:\SteamLibrary\steamapps\common\Riptide GP Renegade\Game_x64.exe () [File not signed]
FirewallRules: [{CA858D55-D8A1-41DF-AA46-CCADFF88E04B}] => (Allow) D:\SteamLibrary\steamapps\common\Riptide GP Renegade\Game_x64.exe () [File not signed]
FirewallRules: [{BF5A927C-FEA5-47C9-9205-C1452248ED3A}] => (Allow) D:\SteamLibrary\steamapps\common\Besiege\Besiege.exe () [File not signed]
FirewallRules: [{61A02397-FC48-4451-8465-E37406D687A4}] => (Allow) D:\SteamLibrary\steamapps\common\Besiege\Besiege.exe () [File not signed]
FirewallRules: [{513038E7-EC36-4A3D-89A7-58D934BE6022}] => (Allow) D:\SteamLibrary\steamapps\common\Riptide GP2\GameWin32RetailSteam.exe () [File not signed]
FirewallRules: [{6082EF92-BC73-4FCD-A3A3-82DDFB1D90DC}] => (Allow) D:\SteamLibrary\steamapps\common\Riptide GP2\GameWin32RetailSteam.exe () [File not signed]
FirewallRules: [{BE75CC63-5B6D-4208-96F3-C005D719D35E}] => (Allow) D:\SteamLibrary\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe () [File not signed]
FirewallRules: [{3122E88C-F65A-4C7E-953D-34840F7E7D9C}] => (Allow) D:\SteamLibrary\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe () [File not signed]
FirewallRules: [{E27D7E98-F278-4C01-A0C4-6A5790751B85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{D21DD10B-B904-463F-9FEF-4EA37F3F0202}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{2DA1FD8F-05A0-4347-B38E-3D3C1480AB3C}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{B7FCC5B8-E476-493E-8FBA-F89B399F0CA1}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{ACA19936-B962-4210-8983-1421A35F89B6}] => (Allow) D:\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7DB37DE9-DE73-4C44-9002-3596DB4DDB36}] => (Allow) D:\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{33825233-E6EC-4DC0-94C3-7B87C02E1BB4}] => (Allow) D:\SteamLibrary\steamapps\common\FLUID\PCE2.exe () [File not signed]
FirewallRules: [{1050367B-86C6-4B7A-83C6-A16B4070D077}] => (Allow) D:\SteamLibrary\steamapps\common\FLUID\PCE2.exe () [File not signed]
FirewallRules: [{00DB4113-4737-4D33-AD9C-D0CAB1B85867}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1B39848A-CC4B-40B4-BB48-81CCC4BE3ECF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8A755849-5A1C-49D0-ADC7-D435A02E8414}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{3C26C8B9-D08B-4F42-88A0-6D00049E6E33}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{C613C4F9-5903-42C7-97DC-E557E633C705}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{F58488BF-B1D4-4F7C-BE80-5CF0CA17107F}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{818604B8-84E1-4893-992E-25ACCE25166A}] => (Allow) D:\xplit\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{46EDCAE2-AEC9-4210-B42A-C7B429A101D5}] => (Allow) D:\xplit\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{E3A0D16D-5E1D-49C6-8871-729CA90F90AD}] => (Allow) D:\xplit\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{A9AA093D-46AE-4492-93E0-92745BF5E82A}] => (Allow) D:\xplit\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{381D90B7-F192-4006-B292-D633FF834550}] => (Allow) D:\SteamLibrary\steamapps\common\grid 2\grid2.exe (Valve Corp. -> Codemasters Software Company Limited) [File not signed]
FirewallRules: [{8F97F399-6341-4D17-8014-6F24753E6622}] => (Allow) D:\SteamLibrary\steamapps\common\grid 2\grid2.exe (Valve Corp. -> Codemasters Software Company Limited) [File not signed]
FirewallRules: [{D13FB200-7A72-45C2-A4C4-C28944BEF70A}] => (Allow) D:\SteamLibrary\steamapps\common\Renegade Ops\RenegadeOps.exe (Sega Europe Limited -> Avalanche Studios)
FirewallRules: [{F9F4D00C-92EC-4B21-950C-DAA33DEC9836}] => (Allow) D:\SteamLibrary\steamapps\common\Renegade Ops\RenegadeOps.exe (Sega Europe Limited -> Avalanche Studios)
FirewallRules: [{8F957A60-B0EE-4A75-96A6-8F18AD237698}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{F4CD9387-0757-413F-B351-BED71CDB3DB5}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{ABE40D3C-3311-4219-9F7C-D1D41A89A09B}] => (Allow) D:\SteamLibrary\steamapps\common\Hurtworld\Hurtworld.exe (EasyAntiCheat Ltd) [File not signed]
FirewallRules: [{109BDA20-AE69-4ECF-8E46-3CEBD4DEB8B5}] => (Allow) D:\SteamLibrary\steamapps\common\Hurtworld\Hurtworld.exe (EasyAntiCheat Ltd) [File not signed]
FirewallRules: [{D0F84A5F-1318-4659-98A4-72EA461CED35}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe (SQUARE ENIX LIMITED) [File not signed]
FirewallRules: [{616A5073-15FB-4115-93F9-3F885463A991}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe (SQUARE ENIX LIMITED) [File not signed]
FirewallRules: [{A7E6BD3D-4054-4AA5-B064-92089B5171EA}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{628E55C4-6D11-4A44-BB6E-B5030ACEEA82}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{8E89F074-F179-4B0F-B2EA-D82EDD5E6570}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{D90345AE-1951-43B9-BE96-5E605D7F3F42}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{E51AD6DB-AD2F-44A5-A8C9-96986E89B22D}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{61A83B27-38CB-4B56-AF9F-D10258FCE8B2}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{D2EA1B40-47BE-4275-BB43-B6FFDA433ED8}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{974F800E-3BC6-48F3-BB0D-B7C30B97F89F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [TCP Query User{999EF6AA-E386-4213-AE4C-28CEA1D58CB0}D:\program\gta\gta5.exe] => (Allow) D:\program\gta\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{7C5F1D30-F9B3-44C6-AE93-745CA2909532}D:\program\gta\gta5.exe] => (Allow) D:\program\gta\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{2D2AD2CE-35A8-481B-B33F-0022967CFCDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B0C52E86-813D-4FA4-B07F-7A514D5C6B7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{DB9456A3-F950-4DD1-AFC4-25314D5EB81D}C:\program files\daum\potplayer\potplayermini64.exe] => (Allow) C:\program files\daum\potplayer\potplayermini64.exe (Kakao corp. -> Kakao)
FirewallRules: [UDP Query User{71D3D973-CEE4-4F32-AF02-A0F5DB301686}C:\program files\daum\potplayer\potplayermini64.exe] => (Allow) C:\program files\daum\potplayer\potplayermini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{7E12B850-6B29-4646-BC1F-902DC93125D3}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\x64\XSplit.Core.exe (SplitmediaLabs Limited -> SplitMediaLabs)
FirewallRules: [{7260AD63-6CA3-4701-AAE6-981C725CD517}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\x64\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{15472AAA-EA12-4343-8A4F-3A6FB1DA6747}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\x64\XSplit.Core.exe (SplitmediaLabs Limited -> SplitMediaLabs)
FirewallRules: [{09534C07-D5C6-4ED8-873E-30EE4110E1D2}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\x64\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{4FD57777-5AC8-4606-9994-82A54BE8DE3B}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{F26A5825-8A77-4136-8E9A-03D98A6CB5FA}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [TCP Query User{96EE2FC0-5034-4BA2-B257-64FCA247AE5D}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [UDP Query User{42B6D126-D9AA-4C45-A93B-4385E74752C9}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{2CE819E9-28FE-4129-8C05-A56624C576A4}] => (Allow) D:\SteamLibrary\steamapps\common\Northern Lights\Northern Lights.exe () [File not signed]
FirewallRules: [{DF088491-F0FF-4BEE-A8EB-831D6ABA059D}] => (Allow) D:\SteamLibrary\steamapps\common\Northern Lights\Northern Lights.exe () [File not signed]
FirewallRules: [{19452999-4C49-426F-812E-B301D5165197}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe (Tripwire Interactive, LLC.) [File not signed]
FirewallRules: [{AEBDE48B-03E3-4474-827D-33778729670C}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe (Tripwire Interactive, LLC.) [File not signed]
FirewallRules: [{1330D366-A6F9-4BBB-95E6-D3C6F540A903}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lakeview Cabin Collection\Lakeview Cabin Collection.exe () [File not signed]
FirewallRules: [{F33A1005-921E-4E8B-A790-671FCA99A4F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lakeview Cabin Collection\Lakeview Cabin Collection.exe () [File not signed]
FirewallRules: [{1B4063DD-84D4-4CCF-82B3-640D71E5B6FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CPUCores\cpucores.exe (Tim Sullivan -> )
FirewallRules: [{5459044C-F861-4020-8E04-9B8B183F555E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CPUCores\cpucores.exe (Tim Sullivan -> )
FirewallRules: [{F826CEA8-778E-4747-9E29-00100A49AAD8}] => (Allow) D:\program\ubi\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{7DB6C556-D3B9-4AA5-8FD9-435886F9682C}] => (Allow) D:\program\ubi\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{9198F1ED-5D20-40A7-8107-81327A1F070F}] => (Allow) D:\program\ubi\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{5EBF6119-C0B2-4B56-95C6-E79B6B0B34F1}] => (Allow) D:\program\ubi\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{30C80BA1-3846-41A1-9086-C265A23ED4B1}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{D42EAFC1-7A27-4F76-B333-5C6D7E99E302}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{763C73BF-D6E7-401D-A415-67256C1B63AF}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{41C4AC78-CE7F-4FD4-9674-C3E136EDE661}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{AAEB2F30-F481-444A-AA79-785250EF27E7}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{5EC6EC71-0D92-4512-8B89-19449A43082D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{93279646-FB2B-498D-B782-DB2A55E617DA}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker\28\MusicMaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{D51C6A45-0150-4DE8-B461-9CD9D8D0EFEB}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{A66EC505-ED5C-4336-A180-3FA3A80B2C59}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [TCP Query User{76E0F8D6-FCBC-48F1-AF4C-BB54E6759995}D:\batlenet\overwatch\_retail_\overwatch.exe] => (Allow) D:\batlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{483BAA28-BC59-493E-84E4-3375CEAAD6CA}D:\batlenet\overwatch\_retail_\overwatch.exe] => (Allow) D:\batlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{E975E324-3CC4-4C83-BDFC-7FDE37BB32B2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{65436467-8BB1-40B7-8DB4-BC3C01CBF797}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{E7A382BF-EE5B-482D-94D6-9023DDC0EBF9}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{2BFB9EBB-3CBF-42CF-9260-BFB473A24C30}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5A3C631B-960A-4616-B857-2F222F7EA698}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{26B7BCCB-48F7-4846-82A9-75F0BC2703AA}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{3CF3A2C7-A562-4ABE-A083-B62788B2D709}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{9E4EF5C2-619F-49AD-B41F-7DAB06035E51}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{AAFE464D-911F-4D37-8C4E-8D2ABE20AF73}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{9C07A49A-F54A-4986-B19C-012B0243754A}] => (Allow) D:\SteamLibrary\steamapps\common\Hurtworld\experimental\Hurtworld.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{09A6C8D3-ECE2-42BF-B048-1726A1FC432E}] => (Allow) D:\SteamLibrary\steamapps\common\Hurtworld\experimental\Hurtworld.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{F5D35F11-1800-471C-9EDB-7EBA50CEE251}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5DE07C15-12CC-4407-A48E-B97313224443}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C4F4CC7B-35EA-47C3-870B-1B9345BE0F14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4750F3DB-1889-482A-BC60-98F0EBD7C31C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42A6F39F-8EFB-4EA7-95C1-21074153FAC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1007A8A1-5A38-4A41-A59A-50C188484920}] => (Allow) D:\vm\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C1C6623B-325B-4E83-8928-80A621775F94}] => (Allow) D:\vm\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{D4B4910C-493E-458F-A057-CF90312A721C}] => (Allow) D:\vm\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{FFEE8F0E-E703-4D6A-AC35-41119F028567}] => (Allow) D:\vm\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{3CFDB320-7D8F-4573-A72C-40D4FBC3B77D}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{77B64C3E-F6F2-4EB8-9626-7440AA7E407A}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)

==================== Restore Points =========================

25-08-2019 22:03:21 Windows Update
26-08-2019 03:36:22 Installed VMware Workstation
26-08-2019 19:13:00 Installed Sophos Virus Removal Tool.

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/27/2019 02:48:12 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/27/2019 02:46:20 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[The remote name could not be resolved: 'downloads.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ at System.Net.HttpWebRequest.GetResponse()
at eSupport.Common.Client.Core.DownloadHelper.IsFileNotModified(String fileLocation, String fileType, String fileName)]]></StackTrace><SysInfo STag="F63X7T2" SMBIOSMajVer="3" SMBIOSMinVer="1" SMBIOSBIOSVer="1.10.0" SMBIOSPresent="True" Rel_Date="20190523000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="G3 3579" Ident_Num="DESKTOP-4F34DJR" TimeZone="(UTC-05:00) Eastern Time (US & Canada)" OSName="Microsoft Windows 10 Home"/><HostIP>192.168.19.1</HostIP></Exception>

Error: (08/27/2019 02:37:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: malwarebytes_assistant.exe, version: 3.1.0.1731, time stamp: 0x5c5486a8
Faulting module name: Qt5Core.dll, version: 5.11.1.0, time stamp: 0x5bfee344
Exception code: 0xc0000005
Fault offset: 0x0018dc19
Faulting process id: 0x834
Faulting application start time: 0x01d55ca1d8f9b32b
Faulting application path: C:\Program Files (x86)\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
Faulting module path: C:\Program Files (x86)\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: 564f9962-eea1-4118-b2d4-8f6b0ddb8638
Faulting package full name:
Faulting package-relative application ID:
 

user75

TS Enthusiast
Error: (08/27/2019 02:18:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Taskmgr.exe, version: 10.0.17763.652, time stamp: 0x8ccd3be8
Faulting module name: Taskmgr.exe, version: 10.0.17763.652, time stamp: 0x8ccd3be8
Exception code: 0xc0000409
Fault offset: 0x000000000001ec94
Faulting process id: 0x27a4
Faulting application start time: 0x01d55c9e6977a59b
Faulting application path: C:\Windows\System32\Taskmgr.exe
Faulting module path: C:\Windows\System32\Taskmgr.exe
Report Id: c47cb62f-48bf-4a96-b4ce-7a19c155c04c
Faulting package full name:
Faulting package-relative application ID:

Error: (08/27/2019 02:12:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RogueKiller64.exe version 13.4.3.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2d7c

Start Time: 01d55c9b58aa7608

Termination Time: 4294967295

Application Path: C:\Program Files\RogueKiller\RogueKiller64.exe

Report Id: db89cc47-c8f9-45da-bb3c-f780ae8c0eb4

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (08/27/2019 01:50:40 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/27/2019 01:48:45 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[The remote name could not be resolved: 'downloads.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ at System.Net.HttpWebRequest.GetResponse()
at eSupport.Common.Client.Core.DownloadHelper.IsFileNotModified(String fileLocation, String fileType, String fileName)]]></StackTrace><SysInfo STag="F63X7T2" SMBIOSMajVer="3" SMBIOSMinVer="1" SMBIOSBIOSVer="1.10.0" SMBIOSPresent="True" Rel_Date="20190523000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="G3 3579" Ident_Num="DESKTOP-4F34DJR" TimeZone="(UTC-05:00) Eastern Time (US & Canada)" OSName="Microsoft Windows 10 Home"/><HostIP>192.168.19.1</HostIP></Exception>

Error: (08/27/2019 01:39:16 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.


System errors:
=============
Error: (08/27/2019 02:59:26 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/27/2019 02:43:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/27/2019 01:48:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AdobeUpdateService service terminated unexpectedly. It has done this 1 time(s).

Error: (08/27/2019 01:46:04 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelWifiIhv08.dll

Error: (08/27/2019 01:46:04 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelWifiIhv08.dll

Error: (08/27/2019 01:46:03 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelWifiIhv08.dll

Error: (08/27/2019 01:45:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Data Vault Collector service terminated unexpectedly. It has done this 1 time(s).

Error: (08/27/2019 01:45:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.


CodeIntegrity:
===================================

Date: 2019-08-27 02:39:15.331
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-27 02:39:14.834
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-27 02:39:14.311
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-27 02:39:13.815
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-27 02:39:13.297
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-27 02:39:12.221
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-27 02:39:11.621
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-27 02:39:11.097
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.10.0 05/23/2019
Motherboard: Dell Inc. 03TF0Y
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 39%
Total physical RAM: 16228.23 MB
Available physical RAM: 9823.07 MB
Total Virtual: 27875.88 MB
Available Virtual: 19741.88 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:222.64 GB) (Free:10.27 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:77.83 GB) NTFS
Drive f: (backup 11237) (Fixed) (Total:148.88 GB) (Free:26.54 GB) NTFS
Drive g: (aae3) (Fixed) (Total:148.92 GB) (Free:9.34 GB) NTFS

\\?\Volume{f166cb81-c9a3-47e8-93c0-23d8a612fe54}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.54 GB) NTFS
\\?\Volume{dd347ca0-6d92-4465-b4c9-e2d13ccfff5d}\ (Image) (Fixed) (Total:12.95 GB) (Free:0.16 GB) NTFS
\\?\Volume{6cfdf4f0-11f1-4e67-9d90-d8df36629996}\ (DELLSUPPORT) (Fixed) (Total:1.14 GB) (Free:0.48 GB) NTFS
\\?\Volume{8f901f1e-474e-4236-8e9c-a27419479e4f}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 37E2FF25)

Partition: GPT.

========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 37E2F790)

Partition: GPT.

========================================================
Disk: 2 (Protective MBR) (Size: 149 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (Protective MBR) (Size: 149.1 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================
 

user75

TS Enthusiast
# DelFix v1.010 - Logfile created 27/08/2019 at 03:09:41
# Updated 26/04/2015 by Xplode
# Username : reznov - DESKTOP-4F34DJR
# Operating System : Windows 10 Home (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\pirja\Downloads\Addition.txt
Deleted : C:\Users\pirja\Downloads\AdwCleaner.exe
Deleted : C:\Users\pirja\Downloads\FRST.txt
Deleted : C:\Users\pirja\Downloads\FRST64 (1).exe
Deleted : C:\Users\pirja\Downloads\FRST64.exe
Deleted : C:\Users\pirja\Downloads\FSS.exe
Deleted : C:\Users\pirja\Downloads\FSS.txt
Deleted : C:\Users\pirja\Downloads\RogueKiller_setup_ref3.exe
Deleted : C:\Users\pirja\Downloads\SecurityCheck.exe
Deleted : C:\Users\pirja\Downloads\TFC (1).exe
Deleted : C:\Users\pirja\Downloads\TFC.exe
Deleted : C:\Users\pirja\Downloads\zScience & Vie Game of Trones N°1 Avril 2019.pdf.torrent
Deleted : HKLM\SOFTWARE\OldTimer Tools

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #83 [Windows Update | 08/26/2019 02:03:21]
Deleted : RP #84 [Installed VMware Workstation | 08/26/2019 07:36:22]
Deleted : RP #85 [Installed Sophos Virus Removal Tool. | 08/26/2019 23:13:00]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
 

user75

TS Enthusiast
Detail about what ? All virus have disappear no one are active. That ok, thanks for your help and you time.
 

Broni

Malware Annihilator
I thought something new happened but if everything is fine then...
Good luck and stay safe :)