Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #1  
Old December 15th, 2020, 08:36 PM
oasis.g oasis.g is offline
Senior Member
 
Join Date: Sep 2005
Posts: 126
Potential Malware

Hello,

my CPU is running a bit slower. I am worried I have some malware. It's been a while since I have checked for malware. Please advise.

Thank you!
Reply With Quote


  #2  
Old December 16th, 2020, 05:38 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,116
Hi oasis.g,

Let's take a look.


For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to the desktop.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to the desktop.

Please run it and click Scan, post back with the 2 logfiles.
Reply With Quote
  #3  
Old December 16th, 2020, 06:48 PM
oasis.g oasis.g is offline
Senior Member
 
Join Date: Sep 2005
Posts: 126
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Alex (administrator) on DESKTOP-H66SN7Q (16-12-2020 09:35:18)
Running from C:\Users\Alex\Downloads
Loaded Profiles: Alex
Platform: Windows 10 Home Version 20H2 19042.685 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <22>
(CONTIVIO.COM CORPORATION -> Contivio.com) C:\Program Files (x86)\Contivio.com\Contivio.com Client\Contivio.Com.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(GeoComply USA, Inc. -> GeoComply) C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\se rvice.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <86>
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <13>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxOutlo ok.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxTsr.e xe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvr fi.inf_amd64_b02057827c15e7cf\Display.NvContainer\ NVDisplay.Container.exe <2>
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe <7>
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TunnelBear Inc -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Alex\AppData\Local\Microsoft\Teams\Update .exe [1789768 2019-08-21] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Run: [GoogleChromeAutoLaunch_8A9A309EEDEE8A1FE73391295BB 8D638] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2151080 2020-12-09] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2151080 2020-12-09] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2151080 2020-12-09] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp155: C:\Windows\System32\spool\prtprocs\x64\hpcpp155.DL L [597792 2013-09-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Insta ller\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\87.1.18.70\Installer\chrmstp.e xe [2020-12-10] (Brave Software, Inc. -> Brave Software, Inc.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02C9D8CB-5EDB-43A2-9C71-EDD9B58DC7F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E1AE457-AD9F-4929-9526-9EB3E826B8CF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {3B1173DC-5CD1-47D9-9CCA-4D8A58EC5A20} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {3BA30050-1805-4D53-A461-EC667647973D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C438060-0D96-4691-A990-478059EDD55B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-08-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {443CEC4A-CEC1-4207-A98F-A560AECB9524} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1271123810-21777831-3259583340-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter. exe [13312 2020-12-10] (Microsoft Windows -> )
Task: {6D3D2852-8F33-4DDE-A0D7-4DC7488B924D} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacks Helper.exe [752136 2020-10-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {8CA205DA-FF6C-449C-B4A2-783387AA9ED9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {96059511-F652-4E39-B26B-4B884AB3A701} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9643A489-1E85-4A4B-BE70-6779AE96AAC4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B339A09E-8801-4B07-B35E-52FED80906DA} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {B4830B32-9928-4048-9928-B5D0C1C2204D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BC654DB8-D62D-4869-8039-CE6484E78317} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCE7FA17-256F-4CB8-A95A-2DAB28538EDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-26] (Google Inc -> Google Inc.)
Task: {D23D2EF1-2832-40D0-BCCF-CFA9238C79CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-26] (Google Inc -> Google Inc.)
Task: {D2BC3E26-22ED-4F93-AD58-D9DE0A1A4D19} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-08-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D543BDEB-14A1-4690-9204-342BCD45EA04} - System32\Tasks\GeoComply Update Task => C:\Program Files (x86)\GeoComply\\PlayerLocationCheck\Update\GeoCom plyUpdate.exe [3191272 2020-09-02] (GeoComply USA, Inc. -> GeoComply) -> /config=C:\Program Files (x86)\GeoComply\\PlayerLocationCheck\Update\GeoCom plyUpdate.xml
Task: {D5EAE071-1142-4AA8-AA87-1D74F330629E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E4944AA3-849C-43BE-98A9-25364CC3E77E} - System32\Tasks\GeoComply Service Check => "C:\Program Files (x86)\GeoComply/\PlayerLocationCheck\Application\PlayerLocationChe ckTask.cmd" 0
Task: {F0979DAB-62A7-418E-8DD2-68B44881BF47} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {FF2488CA-1400-41F6-9853-AD1A527DCBA2} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-26] (Brave Software, Inc. -> BraveSoftware Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.86.1
Tcpip\..\Interfaces\{2200fe1e-8793-4f49-86f9-1519d0716f05}: [DhcpNameServer] 192.168.86.1
Tcpip\..\Interfaces\{8efb073f-860f-49fa-9a6f-aa36af3fc495}: [DhcpNameServer] 172.18.13.1

Edge:
======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2020-12-16]
Edge Notifications: Profile 1 -> hxxps://www.reddit.com
Edge HomePage: Profile 1 -> hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSourc e=55&CUI=&UM=4&UP=SPE2F0C51B-D102-478C-8837-99A52DA8929A&SSPV=
Edge StartupUrls: Profile 1 -> "hxxps://mail.google.com/mail/u/1/#inbox","hxxps://coinmarketcap.com/","hxxps://www.schwab.com/public/schwab/client_home","hxxp://finance.google.com/"
Edge Extension: (Honey) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2020-11-16]
Edge Extension: (Slickdeals: Automatic Coupons and Deals) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\dbcjahjgmipefpapjkbcjeglciobkiih [2020-11-26]
Edge Extension: (HTTPS Everywhere) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\fchjpkplmbeeeaaogdbhjbgbknjobohb [2020-11-20]
Edge Extension: (Lolli: Earn Bitcoin When You Shop) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\fleenceagaplaefnklabikkmocalkcpo [2020-10-18]
Edge Extension: (Streak CRM for Gmail) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\gjfnhcobilifnmokegginjeenmlmlccn [2020-05-23]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2020-12-16]
Edge Extension: (UberConference Screen Sharing) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\hcakmcggjddnhepfcajfcpkdjoggcnak [2020-05-23]
Edge Extension: (Better Bittrex) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\hdchkkimlockolfnpkanppdldbmefkdn [2020-05-23]
Edge Extension: (Hunter: Find email addresses in seconds) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\hgmhmanijnjhaffoampdlllchpolkdnj [2020-09-20]
Edge Extension: (Google Analytics Debugger) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jnkmfdileelhofjcijamephohjechhna [2020-05-23]
Edge Extension: (Google Hangouts) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-08-12]
Edge Extension: (MetaMask) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2020-12-14]
Edge Extension: (Origin Deals) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\pplcajdkcpaefgdadbbfchogccbieoae [2020-06-18]

FireFox:
========
FF DefaultProfile: 8vobr0ub.default
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Prof iles\8vobr0ub.default [2020-11-25]
FF NewTab: Mozilla\Firefox\Profiles\8vobr0ub.default -> hxxp://www.bing.com/?pc=COSP&ptag=D112418-N0600A9FCDBB39EF&form=CONMHP&conlogo=CT3335799
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Prof iles\8vobr0ub.default\Extensions\sp@avast.com.xpi [2020-10-09]
FF Extension: (MetaMask) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Prof iles\8vobr0ub.default\Extensions\webextension@meta mask.io.xpi [2020-10-09]
FF Extension: (Avast Online Security) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Prof iles\8vobr0ub.default\Extensions\wrc@avast.com.xpi [2020-10-09]
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Prof iles\8vobr0ub.default\searchplugins\bing-lavasoft-ff59.xml [2018-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2018-03-19] [Legacy] [not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3 .dll [2019-04-26] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3 .dll [2019-04-26] (Brave Software, Inc. -> BraveSoftware Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default [2020-12-16]
CHR Notifications: Default -> hxxps://fortnitetracker.com; hxxps://www.draftkings.com; hxxps://www.pdfmerge.com
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSourc e=55&CUI=&UM=4&UP=SPE2F0C51B-D102-478C-8837-99A52DA8929A&SSPV=
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/1/#inbox","hxxps://coinmarketcap.com/","hxxps://www.schwab.com/public/schwab/client_home","hxxp://finance.google.com/"
CHR Extension: (Slides) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2017-10-14]
CHR Extension: (Entanglement Web App) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchp hgkefd [2017-08-26]
CHR Extension: (Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2020-11-14]
CHR Extension: (Ledger Manager) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaie fpkgbf [2020-09-03]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2017-08-26]
CHR Extension: (Honey) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbko oimhnj [2020-11-20]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddi lifddb [2020-12-15]
CHR Extension: (Swash) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmndjbecilbocjfkibfbifhngk dmjgog [2020-12-15]
CHR Extension: (Google Finance) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnneh hocbfp [2017-08-26]
CHR Extension: (Sheets) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2017-10-17]
CHR Extension: (Lolli: Earn Bitcoin When You Shop) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fleenceagaplaefnklabikkmoc alkcpo [2020-10-18]
CHR Extension: (HTTPS Everywhere) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonp mejbdp [2020-11-20]
CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2020-11-20]
CHR Extension: (UberConference Screen Sharing) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcakmcggjddnhepfcajfcpkdjo ggcnak [2017-08-26]
CHR Extension: (Better Bittrex) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdchkkimlockolfnpkanppdldb mefkdn [2018-05-03]
CHR Extension: (Hunter: Find email addresses in seconds) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmhmanijnjhaffoampdlllchp olkdnj [2020-09-21]
CHR Extension: (Mahjong Words) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmefkohhpkdnaieghlijadogfa pogebe [2017-08-26]
CHR Extension: (Ledger Wallet Ethereum) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcg eadkkm [2019-03-20]
CHR Extension: (Dropbox) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhaf glcjdl [2018-04-11]
CHR Extension: (Google Analytics Debugger) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkmfdileelhofjcijamephohj echhna [2019-07-29]
CHR Extension: (Grammarly for Chrome) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobk ghlhen [2020-12-12]
CHR Extension: (EasyHome Homestyler) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeek heafkb [2017-08-26]
CHR Extension: (SparkChess) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgale anedem [2017-08-26]
CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpli ggeeaf [2020-09-03]
CHR Extension: (Google Hangouts) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanao iihapd [2020-09-08]
CHR Extension: (No Name) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejc ehkggg [2017-10-31]
CHR Extension: (MetaMask) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbef gpgknn [2020-12-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2020-11-20]
CHR Extension: (Streak CRM for Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnn jojfik [2020-09-08]
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-12-16]
CHR Notifications: Profile 2 -> hxxps://live-wire.slack.com; hxxps://mail.protonmail.com; hxxps://usweb2.contivio.com
CHR StartupUrls: Profile 2 -> "hxxps://mail.google.com/mail/u/0/#inbox/FMfcgxwCgpWhLVFbBQgghwQkBbPLJRpp?projector=1&messa gePartId=0.1","hxxps://calendar.google.com/calendar/r?tab=mc#main_7","hxxps://502106.app.netsuite.com/app/accounting/transactions/salesord.nl?id=2243864&whence=&cmid=1558565423717_ 12950","hxxps://dashboard.tawk.to/#/chat","hxxps://live-wire.slack.com/messages/DJNCN0HC0/","hxxps://docs.google.com/spreadsheets/d/16zmlHpFTm1TMW2yRzQevRNwvUvQzAy0fbwyIp0FABbs/edit#gid=1387715261","hxxps://tsl.tradeservice.com/"
CHR NewTab: Profile 2 -> Not-active:"chrome-extension://mgbgmpedgogkhiabhggmolokofjgcbmi/snippet.html"
CHR DefaultSearchURL: Profile 2 -> hxxps://presearch.org/extsearch?term={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> Presearch.org
CHR DefaultSuggestURL: Profile 2 -> hxxps://engine-api.presearch.org/autocomplete?query={searchTerms}
CHR Extension: (Slides) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-19]
CHR Extension: (Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-19]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-19]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-15]
CHR Extension: (Contivio.com) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cllddeadkmgcppmjgibnnfaimcjjljoo [2018-09-19]
CHR Extension: (Sheets) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-19]
CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (UberConference Screen Sharing) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hcakmcggjddnhepfcajfcpkdjoggcnak [2018-09-19]
CHR Extension: (Presearch) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\inpoelmimmiplkcldmdljiboidfkcfbh [2020-03-21]
CHR Extension: (Grammarly for Chrome) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-12-12]
CHR Extension: (Snippets by The Hustle) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mgbgmpedgogkhiabhggmolokofjgcbmi [2018-09-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Data Scraper - Easy Web Scraping) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nndknepjnldbdbepjfgmncbggmopgden [2018-11-30]
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-19]
CHR Extension: (Streak CRM for Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2020-08-10]
CHR Extension: (Checker Plus for Google Drive™) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pppfmbnpgflleackdcojndfgpiboghga [2020-10-29]
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-15]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-10-21] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-26] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-26] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-08-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-08-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-12-10] (EasyAntiCheat Oy -> Epic Games, Inc)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Player Location Check; C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\se rvice.exe [3141608 2020-09-02] (GeoComply USA, Inc. -> GeoComply)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [92672 2017-05-08] (PostgreSQL Global Development Group) [File not signed]
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13103632 2020-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [137376 2020-11-16] (TunnelBear Inc -> TunnelBear)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvr fi.inf_amd64_b02057827c15e7cf\Display.NvContainer\ NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvr fi.inf_amd64_b02057827c15e7cf\Display.NvContainer\ plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [9860088 2019-07-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2017-09-06] (TunnelBear, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-03] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================
Reply With Quote
  #4  
Old December 16th, 2020, 06:50 PM
oasis.g oasis.g is offline
Senior Member
 
Join Date: Sep 2005
Posts: 126
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-16 09:15 - 2020-12-16 09:15 - 002286592 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2020-12-16 08:25 - 2020-12-16 08:25 - 000318007 _____ C:\Users\Alex\Downloads\Report_from_CENTRAL_BREAKE R_&_CONTROL.xlsx
2020-12-16 08:15 - 2020-12-16 08:15 - 000332394 _____ C:\Users\Alex\Downloads\CBL-EA-0980-000002_R004.pdf
2020-12-16 08:15 - 2020-12-16 08:15 - 000328814 _____ C:\Users\Alex\Downloads\CBL-EA-0980-000003_R003.pdf
2020-12-16 08:15 - 2020-12-16 08:15 - 000327318 _____ C:\Users\Alex\Downloads\CBL-EA-0980-000001_R003.pdf
2020-12-16 08:15 - 2020-12-16 08:15 - 000193495 _____ C:\Users\Alex\Downloads\MR-CBL-EA-7303-000003_R002.pdf
2020-12-16 08:15 - 2020-12-16 08:15 - 000128525 _____ C:\Users\Alex\Downloads\MR-CBL-EA-7303-000001_R002.pdf
2020-12-16 08:06 - 2020-12-16 08:06 - 000344149 _____ C:\Users\Alex\Downloads\2010 PC6000 Section 8 Page 14-16 NEMA Control Non-Reversing Starters Class 14.pdf
2020-12-16 08:00 - 2020-12-16 08:00 - 001338970 _____ C:\Users\Alex\Downloads\Image.jpeg
2020-12-16 08:00 - 2020-12-16 08:00 - 001157609 _____ C:\Users\Alex\Downloads\Image (1).jpeg
2020-12-15 08:31 - 2020-12-15 08:31 - 000318122 _____ C:\Users\Alex\Downloads\Report_from_CENTRAL_BREAKE R_&_CONTROL (1).xlsx
2020-12-14 15:32 - 2020-12-14 15:32 - 000053458 _____ C:\Users\Alex\Downloads\S103276098-0002.pdf
2020-12-14 11:11 - 2020-12-14 11:12 - 000014809 _____ C:\Users\Alex\Downloads\RFQ-PA-73289.xlsx
2020-12-13 00:33 - 2020-12-13 01:14 - 772364433 _____ C:\Users\Alex\Documents\BG2s.mp4
2020-12-12 22:34 - 2020-12-13 00:34 - 004721144 _____ C:\Users\Alex\Documents\BG2s.osp
2020-12-12 22:34 - 2020-12-12 22:34 - 000000000 ____D C:\Users\Alex\Documents\BG2s_assets
2020-12-12 19:06 - 2020-12-12 19:17 - 2438308838 _____ C:\Users\Alex\Documents\BGs.mp4
2020-12-12 18:20 - 2020-12-12 19:07 - 001414457 _____ C:\Users\Alex\Documents\BGs.osp
2020-12-12 18:20 - 2020-12-12 18:20 - 000000000 ____D C:\Users\Alex\Documents\BGs_assets
2020-12-12 13:09 - 2020-12-12 13:09 - 018125190 _____ C:\Users\Alex\Downloads\messari-report-crypto-theses-for-2021.pdf
2020-12-11 17:35 - 2020-12-11 17:35 - 000031736 _____ C:\Users\Alex\Downloads\fuses 121120.xlsx
2020-12-11 15:44 - 2020-12-14 21:56 - 000205416 _____ C:\Users\Alex\Downloads\Sales_RSE_MasterList.xlsx
2020-12-11 15:34 - 2020-12-11 15:44 - 000329125 _____ C:\Users\Alex\Downloads\SalesbyParentCustomerResul ts338.csv
2020-12-11 15:15 - 2020-12-11 15:15 - 000010631 _____ C:\Users\Alex\Downloads\Assign Sub-Customers 2017 - BDI.csv
2020-12-10 19:19 - 2020-12-10 19:19 - 000000000 ____D C:\Users\Alex\Downloads\wordpress-5.6
2020-12-10 19:18 - 2020-12-10 19:18 - 016528923 _____ C:\Users\Alex\Downloads\wordpress-5.6.zip
2020-12-10 15:22 - 2020-12-10 15:22 - 000236509 _____ C:\Users\Alex\Downloads\AssignedAccountsRFMResults 217.csv
2020-12-10 14:31 - 2020-12-10 14:31 - 000073046 _____ C:\Users\Alex\Desktop\LiveWire_Supply_Inventory_12 _09_2020.xlsx
2020-12-10 14:28 - 2020-12-10 14:28 - 000264216 _____ C:\Users\Alex\Downloads\ABI_Inventory_Stock_1000.x lsx
2020-12-10 12:10 - 2020-12-10 12:10 - 000000000 ____D C:\Users\Alex\AppData\Local\GameAnalytics
2020-12-10 12:09 - 2020-12-10 12:09 - 000000000 ____D C:\Users\Alex\AppData\Local\ProjectNimble
2020-12-10 08:27 - 2020-12-10 08:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-10 08:26 - 2020-12-10 08:26 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-10 08:26 - 2020-12-10 08:26 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-10 08:26 - 2020-12-10 08:26 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.Wind owTabManager.dll
2020-12-10 08:26 - 2020-12-10 08:26 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-10 08:26 - 2020-12-10 08:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 08:26 - 2020-12-10 08:26 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 08:26 - 2020-12-10 08:26 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-10 08:26 - 2020-12-10 08:26 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-10 08:26 - 2020-12-10 08:26 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter. exe
2020-12-10 08:25 - 2020-12-10 08:25 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-10 08:25 - 2020-12-10 08:25 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 08:25 - 2020-12-10 08:25 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-10 08:25 - 2020-12-10 08:25 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-10 08:25 - 2020-12-10 08:25 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-10 08:24 - 2020-12-10 08:24 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-10 08:24 - 2020-12-10 08:24 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.Wind owTabManager.dll
2020-12-10 08:24 - 2020-12-10 08:24 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-10 08:24 - 2020-12-10 08:24 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-10 08:24 - 2020-12-10 08:24 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conve rsationalagent.proxystub.dll
2020-12-10 08:24 - 2020-12-10 08:24 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conve rsationalagent.internal.proxystub.dll
2020-12-10 08:24 - 2020-12-10 08:24 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter. exe
2020-12-04 22:07 - 2020-12-04 22:07 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2020-12-04 22:07 - 2020-12-04 22:07 - 000001816 _____ C:\ProgramData\Desktop\iTunes.lnk
2020-12-04 22:07 - 2020-12-04 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-12-04 22:07 - 2020-12-04 22:07 - 000000000 ____D C:\Program Files\iPod
2020-12-04 22:06 - 2020-12-04 22:07 - 000000000 ____D C:\Program Files\iTunes
2020-12-03 23:05 - 2020-12-03 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-02 10:43 - 2020-12-02 10:43 - 000074889 _____ C:\Users\Alex\Downloads\LWS_Inventory_12_1_2020.xl sx
2020-12-01 16:32 - 2020-12-01 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (June 2010)
2020-12-01 16:27 - 2020-12-01 16:32 - 000000000 ____D C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)
2020-12-01 14:10 - 2020-12-01 14:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-12-01 14:10 - 2020-12-01 14:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-12-01 14:10 - 2020-12-01 14:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-12-01 14:10 - 2020-12-01 14:10 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-11-26 16:08 - 2020-11-26 16:08 - 000000000 ____D C:\ProgramData\obs-studio-hook
2020-11-26 16:07 - 2020-12-12 14:12 - 000000000 ____D C:\Program Files\Streamlabs OBS
2020-11-26 16:07 - 2020-11-26 16:07 - 000001976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk
2020-11-26 16:07 - 2020-11-26 16:07 - 000001964 _____ C:\Users\Public\Desktop\Streamlabs OBS.lnk
2020-11-26 16:07 - 2020-11-26 16:07 - 000001964 _____ C:\ProgramData\Desktop\Streamlabs OBS.lnk
2020-11-25 21:27 - 2020-11-25 21:27 - 000000000 ____D C:\Users\Alex\AppData\Local\Frontier_Developments
2020-11-25 21:18 - 2020-11-25 21:18 - 000001968 _____ C:\Users\Public\Desktop\TunnelBear.lnk
2020-11-25 21:18 - 2020-11-25 21:18 - 000001968 _____ C:\ProgramData\Desktop\TunnelBear.lnk
2020-11-25 21:18 - 2020-11-25 21:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2020-11-25 12:37 - 2020-11-25 12:37 - 000000000 _____ C:\Users\Alex\Downloads\ALL_CES_Branch_Emails.txt
2020-11-24 13:45 - 2020-11-24 13:45 - 000154974 _____ C:\Users\Alex\Downloads\PowerPact M-Frame Molded Case Circuit Breakers_MJA36600.pdf
2020-11-24 11:35 - 2020-11-24 11:35 - 000215462 _____ C:\Users\Alex\Downloads\6SL3120-2TE15-0AD0_datasheet_en.pdf
2020-11-24 11:10 - 2020-11-24 11:10 - 000137907 _____ C:\Users\Alex\Downloads\PowerPact P-frame Molded Case Circuit Breakers_PJA36120 (1).pdf
2020-11-24 10:51 - 2020-11-24 10:51 - 000137907 _____ C:\Users\Alex\Downloads\PowerPact P-frame Molded Case Circuit Breakers_PJA36120.pdf
2020-11-24 10:01 - 2020-11-24 10:01 - 000447522 _____ C:\Users\Alex\Downloads\AW TEXAS one-line assembly 2000918.pdf
2020-11-24 10:01 - 2020-11-24 10:01 - 000419542 _____ C:\Users\Alex\Downloads\AW TEXAS one-line machining 20200917.pdf
2020-11-24 10:01 - 2020-11-24 10:01 - 000214609 _____ C:\Users\Alex\Downloads\PDP SCHEDULE 工務物流 20201116_rev1.pdf
2020-11-24 10:01 - 2020-11-24 10:01 - 000191971 _____ C:\Users\Alex\Downloads\Logistics PDP Sizes.pdf
2020-11-23 12:29 - 2020-11-23 12:29 - 000088676 _____ C:\Users\Alex\Downloads\US2_SCE_datasheet_en.pdf
2020-11-23 12:27 - 2020-11-23 12:27 - 000018914 _____ C:\Users\Alex\Downloads\564247 NETWORK MATERIAL.pdf
2020-11-17 15:52 - 2020-11-17 15:52 - 018296603 _____ C:\Users\Alex\Downloads\Quoting Queue.xlsx
2020-11-16 17:32 - 2020-11-16 17:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2020-11-14 13:53 - 2020-11-14 13:53 - 000022832 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_223587020531150.d ll
2020-11-12 07:58 - 2020-11-12 07:58 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-12 07:58 - 2020-11-12 07:58 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-04 11:45 - 2020-12-16 08:42 - 000003330 _____ C:\WINDOWS\system32\Tasks\GeoComply Service Check
2020-10-29 18:21 - 2020-10-29 18:28 - 000000000 ____D C:\ProgramData\BlueStacks
2020-10-29 18:21 - 2020-10-29 18:21 - 000000000 ____D C:\Program Files\BlueStacks
2020-10-22 14:55 - 2020-10-22 14:55 - 000082370 _____ C:\Users\Alex\Downloads\ABI_Inventory_Stock_BP (2).xlsx
2020-10-22 13:47 - 2020-10-22 13:47 - 000011587 _____ C:\Users\Alex\Downloads\motion Industries RFQ.xlsx
2020-10-15 13:25 - 2020-10-15 13:25 - 000030202 _____ C:\Users\Alex\Downloads\inventory Oct 13 2020.xlsx
2020-10-15 13:25 - 2020-10-15 13:25 - 000028508 _____ C:\Users\Alex\Downloads\Eaton Control_12Oct2020.xlsx
2020-10-15 09:15 - 2020-10-15 09:15 - 000009091 _____ C:\Users\Alex\Downloads\CES_OutsideSales.csv
2020-10-15 06:42 - 2020-10-15 06:42 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2020-10-15 06:41 - 2020-10-15 06:41 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-10-15 06:41 - 2020-10-15 06:41 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-10-15 06:41 - 2020-10-15 06:41 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-10-15 06:41 - 2020-10-15 06:41 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-10-15 06:41 - 2020-10-15 06:41 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-10-15 06:41 - 2020-10-15 06:41 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2020-10-15 06:40 - 2020-10-15 06:40 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-10-15 06:40 - 2020-10-15 06:40 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2020-10-15 06:40 - 2020-10-15 06:40 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-10-15 06:40 - 2020-10-15 06:40 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-10-15 06:40 - 2020-10-15 06:40 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-10-15 06:40 - 2020-10-15 06:40 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-10-15 06:39 - 2020-10-15 06:39 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-10-15 06:39 - 2020-10-15 06:39 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2020-10-15 06:39 - 2020-10-15 06:39 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2020-10-13 22:20 - 2020-10-14 22:01 - 000013514 _____ C:\ProgramData\DisplaySessionContainer22.log_backu p1
2020-10-13 07:13 - 2020-10-13 07:14 - 000016093 _____ C:\Users\Alex\Downloads\RFQ-PA-64754.xlsx
2020-10-12 22:28 - 2020-10-13 22:20 - 000013940 _____ C:\ProgramData\DisplaySessionContainer21.log_backu p1
2020-10-12 07:11 - 2020-10-12 07:11 - 000029584 _____ C:\Users\Alex\Downloads\inventory list Oct 6 2020 (1).xlsx
2020-10-12 06:54 - 2020-10-12 06:55 - 000014750 _____ C:\Users\Alex\Downloads\RFQ-PA-64581.xlsx
2020-10-11 21:42 - 2020-10-12 22:27 - 000013406 _____ C:\ProgramData\DisplaySessionContainer20.log_backu p1
2020-10-10 22:22 - 2020-10-11 21:39 - 000013886 _____ C:\ProgramData\DisplaySessionContainer19.log_backu p1
2020-10-09 21:32 - 2020-10-10 22:22 - 000013839 _____ C:\ProgramData\DisplaySessionContainer18.log_backu p1
2020-10-08 22:37 - 2020-11-06 23:40 - 000013940 _____ C:\ProgramData\DisplaySessionContainer17.log_backu p1
2020-10-07 21:27 - 2020-11-05 23:32 - 000011643 _____ C:\ProgramData\DisplaySessionContainer16.log_backu p1
2020-10-06 22:06 - 2020-10-07 21:27 - 000002682 _____ C:\ProgramData\DisplaySessionContainer15.log_backu p1
2020-10-06 09:46 - 2020-10-06 09:46 - 000029584 _____ C:\Users\Alex\Downloads\inventory list Oct 6 2020.xlsx
2020-10-06 09:32 - 2020-10-06 09:32 - 000016836 _____ C:\Users\Alex\Downloads\Siemens Switches_05Oct2020.xlsx
2020-10-06 09:32 - 2020-10-06 09:32 - 000014431 _____ C:\Users\Alex\Downloads\SQD Safety Switches_05Oct2020.xlsx
2020-10-05 15:48 - 2020-10-05 15:53 - 000000000 ____D C:\Program Files\Monero GUI Wallet
2020-10-05 15:48 - 2020-10-05 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monero GUI Wallet
2020-10-02 14:59 - 2020-10-02 15:00 - 000015097 _____ C:\Users\Alex\Downloads\LWS_Stock_10_2_2020.xlsx
2020-10-02 13:26 - 2020-10-02 13:26 - 000047888 _____ C:\Users\Alex\Downloads\Connecticut Electric - LiveWire Pricing 9-1-2020.xlsx
2020-10-02 13:23 - 2020-10-02 13:23 - 000050426 _____ C:\Users\Alex\Downloads\Connecticut Electric Pricing 08.15.2019.xlsx
2020-10-01 12:12 - 2020-10-01 12:12 - 000014473 _____ C:\Users\Alex\Downloads\SQD Safety Switches_28Sep2020.xlsx
2020-10-01 10:35 - 2020-10-01 13:27 - 000015283 _____ C:\Users\Alex\Downloads\Crouse_Hinds_10_1_2020.xls x
2020-10-01 10:34 - 2020-10-01 10:34 - 000098012 _____ C:\Users\Alex\Downloads\Stock_Items_10_1_2020.xlsx
2020-10-01 08:37 - 2020-10-01 08:37 - 000029924 _____ C:\Users\Alex\Downloads\inventory Sept 28 (1).xlsx
2020-10-01 08:37 - 2020-10-01 08:37 - 000016837 _____ C:\Users\Alex\Downloads\Siemens Switches_28Sep2020.xlsx
2020-10-01 06:35 - 2020-12-11 07:18 - 000000000 ___RD C:\Users\Alex\iCloudDrive
2020-10-01 06:35 - 2020-10-01 06:35 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\iCloud
2020-10-01 06:35 - 2020-10-01 06:35 - 000000000 ____D C:\Users\Alex\AppData\Local\Apple Inc
2020-09-30 20:18 - 2020-09-30 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2020-09-29 10:32 - 2020-09-29 10:32 - 000082370 _____ C:\Users\Alex\Downloads\ABI_Inventory_Stock_BP.xls x
2020-09-29 09:01 - 2020-09-29 09:01 - 000014286 _____ C:\Users\Alex\Downloads\TELE1.xlsx
2020-09-29 08:32 - 2020-09-29 08:32 - 000018471 _____ C:\Users\Alex\Downloads\GE Control_28Sep2020.xlsx
2020-09-29 08:32 - 2020-09-29 08:32 - 000012541 _____ C:\Users\Alex\Downloads\cr lightin2_28Sep2020.xlsx
2020-09-29 07:44 - 2020-09-29 07:44 - 000028672 _____ C:\Users\Alex\Downloads\ALLEN BRADLEY LIVEWIRE SEPT. 29. 2020.xls
2020-09-28 13:01 - 2020-09-28 13:01 - 000029924 _____ C:\Users\Alex\Downloads\inventory Sept 28.xlsx
2020-09-25 17:11 - 2020-09-25 17:16 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Delta
2020-09-25 17:11 - 2020-09-25 17:11 - 000002564 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Delta.lnk
2020-09-24 17:55 - 2020-12-13 12:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-09-24 17:55 - 2020-09-24 17:55 - 000001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2020-09-24 12:12 - 2020-09-24 12:12 - 000032156 _____ C:\Users\Alex\Downloads\inventory Sept 22 2020.xlsx
2020-09-20 07:52 - 2020-09-20 07:52 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-09-19 23:34 - 2020-09-19 23:39 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-09-19 23:33 - 2020-09-19 23:34 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-09-19 23:33 - 2020-09-19 23:33 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-09-19 23:30 - 2020-09-19 23:30 - 000000000 ____D C:\ProgramData\ssh
2020-09-19 23:27 - 2020-09-19 23:27 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-09-19 23:27 - 2020-09-19 23:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-09-19 23:27 - 2020-09-19 23:27 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-09-19 23:26 - 2020-09-19 23:26 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-09-19 23:26 - 2020-09-19 23:26 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-09-19 23:26 - 2020-09-19 23:26 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-09-19 23:26 - 2020-09-19 23:26 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-09-19 23:26 - 2020-09-19 23:26 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-09-19 23:26 - 2020-09-19 23:26 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-09-19 23:26 - 2020-09-19 23:26 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-09-19 23:26 - 2020-09-19 23:26 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-09-19 23:26 - 2020-09-19 23:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2020-09-19 23:26 - 2020-09-19 23:26 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2020-09-19 23:26 - 2020-09-19 23:26 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-09-19 23:26 - 2020-09-19 23:26 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-09-19 23:26 - 2020-09-19 23:26 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-09-19 23:25 - 2020-09-19 23:25 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-09-19 23:25 - 2020-09-19 23:25 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-09-19 23:25 - 2020-09-19 23:25 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-09-19 23:25 - 2020-09-19 23:25 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-09-19 23:25 - 2020-09-19 23:25 - 000306176 _____ C:\WINDOWS\system32\HeatCore.dll
2020-09-19 23:25 - 2020-09-19 23:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2020-09-19 23:25 - 2020-09-19 23:25 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2020-09-19 23:25 - 2020-09-19 23:25 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-09-19 23:25 - 2020-09-19 23:25 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2020-09-19 23:24 - 2020-09-19 23:24 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-09-19 23:24 - 2020-09-19 23:24 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2020-09-19 23:14 - 2020-09-19 23:14 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-09-19 23:14 - 2020-09-19 23:14 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2020-09-19 23:13 - 2020-09-19 23:13 - 000000020 ___SH C:\Users\Alex\ntuser.ini
2020-09-19 23:12 - 2020-12-16 09:31 - 000004162 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronizatio n-{587D1CF3-45CA-4583-9EFC-16FBA13D3003}
2020-09-19 23:12 - 2020-12-13 12:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-19 23:12 - 2020-12-03 19:02 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A
2020-09-19 23:12 - 2020-12-03 19:02 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore
2020-09-19 23:12 - 2020-11-28 11:24 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineUA
2020-09-19 23:12 - 2020-11-28 11:24 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineCore
2020-09-19 23:12 - 2020-11-02 13:18 - 000003996 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachine UA
2020-09-19 23:12 - 2020-11-02 13:18 - 000003764 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachine Core
2020-09-19 23:12 - 2020-10-29 18:32 - 000003944 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2020-09-19 23:12 - 2020-10-29 06:45 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1271123810-21777831-3259583340-1001
2020-09-19 23:12 - 2020-09-19 23:12 - 000003364 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskM achineUA
2020-09-19 23:12 - 2020-09-19 23:12 - 000003140 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskM achineCore
2020-09-19 23:12 - 2020-09-19 23:12 - 000002676 _____ C:\WINDOWS\system32\Tasks\GeoComply Update Task
2020-09-19 23:12 - 2020-09-19 23:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-09-19 23:12 - 2020-09-19 23:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2020-09-19 23:11 - 2020-09-19 23:12 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-09-19 23:11 - 2020-09-19 23:12 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-09-19 23:09 - 2020-12-10 22:37 - 000000000 ___SD C:\WINDOWS\system32\lxss
2020-09-19 23:09 - 2020-09-19 23:30 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2020-09-19 23:09 - 2020-09-19 23:09 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-09-19 23:09 - 2020-09-19 23:09 - 000000000 ____D C:\Program Files\MSBuild
2020-09-19 23:09 - 2020-09-19 23:09 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-09-19 23:09 - 2020-09-19 23:09 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-09-19 22:58 - 2020-12-11 07:19 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-19 22:45 - 2020-11-15 00:11 - 000000000 ____D C:\Users\Alex
2020-09-19 22:45 - 2020-10-29 06:44 - 000002360 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\OneDrive.lnk
2020-09-19 22:40 - 2020-12-15 19:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-19 22:40 - 2020-12-13 12:32 - 000008192 ___SH C:\DumpStack.log.tmp
2020-09-19 22:40 - 2020-12-10 22:41 - 000436232 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-16 09:37 - 2019-03-29 09:07 - 000031779 _____ C:\Users\Alex\Downloads\FRST.txt
2020-12-16 09:37 - 2019-03-29 09:07 - 000000000 ____D C:\FRST
2020-12-16 09:30 - 2019-03-29 09:09 - 000070331 _____ C:\Users\Alex\Downloads\Addition.txt
2020-12-16 09:13 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-16 07:51 - 2017-12-13 20:12 - 000000000 ____D C:\Users\Alex\AppData\Local\Packages
2020-12-15 22:31 - 2020-04-13 22:07 - 000013582 _____ C:\ProgramData\DisplaySessionContainer2.log_backup 1
2020-12-15 18:22 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-15 18:22 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-14 21:59 - 2020-04-19 22:53 - 000011765 _____ C:\ProgramData\DisplaySessionContainer3.log_backup 1
2020-12-14 09:21 - 2018-05-19 14:54 - 000000000 ____D C:\Users\Alex\AppData\Local\D3DSCache
2020-12-13 22:45 - 2020-04-12 12:21 - 000011623 _____ C:\ProgramData\DisplaySessionContainer1.log_backup 1
2020-12-13 14:18 - 2020-04-05 20:42 - 000000000 ____D C:\Users\Alex\AppData\Roaming\discord
2020-12-13 12:31 - 2020-04-12 12:21 - 000060008 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_back up1
2020-12-13 12:31 - 2020-04-12 12:21 - 000020336 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_ backup1
2020-12-13 12:31 - 2019-12-07 01:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-13 12:30 - 2019-02-23 17:35 - 000000000 ____D C:\Users\Alex\AppData\Roaming\slobs-client
2020-12-13 01:16 - 2020-07-25 13:10 - 000000000 ____D C:\Users\Alex\.openshot_qt
2020-12-13 01:06 - 2019-10-06 14:48 - 000000000 ____D C:\Users\Alex\Documents\CRYPTO MAIN
2020-12-13 00:02 - 2019-06-17 20:59 - 000000000 ____D C:\CoinPoker
2020-12-12 14:13 - 2019-02-23 17:35 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Streamlabs OBS
2020-12-12 13:08 - 2018-02-19 12:44 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Telegram Desktop
2020-12-12 09:43 - 2020-02-27 09:11 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-12 09:43 - 2020-02-27 09:11 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-12 09:43 - 2020-02-27 09:11 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-11 07:27 - 2019-12-07 01:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-11 07:12 - 2020-04-12 12:21 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 22:36 - 2020-04-20 21:31 - 000011379 _____ C:\ProgramData\DisplaySessionContainer4.log_backup 1
2020-12-10 17:44 - 2019-04-26 22:42 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-12-10 15:00 - 2019-01-11 14:12 - 000000000 ___RD C:\Users\Alex\Desktop\LWS MASTER
2020-12-10 13:37 - 2017-10-03 20:10 - 000000000 ____D C:\Program Files (x86)\Steam
2020-12-10 12:09 - 2018-05-01 17:26 - 000000000 ____D C:\Users\Alex\AppData\Roaming\EasyAntiCheat
2020-12-10 08:33 - 2019-12-07 01:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-08 18:45 - 2020-04-05 20:42 - 000002222 _____ C:\Users\Alex\Desktop\Discord.lnk
2020-12-08 18:45 - 2020-04-05 20:42 - 000000000 ____D C:\Users\Alex\AppData\Local\Discord
2020-12-06 23:27 - 2020-04-26 22:25 - 000016739 _____ C:\ProgramData\DisplaySessionContainer5.log_backup 1
2020-12-06 00:25 - 2018-07-10 22:07 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Ledger Live
2020-12-05 17:37 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-05 17:34 - 2020-03-28 16:00 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2020-12-04 19:45 - 2018-12-27 13:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-12-03 23:06 - 2019-08-06 12:50 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-03 20:32 - 2018-05-19 14:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-03 07:53 - 2017-08-26 10:27 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-03 07:53 - 2017-08-26 10:27 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-03 07:53 - 2017-08-26 10:27 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-12-01 16:55 - 2020-05-28 22:17 - 000014247 _____ C:\ProgramData\DisplaySessionContainer7.log_backup 1
2020-11-30 12:48 - 2018-02-25 15:09 - 000000000 ____D C:\Program Files\Epic Games
2020-11-29 12:24 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-11-29 12:24 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-11-27 12:13 - 2017-07-13 03:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-27 12:08 - 2017-07-13 03:39 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-26 19:03 - 2017-10-03 20:21 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Steam
2020-11-26 17:38 - 2018-07-21 15:58 - 000000000 ____D C:\Users\Alex\AppData\Local\ElevatedDiagnostics
2020-11-26 17:16 - 2017-07-13 01:09 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-25 22:13 - 2017-09-12 20:36 - 000000000 ____D C:\Users\Alex\AppData\LocalLow\Mozilla
2020-11-25 22:00 - 2020-01-17 18:53 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-25 21:04 - 2020-03-04 14:13 - 000001888 _____ C:\Users\Public\Desktop\Ledger Live.lnk
2020-11-25 21:04 - 2020-03-04 14:13 - 000001888 _____ C:\ProgramData\Desktop\Ledger Live.lnk
2020-11-25 21:04 - 2020-03-04 14:12 - 000000000 ____D C:\Program Files\Ledger Live
2020-11-22 20:28 - 2020-05-29 23:49 - 000016433 _____ C:\ProgramData\DisplaySessionContainer9.log_backup 1
2020-11-22 00:20 - 2020-05-29 21:58 - 000013874 _____ C:\ProgramData\DisplaySessionContainer8.log_backup 1
2020-11-21 14:09 - 2020-04-25 11:22 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Neuron

==================== Files in the root of some directories ========

2017-11-18 15:34 - 2018-07-19 21:19 - 000409600 _____ () C:\Users\Alex\wallet.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Reply With Quote
  #5  
Old December 16th, 2020, 06:51 PM
oasis.g oasis.g is offline
Senior Member
 
Join Date: Sep 2005
Posts: 126
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Alex (16-12-2020 09:40:07)
Running from C:\Users\Alex\Downloads
Windows 10 Home Version 20H2 19042.685 (X64) (2020-09-20 07:13:42)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-1271123810-21777831-3259583340-500 - Administrator - Disabled)
Alex (S-1-5-21-1271123810-21777831-3259583340-1001 - Administrator - Enabled) => C:\Users\Alex
DefaultAccount (S-1-5-21-1271123810-21777831-3259583340-503 - Limited - Disabled)
Guest (S-1-5-21-1271123810-21777831-3259583340-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1271123810-21777831-3259583340-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{345F3F90-0505-4EDF-B7A9-5E3AC1AC6CE4}) (Version: 15.2.1 - Hewlett-Packard) Hidden
888poker (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\888poker) (Version: 1.1.2.29 - 888)
Advanced CoinPoker Converter (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\AdvancedCoinPokerConverter) (Version: 1.0.7 - AdvancedPokerTools)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Betcoin Poker (HKLM-x32\...\DEAECD1E-0CEF-494d-A7DE-20EC7A6E3F61) (Version: 16.6 - IGSoft)
Bitcoin Core (64-bit) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Bitcoin Core (64-bit)) (Version: 0.18.1 - Bitcoin Core project)
BitShares 2.0.180201 (only current user) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\55efd047-5d18-54f5-be19-affeff8cc8e9) (Version: 2.0.180201 - Sigve Kvalsvik)
BLOCK DX 1.5.0 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\c2c3b094-387a-5023-b209-68eb93a40a65) (Version: 1.5.0 - Blocknet)
Blocknet (64-bit) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Blocknet (64-bit)) (Version: 4.3.0 - Blocknet project)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.240.20.1016 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BovadaPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1) (Version: - )
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 87.1.18.70 - Brave Software Inc)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CoinPoker (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\{f5ec768e-f906-4bb7-9635-8c3afaee45b8}) (Version: 5.19 - TGLab)
Contivio.com Client (HKLM-x32\...\{F574E44C-F5A1-43EA-A561-036C5807D1AD}) (Version: 9.0.7 - Contivio.com) Hidden
Contivio.com Client (HKLM-x32\...\Contivio.com Client 9.0.7) (Version: 9.0.7 - Contivio.com)
Delta 1.1.0 (only current user) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\0161ecdc-2041-5655-9e4e-ee442fb322e0) (Version: 1.1.0 - Opus Labs NV)
Discord (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 111.4.472 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{8FEB5B5F-0777-4E9D-8705-06F0A2295544}) (Version: 1.1.143.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fantom Wallet 0.1.0 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\{bad6bc13-08bf-5f4c-8b10-bfd02adcfa07}) (Version: 0.1.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Holdem Indicator 2.9.4.0 (HKLM-x32\...\Holdem Indicator_is1) (Version: - hxxp://www.HoldemIndicator.com)
HoldEq (HKLM-x32\...\{0E4042D8-2BD9-4057-9E4C-61F34FAEA09A}) (Version: 1.1.8 - HoldEq)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Ignition Casino (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E4}}_is1) (Version: - )
Ignition Hand Converter (HKLM-x32\...\{1843AD45-F895-4E7B-BC65-CD1F76B48HDC}_is1) (Version: 1.0.56 - Ace Poker Solutions LLC)
Intel® PROSet/Wireless Software (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation)
ioPay 0.10.0 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\c06c9f96-f33f-5f65-9f80-587268fdd5a1) (Version: 0.10.0 - Tian Pan)
iTunes (HKLM\...\{79951B67-3DC8-45DF-A516-86F89DA95924}) (Version: 12.11.0.26 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ledger Live 2.17.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.17.1 - Ledger Live Team)
Ledger Wallet Ripple version 1.0.2 (HKLM-x32\...\{2A226916-F20B-403D-B564-F2CF5CF8CEF8}_is1) (Version: 1.0.2 - Ledger)
Lisk 1.23.0 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\{740f3d4d-ee73-520e-b32f-b5769d167b57}) (Version: 1.23.0 - Lisk Foundation)
Lisk 1.26.0 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\740f3d4d-ee73-520e-b32f-b5769d167b57) (Version: 1.26.0 - Lisk Foundation)
Lisk Nano 1.0.2 (only current user) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\5cb54643-a0c0-58ee-97a6-2ab7b13c24f7) (Version: 1.0.2 - Lisk Foundation)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Microsoft 365 Apps for business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.13426.20308 - Microsoft Corporation)
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Monero GUI Wallet version 0.17.0.1 (HKLM\...\Monero GUI Wallet_is1) (Version: 0.17.0.1 - The Monero Developer Community)
Mozilla Firefox 81.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 81.0.1 (x64 en-US)) (Version: 81.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
NAOS7000 Software (HKLM-x32\...\{862235D3-2A93-44F6-AADB-4E6786D88D76}) (Version: 1.24 - Mionix) Hidden
NAOS7000 Software (HKLM-x32\...\InstallShield_{862235D3-2A93-44F6-AADB-4E6786D88D76}) (Version: 1.24 - Mionix)
Neon 2.5.0 (only current user) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\211a501f-25dd-501b-8c98-509ac17aedfa) (Version: 2.5.0 - Ethan Fast)
Neuron 0.30.0 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\9a00e654-dc37-551e-9f56-0f92319ca38a) (Version: 0.30.0 - Nervos Core Dev)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.6.1 - Notepad++ Team)
NVIDIA Graphics Driver 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
OpenShot Video Editor version 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Player Location Check (HKLM-x32\...\{F0753064-8D66-41A7-9F23-7691290387BF}) (Version: 3.1.1.3 - GeoComply)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.3 (HKLM\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.12.1007.2016 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0269 - REALTEK Semiconductor Corp.)
Smartcash (64-bit) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Smartcash (64-bit)) (Version: 1.0.2 - Smartcash project)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.25.0 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.25.0 - General Workings, Inc.)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.10.5 - TeamViewer)
Telegram Desktop version 2.4.7 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.4.7 - Telegram FZ-LLC)
TunnelBear (HKLM-x32\...\{739CBE42-4A99-4F36-B8B8-A2A9FB3BC5C0}) (Version: 4.3.5.0 - TunnelBear) Hidden
TunnelBear (HKLM-x32\...\{9a9bdf69-e9b6-42bc-9346-0d4ce38254d8}) (Version: 4.3.5.0 - TunnelBear)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{61B90E2F-2DD9-4581-8856-C2441B61571A}) (Version: 1.7.0.0 - Microsoft Corporation) Hidden
Virtue Poker (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\virtue-poker-client) (Version: 4.1.0 - Virtue Poker)
VSDC Free Video Editor version 6.4.7.155 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.4.7.155 - Flash-Integro LLC)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22225 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:
=========
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.6 .10.0_x86__h6adky7gbf63m [2020-12-15] (Gameloft SE)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1. 193.0_x64__v10z8vjag6ke6 [2020-11-03] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-21] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714. 0_x64__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8. 1.959.0_x64__56jybvy8sckqj [2020-11-29] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_ 1.0.0.0_x64__8wekyb3d8bbwe [2019-11-19] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neut ral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
Ubuntu 18.04 LTS -> C:\Program Files\WindowsApps\CanonicalGroupLimited.Ubuntu18.0 4onWindows_1804.2020.824.0_x64__79rhkp1fndgsc [2020-09-08] (Canonical Group Limited)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1271123810-21777831-3259583340-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Alex\Dropbox [2019-08-06 13:31]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-12-11] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Utilities\bin\x64\TxView.dll [2010-06-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvr fi.inf_amd64_b02057827c15e7cf\nvshext.dll [2020-04-11] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Chrome Apps\Ledger Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Chrome Apps\Ledger Wallet Bitcoin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Chrome Apps\Ledger Wallet Ethereum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave .lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a764a76cc0779a77\Data Scraper - Easy Web Scraping.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=nndknepjnldbdbepjfgmncbggmopgden
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a3a1d6b8109861c5\Googl e Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nckgahadagoaajjgafhacjanaoiihapd
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\ahuyn h@livewiresupply.com - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Micro soft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2016-06-23 12:17 - 2019-08-05 03:57 - 001392128 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Contivio.com\Contivio.com Client\pjsipDll.dll
2020-11-16 16:36 - 2020-11-16 16:36 - 000030720 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.Wrapper.dl l
2019-08-16 09:21 - 2018-08-22 01:15 - 000536576 _____ () [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\irrKlang.dll
2017-08-26 13:32 - 2017-05-08 20:59 - 000178688 _____ () [File not signed] C:\Program Files\PostgreSQL\9.3\bin\LIBPQ.dll
2017-08-26 13:32 - 2016-08-02 02:40 - 002257408 _____ () [File not signed] C:\Program Files\PostgreSQL\9.3\bin\libxml2.dll
2017-08-26 13:32 - 2011-01-10 07:16 - 000240862 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\libintl-8.dll
2015-08-25 14:54 - 2015-08-25 04:54 - 000294912 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\libguide40.dll
2015-08-25 14:54 - 2015-08-25 04:54 - 000094208 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ippcore-5.3.dll
2015-08-25 14:54 - 2015-08-25 04:54 - 000233472 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ipps-5.3.dll
2015-08-25 14:54 - 2015-08-25 04:54 - 000114688 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ippsc-5.3.dll
2015-08-25 14:54 - 2015-08-25 04:54 - 002093056 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ippscp8-5.3.dll
2015-08-25 14:54 - 2015-08-25 04:54 - 000139264 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ippsr-5.3.dll
2015-08-25 14:54 - 2015-08-25 04:54 - 002482176 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ippsrp8-5.3.dll
2015-08-25 14:54 - 2015-08-25 04:54 - 003174400 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ippsv8-5.3.dll
2018-12-27 13:32 - 2018-12-27 13:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Client\AppVIsvSubsystems32.dll
2020-04-19 10:48 - 2020-04-19 10:48 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-04-19 10:48 - 2020-04-19 10:48 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2017-08-26 13:32 - 2017-01-30 22:35 - 001662976 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\LIBEAY32.dll
2017-08-26 13:32 - 2017-01-30 22:35 - 000353280 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1271123810-21777831-3259583340-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-1271123810-21777831-3259583340-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D112418-N0700A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={ searchTerms}
SearchScopes: HKU\S-1-5-21-1271123810-21777831-3259583340-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D112418-N0700A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={ searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech Inc -> Logitech, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 03:04 - 2020-12-06 00:25 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
Reply With Quote
  #6  
Old December 16th, 2020, 06:52 PM
oasis.g oasis.g is offline
Senior Member
 
Join Date: Sep 2005
Posts: 126
==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1271123810-21777831-3259583340-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\Pictures\BGs\u4vndrp09es41.jpg
DNS Servers: 192.168.86.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "electron.app.Honey Miner"
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8A9A309EEDEE8A1FE73391295B B8D638"
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "iCloudPhotos"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{53EB0334-7395-43A4-AD20-7FA22F384A17}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [UDP Query User{5BA6C4B3-AD34-4F2F-9205-692D3B06BB3C}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe => No File
FirewallRules: [TCP Query User{3E0926B5-0602-437B-B20F-8160390FFC43}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe => No File
FirewallRules: [{70F08AAD-2737-4D8D-A09B-AA7EE5CFC1A9}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{56C08184-FDA7-4064-AC58-C207A1EF2829}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{234A882F-BEAB-425D-9F21-2423C591BFDD}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{4AD94BA7-8A97-40B0-9B9E-F0B9E828D92E}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{6E94CC4A-3431-4786-B463-3366399CFD78}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{A60E2960-11FF-498E-BA10-A9A95C89F632}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{1CC3279C-E626-4F12-8290-FA39B037570E}] => (Allow) C:\Program Files\AdvancedPokerTools\AdvancedCoinPokerConverte r\AdvancedCoinPokerConverter.exe (AdvancedPokerTools) [File not signed]
FirewallRules: [{F6C524B5-980D-463B-9155-8C9CD2F509A7}] => (Allow) C:\Program Files\AdvancedPokerTools\AdvancedCoinPokerConverte r\AdvancedCoinPokerConverter.exe (AdvancedPokerTools) [File not signed]
FirewallRules: [UDP Query User{459895EE-E0DE-4AA8-A40E-E304B876C775}C:\users\alex\appdata\local\programs\ neuron\bin\ckb.exe] => (Allow) C:\users\alex\appdata\local\programs\neuron\bin\ck b.exe () [File not signed]
FirewallRules: [TCP Query User{6BE2F528-2013-4709-8292-0E10CBE39604}C:\users\alex\appdata\local\programs\ neuron\bin\ckb.exe] => (Allow) C:\users\alex\appdata\local\programs\neuron\bin\ck b.exe () [File not signed]
FirewallRules: [UDP Query User{AF999974-B36B-433D-92BB-F57A3FE9BAE4}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe => No File
FirewallRules: [TCP Query User{EFA8ECA1-650B-42F2-B3D2-3679CCD3F3DE}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe => No File
FirewallRules: [UDP Query User{28DFDA4E-48EB-4E28-A0A8-00506B2D3990}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{BA6046F0-132C-42DE-A22C-B181BDDC5555}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{24C4E59D-C045-4AEC-ABD4-9952C51D30A5}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe => No File
FirewallRules: [TCP Query User{1E360C3F-84FA-4BB9-BB47-D028D3BFBFBA}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe => No File
FirewallRules: [{04346FCF-9AA0-420A-BD11-864D9F21F16F}] => (Allow) C:\Users\Alex\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{FBC6F0B4-1E39-4911-A070-97F8187C2538}] => (Allow) C:\Users\Alex\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{F2215E60-21ED-4C0E-A9DF-EA0DFD87D10C}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monerod.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monerod.exe => No File
FirewallRules: [TCP Query User{E2026E43-9F58-4909-A2A4-453E5315778B}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monerod.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monerod.exe => No File
FirewallRules: [UDP Query User{88583391-BC92-4CFE-BC2E-9E93A2B91FF5}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe => No File
FirewallRules: [TCP Query User{9BC769E1-174C-49E1-93DA-2473D75BC307}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe => No File
FirewallRules: [UDP Query User{FF030DCA-9CE7-496A-9619-F2157B3DCAF6}C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe] => (Allow) C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe => No File
FirewallRules: [TCP Query User{069F1510-4750-4164-A443-E587A57A2113}C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe] => (Allow) C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe => No File
FirewallRules: [UDP Query User{BB3A5F40-F6D0-4872-8817-FB21CE187EB9}C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe] => (Allow) C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe => No File
FirewallRules: [TCP Query User{3A8E1886-2746-4302-82FB-F188BC7E674F}C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe] => (Allow) C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe => No File
FirewallRules: [{6ACCA82E-33F1-435A-9FE0-64EF403290DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{287E2731-0394-4EB7-8DA6-518DA38F76DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [UDP Query User{7B39B1C7-388C-4D11-8857-4A459AC72709}C:\users\alex\appdata\local\temp\temp 1_condensation-qt.zip\condensation-qt.exe] => (Allow) C:\users\alex\appdata\local\temp\temp1_condensatio n-qt.zip\condensation-qt.exe => No File
FirewallRules: [TCP Query User{D37297DF-217B-49AC-8B73-8781084DBC4F}C:\users\alex\appdata\local\temp\temp 1_condensation-qt.zip\condensation-qt.exe] => (Allow) C:\users\alex\appdata\local\temp\temp1_condensatio n-qt.zip\condensation-qt.exe => No File
FirewallRules: [UDP Query User{789DDA5B-D09E-4B17-94C7-58CAE82C6F3F}C:\program files\epic games\magicthegathering\mtga.exe] => (Allow) C:\program files\epic games\magicthegathering\mtga.exe => No File
FirewallRules: [TCP Query User{FA86C6D4-77CC-4A42-8838-4444D8F29F91}C:\program files\epic games\magicthegathering\mtga.exe] => (Allow) C:\program files\epic games\magicthegathering\mtga.exe => No File
FirewallRules: [UDP Query User{0B17C0E0-4ADC-4793-AB5F-B996AD9DAAB6}C:\program files\blocknet\blocknet-qt.exe] => (Allow) C:\program files\blocknet\blocknet-qt.exe () [File not signed]
FirewallRules: [TCP Query User{FD59E74A-E95A-46F4-999D-E07E69D50C84}C:\program files\blocknet\blocknet-qt.exe] => (Allow) C:\program files\blocknet\blocknet-qt.exe () [File not signed]
FirewallRules: [UDP Query User{3C987534-1977-40CB-B953-6740B34999A6}C:\users\alex\appdata\local\programs\ lisk-hub\lisk.exe] => (Allow) C:\users\alex\appdata\local\programs\lisk-hub\lisk.exe (Lisk Stiftung -> Lisk Foundation)
FirewallRules: [TCP Query User{DC5B0E8C-6C6B-4C3A-923E-700112D719DD}C:\users\alex\appdata\local\programs\ lisk-hub\lisk.exe] => (Allow) C:\users\alex\appdata\local\programs\lisk-hub\lisk.exe (Lisk Stiftung -> Lisk Foundation)
FirewallRules: [UDP Query User{E525B390-5C93-4BBC-B56A-C8A15C1A42EE}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe => No File
FirewallRules: [TCP Query User{6A5664DB-7E83-4494-B2C9-AFA394D2F8BF}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe => No File
FirewallRules: [UDP Query User{D29E1B30-9EFE-46F8-BB9D-FF0C50EFF827}C:\program files\blocknetdx\blocknetdx-qt.exe] => (Allow) C:\program files\blocknetdx\blocknetdx-qt.exe () [File not signed]
FirewallRules: [TCP Query User{FBAC40FD-D0BE-4E50-89FD-38168B2461FE}C:\program files\blocknetdx\blocknetdx-qt.exe] => (Allow) C:\program files\blocknetdx\blocknetdx-qt.exe () [File not signed]
FirewallRules: [UDP Query User{041E60E4-62AA-48AA-B84D-C334044529EE}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortnit eclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortnit eclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{A8617041-4EA4-4654-93A1-E4FCE262E169}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortnit eclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortnit eclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{80E99B22-8FDD-4EA4-8187-E924C1E5837A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{5A1DE321-17C1-4F27-8430-8DDBF7BCC204}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9E94E2EE-140D-4F09-9439-9B21E248A917}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslaun cher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslaun cher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C6054851-0E35-41E8-BCF3-FFCEC24532D5}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslaun cher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslaun cher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{89262153-E3B1-4F46-AB62-7B35CF8045E1}C:\users\alex\downloads\xgox-qt-win32-v2221\xgox-qt.exe] => (Allow) C:\users\alex\downloads\xgox-qt-win32-v2221\xgox-qt.exe () [File not signed]
FirewallRules: [TCP Query User{41F1FF91-0483-4A84-8FE4-7C22B7F55B38}C:\users\alex\downloads\xgox-qt-win32-v2221\xgox-qt.exe] => (Allow) C:\users\alex\downloads\xgox-qt-win32-v2221\xgox-qt.exe () [File not signed]
FirewallRules: [UDP Query User{3BFBDEAC-7A3C-4D21-99EC-C8AE89E392BC}C:\users\alex\downloads\condensation-qt\condensation-qt.exe] => (Allow) C:\users\alex\downloads\condensation-qt\condensation-qt.exe => No File
FirewallRules: [TCP Query User{0647DF84-5CD5-4FE6-9FCE-D9F817C81A86}C:\users\alex\downloads\condensation-qt\condensation-qt.exe] => (Allow) C:\users\alex\downloads\condensation-qt\condensation-qt.exe => No File
FirewallRules: [UDP Query User{E74992F8-63DA-4AC2-BFCA-EF15CC6B4264}C:\program files\smartcash\smartcash-qt.exe] => (Allow) C:\program files\smartcash\smartcash-qt.exe () [File not signed]
FirewallRules: [TCP Query User{13B53DCC-C2BA-4C0B-B9EB-C573D42C0C87}C:\program files\smartcash\smartcash-qt.exe] => (Allow) C:\program files\smartcash\smartcash-qt.exe () [File not signed]
FirewallRules: [{528C0B46-C3CE-4F22-9D4E-99CBA8FC5AF3}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{C137616B-8582-4B5E-8543-05172A27AC1A}] => (Allow) C:\Program Files (x86)\Holdem Indicator\HoldemIndicator.exe (CKMN Technologies Inc. -> HoldemIndicator.com)
FirewallRules: [{83A77C99-F8DD-46BB-9BF3-1168DC9FB77C}] => (Allow) C:\Program Files (x86)\Holdem Indicator\HoldemIndicator.exe (CKMN Technologies Inc. -> HoldemIndicator.com)
FirewallRules: [{C950AB6B-4F5F-49F3-BCF7-D46A9DDE5626}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9010BB63-43BD-4EC5-86AF-40522149812A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59C8862C-64B3-4F3A-8BF7-CBD777A06245}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7CA5E6BD-44E3-4E75-ADE0-4E473EF33D10}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F3A17F05-3363-4F44-AF6E-E815D8C3ABDB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{138E2F50-BCDA-4601-BF11-EA829CA0E1AE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A5040280-7C6C-42F4-909C-024886B2877A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CC2B47CE-BBF8-4967-95B4-87E294D3A23F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5863F213-B5D0-4497-8311-F9CC2EDA6527}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{08D0C8A5-9F37-42A7-9F47-CD50AF8FAE4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{6390CD07-7F05-4737-A74F-CB7886B67998}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe => No File
FirewallRules: [{E1F44368-27EA-40BD-90E7-A3B977515C1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe => No File
FirewallRules: [TCP Query User{23935813-26BE-4B78-9012-30D8A123D340}C:\users\alex\downloads\smartcash-qt-0.8.7.9-win-launcher\smartcash-qt.exe] => (Allow) C:\users\alex\downloads\smartcash-qt-0.8.7.9-win-launcher\smartcash-qt.exe => No File
FirewallRules: [UDP Query User{039084F3-340C-4247-95EC-0069EC62C9F7}C:\users\alex\downloads\smartcash-qt-0.8.7.9-win-launcher\smartcash-qt.exe] => (Allow) C:\users\alex\downloads\smartcash-qt-0.8.7.9-win-launcher\smartcash-qt.exe => No File
FirewallRules: [TCP Query User{F735646B-D218-4B39-ADF7-341A9390E555}C:\users\alex\desktop\smartcash-qt.exe] => (Allow) C:\users\alex\desktop\smartcash-qt.exe => No File
FirewallRules: [UDP Query User{3C51AD19-A756-42F1-A4FB-F85B858B9932}C:\users\alex\desktop\smartcash-qt.exe] => (Allow) C:\users\alex\desktop\smartcash-qt.exe => No File
FirewallRules: [TCP Query User{BA148897-C077-487B-ABBB-CB3B3D603065}C:\users\alex\appdata\local\temp\temp 1_gotokens-qt-windows.zip\gotokens-qt.exe] => (Allow) C:\users\alex\appdata\local\temp\temp1_gotokens-qt-windows.zip\gotokens-qt.exe => No File
FirewallRules: [UDP Query User{CD55C395-DF9A-4510-8688-27F951A09B2C}C:\users\alex\appdata\local\temp\temp 1_gotokens-qt-windows.zip\gotokens-qt.exe] => (Allow) C:\users\alex\appdata\local\temp\temp1_gotokens-qt-windows.zip\gotokens-qt.exe => No File
FirewallRules: [TCP Query User{7A45CB72-2427-49B9-9894-2A9AC02324AA}C:\users\alex\downloads\gocoin-qt.exe] => (Allow) C:\users\alex\downloads\gocoin-qt.exe () [File not signed]
FirewallRules: [UDP Query User{0917D45B-E572-43C0-95A1-407833CB59C0}C:\users\alex\downloads\gocoin-qt.exe] => (Allow) C:\users\alex\downloads\gocoin-qt.exe () [File not signed]
FirewallRules: [TCP Query User{ED69EC16-727B-41BD-89CD-2EF28CDCAC08}C:\users\alex\desktop\gocoin-qt.exe] => (Allow) C:\users\alex\desktop\gocoin-qt.exe => No File
FirewallRules: [UDP Query User{C9FE95DB-7DC2-4E1B-9D53-B4F83A1ABC57}C:\users\alex\desktop\gocoin-qt.exe] => (Allow) C:\users\alex\desktop\gocoin-qt.exe => No File
FirewallRules: [TCP Query User{9E4818F8-BECE-43B8-B0F9-577BD72EA8C9}C:\users\alex\appdata\roaming\gocoin\ gocoin-qt.exe] => (Allow) C:\users\alex\appdata\roaming\gocoin\gocoin-qt.exe => No File
FirewallRules: [UDP Query User{A256EC3F-6D22-47DD-A1B3-B98EAC4D1824}C:\users\alex\appdata\roaming\gocoin\ gocoin-qt.exe] => (Allow) C:\users\alex\appdata\roaming\gocoin\gocoin-qt.exe => No File
FirewallRules: [TCP Query User{E37C235A-E212-4A7B-8A1A-4A09EC7AFFA6}C:\users\alex\downloads\xgox-qt-win32-v2100\xgox-qt.exe] => (Allow) C:\users\alex\downloads\xgox-qt-win32-v2100\xgox-qt.exe => No File
FirewallRules: [UDP Query User{0187B817-EEF9-4FA4-955D-1F14D477867E}C:\users\alex\downloads\xgox-qt-win32-v2100\xgox-qt.exe] => (Allow) C:\users\alex\downloads\xgox-qt-win32-v2100\xgox-qt.exe => No File
FirewallRules: [TCP Query User{96261E15-462E-446A-B638-09CF22B441AB}C:\users\alex\downloads\smartcash-1.0.0-win64\smartcash-1.0.0\bin\smartcash-qt.exe] => (Allow) C:\users\alex\downloads\smartcash-1.0.0-win64\smartcash-1.0.0\bin\smartcash-qt.exe => No File
FirewallRules: [UDP Query User{CF4F1250-6A74-4ED9-89D7-6E85782627D4}C:\users\alex\downloads\smartcash-1.0.0-win64\smartcash-1.0.0\bin\smartcash-qt.exe] => (Allow) C:\users\alex\downloads\smartcash-1.0.0-win64\smartcash-1.0.0\bin\smartcash-qt.exe => No File
FirewallRules: [TCP Query User{BBD84050-B0B5-453B-A18F-E9DB65B3E583}C:\users\alex\downloads\xgox-qt-win32-v221\xgox-qt.exe] => (Allow) C:\users\alex\downloads\xgox-qt-win32-v221\xgox-qt.exe => No File
FirewallRules: [UDP Query User{E066853B-1C1B-4F2E-88F9-D953998C4394}C:\users\alex\downloads\xgox-qt-win32-v221\xgox-qt.exe] => (Allow) C:\users\alex\downloads\xgox-qt-win32-v221\xgox-qt.exe => No File
FirewallRules: [TCP Query User{CD2ACD3F-961D-4CD1-B133-1964351606CE}C:\users\alex\desktop\zoin-qt.exe] => (Allow) C:\users\alex\desktop\zoin-qt.exe => No File
FirewallRules: [UDP Query User{4DB5A6CD-6041-4145-B05D-B30121C074B3}C:\users\alex\desktop\zoin-qt.exe] => (Allow) C:\users\alex\desktop\zoin-qt.exe => No File
FirewallRules: [{84F80992-84B9-42EF-8970-072A289F3117}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CB9265D5-3446-445A-9AAE-0D84378B5BBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe => No File
FirewallRules: [{64C36B8A-628D-44D2-AC78-ACC4C1A25B8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe => No File
FirewallRules: [TCP Query User{6A34B79F-43BA-4122-874F-3347F56E07C6}C:\users\alex\desktop\xgox-qt-win32-v2230\xgox-qt.exe] => (Allow) C:\users\alex\desktop\xgox-qt-win32-v2230\xgox-qt.exe => No File
FirewallRules: [UDP Query User{93753026-31E6-4501-B487-895E2D642924}C:\users\alex\desktop\xgox-qt-win32-v2230\xgox-qt.exe] => (Allow) C:\users\alex\desktop\xgox-qt-win32-v2230\xgox-qt.exe => No File
FirewallRules: [{4E1A2D58-EBC1-4181-A3F6-2AEC4236F2A7}] => (Allow) C:\Program Files (x86)\Holdem Indicator\GG.exe (CKMN Technologies Inc. -> HoldemIndicator.com)
FirewallRules: [{0CBA0182-7CE6-41A4-A777-7D30D397060F}] => (Allow) C:\Program Files (x86)\Holdem Indicator\GG.exe (CKMN Technologies Inc. -> HoldemIndicator.com)
FirewallRules: [{EBBCFE76-0AD4-4B0A-9B99-B9F147694743}] => (Allow) C:\Program Files (x86)\Holdem Indicator\GG.exe (CKMN Technologies Inc. -> HoldemIndicator.com)
FirewallRules: [{05E9CDFF-A16C-4A2D-BA68-B65171D4736B}] => (Allow) C:\Program Files (x86)\Holdem Indicator\GG.exe (CKMN Technologies Inc. -> HoldemIndicator.com)
FirewallRules: [TCP Query User{C8E52B7E-080C-425A-9BC0-68F5D3A63ECF}C:\users\alex\desktop\xgox-qt.exe] => (Allow) C:\users\alex\desktop\xgox-qt.exe => No File
FirewallRules: [UDP Query User{70550227-C8A1-4868-A477-CFEF1B044EB3}C:\users\alex\desktop\xgox-qt.exe] => (Allow) C:\users\alex\desktop\xgox-qt.exe => No File
FirewallRules: [{5B9151FA-3C7A-4CDC-86C4-A6BF8AC59584}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{504EF42E-0D86-41DE-880E-0A3A9B3932BD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7A6F310B-8E1B-4017-93D4-511EBE81A8AB}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.ex e => No File
FirewallRules: [{BD35F9CF-4CFC-49AD-9417-B8EA8543FC42}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.ex e => No File
FirewallRules: [TCP Query User{35401969-34CB-4A58-8805-E199EDC851E4}C:\program files (x86)\contivio.com\contivio.com client\contivio.com.exe] => (Allow) C:\program files (x86)\contivio.com\contivio.com client\contivio.com.exe (CONTIVIO.COM CORPORATION -> Contivio.com)
FirewallRules: [UDP Query User{F729FA69-BCF6-4A79-9AAA-1AC521CBDD08}C:\program files (x86)\contivio.com\contivio.com client\contivio.com.exe] => (Allow) C:\program files (x86)\contivio.com\contivio.com client\contivio.com.exe (CONTIVIO.COM CORPORATION -> Contivio.com)
FirewallRules: [{467F9777-9148-40EE-943F-D57D55BBD30A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42783452-BAE3-4AB9-9967-BB4110710675}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{39717BE0-F9B2-42DF-A1F3-C645C97A5F0B}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [UDP Query User{9174A468-236D-4262-A95F-BE3D66A9594A}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [{628616D9-C578-4A1C-9FA6-82F2B96A923C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win64\SteamLauncher.exe => No File
FirewallRules: [{9B17197D-BF38-4C09-877E-38B099BC6C00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win64\SteamLauncher.exe => No File
FirewallRules: [{C749E087-291F-4300-BEAE-9C3E25D6D7E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win64\BlackSquadGame.exe => No File
FirewallRules: [{0A50C519-212B-431F-9F8F-78FF098AC126}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win64\BlackSquadGame.exe => No File
FirewallRules: [{A9B609AF-D3C8-4A9F-AF75-A1368997F33F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C38258FC-DED1-4086-BC15-0B85BABFE620}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{12487BB8-63DC-4B81-A3DD-500C80953DBF}C:\users\alex\appdata\local\programs\ lisk-hub\lisk hub.exe] => (Allow) C:\users\alex\appdata\local\programs\lisk-hub\lisk hub.exe => No File
FirewallRules: [UDP Query User{27768AE5-7FB8-4834-99AD-B305239B2C0E}C:\users\alex\appdata\local\programs\ lisk-hub\lisk hub.exe] => (Allow) C:\users\alex\appdata\local\programs\lisk-hub\lisk hub.exe => No File
FirewallRules: [{705C539B-70EC-48F2-9645-F42418B6B0B5}] => (Allow) C:\Program Files (x86)\RescueTime\RescueTime.exe => No File
FirewallRules: [{E313837E-3F3D-4B01-A96A-92E1632A3F7A}] => (Allow) C:\Program Files (x86)\RescueTime\RescueTime.exe => No File
FirewallRules: [{DFDDB84F-397D-4FDF-88D3-363587BAA95F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6B6FCCD4-9D02-4F14-A286-7B314D0BCEFE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FB0BC1B9-F276-4757-9780-CEEB493AD97E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FFCFF859-CD84-427F-A674-97A8EDC53017}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{18FDAA44-CE57-40ED-9B90-BCDC0E31A1BA}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monero-wallet-gui.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monero-wallet-gui.exe () [File not signed]
FirewallRules: [UDP Query User{DBB84482-E058-4EC1-A2CD-B1025152BAA1}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monero-wallet-gui.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monero-wallet-gui.exe () [File not signed]
FirewallRules: [TCP Query User{6ED16022-83F7-4687-9316-0CB3CA678B36}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monerod.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monerod.exe () [File not signed]
FirewallRules: [UDP Query User{DFBBFB2E-638E-49A7-AC80-ACAF852B1480}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monerod.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monerod.exe () [File not signed]
FirewallRules: [TCP Query User{D7C92B6F-C673-4071-B4F2-5DF8344974B8}C:\program files\monero gui wallet\monero-wallet-gui.exe] => (Allow) C:\program files\monero gui wallet\monero-wallet-gui.exe () [File not signed]
FirewallRules: [UDP Query User{198E1A83-B318-42AD-AE6B-0917E78A3BC6}C:\program files\monero gui wallet\monero-wallet-gui.exe] => (Allow) C:\program files\monero gui wallet\monero-wallet-gui.exe () [File not signed]
FirewallRules: [{530A1A5D-CBA7-48A7-85AF-37D0F86549AF}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{D052D52A-1DB5-471E-8C3F-B9868870CCBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe () [File not signed]
FirewallRules: [{40353405-CC31-4DA8-BFC5-71BBFE3FDBBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe () [File not signed]
FirewallRules: [{D3A629F9-E04A-4683-B9B5-71F7B53449D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{58C3EF11-9370-46F2-91D7-D70C8D92734B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{9161D96E-E0C4-4D9F-9A7E-B1744F8E31DE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26BF5F7B-2B34-4148-89FF-4C3DF42EB8B4}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E24DABA9-DD3B-441D-A7F3-6686D0A87EF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Rumble\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{948B3903-3662-4A44-A7B9-5119392C0E4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Rumble\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{832DA1D9-90B6-468C-BCFE-95B3F876AFF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Armageddon\WA.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{64822752-91E2-45B6-A295-289E6950E283}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Armageddon\WA.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [TCP Query User{ED4B4D07-DBEC-49EC-BDF0-E97B816B4BF6}C:\program files (x86)\steam\steamapps\common\worms rumble\projectnimble\binaries\win64\projectnimble. exe] => (Allow) C:\program files (x86)\steam\steamapps\common\worms rumble\projectnimble\binaries\win64\projectnimble. exe (Team17 Digital) [File not signed]
FirewallRules: [UDP Query User{3DE7958F-72DF-4345-BDB5-E64C7AE809A8}C:\program files (x86)\steam\steamapps\common\worms rumble\projectnimble\binaries\win64\projectnimble. exe] => (Allow) C:\program files (x86)\steam\steamapps\common\worms rumble\projectnimble\binaries\win64\projectnimble. exe (Team17 Digital) [File not signed]
FirewallRules: [{72AA527E-3007-4C5F-BD20-A02706E7F728}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{56D90AA4-CE1A-4304-A7FA-9EFE49DC1B6D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AB8C6421-8EAD-4649-85DA-AD9EF97DC3D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1BB70DB-828D-4881-9487-9BABEAD6EB6D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2FF6A76-D2F9-41F9-91BF-217D2C428924}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

10-12-2020 07:41:13 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/16/2020 07:25:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32040562

Error: (12/16/2020 07:25:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32040562

Error: (12/16/2020 07:25:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/15/2020 10:32:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15593

Error: (12/15/2020 10:32:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15593

Error: (12/15/2020 10:32:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/14/2020 09:59:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31281

Error: (12/14/2020 09:59:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31281


System errors:
=============
Error: (12/13/2020 12:31:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ClickToRunSvc service.

Error: (12/10/2020 10:29:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (12/10/2020 10:29:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (12/10/2020 08:36:06 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.

Error: (12/10/2020 08:34:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Update Orchestrator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (12/09/2020 09:48:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H66SN7Q)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (12/09/2020 01:37:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Web Account Manager service terminated unexpectedly. It has done this 1 time(s).

Error: (12/09/2020 08:10:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240009: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.329.98.0).


Windows Defender:
===================================
Date: 2020-12-16 09:03:01.5220000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {4A91B986-2089-4429-95BF-D0EFBC3BED7C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-15 09:08:30.5050000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {FB4E1E3C-A385-4077-B208-22DEE025B740}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-10 22:24:09.6200000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {3878EE94-DC82-4EB8-A628-328A67EFD784}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-10 09:47:57.1160000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {E5B96271-DB83-4CC5-AC31-C226B07FBB59}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-08 20:56:15.1430000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {CEC10CB5-6DD4-4998-A54D-23E246735419}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-09 08:10:20.5950000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.38.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80240009
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P3.00 07/13/2017
Motherboard: ASRock AB350M Pro4
Processor: AMD Ryzen 5 1600 Six-Core Processor
Percentage of memory in use: 76%
Total physical RAM: 16316.9 MB
Available physical RAM: 3819.21 MB
Total Virtual: 32719.6 MB
Available Virtual: 10105.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1861.63 GB) (Free:1124.93 GB) NTFS

\\?\Volume{ff8639b4-e9bc-44c9-8c34-4871ec2de9a5}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{45edeef2-f749-4d07-b8d3-b1aaba97d389}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS
\\?\Volume{e0377013-1bd6-4575-b04b-631a1615ec56}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

================================================== ========
Disk: 0 (Size: 1863 GB) (Disk ID: 000264DA)

Partition: GPT.

==================== End of Addition.txt =======================
Reply With Quote
  #7  
Old December 17th, 2020, 04:31 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,116
Sorry for the delay. I was offline yesterday. But I see no indication of malware in this log, or reason for slowness. You may want to open a new request in the CTH Windows 10 forum.
Reply With Quote
  #8  
Old December 17th, 2020, 08:23 PM
oasis.g oasis.g is offline
Senior Member
 
Join Date: Sep 2005
Posts: 126
Thank you for taking a look, Jintan!

happy holidays!
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 09:24 PM.