|
Potential Malware
Hello,
my CPU is running a bit slower. I am worried I have some malware. It's been a while since I have checked for malware. Please advise. Thank you! |
Hi oasis.g,
Let's take a look. For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to the desktop. For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to the desktop. Please run it and click Scan, post back with the 2 logfiles. |
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Alex (administrator) on DESKTOP-H66SN7Q (16-12-2020 09:35:18) Running from C:\Users\Alex\Downloads Loaded Profiles: Alex Platform: Windows 10 Home Version 20H2 19042.685 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <22> (CONTIVIO.COM CORPORATION -> Contivio.com) C:\Program Files (x86)\Contivio.com\Contivio.com Client\Contivio.Com.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (GeoComply USA, Inc. -> GeoComply) C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\se rvice.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <86> (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE <2> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <13> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxOutlo ok.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxTsr.e xe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvr fi.inf_amd64_b02057827c15e7cf\Display.NvContainer\ NVDisplay.Container.exe <2> (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe <7> (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TunnelBear Inc -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Alex\AppData\Local\Microsoft\Teams\Update .exe [1789768 2019-08-21] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Run: [GoogleChromeAutoLaunch_8A9A309EEDEE8A1FE73391295BB 8D638] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2151080 2020-12-09] (Brave Software, Inc. -> Brave Software, Inc.) HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2151080 2020-12-09] (Brave Software, Inc. -> Brave Software, Inc.) HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2151080 2020-12-09] (Brave Software, Inc. -> Brave Software, Inc.) HKLM\...\Windows x64\Print Processors\hpcpp155: C:\Windows\System32\spool\prtprocs\x64\hpcpp155.DL L [597792 2013-09-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Insta ller\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\87.1.18.70\Installer\chrmstp.e xe [2020-12-10] (Brave Software, Inc. -> Brave Software, Inc.) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {02C9D8CB-5EDB-43A2-9C71-EDD9B58DC7F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) Task: {2E1AE457-AD9F-4929-9526-9EB3E826B8CF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {3B1173DC-5CD1-47D9-9CCA-4D8A58EC5A20} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-04] (Microsoft Corporation -> Microsoft Corporation) Task: {3BA30050-1805-4D53-A461-EC667647973D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3C438060-0D96-4691-A990-478059EDD55B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-08-06] (Dropbox, Inc -> Dropbox, Inc.) Task: {443CEC4A-CEC1-4207-A98F-A560AECB9524} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1271123810-21777831-3259583340-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter. exe [13312 2020-12-10] (Microsoft Windows -> ) Task: {6D3D2852-8F33-4DDE-A0D7-4DC7488B924D} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacks Helper.exe [752136 2020-10-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {8CA205DA-FF6C-449C-B4A2-783387AA9ED9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-04] (Microsoft Corporation -> Microsoft Corporation) Task: {96059511-F652-4E39-B26B-4B884AB3A701} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2020-12-04] (Microsoft Corporation -> Microsoft Corporation) Task: {9643A489-1E85-4A4B-BE70-6779AE96AAC4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B339A09E-8801-4B07-B35E-52FED80906DA} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-26] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {B4830B32-9928-4048-9928-B5D0C1C2204D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BC654DB8-D62D-4869-8039-CE6484E78317} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) Task: {CCE7FA17-256F-4CB8-A95A-2DAB28538EDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-26] (Google Inc -> Google Inc.) Task: {D23D2EF1-2832-40D0-BCCF-CFA9238C79CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-26] (Google Inc -> Google Inc.) Task: {D2BC3E26-22ED-4F93-AD58-D9DE0A1A4D19} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-08-06] (Dropbox, Inc -> Dropbox, Inc.) Task: {D543BDEB-14A1-4690-9204-342BCD45EA04} - System32\Tasks\GeoComply Update Task => C:\Program Files (x86)\GeoComply\\PlayerLocationCheck\Update\GeoCom plyUpdate.exe [3191272 2020-09-02] (GeoComply USA, Inc. -> GeoComply) -> /config=C:\Program Files (x86)\GeoComply\\PlayerLocationCheck\Update\GeoCom plyUpdate.xml Task: {D5EAE071-1142-4AA8-AA87-1D74F330629E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E4944AA3-849C-43BE-98A9-25364CC3E77E} - System32\Tasks\GeoComply Service Check => "C:\Program Files (x86)\GeoComply/\PlayerLocationCheck\Application\PlayerLocationChe ckTask.cmd" 0 Task: {F0979DAB-62A7-418E-8DD2-68B44881BF47} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software) Task: {FF2488CA-1400-41F6-9853-AD1A527DCBA2} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-26] (Brave Software, Inc. -> BraveSoftware Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.86.1 Tcpip\..\Interfaces\{2200fe1e-8793-4f49-86f9-1519d0716f05}: [DhcpNameServer] 192.168.86.1 Tcpip\..\Interfaces\{8efb073f-860f-49fa-9a6f-aa36af3fc495}: [DhcpNameServer] 172.18.13.1 Edge: ====== Edge DefaultProfile: Profile 1 Edge Profile: C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2020-12-16] Edge Notifications: Profile 1 -> hxxps://www.reddit.com Edge HomePage: Profile 1 -> hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSourc e=55&CUI=&UM=4&UP=SPE2F0C51B-D102-478C-8837-99A52DA8929A&SSPV= Edge StartupUrls: Profile 1 -> "hxxps://mail.google.com/mail/u/1/#inbox","hxxps://coinmarketcap.com/","hxxps://www.schwab.com/public/schwab/client_home","hxxp://finance.google.com/" Edge Extension: (Honey) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2020-11-16] Edge Extension: (Slickdeals: Automatic Coupons and Deals) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\dbcjahjgmipefpapjkbcjeglciobkiih [2020-11-26] Edge Extension: (HTTPS Everywhere) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\fchjpkplmbeeeaaogdbhjbgbknjobohb [2020-11-20] Edge Extension: (Lolli: Earn Bitcoin When You Shop) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\fleenceagaplaefnklabikkmocalkcpo [2020-10-18] Edge Extension: (Streak CRM for Gmail) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\gjfnhcobilifnmokegginjeenmlmlccn [2020-05-23] Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2020-12-16] Edge Extension: (UberConference Screen Sharing) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\hcakmcggjddnhepfcajfcpkdjoggcnak [2020-05-23] Edge Extension: (Better Bittrex) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\hdchkkimlockolfnpkanppdldbmefkdn [2020-05-23] Edge Extension: (Hunter: Find email addresses in seconds) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\hgmhmanijnjhaffoampdlllchpolkdnj [2020-09-20] Edge Extension: (Google Analytics Debugger) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jnkmfdileelhofjcijamephohjechhna [2020-05-23] Edge Extension: (Google Hangouts) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-08-12] Edge Extension: (MetaMask) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2020-12-14] Edge Extension: (Origin Deals) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\pplcajdkcpaefgdadbbfchogccbieoae [2020-06-18] FireFox: ======== FF DefaultProfile: 8vobr0ub.default FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Prof iles\8vobr0ub.default [2020-11-25] FF NewTab: Mozilla\Firefox\Profiles\8vobr0ub.default -> hxxp://www.bing.com/?pc=COSP&ptag=D112418-N0600A9FCDBB39EF&form=CONMHP&conlogo=CT3335799 FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Prof iles\8vobr0ub.default\Extensions\sp@avast.com.xpi [2020-10-09] FF Extension: (MetaMask) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Prof iles\8vobr0ub.default\Extensions\webextension@meta mask.io.xpi [2020-10-09] FF Extension: (Avast Online Security) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Prof iles\8vobr0ub.default\Extensions\wrc@avast.com.xpi [2020-10-09] FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Prof iles\8vobr0ub.default\searchplugins\bing-lavasoft-ff59.xml [2018-11-23] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2018-03-19] [Legacy] [not signed] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3 .dll [2019-04-26] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3 .dll [2019-04-26] (Brave Software, Inc. -> BraveSoftware Inc.) Chrome: ======= CHR DefaultProfile: Profile 2 CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default [2020-12-16] CHR Notifications: Default -> hxxps://fortnitetracker.com; hxxps://www.draftkings.com; hxxps://www.pdfmerge.com CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSourc e=55&CUI=&UM=4&UP=SPE2F0C51B-D102-478C-8837-99A52DA8929A&SSPV= CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/1/#inbox","hxxps://coinmarketcap.com/","hxxps://www.schwab.com/public/schwab/client_home","hxxp://finance.google.com/" CHR Extension: (Slides) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2017-10-14] CHR Extension: (Entanglement Web App) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchp hgkefd [2017-08-26] CHR Extension: (Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-10-14] CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2020-11-14] CHR Extension: (Ledger Manager) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaie fpkgbf [2020-09-03] CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2017-08-26] CHR Extension: (Honey) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbko oimhnj [2020-11-20] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddi lifddb [2020-12-15] CHR Extension: (Swash) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmndjbecilbocjfkibfbifhngk dmjgog [2020-12-15] CHR Extension: (Google Finance) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnneh hocbfp [2017-08-26] CHR Extension: (Sheets) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2017-10-17] CHR Extension: (Lolli: Earn Bitcoin When You Shop) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fleenceagaplaefnklabikkmoc alkcpo [2020-10-18] CHR Extension: (HTTPS Everywhere) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonp mejbdp [2020-11-20] CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2020-11-20] CHR Extension: (UberConference Screen Sharing) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcakmcggjddnhepfcajfcpkdjo ggcnak [2017-08-26] CHR Extension: (Better Bittrex) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdchkkimlockolfnpkanppdldb mefkdn [2018-05-03] CHR Extension: (Hunter: Find email addresses in seconds) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmhmanijnjhaffoampdlllchp olkdnj [2020-09-21] CHR Extension: (Mahjong Words) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmefkohhpkdnaieghlijadogfa pogebe [2017-08-26] CHR Extension: (Ledger Wallet Ethereum) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcg eadkkm [2019-03-20] CHR Extension: (Dropbox) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhaf glcjdl [2018-04-11] CHR Extension: (Google Analytics Debugger) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkmfdileelhofjcijamephohj echhna [2019-07-29] CHR Extension: (Grammarly for Chrome) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobk ghlhen [2020-12-12] CHR Extension: (EasyHome Homestyler) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeek heafkb [2017-08-26] CHR Extension: (SparkChess) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgale anedem [2017-08-26] CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpli ggeeaf [2020-09-03] CHR Extension: (Google Hangouts) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanao iihapd [2020-09-08] CHR Extension: (No Name) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejc ehkggg [2017-10-31] CHR Extension: (MetaMask) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbef gpgknn [2020-12-15] CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2019-10-03] CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2020-11-20] CHR Extension: (Streak CRM for Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnn jojfik [2020-09-08] CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-12-16] CHR Notifications: Profile 2 -> hxxps://live-wire.slack.com; hxxps://mail.protonmail.com; hxxps://usweb2.contivio.com CHR StartupUrls: Profile 2 -> "hxxps://mail.google.com/mail/u/0/#inbox/FMfcgxwCgpWhLVFbBQgghwQkBbPLJRpp?projector=1&messa gePartId=0.1","hxxps://calendar.google.com/calendar/r?tab=mc#main_7","hxxps://502106.app.netsuite.com/app/accounting/transactions/salesord.nl?id=2243864&whence=&cmid=1558565423717_ 12950","hxxps://dashboard.tawk.to/#/chat","hxxps://live-wire.slack.com/messages/DJNCN0HC0/","hxxps://docs.google.com/spreadsheets/d/16zmlHpFTm1TMW2yRzQevRNwvUvQzAy0fbwyIp0FABbs/edit#gid=1387715261","hxxps://tsl.tradeservice.com/" CHR NewTab: Profile 2 -> Not-active:"chrome-extension://mgbgmpedgogkhiabhggmolokofjgcbmi/snippet.html" CHR DefaultSearchURL: Profile 2 -> hxxps://presearch.org/extsearch?term={searchTerms} CHR DefaultSearchKeyword: Profile 2 -> Presearch.org CHR DefaultSuggestURL: Profile 2 -> hxxps://engine-api.presearch.org/autocomplete?query={searchTerms} CHR Extension: (Slides) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-19] CHR Extension: (Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-19] CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23] CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-19] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-15] CHR Extension: (Contivio.com) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cllddeadkmgcppmjgibnnfaimcjjljoo [2018-09-19] CHR Extension: (Sheets) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-19] CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18] CHR Extension: (UberConference Screen Sharing) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hcakmcggjddnhepfcajfcpkdjoggcnak [2018-09-19] CHR Extension: (Presearch) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\inpoelmimmiplkcldmdljiboidfkcfbh [2020-03-21] CHR Extension: (Grammarly for Chrome) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-12-12] CHR Extension: (Snippets by The Hustle) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mgbgmpedgogkhiabhggmolokofjgcbmi [2018-09-19] CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Data Scraper - Easy Web Scraping) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nndknepjnldbdbepjfgmncbggmopgden [2018-11-30] CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-19] CHR Extension: (Streak CRM for Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2020-08-10] CHR Extension: (Checker Plus for Google Drive™) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pppfmbnpgflleackdcojndfgpiboghga [2020-10-29] CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-15] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-10-21] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-26] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-26] (Brave Software, Inc. -> BraveSoftware Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-08-06] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-08-06] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-12-10] (EasyAntiCheat Oy -> Epic Games, Inc) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed] R2 Player Location Check; C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\se rvice.exe [3141608 2020-09-02] (GeoComply USA, Inc. -> GeoComply) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed] R2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [92672 2017-05-08] (PostgreSQL Global Development Group) [File not signed] R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> ) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13103632 2020-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [137376 2020-11-16] (TunnelBear Inc -> TunnelBear) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvr fi.inf_amd64_b02057827c15e7cf\Display.NvContainer\ NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvr fi.inf_amd64_b02057827c15e7cf\Display.NvContainer\ plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.) R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [9860088 2019-07-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2017-09-06] (TunnelBear, Inc. -> The OpenVPN Project) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-03] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-03] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== |
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three months (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2020-12-16 09:15 - 2020-12-16 09:15 - 002286592 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe 2020-12-16 08:25 - 2020-12-16 08:25 - 000318007 _____ C:\Users\Alex\Downloads\Report_from_CENTRAL_BREAKE R_&_CONTROL.xlsx 2020-12-16 08:15 - 2020-12-16 08:15 - 000332394 _____ C:\Users\Alex\Downloads\CBL-EA-0980-000002_R004.pdf 2020-12-16 08:15 - 2020-12-16 08:15 - 000328814 _____ C:\Users\Alex\Downloads\CBL-EA-0980-000003_R003.pdf 2020-12-16 08:15 - 2020-12-16 08:15 - 000327318 _____ C:\Users\Alex\Downloads\CBL-EA-0980-000001_R003.pdf 2020-12-16 08:15 - 2020-12-16 08:15 - 000193495 _____ C:\Users\Alex\Downloads\MR-CBL-EA-7303-000003_R002.pdf 2020-12-16 08:15 - 2020-12-16 08:15 - 000128525 _____ C:\Users\Alex\Downloads\MR-CBL-EA-7303-000001_R002.pdf 2020-12-16 08:06 - 2020-12-16 08:06 - 000344149 _____ C:\Users\Alex\Downloads\2010 PC6000 Section 8 Page 14-16 NEMA Control Non-Reversing Starters Class 14.pdf 2020-12-16 08:00 - 2020-12-16 08:00 - 001338970 _____ C:\Users\Alex\Downloads\Image.jpeg 2020-12-16 08:00 - 2020-12-16 08:00 - 001157609 _____ C:\Users\Alex\Downloads\Image (1).jpeg 2020-12-15 08:31 - 2020-12-15 08:31 - 000318122 _____ C:\Users\Alex\Downloads\Report_from_CENTRAL_BREAKE R_&_CONTROL (1).xlsx 2020-12-14 15:32 - 2020-12-14 15:32 - 000053458 _____ C:\Users\Alex\Downloads\S103276098-0002.pdf 2020-12-14 11:11 - 2020-12-14 11:12 - 000014809 _____ C:\Users\Alex\Downloads\RFQ-PA-73289.xlsx 2020-12-13 00:33 - 2020-12-13 01:14 - 772364433 _____ C:\Users\Alex\Documents\BG2s.mp4 2020-12-12 22:34 - 2020-12-13 00:34 - 004721144 _____ C:\Users\Alex\Documents\BG2s.osp 2020-12-12 22:34 - 2020-12-12 22:34 - 000000000 ____D C:\Users\Alex\Documents\BG2s_assets 2020-12-12 19:06 - 2020-12-12 19:17 - 2438308838 _____ C:\Users\Alex\Documents\BGs.mp4 2020-12-12 18:20 - 2020-12-12 19:07 - 001414457 _____ C:\Users\Alex\Documents\BGs.osp 2020-12-12 18:20 - 2020-12-12 18:20 - 000000000 ____D C:\Users\Alex\Documents\BGs_assets 2020-12-12 13:09 - 2020-12-12 13:09 - 018125190 _____ C:\Users\Alex\Downloads\messari-report-crypto-theses-for-2021.pdf 2020-12-11 17:35 - 2020-12-11 17:35 - 000031736 _____ C:\Users\Alex\Downloads\fuses 121120.xlsx 2020-12-11 15:44 - 2020-12-14 21:56 - 000205416 _____ C:\Users\Alex\Downloads\Sales_RSE_MasterList.xlsx 2020-12-11 15:34 - 2020-12-11 15:44 - 000329125 _____ C:\Users\Alex\Downloads\SalesbyParentCustomerResul ts338.csv 2020-12-11 15:15 - 2020-12-11 15:15 - 000010631 _____ C:\Users\Alex\Downloads\Assign Sub-Customers 2017 - BDI.csv 2020-12-10 19:19 - 2020-12-10 19:19 - 000000000 ____D C:\Users\Alex\Downloads\wordpress-5.6 2020-12-10 19:18 - 2020-12-10 19:18 - 016528923 _____ C:\Users\Alex\Downloads\wordpress-5.6.zip 2020-12-10 15:22 - 2020-12-10 15:22 - 000236509 _____ C:\Users\Alex\Downloads\AssignedAccountsRFMResults 217.csv 2020-12-10 14:31 - 2020-12-10 14:31 - 000073046 _____ C:\Users\Alex\Desktop\LiveWire_Supply_Inventory_12 _09_2020.xlsx 2020-12-10 14:28 - 2020-12-10 14:28 - 000264216 _____ C:\Users\Alex\Downloads\ABI_Inventory_Stock_1000.x lsx 2020-12-10 12:10 - 2020-12-10 12:10 - 000000000 ____D C:\Users\Alex\AppData\Local\GameAnalytics 2020-12-10 12:09 - 2020-12-10 12:09 - 000000000 ____D C:\Users\Alex\AppData\Local\ProjectNimble 2020-12-10 08:27 - 2020-12-10 08:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2020-12-10 08:26 - 2020-12-10 08:26 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2020-12-10 08:26 - 2020-12-10 08:26 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2020-12-10 08:26 - 2020-12-10 08:26 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.Wind owTabManager.dll 2020-12-10 08:26 - 2020-12-10 08:26 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2020-12-10 08:26 - 2020-12-10 08:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2020-12-10 08:26 - 2020-12-10 08:26 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2020-12-10 08:26 - 2020-12-10 08:26 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2020-12-10 08:26 - 2020-12-10 08:26 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2020-12-10 08:26 - 2020-12-10 08:26 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter. exe 2020-12-10 08:25 - 2020-12-10 08:25 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-12-10 08:25 - 2020-12-10 08:25 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-12-10 08:25 - 2020-12-10 08:25 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2020-12-10 08:25 - 2020-12-10 08:25 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2020-12-10 08:25 - 2020-12-10 08:25 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2020-12-10 08:24 - 2020-12-10 08:24 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2020-12-10 08:24 - 2020-12-10 08:24 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.Wind owTabManager.dll 2020-12-10 08:24 - 2020-12-10 08:24 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2020-12-10 08:24 - 2020-12-10 08:24 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2020-12-10 08:24 - 2020-12-10 08:24 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conve rsationalagent.proxystub.dll 2020-12-10 08:24 - 2020-12-10 08:24 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conve rsationalagent.internal.proxystub.dll 2020-12-10 08:24 - 2020-12-10 08:24 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter. exe 2020-12-04 22:07 - 2020-12-04 22:07 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk 2020-12-04 22:07 - 2020-12-04 22:07 - 000001816 _____ C:\ProgramData\Desktop\iTunes.lnk 2020-12-04 22:07 - 2020-12-04 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2020-12-04 22:07 - 2020-12-04 22:07 - 000000000 ____D C:\Program Files\iPod 2020-12-04 22:06 - 2020-12-04 22:07 - 000000000 ____D C:\Program Files\iTunes 2020-12-03 23:05 - 2020-12-03 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2020-12-02 10:43 - 2020-12-02 10:43 - 000074889 _____ C:\Users\Alex\Downloads\LWS_Inventory_12_1_2020.xl sx 2020-12-01 16:32 - 2020-12-01 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (June 2010) 2020-12-01 16:27 - 2020-12-01 16:32 - 000000000 ____D C:\Program Files (x86)\Microsoft DirectX SDK (June 2010) 2020-12-01 14:10 - 2020-12-01 14:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2020-12-01 14:10 - 2020-12-01 14:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2020-12-01 14:10 - 2020-12-01 14:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2020-12-01 14:10 - 2020-12-01 14:10 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2020-11-26 16:08 - 2020-11-26 16:08 - 000000000 ____D C:\ProgramData\obs-studio-hook 2020-11-26 16:07 - 2020-12-12 14:12 - 000000000 ____D C:\Program Files\Streamlabs OBS 2020-11-26 16:07 - 2020-11-26 16:07 - 000001976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk 2020-11-26 16:07 - 2020-11-26 16:07 - 000001964 _____ C:\Users\Public\Desktop\Streamlabs OBS.lnk 2020-11-26 16:07 - 2020-11-26 16:07 - 000001964 _____ C:\ProgramData\Desktop\Streamlabs OBS.lnk 2020-11-25 21:27 - 2020-11-25 21:27 - 000000000 ____D C:\Users\Alex\AppData\Local\Frontier_Developments 2020-11-25 21:18 - 2020-11-25 21:18 - 000001968 _____ C:\Users\Public\Desktop\TunnelBear.lnk 2020-11-25 21:18 - 2020-11-25 21:18 - 000001968 _____ C:\ProgramData\Desktop\TunnelBear.lnk 2020-11-25 21:18 - 2020-11-25 21:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear 2020-11-25 12:37 - 2020-11-25 12:37 - 000000000 _____ C:\Users\Alex\Downloads\ALL_CES_Branch_Emails.txt 2020-11-24 13:45 - 2020-11-24 13:45 - 000154974 _____ C:\Users\Alex\Downloads\PowerPact M-Frame Molded Case Circuit Breakers_MJA36600.pdf 2020-11-24 11:35 - 2020-11-24 11:35 - 000215462 _____ C:\Users\Alex\Downloads\6SL3120-2TE15-0AD0_datasheet_en.pdf 2020-11-24 11:10 - 2020-11-24 11:10 - 000137907 _____ C:\Users\Alex\Downloads\PowerPact P-frame Molded Case Circuit Breakers_PJA36120 (1).pdf 2020-11-24 10:51 - 2020-11-24 10:51 - 000137907 _____ C:\Users\Alex\Downloads\PowerPact P-frame Molded Case Circuit Breakers_PJA36120.pdf 2020-11-24 10:01 - 2020-11-24 10:01 - 000447522 _____ C:\Users\Alex\Downloads\AW TEXAS one-line assembly 2000918.pdf 2020-11-24 10:01 - 2020-11-24 10:01 - 000419542 _____ C:\Users\Alex\Downloads\AW TEXAS one-line machining 20200917.pdf 2020-11-24 10:01 - 2020-11-24 10:01 - 000214609 _____ C:\Users\Alex\Downloads\PDP SCHEDULE 工務物流 20201116_rev1.pdf 2020-11-24 10:01 - 2020-11-24 10:01 - 000191971 _____ C:\Users\Alex\Downloads\Logistics PDP Sizes.pdf 2020-11-23 12:29 - 2020-11-23 12:29 - 000088676 _____ C:\Users\Alex\Downloads\US2_SCE_datasheet_en.pdf 2020-11-23 12:27 - 2020-11-23 12:27 - 000018914 _____ C:\Users\Alex\Downloads\564247 NETWORK MATERIAL.pdf 2020-11-17 15:52 - 2020-11-17 15:52 - 018296603 _____ C:\Users\Alex\Downloads\Quoting Queue.xlsx 2020-11-16 17:32 - 2020-11-16 17:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2020-11-14 13:53 - 2020-11-14 13:53 - 000022832 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_223587020531150.d ll 2020-11-12 07:58 - 2020-11-12 07:58 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll 2020-11-12 07:58 - 2020-11-12 07:58 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe 2020-11-04 11:45 - 2020-12-16 08:42 - 000003330 _____ C:\WINDOWS\system32\Tasks\GeoComply Service Check 2020-10-29 18:21 - 2020-10-29 18:28 - 000000000 ____D C:\ProgramData\BlueStacks 2020-10-29 18:21 - 2020-10-29 18:21 - 000000000 ____D C:\Program Files\BlueStacks 2020-10-22 14:55 - 2020-10-22 14:55 - 000082370 _____ C:\Users\Alex\Downloads\ABI_Inventory_Stock_BP (2).xlsx 2020-10-22 13:47 - 2020-10-22 13:47 - 000011587 _____ C:\Users\Alex\Downloads\motion Industries RFQ.xlsx 2020-10-15 13:25 - 2020-10-15 13:25 - 000030202 _____ C:\Users\Alex\Downloads\inventory Oct 13 2020.xlsx 2020-10-15 13:25 - 2020-10-15 13:25 - 000028508 _____ C:\Users\Alex\Downloads\Eaton Control_12Oct2020.xlsx 2020-10-15 09:15 - 2020-10-15 09:15 - 000009091 _____ C:\Users\Alex\Downloads\CES_OutsideSales.csv 2020-10-15 06:42 - 2020-10-15 06:42 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll 2020-10-15 06:41 - 2020-10-15 06:41 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2020-10-15 06:41 - 2020-10-15 06:41 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2020-10-15 06:41 - 2020-10-15 06:41 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2020-10-15 06:41 - 2020-10-15 06:41 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2020-10-15 06:41 - 2020-10-15 06:41 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb 2020-10-15 06:41 - 2020-10-15 06:41 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll 2020-10-15 06:40 - 2020-10-15 06:40 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2020-10-15 06:40 - 2020-10-15 06:40 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll 2020-10-15 06:40 - 2020-10-15 06:40 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2020-10-15 06:40 - 2020-10-15 06:40 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb 2020-10-15 06:40 - 2020-10-15 06:40 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll 2020-10-15 06:40 - 2020-10-15 06:40 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll 2020-10-15 06:39 - 2020-10-15 06:39 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2020-10-15 06:39 - 2020-10-15 06:39 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll 2020-10-15 06:39 - 2020-10-15 06:39 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll 2020-10-13 22:20 - 2020-10-14 22:01 - 000013514 _____ C:\ProgramData\DisplaySessionContainer22.log_backu p1 2020-10-13 07:13 - 2020-10-13 07:14 - 000016093 _____ C:\Users\Alex\Downloads\RFQ-PA-64754.xlsx 2020-10-12 22:28 - 2020-10-13 22:20 - 000013940 _____ C:\ProgramData\DisplaySessionContainer21.log_backu p1 2020-10-12 07:11 - 2020-10-12 07:11 - 000029584 _____ C:\Users\Alex\Downloads\inventory list Oct 6 2020 (1).xlsx 2020-10-12 06:54 - 2020-10-12 06:55 - 000014750 _____ C:\Users\Alex\Downloads\RFQ-PA-64581.xlsx 2020-10-11 21:42 - 2020-10-12 22:27 - 000013406 _____ C:\ProgramData\DisplaySessionContainer20.log_backu p1 2020-10-10 22:22 - 2020-10-11 21:39 - 000013886 _____ C:\ProgramData\DisplaySessionContainer19.log_backu p1 2020-10-09 21:32 - 2020-10-10 22:22 - 000013839 _____ C:\ProgramData\DisplaySessionContainer18.log_backu p1 2020-10-08 22:37 - 2020-11-06 23:40 - 000013940 _____ C:\ProgramData\DisplaySessionContainer17.log_backu p1 2020-10-07 21:27 - 2020-11-05 23:32 - 000011643 _____ C:\ProgramData\DisplaySessionContainer16.log_backu p1 2020-10-06 22:06 - 2020-10-07 21:27 - 000002682 _____ C:\ProgramData\DisplaySessionContainer15.log_backu p1 2020-10-06 09:46 - 2020-10-06 09:46 - 000029584 _____ C:\Users\Alex\Downloads\inventory list Oct 6 2020.xlsx 2020-10-06 09:32 - 2020-10-06 09:32 - 000016836 _____ C:\Users\Alex\Downloads\Siemens Switches_05Oct2020.xlsx 2020-10-06 09:32 - 2020-10-06 09:32 - 000014431 _____ C:\Users\Alex\Downloads\SQD Safety Switches_05Oct2020.xlsx 2020-10-05 15:48 - 2020-10-05 15:53 - 000000000 ____D C:\Program Files\Monero GUI Wallet 2020-10-05 15:48 - 2020-10-05 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monero GUI Wallet 2020-10-02 14:59 - 2020-10-02 15:00 - 000015097 _____ C:\Users\Alex\Downloads\LWS_Stock_10_2_2020.xlsx 2020-10-02 13:26 - 2020-10-02 13:26 - 000047888 _____ C:\Users\Alex\Downloads\Connecticut Electric - LiveWire Pricing 9-1-2020.xlsx 2020-10-02 13:23 - 2020-10-02 13:23 - 000050426 _____ C:\Users\Alex\Downloads\Connecticut Electric Pricing 08.15.2019.xlsx 2020-10-01 12:12 - 2020-10-01 12:12 - 000014473 _____ C:\Users\Alex\Downloads\SQD Safety Switches_28Sep2020.xlsx 2020-10-01 10:35 - 2020-10-01 13:27 - 000015283 _____ C:\Users\Alex\Downloads\Crouse_Hinds_10_1_2020.xls x 2020-10-01 10:34 - 2020-10-01 10:34 - 000098012 _____ C:\Users\Alex\Downloads\Stock_Items_10_1_2020.xlsx 2020-10-01 08:37 - 2020-10-01 08:37 - 000029924 _____ C:\Users\Alex\Downloads\inventory Sept 28 (1).xlsx 2020-10-01 08:37 - 2020-10-01 08:37 - 000016837 _____ C:\Users\Alex\Downloads\Siemens Switches_28Sep2020.xlsx 2020-10-01 06:35 - 2020-12-11 07:18 - 000000000 ___RD C:\Users\Alex\iCloudDrive 2020-10-01 06:35 - 2020-10-01 06:35 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\iCloud 2020-10-01 06:35 - 2020-10-01 06:35 - 000000000 ____D C:\Users\Alex\AppData\Local\Apple Inc 2020-09-30 20:18 - 2020-09-30 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2020-09-29 10:32 - 2020-09-29 10:32 - 000082370 _____ C:\Users\Alex\Downloads\ABI_Inventory_Stock_BP.xls x 2020-09-29 09:01 - 2020-09-29 09:01 - 000014286 _____ C:\Users\Alex\Downloads\TELE1.xlsx 2020-09-29 08:32 - 2020-09-29 08:32 - 000018471 _____ C:\Users\Alex\Downloads\GE Control_28Sep2020.xlsx 2020-09-29 08:32 - 2020-09-29 08:32 - 000012541 _____ C:\Users\Alex\Downloads\cr lightin2_28Sep2020.xlsx 2020-09-29 07:44 - 2020-09-29 07:44 - 000028672 _____ C:\Users\Alex\Downloads\ALLEN BRADLEY LIVEWIRE SEPT. 29. 2020.xls 2020-09-28 13:01 - 2020-09-28 13:01 - 000029924 _____ C:\Users\Alex\Downloads\inventory Sept 28.xlsx 2020-09-25 17:11 - 2020-09-25 17:16 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Delta 2020-09-25 17:11 - 2020-09-25 17:11 - 000002564 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Delta.lnk 2020-09-24 17:55 - 2020-12-13 12:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-09-24 17:55 - 2020-09-24 17:55 - 000001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk 2020-09-24 12:12 - 2020-09-24 12:12 - 000032156 _____ C:\Users\Alex\Downloads\inventory Sept 22 2020.xlsx 2020-09-20 07:52 - 2020-09-20 07:52 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2020-09-19 23:34 - 2020-09-19 23:39 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2020-09-19 23:33 - 2020-09-19 23:34 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2020-09-19 23:33 - 2020-09-19 23:33 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2020-09-19 23:30 - 2020-09-19 23:30 - 000000000 ____D C:\ProgramData\ssh 2020-09-19 23:27 - 2020-09-19 23:27 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2020-09-19 23:27 - 2020-09-19 23:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2020-09-19 23:27 - 2020-09-19 23:27 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax 2020-09-19 23:26 - 2020-09-19 23:26 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll 2020-09-19 23:26 - 2020-09-19 23:26 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2020-09-19 23:26 - 2020-09-19 23:26 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll 2020-09-19 23:26 - 2020-09-19 23:26 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll 2020-09-19 23:26 - 2020-09-19 23:26 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll 2020-09-19 23:26 - 2020-09-19 23:26 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2020-09-19 23:26 - 2020-09-19 23:26 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2020-09-19 23:26 - 2020-09-19 23:26 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax 2020-09-19 23:26 - 2020-09-19 23:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl 2020-09-19 23:26 - 2020-09-19 23:26 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2020-09-19 23:26 - 2020-09-19 23:26 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2020-09-19 23:26 - 2020-09-19 23:26 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2020-09-19 23:26 - 2020-09-19 23:26 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll 2020-09-19 23:25 - 2020-09-19 23:25 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll 2020-09-19 23:25 - 2020-09-19 23:25 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll 2020-09-19 23:25 - 2020-09-19 23:25 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll 2020-09-19 23:25 - 2020-09-19 23:25 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll 2020-09-19 23:25 - 2020-09-19 23:25 - 000306176 _____ C:\WINDOWS\system32\HeatCore.dll 2020-09-19 23:25 - 2020-09-19 23:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl 2020-09-19 23:25 - 2020-09-19 23:25 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2020-09-19 23:25 - 2020-09-19 23:25 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll 2020-09-19 23:25 - 2020-09-19 23:25 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv 2020-09-19 23:24 - 2020-09-19 23:24 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin 2020-09-19 23:24 - 2020-09-19 23:24 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv 2020-09-19 23:14 - 2020-09-19 23:14 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml 2020-09-19 23:14 - 2020-09-19 23:14 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml 2020-09-19 23:13 - 2020-09-19 23:13 - 000000020 ___SH C:\Users\Alex\ntuser.ini 2020-09-19 23:12 - 2020-12-16 09:31 - 000004162 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronizatio n-{587D1CF3-45CA-4583-9EFC-16FBA13D3003} 2020-09-19 23:12 - 2020-12-13 12:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-09-19 23:12 - 2020-12-03 19:02 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A 2020-09-19 23:12 - 2020-12-03 19:02 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore 2020-09-19 23:12 - 2020-11-28 11:24 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineUA 2020-09-19 23:12 - 2020-11-28 11:24 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineCore 2020-09-19 23:12 - 2020-11-02 13:18 - 000003996 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachine UA 2020-09-19 23:12 - 2020-11-02 13:18 - 000003764 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachine Core 2020-09-19 23:12 - 2020-10-29 18:32 - 000003944 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper 2020-09-19 23:12 - 2020-10-29 06:45 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1271123810-21777831-3259583340-1001 2020-09-19 23:12 - 2020-09-19 23:12 - 000003364 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskM achineUA 2020-09-19 23:12 - 2020-09-19 23:12 - 000003140 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskM achineCore 2020-09-19 23:12 - 2020-09-19 23:12 - 000002676 _____ C:\WINDOWS\system32\Tasks\GeoComply Update Task 2020-09-19 23:12 - 2020-09-19 23:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2020-09-19 23:12 - 2020-09-19 23:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple 2020-09-19 23:11 - 2020-09-19 23:12 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2020-09-19 23:11 - 2020-09-19 23:12 - 000007623 _____ C:\WINDOWS\diagerr.xml 2020-09-19 23:09 - 2020-12-10 22:37 - 000000000 ___SD C:\WINDOWS\system32\lxss 2020-09-19 23:09 - 2020-09-19 23:30 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss 2020-09-19 23:09 - 2020-09-19 23:09 - 000000000 ____D C:\Program Files\Reference Assemblies 2020-09-19 23:09 - 2020-09-19 23:09 - 000000000 ____D C:\Program Files\MSBuild 2020-09-19 23:09 - 2020-09-19 23:09 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2020-09-19 23:09 - 2020-09-19 23:09 - 000000000 ____D C:\Program Files (x86)\MSBuild 2020-09-19 22:58 - 2020-12-11 07:19 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-09-19 22:45 - 2020-11-15 00:11 - 000000000 ____D C:\Users\Alex 2020-09-19 22:45 - 2020-10-29 06:44 - 000002360 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\OneDrive.lnk 2020-09-19 22:40 - 2020-12-15 19:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-09-19 22:40 - 2020-12-13 12:32 - 000008192 ___SH C:\DumpStack.log.tmp 2020-09-19 22:40 - 2020-12-10 22:41 - 000436232 _____ C:\WINDOWS\system32\FNTCACHE.DAT ==================== Three months (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-12-16 09:37 - 2019-03-29 09:07 - 000031779 _____ C:\Users\Alex\Downloads\FRST.txt 2020-12-16 09:37 - 2019-03-29 09:07 - 000000000 ____D C:\FRST 2020-12-16 09:30 - 2019-03-29 09:09 - 000070331 _____ C:\Users\Alex\Downloads\Addition.txt 2020-12-16 09:13 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-16 07:51 - 2017-12-13 20:12 - 000000000 ____D C:\Users\Alex\AppData\Local\Packages 2020-12-15 22:31 - 2020-04-13 22:07 - 000013582 _____ C:\ProgramData\DisplaySessionContainer2.log_backup 1 2020-12-15 18:22 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-15 18:22 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-12-14 21:59 - 2020-04-19 22:53 - 000011765 _____ C:\ProgramData\DisplaySessionContainer3.log_backup 1 2020-12-14 09:21 - 2018-05-19 14:54 - 000000000 ____D C:\Users\Alex\AppData\Local\D3DSCache 2020-12-13 22:45 - 2020-04-12 12:21 - 000011623 _____ C:\ProgramData\DisplaySessionContainer1.log_backup 1 2020-12-13 14:18 - 2020-04-05 20:42 - 000000000 ____D C:\Users\Alex\AppData\Roaming\discord 2020-12-13 12:31 - 2020-04-12 12:21 - 000060008 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_back up1 2020-12-13 12:31 - 2020-04-12 12:21 - 000020336 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_ backup1 2020-12-13 12:31 - 2019-12-07 01:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2020-12-13 12:30 - 2019-02-23 17:35 - 000000000 ____D C:\Users\Alex\AppData\Roaming\slobs-client 2020-12-13 01:16 - 2020-07-25 13:10 - 000000000 ____D C:\Users\Alex\.openshot_qt 2020-12-13 01:06 - 2019-10-06 14:48 - 000000000 ____D C:\Users\Alex\Documents\CRYPTO MAIN 2020-12-13 00:02 - 2019-06-17 20:59 - 000000000 ____D C:\CoinPoker 2020-12-12 14:13 - 2019-02-23 17:35 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Streamlabs OBS 2020-12-12 13:08 - 2018-02-19 12:44 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Telegram Desktop 2020-12-12 09:43 - 2020-02-27 09:11 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-12-12 09:43 - 2020-02-27 09:11 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2020-12-12 09:43 - 2020-02-27 09:11 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2020-12-11 07:27 - 2019-12-07 01:13 - 000000000 ____D C:\WINDOWS\INF 2020-12-11 07:12 - 2020-04-12 12:21 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1 2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SystemResources 2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Windows Defender 2020-12-10 22:37 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2020-12-10 22:36 - 2020-04-20 21:31 - 000011379 _____ C:\ProgramData\DisplaySessionContainer4.log_backup 1 2020-12-10 17:44 - 2019-04-26 22:42 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2020-12-10 15:00 - 2019-01-11 14:12 - 000000000 ___RD C:\Users\Alex\Desktop\LWS MASTER 2020-12-10 13:37 - 2017-10-03 20:10 - 000000000 ____D C:\Program Files (x86)\Steam 2020-12-10 12:09 - 2018-05-01 17:26 - 000000000 ____D C:\Users\Alex\AppData\Roaming\EasyAntiCheat 2020-12-10 08:33 - 2019-12-07 01:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-12-08 18:45 - 2020-04-05 20:42 - 000002222 _____ C:\Users\Alex\Desktop\Discord.lnk 2020-12-08 18:45 - 2020-04-05 20:42 - 000000000 ____D C:\Users\Alex\AppData\Local\Discord 2020-12-06 23:27 - 2020-04-26 22:25 - 000016739 _____ C:\ProgramData\DisplaySessionContainer5.log_backup 1 2020-12-06 00:25 - 2018-07-10 22:07 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Ledger Live 2020-12-05 17:37 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-12-05 17:34 - 2020-03-28 16:00 - 000000000 ____D C:\Program Files (x86)\TunnelBear 2020-12-04 19:45 - 2018-12-27 13:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-12-03 23:06 - 2019-08-06 12:50 - 000000000 ____D C:\Program Files (x86)\Dropbox 2020-12-03 20:32 - 2018-05-19 14:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-12-03 07:53 - 2017-08-26 10:27 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-12-03 07:53 - 2017-08-26 10:27 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-12-03 07:53 - 2017-08-26 10:27 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-12-01 16:55 - 2020-05-28 22:17 - 000014247 _____ C:\ProgramData\DisplaySessionContainer7.log_backup 1 2020-11-30 12:48 - 2018-02-25 15:09 - 000000000 ____D C:\Program Files\Epic Games 2020-11-29 12:24 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-11-29 12:24 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-11-27 12:13 - 2017-07-13 03:39 - 000000000 ____D C:\WINDOWS\system32\MRT 2020-11-27 12:08 - 2017-07-13 03:39 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-11-26 19:03 - 2017-10-03 20:21 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Steam 2020-11-26 17:38 - 2018-07-21 15:58 - 000000000 ____D C:\Users\Alex\AppData\Local\ElevatedDiagnostics 2020-11-26 17:16 - 2017-07-13 01:09 - 000000000 ____D C:\ProgramData\Package Cache 2020-11-25 22:13 - 2017-09-12 20:36 - 000000000 ____D C:\Users\Alex\AppData\LocalLow\Mozilla 2020-11-25 22:00 - 2020-01-17 18:53 - 000000000 ____D C:\ProgramData\Mozilla 2020-11-25 21:04 - 2020-03-04 14:13 - 000001888 _____ C:\Users\Public\Desktop\Ledger Live.lnk 2020-11-25 21:04 - 2020-03-04 14:13 - 000001888 _____ C:\ProgramData\Desktop\Ledger Live.lnk 2020-11-25 21:04 - 2020-03-04 14:12 - 000000000 ____D C:\Program Files\Ledger Live 2020-11-22 20:28 - 2020-05-29 23:49 - 000016433 _____ C:\ProgramData\DisplaySessionContainer9.log_backup 1 2020-11-22 00:20 - 2020-05-29 21:58 - 000013874 _____ C:\ProgramData\DisplaySessionContainer8.log_backup 1 2020-11-21 14:09 - 2020-04-25 11:22 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Neuron ==================== Files in the root of some directories ======== 2017-11-18 15:34 - 2018-07-19 21:19 - 000409600 _____ () C:\Users\Alex\wallet.dat ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== |
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Alex (16-12-2020 09:40:07) Running from C:\Users\Alex\Downloads Windows 10 Home Version 20H2 19042.685 (X64) (2020-09-20 07:13:42) Boot Mode: Normal ================================================== ======== ==================== Accounts: ============================= Administrator (S-1-5-21-1271123810-21777831-3259583340-500 - Administrator - Disabled) Alex (S-1-5-21-1271123810-21777831-3259583340-1001 - Administrator - Enabled) => C:\Users\Alex DefaultAccount (S-1-5-21-1271123810-21777831-3259583340-503 - Limited - Disabled) Guest (S-1-5-21-1271123810-21777831-3259583340-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1271123810-21777831-3259583340-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (HKLM\...\{345F3F90-0505-4EDF-B7A9-5E3AC1AC6CE4}) (Version: 15.2.1 - Hewlett-Packard) Hidden 888poker (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\888poker) (Version: 1.1.2.29 - 888) Advanced CoinPoker Converter (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\AdvancedCoinPokerConverter) (Version: 1.0.7 - AdvancedPokerTools) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Betcoin Poker (HKLM-x32\...\DEAECD1E-0CEF-494d-A7DE-20EC7A6E3F61) (Version: 16.6 - IGSoft) Bitcoin Core (64-bit) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Bitcoin Core (64-bit)) (Version: 0.18.1 - Bitcoin Core project) BitShares 2.0.180201 (only current user) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\55efd047-5d18-54f5-be19-affeff8cc8e9) (Version: 2.0.180201 - Sigve Kvalsvik) BLOCK DX 1.5.0 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\c2c3b094-387a-5023-b209-68eb93a40a65) (Version: 1.5.0 - Blocknet) Blocknet (64-bit) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Blocknet (64-bit)) (Version: 4.3.0 - Blocknet project) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.240.20.1016 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BovadaPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1) (Version: - ) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 87.1.18.70 - Brave Software Inc) Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment) CoinPoker (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\{f5ec768e-f906-4bb7-9635-8c3afaee45b8}) (Version: 5.19 - TGLab) Contivio.com Client (HKLM-x32\...\{F574E44C-F5A1-43EA-A561-036C5807D1AD}) (Version: 9.0.7 - Contivio.com) Hidden Contivio.com Client (HKLM-x32\...\Contivio.com Client 9.0.7) (Version: 9.0.7 - Contivio.com) Delta 1.1.0 (only current user) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\0161ecdc-2041-5655-9e4e-ee442fb322e0) (Version: 1.1.0 - Opus Labs NV) Discord (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 111.4.472 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden Epic Games Launcher (HKLM-x32\...\{8FEB5B5F-0777-4E9D-8705-06F0A2295544}) (Version: 1.1.143.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Fantom Wallet 0.1.0 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\{bad6bc13-08bf-5f4c-8b10-bfd02adcfa07}) (Version: 0.1.0 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden Holdem Indicator 2.9.4.0 (HKLM-x32\...\Holdem Indicator_is1) (Version: - hxxp://www.HoldemIndicator.com) HoldEq (HKLM-x32\...\{0E4042D8-2BD9-4057-9E4C-61F34FAEA09A}) (Version: 1.1.8 - HoldEq) iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.) Ignition Casino (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E4}}_is1) (Version: - ) Ignition Hand Converter (HKLM-x32\...\{1843AD45-F895-4E7B-BC65-CD1F76B48HDC}_is1) (Version: 1.0.56 - Ace Poker Solutions LLC) Intel® PROSet/Wireless Software (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation) ioPay 0.10.0 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\c06c9f96-f33f-5f65-9f80-587268fdd5a1) (Version: 0.10.0 - Tian Pan) iTunes (HKLM\...\{79951B67-3DC8-45DF-A516-86F89DA95924}) (Version: 12.11.0.26 - Apple Inc.) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Ledger Live 2.17.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.17.1 - Ledger Live Team) Ledger Wallet Ripple version 1.0.2 (HKLM-x32\...\{2A226916-F20B-403D-B564-F2CF5CF8CEF8}_is1) (Version: 1.0.2 - Ledger) Lisk 1.23.0 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\{740f3d4d-ee73-520e-b32f-b5769d167b57}) (Version: 1.23.0 - Lisk Foundation) Lisk 1.26.0 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\740f3d4d-ee73-520e-b32f-b5769d167b57) (Version: 1.26.0 - Lisk Foundation) Lisk Nano 1.0.2 (only current user) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\5cb54643-a0c0-58ee-97a6-2ab7b13c24f7) (Version: 1.0.2 - Lisk Foundation) Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) Microsoft 365 Apps for business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.13426.20308 - Microsoft Corporation) Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - ) Microsoft OneDrive (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation) Monero GUI Wallet version 0.17.0.1 (HKLM\...\Monero GUI Wallet_is1) (Version: 0.17.0.1 - The Monero Developer Community) Mozilla Firefox 81.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 81.0.1 (x64 en-US)) (Version: 81.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) NAOS7000 Software (HKLM-x32\...\{862235D3-2A93-44F6-AADB-4E6786D88D76}) (Version: 1.24 - Mionix) Hidden NAOS7000 Software (HKLM-x32\...\InstallShield_{862235D3-2A93-44F6-AADB-4E6786D88D76}) (Version: 1.24 - Mionix) Neon 2.5.0 (only current user) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\211a501f-25dd-501b-8c98-509ac17aedfa) (Version: 2.5.0 - Ethan Fast) Neuron 0.30.0 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\9a00e654-dc37-551e-9f56-0f92319ca38a) (Version: 0.30.0 - Nervos Core Dev) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.6.1 - Notepad++ Team) NVIDIA Graphics Driver 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.87 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20308 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden OpenShot Video Editor version 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC) Player Location Check (HKLM-x32\...\{F0753064-8D66-41A7-9F23-7691290387BF}) (Version: 3.1.1.3 - GeoComply) PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - ) PostgreSQL 9.3 (HKLM\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.12.1007.2016 - Realtek) REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0269 - REALTEK Semiconductor Corp.) Smartcash (64-bit) (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\Smartcash (64-bit)) (Version: 1.0.2 - Smartcash project) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.25.0 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.25.0 - General Workings, Inc.) Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 - Microsoft Corporation) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.10.5 - TeamViewer) Telegram Desktop version 2.4.7 (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.4.7 - Telegram FZ-LLC) TunnelBear (HKLM-x32\...\{739CBE42-4A99-4F36-B8B8-A2A9FB3BC5C0}) (Version: 4.3.5.0 - TunnelBear) Hidden TunnelBear (HKLM-x32\...\{9a9bdf69-e9b6-42bc-9346-0d4ce38254d8}) (Version: 4.3.5.0 - TunnelBear) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) UpdateAssistant (HKLM-x32\...\{61B90E2F-2DD9-4581-8856-C2441B61571A}) (Version: 1.7.0.0 - Microsoft Corporation) Hidden Virtue Poker (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\virtue-poker-client) (Version: 4.1.0 - Virtue Poker) VSDC Free Video Editor version 6.4.7.155 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.4.7.155 - Flash-Integro LLC) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22225 - Microsoft Corporation) Zoom (HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) Packages: ========= Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.6 .10.0_x86__h6adky7gbf63m [2020-12-15] (Gameloft SE) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1. 193.0_x64__v10z8vjag6ke6 [2020-11-03] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-21] (Microsoft Studios) [MS Ad] MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714. 0_x64__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8. 1.959.0_x64__56jybvy8sckqj [2020-11-29] (NVIDIA Corp.) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_ 1.0.0.0_x64__8wekyb3d8bbwe [2019-11-19] (Microsoft Corporation) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neut ral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.) Ubuntu 18.04 LTS -> C:\Program Files\WindowsApps\CanonicalGroupLimited.Ubuntu18.0 4onWindows_1804.2020.824.0_x64__79rhkp1fndgsc [2020-09-08] (Canonical Group Limited) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1271123810-21777831-3259583340-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Alex\Dropbox [2019-08-06 13:31] ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-12-11] (Notepad++ -> ) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.) ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Utilities\bin\x64\TxView.dll [2010-06-02] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvr fi.inf_amd64_b02057827c15e7cf\nvshext.dll [2020-04-11] (NVIDIA Corporation -> NVIDIA Corporation) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed] HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed] HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed] HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed] HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed] HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed] HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed] HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Chrome Apps\Ledger Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Chrome Apps\Ledger Wallet Bitcoin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Chrome Apps\Ledger Wallet Ethereum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave .lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a764a76cc0779a77\Data Scraper - Easy Web Scraping.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=nndknepjnldbdbepjfgmncbggmopgden ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a3a1d6b8109861c5\Googl e Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nckgahadagoaajjgafhacjanaoiihapd ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\ahuyn h@livewiresupply.com - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Micro soft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1" ==================== Loaded Modules (Whitelisted) ============= 2016-06-23 12:17 - 2019-08-05 03:57 - 001392128 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Contivio.com\Contivio.com Client\pjsipDll.dll 2020-11-16 16:36 - 2020-11-16 16:36 - 000030720 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.Wrapper.dl l 2019-08-16 09:21 - 2018-08-22 01:15 - 000536576 _____ () [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\irrKlang.dll 2017-08-26 13:32 - 2017-05-08 20:59 - 000178688 _____ () [File not signed] C:\Program Files\PostgreSQL\9.3\bin\LIBPQ.dll 2017-08-26 13:32 - 2016-08-02 02:40 - 002257408 _____ () [File not signed] C:\Program Files\PostgreSQL\9.3\bin\libxml2.dll 2017-08-26 13:32 - 2011-01-10 07:16 - 000240862 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\libintl-8.dll 2015-08-25 14:54 - 2015-08-25 04:54 - 000294912 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\libguide40.dll 2015-08-25 14:54 - 2015-08-25 04:54 - 000094208 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ippcore-5.3.dll 2015-08-25 14:54 - 2015-08-25 04:54 - 000233472 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ipps-5.3.dll 2015-08-25 14:54 - 2015-08-25 04:54 - 000114688 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ippsc-5.3.dll 2015-08-25 14:54 - 2015-08-25 04:54 - 002093056 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ippscp8-5.3.dll 2015-08-25 14:54 - 2015-08-25 04:54 - 000139264 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ippsr-5.3.dll 2015-08-25 14:54 - 2015-08-25 04:54 - 002482176 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ippsrp8-5.3.dll 2015-08-25 14:54 - 2015-08-25 04:54 - 003174400 _____ (Intel Corporation.) [File not signed] C:\Program Files (x86)\Contivio.com\Contivio.com Client\ippsv8-5.3.dll 2018-12-27 13:32 - 2018-12-27 13:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Client\AppVIsvSubsystems32.dll 2020-04-19 10:48 - 2020-04-19 10:48 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll 2020-04-19 10:48 - 2020-04-19 10:48 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll 2017-08-26 13:32 - 2017-01-30 22:35 - 001662976 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\LIBEAY32.dll 2017-08-26 13:32 - 2017-01-30 22:35 - 000353280 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\SSLEAY32.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\AppData:CSM [472] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470] ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKU\S-1-5-21-1271123810-21777831-3259583340-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP SearchScopes: HKU\S-1-5-21-1271123810-21777831-3259583340-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D112418-N0700A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={ searchTerms} SearchScopes: HKU\S-1-5-21-1271123810-21777831-3259583340-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D112418-N0700A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={ searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-14] (Microsoft Corporation -> Microsoft Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech Inc -> Logitech, Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-09-14] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech Inc -> Logitech, Inc.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\localhost -> localhost ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 03:04 - 2020-12-06 00:25 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts |
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.) HKU\S-1-5-21-1271123810-21777831-3259583340-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\Pictures\BGs\u4vndrp09es41.jpg DNS Servers: 192.168.86.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "EvtMgr6" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "electron.app.Honey Miner" HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8A9A309EEDEE8A1FE73391295B B8D638" HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-1271123810-21777831-3259583340-1001\...\StartupApproved\Run: => "iCloudPhotos" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{53EB0334-7395-43A4-AD20-7FA22F384A17}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed] FirewallRules: [UDP Query User{5BA6C4B3-AD34-4F2F-9205-692D3B06BB3C}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe => No File FirewallRules: [TCP Query User{3E0926B5-0602-437B-B20F-8160390FFC43}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe => No File FirewallRules: [{70F08AAD-2737-4D8D-A09B-AA7EE5CFC1A9}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC) FirewallRules: [{56C08184-FDA7-4064-AC58-C207A1EF2829}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC) FirewallRules: [{234A882F-BEAB-425D-9F21-2423C591BFDD}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC) FirewallRules: [{4AD94BA7-8A97-40B0-9B9E-F0B9E828D92E}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC) FirewallRules: [{6E94CC4A-3431-4786-B463-3366399CFD78}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC) FirewallRules: [{A60E2960-11FF-498E-BA10-A9A95C89F632}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC) FirewallRules: [{1CC3279C-E626-4F12-8290-FA39B037570E}] => (Allow) C:\Program Files\AdvancedPokerTools\AdvancedCoinPokerConverte r\AdvancedCoinPokerConverter.exe (AdvancedPokerTools) [File not signed] FirewallRules: [{F6C524B5-980D-463B-9155-8C9CD2F509A7}] => (Allow) C:\Program Files\AdvancedPokerTools\AdvancedCoinPokerConverte r\AdvancedCoinPokerConverter.exe (AdvancedPokerTools) [File not signed] FirewallRules: [UDP Query User{459895EE-E0DE-4AA8-A40E-E304B876C775}C:\users\alex\appdata\local\programs\ neuron\bin\ckb.exe] => (Allow) C:\users\alex\appdata\local\programs\neuron\bin\ck b.exe () [File not signed] FirewallRules: [TCP Query User{6BE2F528-2013-4709-8292-0E10CBE39604}C:\users\alex\appdata\local\programs\ neuron\bin\ckb.exe] => (Allow) C:\users\alex\appdata\local\programs\neuron\bin\ck b.exe () [File not signed] FirewallRules: [UDP Query User{AF999974-B36B-433D-92BB-F57A3FE9BAE4}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe => No File FirewallRules: [TCP Query User{EFA8ECA1-650B-42F2-B3D2-3679CCD3F3DE}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe => No File FirewallRules: [UDP Query User{28DFDA4E-48EB-4E28-A0A8-00506B2D3990}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [TCP Query User{BA6046F0-132C-42DE-A22C-B181BDDC5555}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [UDP Query User{24C4E59D-C045-4AEC-ABD4-9952C51D30A5}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe => No File FirewallRules: [TCP Query User{1E360C3F-84FA-4BB9-BB47-D028D3BFBFBA}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe => No File FirewallRules: [{04346FCF-9AA0-420A-BD11-864D9F21F16F}] => (Allow) C:\Users\Alex\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [{FBC6F0B4-1E39-4911-A070-97F8187C2538}] => (Allow) C:\Users\Alex\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{F2215E60-21ED-4C0E-A9DF-EA0DFD87D10C}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monerod.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monerod.exe => No File FirewallRules: [TCP Query User{E2026E43-9F58-4909-A2A4-453E5315778B}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monerod.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monerod.exe => No File FirewallRules: [UDP Query User{88583391-BC92-4CFE-BC2E-9E93A2B91FF5}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe => No File FirewallRules: [TCP Query User{9BC769E1-174C-49E1-93DA-2473D75BC307}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe => No File FirewallRules: [UDP Query User{FF030DCA-9CE7-496A-9619-F2157B3DCAF6}C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe] => (Allow) C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe => No File FirewallRules: [TCP Query User{069F1510-4750-4164-A443-E587A57A2113}C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe] => (Allow) C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monerod.exe => No File FirewallRules: [UDP Query User{BB3A5F40-F6D0-4872-8817-FB21CE187EB9}C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe] => (Allow) C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe => No File FirewallRules: [TCP Query User{3A8E1886-2746-4302-82FB-F188BC7E674F}C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe] => (Allow) C:\users\alex\downloads\monero-gui-win-x64-v0.15.0.4\monero-gui-win-x64-v0.15.0.4\monero-wallet-gui.exe => No File FirewallRules: [{6ACCA82E-33F1-435A-9FE0-64EF403290DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed] FirewallRules: [{287E2731-0394-4EB7-8DA6-518DA38F76DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed] FirewallRules: [UDP Query User{7B39B1C7-388C-4D11-8857-4A459AC72709}C:\users\alex\appdata\local\temp\temp 1_condensation-qt.zip\condensation-qt.exe] => (Allow) C:\users\alex\appdata\local\temp\temp1_condensatio n-qt.zip\condensation-qt.exe => No File FirewallRules: [TCP Query User{D37297DF-217B-49AC-8B73-8781084DBC4F}C:\users\alex\appdata\local\temp\temp 1_condensation-qt.zip\condensation-qt.exe] => (Allow) C:\users\alex\appdata\local\temp\temp1_condensatio n-qt.zip\condensation-qt.exe => No File FirewallRules: [UDP Query User{789DDA5B-D09E-4B17-94C7-58CAE82C6F3F}C:\program files\epic games\magicthegathering\mtga.exe] => (Allow) C:\program files\epic games\magicthegathering\mtga.exe => No File FirewallRules: [TCP Query User{FA86C6D4-77CC-4A42-8838-4444D8F29F91}C:\program files\epic games\magicthegathering\mtga.exe] => (Allow) C:\program files\epic games\magicthegathering\mtga.exe => No File FirewallRules: [UDP Query User{0B17C0E0-4ADC-4793-AB5F-B996AD9DAAB6}C:\program files\blocknet\blocknet-qt.exe] => (Allow) C:\program files\blocknet\blocknet-qt.exe () [File not signed] FirewallRules: [TCP Query User{FD59E74A-E95A-46F4-999D-E07E69D50C84}C:\program files\blocknet\blocknet-qt.exe] => (Allow) C:\program files\blocknet\blocknet-qt.exe () [File not signed] FirewallRules: [UDP Query User{3C987534-1977-40CB-B953-6740B34999A6}C:\users\alex\appdata\local\programs\ lisk-hub\lisk.exe] => (Allow) C:\users\alex\appdata\local\programs\lisk-hub\lisk.exe (Lisk Stiftung -> Lisk Foundation) FirewallRules: [TCP Query User{DC5B0E8C-6C6B-4C3A-923E-700112D719DD}C:\users\alex\appdata\local\programs\ lisk-hub\lisk.exe] => (Allow) C:\users\alex\appdata\local\programs\lisk-hub\lisk.exe (Lisk Stiftung -> Lisk Foundation) FirewallRules: [UDP Query User{E525B390-5C93-4BBC-B56A-C8A15C1A42EE}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe => No File FirewallRules: [TCP Query User{6A5664DB-7E83-4494-B2C9-AFA394D2F8BF}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe => No File FirewallRules: [UDP Query User{D29E1B30-9EFE-46F8-BB9D-FF0C50EFF827}C:\program files\blocknetdx\blocknetdx-qt.exe] => (Allow) C:\program files\blocknetdx\blocknetdx-qt.exe () [File not signed] FirewallRules: [TCP Query User{FBAC40FD-D0BE-4E50-89FD-38168B2461FE}C:\program files\blocknetdx\blocknetdx-qt.exe] => (Allow) C:\program files\blocknetdx\blocknetdx-qt.exe () [File not signed] FirewallRules: [UDP Query User{041E60E4-62AA-48AA-B84D-C334044529EE}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortnit eclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortnit eclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{A8617041-4EA4-4654-93A1-E4FCE262E169}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortnit eclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortnit eclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{80E99B22-8FDD-4EA4-8187-E924C1E5837A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{5A1DE321-17C1-4F27-8430-8DDBF7BCC204}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{9E94E2EE-140D-4F09-9439-9B21E248A917}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslaun cher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslaun cher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{C6054851-0E35-41E8-BCF3-FFCEC24532D5}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslaun cher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslaun cher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{89262153-E3B1-4F46-AB62-7B35CF8045E1}C:\users\alex\downloads\xgox-qt-win32-v2221\xgox-qt.exe] => (Allow) C:\users\alex\downloads\xgox-qt-win32-v2221\xgox-qt.exe () [File not signed] FirewallRules: [TCP Query User{41F1FF91-0483-4A84-8FE4-7C22B7F55B38}C:\users\alex\downloads\xgox-qt-win32-v2221\xgox-qt.exe] => (Allow) C:\users\alex\downloads\xgox-qt-win32-v2221\xgox-qt.exe () [File not signed] FirewallRules: [UDP Query User{3BFBDEAC-7A3C-4D21-99EC-C8AE89E392BC}C:\users\alex\downloads\condensation-qt\condensation-qt.exe] => (Allow) C:\users\alex\downloads\condensation-qt\condensation-qt.exe => No File FirewallRules: [TCP Query User{0647DF84-5CD5-4FE6-9FCE-D9F817C81A86}C:\users\alex\downloads\condensation-qt\condensation-qt.exe] => (Allow) C:\users\alex\downloads\condensation-qt\condensation-qt.exe => No File FirewallRules: [UDP Query User{E74992F8-63DA-4AC2-BFCA-EF15CC6B4264}C:\program files\smartcash\smartcash-qt.exe] => (Allow) C:\program files\smartcash\smartcash-qt.exe () [File not signed] FirewallRules: [TCP Query User{13B53DCC-C2BA-4C0B-B9EB-C573D42C0C87}C:\program files\smartcash\smartcash-qt.exe] => (Allow) C:\program files\smartcash\smartcash-qt.exe () [File not signed] FirewallRules: [{528C0B46-C3CE-4F22-9D4E-99CBA8FC5AF3}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> ) FirewallRules: [{C137616B-8582-4B5E-8543-05172A27AC1A}] => (Allow) C:\Program Files (x86)\Holdem Indicator\HoldemIndicator.exe (CKMN Technologies Inc. -> HoldemIndicator.com) FirewallRules: [{83A77C99-F8DD-46BB-9BF3-1168DC9FB77C}] => (Allow) C:\Program Files (x86)\Holdem Indicator\HoldemIndicator.exe (CKMN Technologies Inc. -> HoldemIndicator.com) FirewallRules: [{C950AB6B-4F5F-49F3-BCF7-D46A9DDE5626}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9010BB63-43BD-4EC5-86AF-40522149812A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{59C8862C-64B3-4F3A-8BF7-CBD777A06245}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{7CA5E6BD-44E3-4E75-ADE0-4E473EF33D10}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F3A17F05-3363-4F44-AF6E-E815D8C3ABDB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{138E2F50-BCDA-4601-BF11-EA829CA0E1AE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{A5040280-7C6C-42F4-909C-024886B2877A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{CC2B47CE-BBF8-4967-95B4-87E294D3A23F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{5863F213-B5D0-4497-8311-F9CC2EDA6527}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File FirewallRules: [{08D0C8A5-9F37-42A7-9F47-CD50AF8FAE4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File FirewallRules: [{6390CD07-7F05-4737-A74F-CB7886B67998}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe => No File FirewallRules: [{E1F44368-27EA-40BD-90E7-A3B977515C1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe => No File FirewallRules: [TCP Query User{23935813-26BE-4B78-9012-30D8A123D340}C:\users\alex\downloads\smartcash-qt-0.8.7.9-win-launcher\smartcash-qt.exe] => (Allow) C:\users\alex\downloads\smartcash-qt-0.8.7.9-win-launcher\smartcash-qt.exe => No File FirewallRules: [UDP Query User{039084F3-340C-4247-95EC-0069EC62C9F7}C:\users\alex\downloads\smartcash-qt-0.8.7.9-win-launcher\smartcash-qt.exe] => (Allow) C:\users\alex\downloads\smartcash-qt-0.8.7.9-win-launcher\smartcash-qt.exe => No File FirewallRules: [TCP Query User{F735646B-D218-4B39-ADF7-341A9390E555}C:\users\alex\desktop\smartcash-qt.exe] => (Allow) C:\users\alex\desktop\smartcash-qt.exe => No File FirewallRules: [UDP Query User{3C51AD19-A756-42F1-A4FB-F85B858B9932}C:\users\alex\desktop\smartcash-qt.exe] => (Allow) C:\users\alex\desktop\smartcash-qt.exe => No File FirewallRules: [TCP Query User{BA148897-C077-487B-ABBB-CB3B3D603065}C:\users\alex\appdata\local\temp\temp 1_gotokens-qt-windows.zip\gotokens-qt.exe] => (Allow) C:\users\alex\appdata\local\temp\temp1_gotokens-qt-windows.zip\gotokens-qt.exe => No File FirewallRules: [UDP Query User{CD55C395-DF9A-4510-8688-27F951A09B2C}C:\users\alex\appdata\local\temp\temp 1_gotokens-qt-windows.zip\gotokens-qt.exe] => (Allow) C:\users\alex\appdata\local\temp\temp1_gotokens-qt-windows.zip\gotokens-qt.exe => No File FirewallRules: [TCP Query User{7A45CB72-2427-49B9-9894-2A9AC02324AA}C:\users\alex\downloads\gocoin-qt.exe] => (Allow) C:\users\alex\downloads\gocoin-qt.exe () [File not signed] FirewallRules: [UDP Query User{0917D45B-E572-43C0-95A1-407833CB59C0}C:\users\alex\downloads\gocoin-qt.exe] => (Allow) C:\users\alex\downloads\gocoin-qt.exe () [File not signed] FirewallRules: [TCP Query User{ED69EC16-727B-41BD-89CD-2EF28CDCAC08}C:\users\alex\desktop\gocoin-qt.exe] => (Allow) C:\users\alex\desktop\gocoin-qt.exe => No File FirewallRules: [UDP Query User{C9FE95DB-7DC2-4E1B-9D53-B4F83A1ABC57}C:\users\alex\desktop\gocoin-qt.exe] => (Allow) C:\users\alex\desktop\gocoin-qt.exe => No File FirewallRules: [TCP Query User{9E4818F8-BECE-43B8-B0F9-577BD72EA8C9}C:\users\alex\appdata\roaming\gocoin\ gocoin-qt.exe] => (Allow) C:\users\alex\appdata\roaming\gocoin\gocoin-qt.exe => No File FirewallRules: [UDP Query User{A256EC3F-6D22-47DD-A1B3-B98EAC4D1824}C:\users\alex\appdata\roaming\gocoin\ gocoin-qt.exe] => (Allow) C:\users\alex\appdata\roaming\gocoin\gocoin-qt.exe => No File FirewallRules: [TCP Query User{E37C235A-E212-4A7B-8A1A-4A09EC7AFFA6}C:\users\alex\downloads\xgox-qt-win32-v2100\xgox-qt.exe] => (Allow) C:\users\alex\downloads\xgox-qt-win32-v2100\xgox-qt.exe => No File FirewallRules: [UDP Query User{0187B817-EEF9-4FA4-955D-1F14D477867E}C:\users\alex\downloads\xgox-qt-win32-v2100\xgox-qt.exe] => (Allow) C:\users\alex\downloads\xgox-qt-win32-v2100\xgox-qt.exe => No File FirewallRules: [TCP Query User{96261E15-462E-446A-B638-09CF22B441AB}C:\users\alex\downloads\smartcash-1.0.0-win64\smartcash-1.0.0\bin\smartcash-qt.exe] => (Allow) C:\users\alex\downloads\smartcash-1.0.0-win64\smartcash-1.0.0\bin\smartcash-qt.exe => No File FirewallRules: [UDP Query User{CF4F1250-6A74-4ED9-89D7-6E85782627D4}C:\users\alex\downloads\smartcash-1.0.0-win64\smartcash-1.0.0\bin\smartcash-qt.exe] => (Allow) C:\users\alex\downloads\smartcash-1.0.0-win64\smartcash-1.0.0\bin\smartcash-qt.exe => No File FirewallRules: [TCP Query User{BBD84050-B0B5-453B-A18F-E9DB65B3E583}C:\users\alex\downloads\xgox-qt-win32-v221\xgox-qt.exe] => (Allow) C:\users\alex\downloads\xgox-qt-win32-v221\xgox-qt.exe => No File FirewallRules: [UDP Query User{E066853B-1C1B-4F2E-88F9-D953998C4394}C:\users\alex\downloads\xgox-qt-win32-v221\xgox-qt.exe] => (Allow) C:\users\alex\downloads\xgox-qt-win32-v221\xgox-qt.exe => No File FirewallRules: [TCP Query User{CD2ACD3F-961D-4CD1-B133-1964351606CE}C:\users\alex\desktop\zoin-qt.exe] => (Allow) C:\users\alex\desktop\zoin-qt.exe => No File FirewallRules: [UDP Query User{4DB5A6CD-6041-4145-B05D-B30121C074B3}C:\users\alex\desktop\zoin-qt.exe] => (Allow) C:\users\alex\desktop\zoin-qt.exe => No File FirewallRules: [{84F80992-84B9-42EF-8970-072A289F3117}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{CB9265D5-3446-445A-9AAE-0D84378B5BBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe => No File FirewallRules: [{64C36B8A-628D-44D2-AC78-ACC4C1A25B8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe => No File FirewallRules: [TCP Query User{6A34B79F-43BA-4122-874F-3347F56E07C6}C:\users\alex\desktop\xgox-qt-win32-v2230\xgox-qt.exe] => (Allow) C:\users\alex\desktop\xgox-qt-win32-v2230\xgox-qt.exe => No File FirewallRules: [UDP Query User{93753026-31E6-4501-B487-895E2D642924}C:\users\alex\desktop\xgox-qt-win32-v2230\xgox-qt.exe] => (Allow) C:\users\alex\desktop\xgox-qt-win32-v2230\xgox-qt.exe => No File FirewallRules: [{4E1A2D58-EBC1-4181-A3F6-2AEC4236F2A7}] => (Allow) C:\Program Files (x86)\Holdem Indicator\GG.exe (CKMN Technologies Inc. -> HoldemIndicator.com) FirewallRules: [{0CBA0182-7CE6-41A4-A777-7D30D397060F}] => (Allow) C:\Program Files (x86)\Holdem Indicator\GG.exe (CKMN Technologies Inc. -> HoldemIndicator.com) FirewallRules: [{EBBCFE76-0AD4-4B0A-9B99-B9F147694743}] => (Allow) C:\Program Files (x86)\Holdem Indicator\GG.exe (CKMN Technologies Inc. -> HoldemIndicator.com) FirewallRules: [{05E9CDFF-A16C-4A2D-BA68-B65171D4736B}] => (Allow) C:\Program Files (x86)\Holdem Indicator\GG.exe (CKMN Technologies Inc. -> HoldemIndicator.com) FirewallRules: [TCP Query User{C8E52B7E-080C-425A-9BC0-68F5D3A63ECF}C:\users\alex\desktop\xgox-qt.exe] => (Allow) C:\users\alex\desktop\xgox-qt.exe => No File FirewallRules: [UDP Query User{70550227-C8A1-4868-A477-CFEF1B044EB3}C:\users\alex\desktop\xgox-qt.exe] => (Allow) C:\users\alex\desktop\xgox-qt.exe => No File FirewallRules: [{5B9151FA-3C7A-4CDC-86C4-A6BF8AC59584}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{504EF42E-0D86-41DE-880E-0A3A9B3932BD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{7A6F310B-8E1B-4017-93D4-511EBE81A8AB}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.ex e => No File FirewallRules: [{BD35F9CF-4CFC-49AD-9417-B8EA8543FC42}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.ex e => No File FirewallRules: [TCP Query User{35401969-34CB-4A58-8805-E199EDC851E4}C:\program files (x86)\contivio.com\contivio.com client\contivio.com.exe] => (Allow) C:\program files (x86)\contivio.com\contivio.com client\contivio.com.exe (CONTIVIO.COM CORPORATION -> Contivio.com) FirewallRules: [UDP Query User{F729FA69-BCF6-4A79-9AAA-1AC521CBDD08}C:\program files (x86)\contivio.com\contivio.com client\contivio.com.exe] => (Allow) C:\program files (x86)\contivio.com\contivio.com client\contivio.com.exe (CONTIVIO.COM CORPORATION -> Contivio.com) FirewallRules: [{467F9777-9148-40EE-943F-D57D55BBD30A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{42783452-BAE3-4AB9-9967-BB4110710675}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{39717BE0-F9B2-42DF-A1F3-C645C97A5F0B}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File FirewallRules: [UDP Query User{9174A468-236D-4262-A95F-BE3D66A9594A}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File FirewallRules: [{628616D9-C578-4A1C-9FA6-82F2B96A923C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win64\SteamLauncher.exe => No File FirewallRules: [{9B17197D-BF38-4C09-877E-38B099BC6C00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win64\SteamLauncher.exe => No File FirewallRules: [{C749E087-291F-4300-BEAE-9C3E25D6D7E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win64\BlackSquadGame.exe => No File FirewallRules: [{0A50C519-212B-431F-9F8F-78FF098AC126}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win64\BlackSquadGame.exe => No File FirewallRules: [{A9B609AF-D3C8-4A9F-AF75-A1368997F33F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C38258FC-DED1-4086-BC15-0B85BABFE620}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{12487BB8-63DC-4B81-A3DD-500C80953DBF}C:\users\alex\appdata\local\programs\ lisk-hub\lisk hub.exe] => (Allow) C:\users\alex\appdata\local\programs\lisk-hub\lisk hub.exe => No File FirewallRules: [UDP Query User{27768AE5-7FB8-4834-99AD-B305239B2C0E}C:\users\alex\appdata\local\programs\ lisk-hub\lisk hub.exe] => (Allow) C:\users\alex\appdata\local\programs\lisk-hub\lisk hub.exe => No File FirewallRules: [{705C539B-70EC-48F2-9645-F42418B6B0B5}] => (Allow) C:\Program Files (x86)\RescueTime\RescueTime.exe => No File FirewallRules: [{E313837E-3F3D-4B01-A96A-92E1632A3F7A}] => (Allow) C:\Program Files (x86)\RescueTime\RescueTime.exe => No File FirewallRules: [{DFDDB84F-397D-4FDF-88D3-363587BAA95F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{6B6FCCD4-9D02-4F14-A286-7B314D0BCEFE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{FB0BC1B9-F276-4757-9780-CEEB493AD97E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{FFCFF859-CD84-427F-A674-97A8EDC53017}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [TCP Query User{18FDAA44-CE57-40ED-9B90-BCDC0E31A1BA}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monero-wallet-gui.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monero-wallet-gui.exe () [File not signed] FirewallRules: [UDP Query User{DBB84482-E058-4EC1-A2CD-B1025152BAA1}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monero-wallet-gui.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monero-wallet-gui.exe () [File not signed] FirewallRules: [TCP Query User{6ED16022-83F7-4687-9316-0CB3CA678B36}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monerod.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monerod.exe () [File not signed] FirewallRules: [UDP Query User{DFBBFB2E-638E-49A7-AC80-ACAF852B1480}C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monerod.exe] => (Allow) C:\users\alex\documents\crypto main\monero-gui-win-x64-v0.16.0.3\monero-gui-v0.16.0.3\monerod.exe () [File not signed] FirewallRules: [TCP Query User{D7C92B6F-C673-4071-B4F2-5DF8344974B8}C:\program files\monero gui wallet\monero-wallet-gui.exe] => (Allow) C:\program files\monero gui wallet\monero-wallet-gui.exe () [File not signed] FirewallRules: [UDP Query User{198E1A83-B318-42AD-AE6B-0917E78A3BC6}C:\program files\monero gui wallet\monero-wallet-gui.exe] => (Allow) C:\program files\monero gui wallet\monero-wallet-gui.exe () [File not signed] FirewallRules: [{530A1A5D-CBA7-48A7-85AF-37D0F86549AF}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [{D052D52A-1DB5-471E-8C3F-B9868870CCBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe () [File not signed] FirewallRules: [{40353405-CC31-4DA8-BFC5-71BBFE3FDBBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe () [File not signed] FirewallRules: [{D3A629F9-E04A-4683-B9B5-71F7B53449D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{58C3EF11-9370-46F2-91D7-D70C8D92734B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{9161D96E-E0C4-4D9F-9A7E-B1744F8E31DE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{26BF5F7B-2B34-4148-89FF-4C3DF42EB8B4}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E24DABA9-DD3B-441D-A7F3-6686D0A87EF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Rumble\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{948B3903-3662-4A44-A7B9-5119392C0E4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Rumble\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{832DA1D9-90B6-468C-BCFE-95B3F876AFF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Armageddon\WA.exe (Team17 Software Ltd) [File not signed] FirewallRules: [{64822752-91E2-45B6-A295-289E6950E283}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Armageddon\WA.exe (Team17 Software Ltd) [File not signed] FirewallRules: [TCP Query User{ED4B4D07-DBEC-49EC-BDF0-E97B816B4BF6}C:\program files (x86)\steam\steamapps\common\worms rumble\projectnimble\binaries\win64\projectnimble. exe] => (Allow) C:\program files (x86)\steam\steamapps\common\worms rumble\projectnimble\binaries\win64\projectnimble. exe (Team17 Digital) [File not signed] FirewallRules: [UDP Query User{3DE7958F-72DF-4345-BDB5-E64C7AE809A8}C:\program files (x86)\steam\steamapps\common\worms rumble\projectnimble\binaries\win64\projectnimble. exe] => (Allow) C:\program files (x86)\steam\steamapps\common\worms rumble\projectnimble\binaries\win64\projectnimble. exe (Team17 Digital) [File not signed] FirewallRules: [{72AA527E-3007-4C5F-BD20-A02706E7F728}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{56D90AA4-CE1A-4304-A7FA-9EFE49DC1B6D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{AB8C6421-8EAD-4649-85DA-AD9EF97DC3D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A1BB70DB-828D-4881-9487-9BABEAD6EB6D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E2FF6A76-D2F9-41F9-91BF-217D2C428924}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Restore Points ========================= 10-12-2020 07:41:13 Windows Modules Installer ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (12/16/2020 07:25:49 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 32040562 Error: (12/16/2020 07:25:49 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 32040562 Error: (12/16/2020 07:25:49 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/15/2020 10:32:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15593 Error: (12/15/2020 10:32:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15593 Error: (12/15/2020 10:32:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/14/2020 09:59:59 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 31281 Error: (12/14/2020 09:59:59 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 31281 System errors: ============= Error: (12/13/2020 12:31:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ClickToRunSvc service. Error: (12/10/2020 10:29:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/10/2020 10:29:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (12/10/2020 08:36:06 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout. Error: (12/10/2020 08:34:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Update Orchestrator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (12/09/2020 09:48:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H66SN7Q) Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout. Error: (12/09/2020 01:37:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Web Account Manager service terminated unexpectedly. It has done this 1 time(s). Error: (12/09/2020 08:10:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80240009: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.329.98.0). Windows Defender: =================================== Date: 2020-12-16 09:03:01.5220000Z Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan ID: {4A91B986-2089-4429-95BF-D0EFBC3BED7C} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-12-15 09:08:30.5050000Z Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan ID: {FB4E1E3C-A385-4077-B208-22DEE025B740} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-12-10 22:24:09.6200000Z Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan ID: {3878EE94-DC82-4EB8-A628-328A67EFD784} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-12-10 09:47:57.1160000Z Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan ID: {E5B96271-DB83-4CC5-AC31-C226B07FBB59} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-12-08 20:56:15.1430000Z Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan ID: {CEC10CB5-6DD4-4998-A54D-23E246735419} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-12-09 08:10:20.5950000Z Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.329.38.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.17700.4 Error code: 0x80240009 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. ==================== Memory info =========================== BIOS: American Megatrends Inc. P3.00 07/13/2017 Motherboard: ASRock AB350M Pro4 Processor: AMD Ryzen 5 1600 Six-Core Processor Percentage of memory in use: 76% Total physical RAM: 16316.9 MB Available physical RAM: 3819.21 MB Total Virtual: 32719.6 MB Available Virtual: 10105.96 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:1861.63 GB) (Free:1124.93 GB) NTFS \\?\Volume{ff8639b4-e9bc-44c9-8c34-4871ec2de9a5}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{45edeef2-f749-4d07-b8d3-b1aaba97d389}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS \\?\Volume{e0377013-1bd6-4575-b04b-631a1615ec56}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ================================================== ======== Disk: 0 (Size: 1863 GB) (Disk ID: 000264DA) Partition: GPT. ==================== End of Addition.txt ======================= |
Sorry for the delay. I was offline yesterday. But I see no indication of malware in this log, or reason for slowness. You may want to open a new request in the CTH Windows 10 forum.
|
Thank you for taking a look, Jintan!
happy holidays! |
| All times are GMT +1. The time now is 01:10 PM. |
Copyright © Cyber Tech Help. All rights reserved. All other trademarks are the property of their respective owners.