Trojan Detector: Win32 / Wacatac.B! rfn. Windows Malware Detected Trojan: Win32 / Wacatac.B! rfn. اصلاح ناقص.

ردیابی بدافزار داخلی ویندوز یک تروجان را پیدا کرد و گزارش می دهد "اصلاح ناقص" است. به عنوان گزینه فقط "مجاز" وجود دارد. من نمی دانم چه کار می کند بنابراین من روی هر چیزی کلیک نکردم. همچنین ، اسکن آنلاین Malwarebytes و Eset را بر روی اسکن کامل اجرا کردم (تقریباً 4 ساعت اجرا شد). هیچی پیدا نکردم سوال من این است ، آیا چیزی باقی مانده است که نگران کننده باشد؟ با تشکر از وقت شما.

نتیجه اسکن ابزار اسکن بازیابی Farbar (FRST) (x64) نسخه: 14-04-2020
Ran توسط مع (مدیر) روی LEVIATHAN (14-04-2020 23:47:04) در حال اجرا از C: Users Moe Downloads Malware
Loading Profiles: Moe (پروفایل های موجود: Moe & Mio)
بستر های نرم افزاری: Windows 10 Pro نسخه 1909 18363.752 (X64) زبان: انگلیسی (ایالات متحده آمریکا)
مرورگر پیش فرض: FF
حالت Boot: Normal
آموزش ابزار اسکن بازیابی Farbar: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery -scan-tool /

===================== پردازش (لیست سفید) ================== [19659004] (اگر یک ورودی در لیست حل موجود باشد ، روند بسته می شود. پرونده منتقل نمی شود.)

(ASUSTeK Computer Inc. ->) [File not signed] C: File Files (x86) ASUS AsSysCtrlService 1.00.25 AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C: File Files (x86) ASUS AsusFanControlService 2.00.76 AsusFanControlS ervice.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C: File Files (x86) ASUS AXSP 4.00.38 atkexComSvc.exe
(فناوری فناوری NormalSoft پکن ، با مسئولیت محدود). -> www.ext2fsd.com) C: Windows SysWOW64 Ext2Srv.EXE
(بازی های Firaxis) [File not signed] D: Games Steam steamapps معمول XCOM 2 XCom2-WarOfTheChosen Binaries Win64 XCom2 .exe
(Intel® INTELND1820 -> Intel Corporation) C: Windows System32 IPROSetMonitor.exe
(Macrovision) [File not signed] C: File Files (x86) MonitorSoftware/ monitor.exe
(Macrovision) [File not signed] C: File Files (x86) MonitorSoftware UPSMS.exe
(Microsoft Corporation -> Microsoft Corporation) C: Windows SystemApps Microsoft.MicrosoftEdge_8wekyb3d8bbwe MicrosoftEdge.exe
Windows -> Microsoft Corporation) C: Users Moe AppData Local Packages Microsoft.MicrosoftEdge_8wekyb3d8bbwe TempState بارگیری ها Windows-KB890830-x64-V5.81 (1) .exe
(Microsoft Windows -> Microsoft) شرکت) C: Windows System32 browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows Syste m32 GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 MRT.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 SecurityHealthHost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 Taskmgr .exe
(Microsoft Windows -> Microsoft Corporation) C: Windows SystemApps Microsoft.Windows.SecHealthUI_cw5n1h2txyewy SecHealthUI.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows SysWOW64 cmd.exe
(انتشار دهنده مایکروسافت ویندوز -> مایکروسافت شرکت) C: ProgramData مایکروسافت Windows Defender بستر های نرم افزاری 4.18.2 003.8-0 MsMpEng.exe
(انتشار دهنده Microsoft Windows -> Microsoft Corporation) C: ProgramData Microsoft Windows Defender Platform 4.18.2003.8-0 NisSrv.exe
(Microsoft) [File not signed] D : Steam Games steamapps common XCOM 2 XCom2-WarOfTheChosen Binaries Win64 CrashDumpWatcher.exe
(شرکت موزیلا -> شرکت موزیلا) C: File Files (x86) Mozilla Thunderbird thunderbird.exe
(شرکت موزیلا -> شرکت موزیلا) C: File Files Mozilla Firefox firefox.exe <11>
(NextDNS Inc. ->) C: File Files (x86) NextDNS dnsunleak.exe
( NextDNS Inc. ->) C: File Files (x86) NextDNS NextDNSService.exe
(NextDNS) [File not signed] C: File Files (x86) NextDNS NextDNS.exe
(NVIDIA Corporation – > Node.js) C: File Files (x86) NVIDIA Corporation NvNode NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C: Files Programs NVIDIA Corporation Display.NvContainer NVDisplay. Container.exe <2>
(شركت انويديا – > NVIDIA Corporation) C: File Files NVIDIA Corporation NvContainer nvcontainer.exe <4>
(Oracle America، Inc. -> شرکت اوراکل) C: Files Program (x86) MonitorSoftware jre bin javaw.exe <2>
(Valve -> Valve Corporation) C: Files Program (x86) Files Common Steam SteamService.exe
(Valve -> Valve Corporation) C: Files Program (x86) Steam bin cef cef.win7x64 steamwebhelper.exe <8>
(Valve -> Valve Corporation) C: Files Program (x86) Steam GameOverlayUI.exe
(Valve -> Valve Corporation) C: Files Program (x86 ) Steam steam.exe
(Viber Media S.à rl.) -> Viber Media S.Ã rl) C: Users Moe AppData Local Viber Viber.exe

====================== رجیستری ( Whitelisted) ====================

(در صورتی که یک ورودی در لیست فهرست گنجانده شده باشد ، آیتم رجیستری به طور پیش فرض برگردانده می شود یا حذف نمی شود. پرونده نقل مکان کرد.)

HKLM-x32 … Run: [UPSMS] => C: Files Program (x86) MonitorSoftware UPSMS.exe [114688 2019-10-16] (Macrovision) [File not signed]
HKLM-x32 .. . Run: [Display] => C: Files Programs (x86) APC PowerChute Edition Personal DataCollectionLauncher.exe
HKLM-x32 … Run: [NextDNS] => C: File Files (x86) NextDNS NextDNS.exe [246272 2019-11-30] (NextDNS) [File not signed]
HKU S-1-5-21-2401605411-2593107901-998236807-1001 … Run: [Steam] => C: فایلهای برنامه (x86) Steam steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
HKU S-1-5-21-2401605411-2593107901-998236807-1001 … Run: [GUDelayStartup] => C: Files Program (x86) Glary Utilities 5 StartupManager.exe [45488 2020-03-04] (Glarysoft LTD -> Glarysoft Ltd)
HKLM نرم افزار Micr osoft راه اندازی فعال مؤلفه های نصب شده: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C: Files Program (x86) BraveSoftware Brave-Browser Application 80.1.5.123 Installer chrmstp.exe [2020-04-04] (Brave Software، Inc.) [19659016] BootExecute: autocheck autochk *
GroupPolicy: محدودیت؟ <==== توجه:

===================== وظایف برنامه ریزی شده (لیست سفید) =============

( اگر یک ورودی در لیست ثابت وجود داشته باشد ، آن را از رجیستری خارج می کنید. پرونده منتقل نمی شود مگر اینکه به طور جداگانه ذکر شود.) B2FE1952-0186-46C3-BAEC-A80AA35AC5B8> => C: File Files NVIDIA Corporation NvContainer nvcontainer.exe [858480 2019-12-06] (شرکت انویدیا -> شرکت انویدیا)
کار B91A-FF17E01B4E11} – System32 وظایف Microsoft Windows Windows Defender Windows Defender Cache Maintenance => C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun.exe [480272 2020-03-25] (انتشار دهنده Microsoft Windows -> شرکت مایکروسافت)
وظیفه: {1595AEE1-9FC9-42F2-933B-5BC6D1FCC815} – آدرس system32 وظایف کارت گرافیک NVIDIA GeForce تجربه SelfUpdate_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C: برنامه فایلها NVIDIA شرکت NVIDIA GeForce Experience NVIDIA GeFo rce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
وظیفه: F 41FB2614-F1B9-460D-B813-51466FE6D3FB} – System32 Tasks NvDriverUpdateCheckD Daily_ {BA2-3A3A52A3A52A2A2A2A2-4A2A2-4A2-4 C: File Files NVIDIA Corporation NvContainer nvcontainer.exe [858480 2019-12-06] (شرکت NVIDIA -> شرکت NVIDIA)
کار: {54F687DB-48EE-48C0-8605-37E2C2DDB186} – System32 Tas : File Files (x86) MSI Afterburner MSIAfterburner.exe [781808 2019-04-21] (شرکت بین المللی MICRO-STAR ، LTD). ->)
کار: {63C065FD-0A42-4063-B874-89623E50B110} – System32 Tasks Microsoft Windows Windows Defender Windows Defender Clean => C: ProgramData Microsoft Windows Defender platform 4.18. 2003.8-0 MpCmdRun.exe [480272 2020-03-25] (انتشار دهنده مایکروسافت ویندوز -> مایکروسافت شرکت)
کار: A 6AAA8465-EC9E-433B-9676-766EC7D0723B – System32 Tasks Mozilla Firefox Default Browser Agent 308046B : File Files Mozilla Firefox default-browser-agent.exe do-task
وظیفه: {7A4B3FB0-3BCD-4CAC-9242-6BD12AB93B82} – System32 Tasks klcp_update => C: File files (x86) K-Lite Codec Pack Tools CodecTweakTool.exe [1724928 2019-12-30] () [File not signed]
وظیفه: {7C0E2088-2C1A-4C2F-AFAF-018B26AC6637 – System32 Tasks NvNodeLauncher_ {B201A52A2 => C: Files Programs (x86) NVIDIA Corporation NvNode nvnodejslauncher.exe [653848 2019-12-08] (شركت NVIDIA -> شركت NVIDIA)
وظیفه: {83D7AE05-10BF-4CB3-904C-8BC5D70B System NvProfileUpdaterOnLogon_ {B2FE19 52-0186-46C3-BAEC-A80AA35AC5B8} => C: فایلهای برنامه NVIDIA شرکت بروزرسانی هسته NvProfileUpdater64.exe [914456 2019-12-08] (شرکت انویدیا -> شرکت انویدیا)
کار: {94D44444-3D B7AF-6BCFF8185F1F – System32 وظایف OneDrive مستقل بروزرسانی Task-S-1-5-21-2401605411-2593107901-998236807-1003 => C: Users Moe AppData Local Microsoft OneDrive OneDriveStandaloneUp
کار: 9515669E-38A3-4B9A-9702-2E83707D7522} – System32 Tasks BraveSoftwareUpdateTaskMachineUA => C: File Files (X86) BraveSoftware Update BraveUpdate.exe> ​​نرم افزار 1945 BraveSoftware Inc. NvTmRep.exe [1134104 2019-12-08] (شركت NVIDIA -> شركت NVIDIA)
كار: {AE3E43AF-2C0C-4177-A688-B9BCC7B1F86E – System32 Tasks AMD Updater => C: Files AMD AMD CIM Bin64 RadeonInstaller.exe
کار: {C896C2D5-3B45-4B58-A784-FDE070880904} – System32 وظایف مایکروسافت Windows Defender Windows Verified Defender Windows = = C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun.exe [480272 2020-03-25] (انتشارات ویندوز مایکروسافت -> Microsoft Corporation)
کار: {CFE05CA5-B756-47F4-85B5-8F80ED0665DD} – System32 Tasks NvTmRep_CrashReport2_ {A2A2A2A2A2A2A2-4A2A2-4 C: File Files NVIDIA Corporation NvBackend NvTmRep.exe [1134104 2019-12-08] (شرکت NVIDIA -> شرکت NVIDIA)
کار: {D9B545C0-66BF-4259-804F-883495F5D17A} – System32> Tasks : ProgramData BlueStacks Client Helper BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems، Inc. -> BlueStack Systems، Inc.)
کار: {E1828A83-A506-486A-B127-BE1CE47583B0} – System32 Task Microsoft Windows Windows Defender Scheduled Scheduled Scheduled = Windows Defender => C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun.exe [480272 2020-03-25] (انتشار دهنده Microsoft Windows – > شرکت مایکروسافت)
وظیفه: {E36A69AC-30F5-403B-8A57-200302BDC913} – آدرس system32 وظایف NvTmRep_CrashReport3_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C: برنامه فایلها NVIDIA شرکت NvBackend NvTmRep.exe [1134104 2019-12-08] (شركت NVIDIA -> شركت NVIDIA)
تكليف: {EB5C3C35-BB03-4F2B-BF82-571DFBF81686 – System32 Tasks NvTmRep_CrashReport4AAA4A54A54AA54A54A54A54A54A54A3AA54A54AA4AAAA54A4AAAA54A3A4AA4A AA4AAAA4AA4AA4AAA4AAAAA4AAA4AAA4AAA4-4 : File Files NVIDIA Corporation NvBackend NvTmRep.exe [1134104 2019-12-08] (شركت NVIDIA -> شركت NVIDIA)
وظیفه: {EE4C0378-DEFA-4C4A-BC90-65060AE5552C} – System32 TTX -46C3-BAEC-A80AA35AC5B8} => C: پرونده های برنامه NVIDIA شرکت بروزرسانی هسته NvProfileUpdater64.exe [914456 2019-12-08] (شرکت انویدیا -> شرکت انویدیا)
کار: {FED59F84-20E2502B } – System32 Tasks BraveSoftwareUpdateTaskMachineCore => C: Files Program (x86) BraveSoftware بروزرسانی BraveUpdate.exe [154056 2019-04-22] (Brave Software، Inc. -> BraveSoftware Inc. )

(اگر مدخل در لیست تعمیر گنجانده شده باشد ، پرونده وظیفه (.job) منتقل می شود. پرونده ای که توسط کار اجرا می شود منتقل نمی شود.)

کار: C: WINDOWS وظایف ایجادExplorerShellUnelevatedTask.job => C: WINDOWS explorer.exe

======== ============= اینترنت (لیست سفید) =====================

(اگر یک مورد در لیست ثابت موجود است ، اگر این یک آیتم رجیستری است که به صورت پیش فرض برداشته می شود یا بازیابی می شود.)

میزبان: بیش از یک ورودی در هاست وجود دارد. به بخش میزبان های Addition.txt مراجعه کنید
Tcpip Parameters: [DhcpNameServer] 192.0.2.42
Tcpip .. Interfaces {06719872-a2e5-4be0-9acf-400ecdc02daf [:[194590504] ] Tcpip .. رابط {767f8969-f97f-42ae-902c-f4ca3193d880}: [DhcpNameServer] 192.0.2.42

Internet Explorer:
=============== ===

Edge:
======
DownloadDir: D: Users Moe Downloads
Edge HomeButtonPage: HKU S-1-5-21-2401605411-2593107901- 998236807-1001 -> hxxps: //www.qwant.com/؟ r = PH & sr = en & l = en_gb & h = 0 & s = 0 & a = 1 & b = 1 & vt = 0 & hc = 0 & smartNews = 1 & smartSocial = 1 & theme = 1 & i = 1 & اهدا = 0 & qoz = 0 & shb 1startpage.com/do/mypage.pl؟prfe=hxxps://www.startpage.com/do/mypage.pl؟prfe=36c84513558a2d34bf0d89ea505333ad59fcc4f8848a538a0c1c89932309a9bc818f1bb4bea737975c431b4299889baf0fbadd75a82a8395
Edge فرمت: (uBlock منبع) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C: برنامه پرونده ها WindowsApps 37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-08-14]

FireFox:
========
FF DefaultProfile: izs93i27.default
FF ProfilePath: C: Users Moe AppData Roaming Mozilla Firefox Profiles bf9xooq8.dev-edition-default-1577682748283 [2020-03-11]
FF ProfilePath: C: Users Moe AppData Roaming Mozilla Firefox Profiles izs93i27.default [2020-04-14]
FF صفحه اول: موزیلا Firefox پروفایل izs93i27. -> hxxps: //www.qwant.com/؟ r = PH & sr = en & l = en_gb & h = 0 & s = 0 & a = 1 & b = 1 & vt = 1 & hc = 0 & smartNews = 1 & smartSocial = 0 & theme = 1 & i = 1 & اهدا = 0
FF NetworkProxy: Mozilla Firefox Profiles izs93i27.default -> no_proxies_on "،" localhost، 127.0.0.1 "
FF Extension: (Facebook Container) – C: Users Moe AppData Roaming Mozilla Firefox Profiles izs93i27.default برنامه های افزودنی @ حاوی-facebook.xpi [2020-04-14]
FF Extension: (ظروف چند حساب Firefox) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل ها izs93i27.default برنامه های افزودنی @ testpilot-ظروف .xpi [2020-04-14]
FF Extension: (Arc Dark Theme) – C: کاربران Moe AppData رومینگ موزیلا F irefox Profiles izs93i27.default پسوند [email protected] [2019-08-06]
FF Extension: (Cookie AutoDelete) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل izs93i27.default برنامه های افزودنی [email protected] [2020-03-20]
FF Extension: (Consent-O-Matic) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل izs93i27.default پسوند gdpr @ cavi .au.dk.xpi [2020-02-27]
FF Extension: (HTTPS Everywhere) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل های izs93i27.default برنامه های افزودنی [email protected] [19659038] FF Extension: (مدیر بارگیری Turbo (v2)) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل izs93i27.default برنامه های افزودنی [email protected] [Extension] 1990 (رفع پیوند جستجو در گوگل) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل izs93i27.default برنامه های افزودنی [email protected] [2020-01-11]
FF پسوند: (تمدید) کاربران Moe AppData رومینگ موزیلا Firefox پروفایل izs93i2 7.default برنامه های افزودنی [email protected] [2020-04-03]
FF Extension: (تنظیمات حریم خصوصی) – ج: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل izs93i27.default پسوند jid1-CKYA @ jetpack.xpi [2019-01-06]
FF Extension: (Firefox Lightbeam) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل های izs93i27.default برنامه های افزودنی [email protected] [2019-01-06]
FF : (گارد موقعیت مکانی) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل izs93i27.default برنامه های افزودنی [email protected] [2019-12-19]
FF پسوند: (نشانگر حفظ حریم خصوصی) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل izs93i27.default برنامه های افزودنی [email protected] [2020-02-20]
FF Extension: (uBlock Origin) – C: کاربران Moe AppData رومینگ Mozilla Firefox پروفایل های izs93i27.default برنامه های افزودنی [email protected] [2020-04-07]
FF Extension: (Privacy Possum) – C: Users Moe AppData Roaming Mozilla Firefox پروفایل izs93i27.default برنامه های افزودنی [email protected] [19659047] FF Extension: (Nebula Black) – C: Users Moe AppData Roaming Mozilla Firefox Profiles izs93i27.default پسوند {0325dfae-38ed-4013-a6bf-713b930b1f8f} .xpi [2019-05-14]
FF برنامه افزودنی: (حالت تاریک تاریک) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل izs93i27.default برنامه های افزودنی {27c3c9d8-95cd-44e6-ae9c-ff537348b9f3} .xpi [2019-06-15]
FF (گزینه های جستجوی تصویر) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل izs93i27.default برنامه های افزودنی {4a313247-8330-4a81-948e-b79936516f78} .xpi [2019-10-05]
FF Extension: (Stylus ) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل ها izs93i27.default برنامه های افزودنی {7a7a4a92-a2a0-41d1-9fd7-1e92480d612d} .xpi [2020-03-04]
FF Extension: (دانلود ویدیو : کاربران Moe AppData رومینگ موزیلا Firefox پروفایل izs93i27.default برنامه های افزودنی {b9db16a4-6edc-47ec-a1f4-b86292ed211d} .xpi [2020-03-31]
FF پسوند: (برای صرفه جویی در وقت گیر برای شما.) – C: کاربران Moe AppData رومینگ موزیلا Firefox پروفایل های izs93i27.default برنامه افزودنی s {e58d3966-3d76-4cd9-8552-1582fbc800c1 .xpi [2020-02-12]
FF Plugin-x32: @ Tools.brave.com / بروزرسانی BraveSoftware؛ نسخه = 3 -> C: فایلهای برنامه (x86) BraveSoftware بروزرسانی 1.3.99.0 npBraveUpdate3.dll [2019-04-22] (Brave Software، Inc. -> BraveSoftware Inc)
FF Plugin-x32: @ Tools.brave.com / بروزرسانی BraveSoftware؛ نسخه = 9 -> C: برنامه پرونده ها (x86) BraveSoftware بروزرسانی 1.3.99.0 npBraveUpdate3.dll [2019-04-22] (Brave Software، Inc. -> BraveSoftware Inc.)
FF Plugin-x32: مؤلفه های وب -> C: فایلهای برنامه (x86 ) مؤلفه های وب npWebVideoPlugin.dll [2016-09-19] () [File not signed]

====================== خدمات (لیست سفید) ======= =============

(اگر مدرک در لیست فیش موجود باشد ، از رجیستری حذف می شود). پرونده منتقل نمی شود مگر اینکه به طور جداگانه ذکر شود.)

R2 asComSvc؛ C: File Files (x86) ASUS AXSP 4.00.38 atkexComSvc.exe [440368 2019-04-09] (شرکت ASUSTeK Computer -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService؛ C: File Files (x86) ASUS AsSysCtrlService 1.00.25 AsSysCtrlService.exe [1360016 2019-04-03] (ASUSTeK Computer Inc. ->) [File not signed]
R2 AsusFanControlService؛ C: File Files (x86) ASUS AsusFanControlService 2.00.76 AsusFanControlService.exe [2061872 2019-04-09] (شرکت کامپیوتر ASUSTeK -> ASUSTeK Computer Inc.)
S3 BEService؛ C: File Files (x86) Files Common BattlEye BEService.exe [8473200 2019-07-02] (نوآوری های BattlEye e.K. ->)
S2 شجاع؛ C: File Files (x86) BraveSoftware Update BraveUpdate.exe [154056 2019-04-22] (Brave Software، Inc. -> Inc BraveSoftware.)
S3 bravem؛ C: File Files (x86) BraveSoftware Update BraveUpdate.exe [154056 2019-04-22] (Brave Software، Inc. -> BraveSoftware Inc.)
S3 EasyAntiCheat؛ C: File Files (x86) EasyAntiCheat EasyAntiCheat.exe [803440 2019-07-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Ext2Srv؛ C: WINDOWS SysWOW64 Ext2Srv.EXE [42488 2019-12-24] (پکن شرکت فناوری NormalSoft ، با مسئولیت محدود -> www.ext2fsd.com)
R2 NextDNSService؛ C: File Files (x86) NextDNS NextDNSService.exe [7984016 2019-11-30] (NextDNS Inc. ->)
R2 NvContainerLocalSystem؛ C: File Files NVIDIA Corporation NvContainer nvcontainer.exe [858480 2019-12-06] (شرکت NVIDIA -> شرکت NVIDIA)
R3 NvContainerNetworkService؛ C: File Files NVIDIA Corporation NvContainer nvcontainer.exe [858480 2019-12-06] (شرکت NVIDIA -> شرکت انویدیا)
S2 RtkBtManServ؛ C: WINDOWS RtkBtManServ.exe [709528 2019-12-04] (ناشر سازگاری سخت افزار سخت افزار مایکروسافت ویندوز -> نیمه هادی Realtek Corp.)
S3 Sense؛ C: File Files Windows Defender Advanced Threat Protection MsSense.exe [5930136 2020-03-25] (انتشار دهنده ویندوز مایکروسافت -> Microsoft Corporation)
R2 UPSmonitor؛ C: File Files (x86) MonitorSoftware monitor.exe [114688 2019-10-16] (Macrovision) [File not signed]
R3 WdNisSvc؛ C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 NisSrv.exe [3294680 2020-03-25] (انتشارات Microsoft Windows -> Microsoft Corporation)
R2 WinDefend؛ C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MsMpEng.exe [103168 2020-03-25] (انتشارات Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem؛ "C: Program Files NVIDIA Corporation Display.NvContainer NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C: ProgramData NVIDIA NVDisplay.ContainerLocalSystem.log" -l 3 -d "C: فایلهای برنامه NVIDIA Corporation Display.NvContainer plugins LocalSystem "-r -p 30000

======================= درایورها (لیست سفید) === =================

(اگر یک مطلب در لیست فیش موجود باشد ، از رجیستری حذف می شود. پرونده منتقل نمی شود مگر اینکه جداگانه ذکر شود.) [19659004] S3 AiCharger؛ ج: ویندوز SysWow64 درایور AiCharger.sys [14848 2012-03-22] (شرکت کامپیوتر ASUSTeK -> ASUSTek Computer Inc.)
R3 amdgpio2؛ C: WINDOWS System32 driver amdgpio2.sys [45832 2020-01-20] (Advanced Micro Devices INC. -> Advanced Micro Devices، Inc)
R3 amdgpio3؛ C: WINDOWS System32 driver amdgpio3.sys [24528 2019-04-18] (امضا PMP-PE CB کد امضای v20160415 -> دستگاههای پیشرفته میکرو ، وارز)
R3 AMDPCIDev؛ C: WINDOWS System32 driver AMDPCIDev.sys [32520 2020-03-10] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R0 amdpsp؛ C: WINDOWS System32 driver amdpsp.sys [138064 2019-06-26] (Advanced Micro Devices، Inc. -> Advanced Micro Devices، Inc.)
S0 amd_sata؛ C: WINDOWS System32 driver amd_sata.sys [85704 2015-03-30] (دستگاه های پیشرفته میکرو ، شرکت -> دستگاه های پیشرفته میکرو)
S0 amd_xata؛ C: WINDOWS System32 driver amd_xata.sys [43720 2015-03-30] (Advanced Micro Devices، Inc. -> دستگاههای پیشرفته میکرو)
R1 AsIO؛ ج: ویندوز SysWow64 درایور AsIO.sys [15232 2017-12-26] (ASUSTeK Computer Inc. ->)
R1 AsUpIO؛ C: ویندوز SysWow64 درایور AsUpIO.sys [14464 2017-03-14] (ASUSTeK Computer Inc. ->)
R1 Asusgio2؛ C: Windows system32 درایور AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. ->)
S3 AX88179؛ C: WINDOWS System32 driver ax88179_178a.sys [93800 2018-10-29] (ناشر سازگاری سخت افزار مایکروسافت ویندوز -> ASIX Electronics Corp.)
R2 BlueStacksDrv؛ C: File Files BlueStacks BstkDrv_bgp.sys [315976 2020-02-29] (Bluestack Systems، Inc -> Bluestack System Inc.)
S3 BthA2dp؛ ج: WINDOWS System32 درایور BthA2dp.sys [231936 2019-09-11] (شرکت مایکروسافت) [File not signed]
R3 e1rexpress؛ C: WINDOWS system32 DRIVERS e1r65x64.sys [550768 2019-12-04] (Intel® INTELND1820 -> Intel Corporation)
S0 envirtahci؛ C: WINDOWS System32 driver envirtahci.sys [799008 2019-08-03] (Enmotus Inc. -> AMD)
S3 FTDIBUS؛ C: WINDOWS system32 driver ftdibus.sys [129448 2017-09-19] (دستگاه های بین المللی فناوری با مسئولیت محدود ->> دستگاه های بین المللی فناوری با مسئولیت محدود).
S3 FTSER2K؛ C: WINDOWS system32 driver ftser2k.sys [89792 2017-09-19] (دستگاه های بین المللی فناوری با مسئولیت محدود ->> دستگاه های بین المللی فناوری با مسئولیت محدود.)
S3 gdrv2؛ C: Windows gdrv2.sys [32008 2019-04-07] (شرکت فناوری GIGA-BYTE ، آموزشی ویبولیتین -> شرکت فناوری گیگا-BYTE ، LTD.)
R1 GUBootStartup؛ C: WINDOWS System32 driver GUBootStartup.sys [28936 2019-07-16] (Glarysoft LTD -> Glarysoft Ltd)
S3 HWiNFO_150؛ C: Users Moe AppData Local Temp HWiNFO64A_150.SYS [62240 2020-04-14] (مارتین مالک – REALiX -> REALiX ™) <==== توجه
S3 LGSHidFilt؛ C: WINDOWS system32 DRIVERS LGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)
R2 megabattery؛ C: WINDOWS system32 DRIVERS megabatteryX64.sys [20608 2012-03-31] (Mega System Technologies، Inc. -> شرکت سیستم Megatec.)
R3 nvlddmkm؛ C: WINDOWS System32 DriverStore FileRepository nv_dispi.inf_amd64_63268710a2dc3648 nvlddmkm.sys [23439080 2020-03-19] (شرکت انویدیا -> شرکت انویدیا)
R3 NvStreamKms؛ C: File Files NVIDIA Corporation NvStreamSrv NvStreamKms.sys [30336 2019-12-07] (شرکت انویدیا -> شرکت انویدیا)
R3 nvvad_WaveExtensible؛ C: WINDOWS system32 driver nvvad64v.sys [69840 2019-12-07] (شرکت انویدیا -> شرکت انویدیا)
R3 nvvhci؛ C: WINDOWS System32 driver nvvhci.sys [75600 2020-03-18] (شرکت انویدیا -> شرکت انویدیا)
R0 pwdrvio؛ C: WINDOWS System32 pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd ->)
S3 pwdspio؛ C: WINDOWS system32 pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd ->)
S3 RtkA2dp؛ C: WINDOWS system32 DRIVERS RtkA2dp.sys [217032 2019-05-17] (Corp.Arg نیمه هادی Realtek – -> شرکت نیمه هادی Realtek)
S3 RtkAvrcpCtrlr؛ ج: WINDOWS System32 درایورها RtkAvrcpCtrlr.sys [87832 2016-09-20] (نیمه هادی Realtek Corp -> شرکت نیمه هادی Realtek)
S3 RtkBtFilter؛ C: WINDOWS System32 driver RtkBtfilter.sys [784032 2019-12-04] (ناشر سازگاری سخت افزار مایکروسافت ویندوز -> شرکت نیمه هادی Realtek)
S3 RtlWlanu؛ C: WINDOWS system32 رانندگان rtwlanu.sys [9860088 2019-07-19] (شرکت نیمه هادی Realtek – -> شرکت نیمه هادی Realtek)
R3 Ser2pl؛ C: WINDOWS system32 DRIVERS ser2pl64.sys [258544 2019-06-24] (WDKTestCert charles-yeh، 131345514351795974 -> Inc Prolific Technology).
R2 SSGDIO؛ C: Windows SysWOW64 DRIVERS ssgdio64.sys [14608 2019-02-28] (ATI Technologies، Inc -> ATI Technologies Inc)
R3 SteamStreamingMicrophone؛ C: WINDOWS system32 driver SteamStreamingMicrophone.sys [40736 2017-07-29] (Valve Corp. ->)
R3 SteamStreamingSpeakers؛ C: WINDOWS system32 driver SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. ->)
R3 tap0901؛ C: WINDOWS System32 driver tap0901.sys [27136 2016-04-21] (OpenVPN Technologies، Inc. -> پروژه OpenVPN)
S3 tapnordvpn؛ C: WINDOWS System32 driver tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> پروژه OpenVPN)
S0 WdBoot؛ ج: WINDOWS System32 درایورها wd WdBoot.sys [45960 2020-03-25] (انتشار سریع ضد ویروس مایکروسافت ویندوز مایکروسافت -> Microsoft Corporation)
R0 WdFilter؛ C: WINDOWS System32 driver wd WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv؛ C: WINDOWS System32 driver wd WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S1 upsmart؛ System32 driver upsmart.sys [X]

====================== NetSvcs (لیست سفید) ============== ====== [

(اگر یک مطلب در لیست ثابت وجود داشته باشد ، از رجیستری حذف می شود. پرونده منتقل نمی شود مگر اینکه به طور جداگانه ذکر شود.)

========== ============ یک ماه (ایجاد شده) ====================

(اگر یک ورودی در لیست فیکس موجود است ، پرونده / پوشه منتقل خواهد شد.)

2020-04-14 23:45 – 2020-04-14 23:47 – 000000000 ____D C: FRST
2020-04-14 16:46 – 2020-04- 14 18:01 – 000000000 ____D C: Users Moe AppData LocalLow IGDump
2020-04-14 16:46 – 2020-04-14 16:46 – 000000000 ____D C: Users Moe AppData محلی mbam
2020-04-14 16:45 – 2020-04-14 16:45 – 000000000 ____D C: Users Moe AppData Local mbamtray
2020-04-14 16:40 – 2020-04-14 16:40 – 000000857 _____ C: Users Moe AppData رومینگ مایکروسافت ویندوز منوی استارت برنامه ها ESET آنلاین Scanner.lnk
2020-04-14 16:39 – 2020 -04-14 23:47 – 000000000 ____D C: کاربران مع دریافت ها Malware
2020-04-11 00:38 – 2020-04-11 00:38 – 000000000 ____D C: Users Moe AppData رومینگ AMD
2020-04-09 22:15 – 2020-04-10 17:38 – 000000000 ____D C: Files Program (x86) Mozilla Thunderbird
2020-04-08 22:37 – 2020-04-09 17:34 – 000000000 ____D C: Program پرونده ها موزیلا فایرفاکس
2020-04-08 22:37 – 2020-04-08 22:37 – 000000000 ____D C: WINDOWS system32 Tasks Mozilla
2020-04-07 16:52 – 2020 -04-07 16:52 – 1143838279 _____ C: WINDOWS MEMORY.DMP
2020-04-07 16:52 – 2020-04-07 16:52 – 001110044 _____ C: WINDOWS Minidump 040720- 8453-01.dmp
2020-04-06 19:32 – 2015-12-09 21:47 – 000262440 _____ (شرکت Broadcom.) ج: WINDOWS system32 رانندگان btwavdt.sys
2020- 04-06 19:16 – 2020-04-06 19:16 – 000000000 ____D C: Users Moe AppData Local setup
2020-04-06 18:02 – 2020-04-06 18:02 – 000000000 ____D C: ProgramData مایکروسافت Windows منوی شروع برنامه ها qBittorrent
2020-04-05 22:58 – 2020-04-05 22:58 – 000000904 _____ C: کاربران Moe AppData رومینگ مایکروسافت ویندوز منوی شروع برنامه راه اندازی Tor Browser.lnk
2020-04-05 22:57 – 2020-04-05 22:58 – 000000000 ____D C: Users Moe Desktop مرورگر Tor
2020-04-05 21:51 – 2020-04-05 21:52 – 000000000 ____D C: Users Moe AppData Local Viber
2020 -04-04 14:11 – 2020-04-04 14:11 – 000003772 _____ C: WINDOWS Info.xml
2020-04-03 15:44 – 2020-04-03 16:39 – 000000000 ____D C: کاربران Moe اسناد معاملات
2020-04-03 13:45 – 2020-04-03 16:46 – 000000493 _____ C: Users Moe Documents Accs.txt
2020- 03-29 18:19 – 2020-03-29 18:19 – 000000081 _____ C: Users Moe Documents Pan Pizza.txt
2020-03-26 16:00 – 2020-03-26 16: 00 – 000000000 ____D C: Users Moe AppData Roaming NVIDIA
2020-03-26 16:00 – 2020-03-26 16:00 – 000000000 ____D C: Users Moe AppData Roaming LibreOffice
2020-03-26 13:19 – 2020-03-26 13:19 – 000000000 ____D C: ProgramData Microsoft Windows منوی شروع برنامه ها LibreOf fice 6.4
2020-03-26 13:18 – 2020-03-26 13:18 – 000000000 ____D C: File Files LibreOffice
2020-03-25 13:39 – 2020-03-25 13 : 39 – 025444352 _____ (Microsoft Corporation) C: WINDOWS system32 Hydrogen.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 022636544 _____ (Microsoft Corporation) C: WINDOWS system32 mshtml.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 019813376 _____ (Microsoft Corporation) C: WINDOWS system32 HologramWorld.dll
2020-03- 25 13:39 – 2020-03-25 13:39 – 018027008 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mshtml.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 014818816 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Windows.UI.Xaml.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 008013824 _____ (Microsoft Corporation) C: WINDOWS system32 mstscax.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 007017472 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 mstscax.dll
2020- 03-25 13:39 – 2020-03-25 13:39 – 006525 424 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Windows.Media.Protection.PlayReady.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 004129416 _____ (Microsoft Corporation) C : WINDOWS system32 mfcore.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 003753472 _____ (شرکت مایکروسافت) C: WINDOWS system32 SettingsHandlers_nt.dll
2020 -03-25 13:39 – 2020-03-25 13:39 – 003742544 _____ (Microsoft Corporation) C:WINDOWSSysWOW64OneCoreUAPCommonProxyStub.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 002800128 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32kfull.sys
2020-03-25 13:39 – 2020-03-25 13:39 – 002494744 _____ (Microsoft Corporation) C: WINDOWSsystem32msmpeg2vdec.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 002369576 _____ (Microsoft Corporation) C:WINDOWSsystem32Microsoft.Uev.AppAgent.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 002188600 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVEntSubsystems64.dll
20 20-03-25 13:39 – 2020-03-25 13:39 – 001835008 _____ (Microsoft Corporation) C:WINDOWSsystem32enterprisecsps.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 001659408 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Microsoft.Uev.AppAgent.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 001610240 _____ (Microsoft Corporation) C:WINDOWSsystem32HologramCompositor.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 001587712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aadtb.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 001545216 _____ (Microsoft Corporation) C:WINDOWSsystem32mstsc.exe
2020-03-25 13:39 – 2020-03-25 13:39 – 001495864 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppVEntSubsystems32.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 001477112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dcomp.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 001397560 _____ (Microsoft Corporation) C:WINDOWSsystem32hvix64.exe
2020-03-25 1 3:39 – 2020-03-25 13:39 – 001386296 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVEntSubsystemController.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 001368576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Wpc.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 001368576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.Input.Inking.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 001264640 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mstsc.exe
2020-03-25 13:39 – 2020-03-25 13:39 – 001245184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TokenBroker.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 001081856 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Networking.Vpn.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 001077264 _____ (Microsoft Corporation) C:WINDOWSsystem32hvax64.exe
2020-03-25 13:39 – 2020-03-25 13:39 – 001055376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msctf.dll
2020-03-25 13:3 9 – 2020-03-25 13:39 – 000993280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TSWorkspace.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000980832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64webservices.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000923136 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Internal.Management.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000912896 _____ (Microsoft Corporation) C:WINDOWSsystem32rasmans.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000892416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MbaeApiPublic.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000865280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Security.Authentication.Web.Core.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000785920 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kerberos.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000744960 _____ (Microsoft Corporation) C:WINDOWSsystem32Microsoft.Uev.Of fice2013CustomActions.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000729600 _____ (Microsoft Corporation) C:WINDOWSSysWOW64FlightSettings.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000701440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Mirage.Internal.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000701440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64BTAGService.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000689152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CPFilters.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000673704 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppXDeploymentClient.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000665088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64netlogon.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000647680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Internal.Management.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000632832 _____ (Microsoft Corp oration) C:WINDOWSSysWOW64WpcWebFilter.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000628408 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kernel32.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000555008 _____ (Microsoft Corporation) C:WINDOWSsystem32appwiz.cpl
2020-03-25 13:39 – 2020-03-25 13:39 – 000538160 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SHCore.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000529408 _____ (Microsoft Corporation) C:WINDOWSsystem32nltest.exe
2020-03-25 13:39 – 2020-03-25 13:39 – 000514560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Microsoft.Uev.Office2013CustomActions.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000507152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64taskschd.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000491008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sppcext.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000487784 _____ (Microsoft Corporation) C:WI NDOWSSysWOW64advapi32.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000456192 _____ (Microsoft Corporation) C:WINDOWSSysWOW64appwiz.cpl
2020-03-25 13:39 – 2020-03-25 13:39 – 000452096 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpclip.exe
2020-03-25 13:39 – 2020-03-25 13:39 – 000415760 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aepic.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000410112 _____ (Microsoft Corporation) C:WINDOWSsystem32rascustom.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000406480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Enumeration.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000381440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ntshrui.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000336384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64es.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000330240 _____ (Microsoft Corporation) C:WINDOWSsystem32omadmclient.exe
2020-03-25 13:39 – 2020-03-25 13:39 – 000324096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32k.sys
2020-03-25 13:39 – 2020-03-25 13:39 – 000321536 _____ (Microsoft Corporation) C:WINDOWSsystem32wbadmin.exe
2020-03-25 13:39 – 2020-03-25 13:39 – 000277864 _____ (Microsoft Corporation) C:WINDOWSsystem32LsaIso.exe
2020-03-25 13:39 – 2020-03-25 13:39 – 000234496 _____ (Microsoft Corporation) C:WINDOWSsystem32iasrad.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000227840 _____ (Microsoft Corporation) C:WINDOWSsystem32IndexedDbLegacy.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000211256 _____ (Microsoft Corporation) C:WINDOWSsystem32tcbloader.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000203264 _____ (Microsoft Corporation) C:WINDOWSsystem32LanguageComponentsInstaller.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000190048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64logoncli.dll
2020-03-25 13 :39 – 2020-03-25 13:39 – 000187392 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iasrad.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000185952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64deviceaccess.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000179200 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.XamlHost.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000175616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64IndexedDbLegacy.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000163840 _____ (Microsoft Corporation) C:WINDOWSSysWOW64updatepolicy.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000135168 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.XamlHost.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000123952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KerbClientShared.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000118272 _____ (Microsoft Corporation) C:WINDOWSSysWOW64slc.dll
2020-03-25 13:3 9 – 2020-03-25 13:39 – 000101888 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sppc.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000093712 _____ (Microsoft Corporation) C:WINDOWSsystem32hvloader.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000090624 _____ (Microsoft Corporation) C:WINDOWSsystem32tsgqec.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000089536 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32u.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000087040 _____ (Microsoft Corporation) C:WINDOWSsystem32iasacct.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000084280 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershvservice.sys
2020-03-25 13:39 – 2020-03-25 13:39 – 000071680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Custom.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000070144 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tsgqec.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 00006 6624 _____ (Microsoft Corporation) C:WINDOWSsystem32iumcrypt.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000066048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iasacct.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000050544 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CloudNotifications.exe
2020-03-25 13:39 – 2020-03-25 13:39 – 000050176 _____ (Microsoft Corporation) C:WINDOWSsystem32iaspolcy.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000049152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tbauth.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000045568 _____ (Microsoft Corporation) C:WINDOWSsystem32Microsoft.Uev.Office2010CustomActions.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000040448 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iaspolcy.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000036352 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Microsoft.Uev.Office2010CustomActions.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000031744 _____ (Microsoft Corporation) C:WINDOWSsystem32ias.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000029696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64cmintegrator.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000029184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TokenBrokerCookies.exe
2020-03-25 13:39 – 2020-03-25 13:39 – 000023552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ias.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000021520 _____ (Microsoft Corporation) C:WINDOWSsystem32kdhvcom.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000019968 _____ (Microsoft Corporation) C:WINDOWSSysWOW64slcext.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000017920 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wksprtPS.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000015872 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Custom.ps.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 00 0010752 _____ (Microsoft Corporation) C:WINDOWSsystem32DMAlertListener.ProxyStub.dll
2020-03-25 13:39 – 2020-03-25 13:39 – 000007680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DMAlertListener.ProxyStub.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 017790464 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 009930552 _____ (Microsoft Corporation) C:WINDOWSsystem32ntoskrnl.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 007849216 _____ (Microsoft Corporation) C:WINDOWSsystem32OneCoreUAPCommonProxyStub.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 007604584 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Protection.PlayReady.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 006168064 _____ (Microsoft Corporation) C:WINDOWSsystem32twinui.pcshell.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 004563200 _____ (Microsoft Corporation) C:WINDOWSsystem32sppsvc.exe[1 9459004]2020-03-25 13:38 – 2020-03-25 13:38 – 003977216 _____ (Microsoft Corporation) C:WINDOWSsystem32tellib.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 003799552 _____ (Microsoft Corporation) C:WINDOWSsystem32diagtrack.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 003728384 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kfull.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 003708928 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentServer.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 003586872 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgkrnl.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 003547648 _____ (Microsoft Corporation) C:WINDOWSsystem32dwmcore.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 003109376 _____ (Microsoft Corporation) C:WINDOWSsystem32wuaueng.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 002986808 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstcpip.sys
2020-03-2 5 13:38 – 2020-03-25 13:38 – 002871608 _____ (Microsoft Corporation) C:WINDOWSsystem32aitstatic.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 002768440 _____ (Microsoft Corporation) C:WINDOWSsystem32KernelBase.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 002143232 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcDesktopMonSvc.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 002126144 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEng.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 002114560 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.CloudStore.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 002087168 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KernelBase.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001960448 _____ (Microsoft Corporation) C:WINDOWSsystem32aadtb.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001945600 _____ (Microsoft Corporation) C:WINDOWSsystem32dcomp.dll
2020-03-25 13:38 – 2020-03-25 13 :38 – 001942528 _____ (Microsoft Corporation) C:WINDOWSsystem32audiosrv.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001918976 _____ (Microsoft Corporation) C:WINDOWSsystem32wevtsvc.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001783296 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Input.Inking.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001762816 _____ (Microsoft Corporation) C:WINDOWSsystem32wwansvc.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001757096 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi
2020-03-25 13:38 – 2020-03-25 13:38 – 001726264 _____ (Microsoft Corporation) C:WINDOWSsystem32appraiser.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001719808 _____ (Microsoft Corporation) C:WINDOWSsystem32Wpc.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001512832 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 001497600 _____ (Microsoft Corporation) C:WINDOWSsystem32TokenBroker.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001480192 _____ (Microsoft Corporation) C:WINDOWSsystem32usocoreworker.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 001427456 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Networking.Vpn.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001413704 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioSes.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001378528 _____ (Microsoft Corporation) C:WINDOWSsystem32webservices.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001300280 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershttp.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 001263856 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcMon.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 001261808 _____ (Microsoft Corporation) C:WINDOWSsystem32msctf.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001257472 _____ (Microsoft Corporation) C: WINDOWSsystem32rpcss.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001243648 _____ (Microsoft Corporation) C:WINDOWSsystem32TSWorkspace.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001180672 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Security.Authentication.Web.Core.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001136128 _____ (Microsoft Corporation) C:WINDOWSsystem32MbaeApiPublic.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001127424 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcRefreshTask.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001083904 _____ (Microsoft Corporation) C:WINDOWSsystem32MusUpdateHandlers.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001071616 _____ (Microsoft Corporation) C:WINDOWSsystem32BTAGService.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 001011200 _____ (Microsoft Corporation) C:WINDOWSsystem32kerberos.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000974336 _____ (Microsoft C orporation) C:WINDOWSsystem32uDWM.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000924672 _____ (Microsoft Corporation) C:WINDOWSsystem32samsrv.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000915192 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentClient.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000893952 _____ (Microsoft Corporation) C:WINDOWSsystem32FlightSettings.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000879616 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.Service.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000874512 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms2.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000865280 _____ (Microsoft Corporation) C:WINDOWSsystem32netlogon.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000840704 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_Language.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000811320 ____ _ (Microsoft Corporation) C:WINDOWSsystem32generaltel.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000759272 _____ (Microsoft Corporation) C:WINDOWSsystem32taskschd.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000747320 _____ (Microsoft Corporation) C:WINDOWSsystem32aeinv.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000735744 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEndpointBuilder.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000722072 _____ (Microsoft Corporation) C:WINDOWSsystem32kernel32.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000684560 _____ (Microsoft Corporation) C:WINDOWSsystem32SHCore.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000654912 _____ (Microsoft Corporation) C:WINDOWSsystem32advapi32.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000638480 _____ (Microsoft Corporation) C:WINDOWSsystem32devinv.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000637240 _____ (Microsoft Corporation) C:WIND OWSsystem32Driversstorport.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000618296 _____ (Microsoft Corporation) C:WINDOWSsystem32hal.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000605184 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotification.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000604984 _____ (Microsoft Corporation) C:WINDOWSsystem32pcasvc.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000589384 _____ (Microsoft Corporation) C:WINDOWSsystem32audiodg.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000550400 _____ (Microsoft Corporation) C:WINDOWSsystem32win32k.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000530432 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcext.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000524264 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Enumeration.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000516096 _____ (Microsoft Corporation) C:WINDOWSsystem32MusN otificationUx.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000515600 _____ (Microsoft Corporation) C:WINDOWSsystem32dcntel.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000513576 _____ (Microsoft Corporation) C:WINDOWSsystem32aepic.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000498688 _____ (Microsoft Corporation) C:WINDOWSsystem32ntshrui.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000497152 _____ (Microsoft Corporation) C:WINDOWSsystem32wuuhext.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000477496 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversFWPKCLNT.SYS
2020-03-25 13:38 – 2020-03-25 13:38 – 000469504 _____ (Microsoft Corporation) C:WINDOWSsystem32cloudAP.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000465208 _____ (Microsoft Corporation) C:WINDOWSsystem32invagent.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000459688 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotifyIcon.exe
2020-03- 25 13:38 – 2020-03-25 13:38 – 000456504 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdbss.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000441144 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms1.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000437560 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspci.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000416016 _____ (Microsoft Corporation) C:WINDOWSsystem32AUDIOKSE.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000401408 _____ (Microsoft Corporation) C:WINDOWSsystem32es.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000374784 _____ (Microsoft Corporation) C:WINDOWSsystem32ncbservice.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000355328 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcApi.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000324408 _____ (Microsoft Corporation) C:WINDOWSsystem32acmigration.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000323584 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcommdlg.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000297272 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssdbus.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000278016 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcTok.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000265216 _____ (Microsoft Corporation) C:WINDOWSsystem32cdd.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000259776 _____ (Microsoft Corporation) C:WINDOWSsystem32logoncli.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000259072 _____ (Microsoft Corporation) C:WINDOWSsystem32VPNv2CSP.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000256000 _____ (Microsoft Corporation) C:WINDOWSsystem32UpdateDeploymentProvider.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000251704 _____ (Microsoft Corporation) C:WINDOWSsystem32offlinesam.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000251392 _____ (Mic rosoft Corporation) C:WINDOWSsystem32Driverswinnat.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000241152 _____ (Microsoft Corporation) C:WINDOWSsystem32policymanagerprecheck.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000231912 _____ (Microsoft Corporation) C:WINDOWSsystem32deviceaccess.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000200192 _____ (Microsoft Corporation) C:WINDOWSsystem32updatepolicy.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000197632 _____ (Microsoft Corporation) C:WINDOWSsystem32Win32CompatibilityAppraiserCSP.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000193848 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdumpsd.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000178192 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspartmgr.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000169472 _____ (Microsoft Corporation) C:WINDOWSsystem32SpatialAudioLicenseSrv.exe
2020-03-25 13:38 – 202 0-03-25 13:38 – 000164368 _____ (Microsoft Corporation) C:WINDOWSsystem32CompatTelRunner.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000152408 _____ (Microsoft Corporation) C:WINDOWSsystem32KerbClientShared.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000151352 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversscmbus.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000147696 _____ (Microsoft Corporation) C:WINDOWSsystem32smss.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000142544 _____ (Microsoft Corporation) C:WINDOWSsystem32LicensingUI.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000140800 _____ (Microsoft Corporation) C:WINDOWSsystem32slc.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000136192 _____ (Microsoft Corporation) C:WINDOWSsystem32sppc.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000127064 _____ (Microsoft Corporation) C:WINDOWSsystem32win32u.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000122368 _____ (Microsoft Corporation) C:WINDOWSsystem32samlib.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000115120 _____ (Microsoft Corporation) C:WINDOWSsystem32phoneactivate.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000108032 _____ (Microsoft Corporation) C:WINDOWSsystem32wwanprotdim.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000105984 _____ (Microsoft Corporation) C:WINDOWSsystem32utcutil.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000102216 _____ (Microsoft Corporation) C:WINDOWSsystem32changepk.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000096768 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Custom.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000089912 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvolmgr.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000088352 _____ (Microsoft Corporation) C:WINDOWSsystem32remoteaudioendpoint.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000076288 _____ (Mi crosoft Corporation) C:WINDOWSsystem32autopilot.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000071480 _____ (Microsoft Corporation) C:WINDOWSsystem32win32appinventorycsp.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000070656 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000070656 _____ (Microsoft Corporation) C:WINDOWSsystem32keepaliveprovider.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000064512 _____ (Microsoft Corporation) C:WINDOWSsystem32pcadm.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000064000 _____ (Microsoft Corporation) C:WINDOWSsystem32tbauth.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000060416 _____ (Microsoft Corporation) C:WINDOWSsystem32CloudNotifications.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000059192 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorufs.sys
2020-03-25 13 :38 – 2020-03-25 13:38 – 000057856 _____ (Microsoft Corporation) C:WINDOWSsystem32wups2.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000057344 _____ (Microsoft Corporation) C:WINDOWSsystem32audioresourceregistrar.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000051200 _____ (Microsoft Corporation) C:WINDOWSsystem32pcalua.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000047208 _____ (Microsoft Corporation) C:WINDOWSsystem32wuauclt.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000045568 _____ (Microsoft Corporation) C:WINDOWSsystem32cmintegrator.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000044032 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.Resources.Common.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000043008 _____ (Microsoft Corporation) C:WINDOWSsystem32UpgradeResultsUI.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000039424 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcProxyStubs.dll
2020 -03-25 13:38 – 2020-03-25 13:38 – 000036864 _____ (Microsoft Corporation) C:WINDOWSsystem32TokenBrokerCookies.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000036152 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceCensus.exe
2020-03-25 13:38 – 2020-03-25 13:38 – 000033080 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershwpolicy.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000031744 _____ (Microsoft Corporation) C:WINDOWSsystem32wksprtPS.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000030720 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversKNetPwrDepBroker.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000028160 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversflpydisk.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000023552 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Custom.ps.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000022528 _____ (Microsoft Corporation) C:WINDOWSsystem32slc ext.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000022528 _____ (Microsoft Corporation) C:WINDOWSsystem32sbservicetrigger.dll
2020-03-25 13:38 – 2020-03-25 13:38 – 000018944 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssfloppy.sys
2020-03-25 13:38 – 2020-03-25 13:38 – 000012800 _____ (Microsoft Corporation) C:WINDOWSsystem32pcaevts.dll
2020-03-25 13:23 – 2020-04-02 13:25 – 000000000 ____D C:Reports Quarantine
2020-03-25 10:34 – 2020-03-18 12:00 – 005581800 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll
2020-03-25 10:34 – 2020-03-18 12:00 – 002632680 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvsvc64.dll
2020-03-25 10:34 – 2020-03-18 12:00 – 001759216 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvsvcr.dll
2020-03-25 10:34 – 2020-03-18 12:00 – 001172464 _____ (NVIDIA Corporation) C:WINDOWSsystem32nv3dappshext.dll
2020-03-25 10:34 – 2020-03-18 12:00 – 000446264 _____ (NVI DIA Corporation) C:WINDOWSsystem32nvmctray.dll
2020-03-25 10:34 – 2020-03-18 12:00 – 000121144 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvshext.dll
2020-03-25 10:34 – 2020-03-18 12:00 – 000074736 _____ (NVIDIA Corporation) C:WINDOWSsystem32nv3dappshextr.dll
2020-03-25 10:34 – 2020-03-16 14:39 – 008997147 _____ C:WINDOWSsystem32nvcoproc.bin
2020-03-25 10:34 – 2020-02-28 22:39 – 000001951 _____ C:WINDOWSNvContainerRecovery.bat
2020-03-25 10:29 – 2020-03-19 13:11 – 001729232 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe
2020-03-25 10:29 – 2020-03-19 13:11 – 001729232 _____ C:WINDOWSsystem32vulkaninfo.exe
2020-03-25 10:29 – 2020-03-19 13:11 – 001329360 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe
2020-03-25 10:29 – 2020-03-19 13:11 – 001329360 _____ C:WINDOWSSysWOW64vulkaninfo.exe
2020-03-25 10:29 – 2020-03-19 13:11 – 001078992 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0. dll
2020-03-25 10:29 – 2020-03-19 13:11 – 001078992 _____ C:WINDOWSsystem32vulkan-1.dll
2020-03-25 10:29 – 2020-03-19 13:11 – 000937680 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll
2020-03-25 10:29 – 2020-03-19 13:11 – 000937680 _____ C:WINDOWSSysWOW64vulkan-1.dll
2020-03-25 10:29 – 2020-03-19 13:11 – 000450464 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll
2020-03-25 10:29 – 2020-03-19 13:11 – 000348048 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll
2020-03-25 10:29 – 2020-03-19 13:10 – 011945072 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvptxJitCompiler.dll
2020-03-25 10:29 – 2020-03-19 13:10 – 010285680 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvptxJitCompiler.dll
2020-03-25 10:29 – 2020-03-19 13:10 – 000817056 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvmcumd.dll
2020-03-25 10:29 – 2020-03-19 13:10 – 000676448 _____ C:WINDOWSsystem32nvofapi64.dll
2020-0 3-25 10:29 – 2020-03-19 13:10 – 000544352 _____ C:WINDOWSSysWOW64nvofapi.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 017600912 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 015157664 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 005856656 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 005158304 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 002072992 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 001723280 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdispco6444575.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 001564904 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 001483168 _____ (NVIDIA Corporation) C:WINDOWSsystem32 nvdispgenco6444575.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 001480936 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 001351568 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvfatbinaryLoader.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 001142176 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 001049488 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvfatbinaryLoader.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 000811424 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 000679840 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 000655264 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll
2020-03-25 10:29 – 2020-03-19 13:09 – 000546720 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll
2020 -03-25 10:29 – 2020-03-19 10:06 – 004927048 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll
2020-03-25 10:29 – 2020-03-19 10:05 – 004196160 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll
2020-03-25 10:29 – 2020-03-18 15:51 – 001682368 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvhdagenco6420103.dll
2020-03-25 10:29 – 2020-03-18 15:51 – 000223120 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvhda64v.sys
2020-03-25 10:29 – 2020-03-18 15:51 – 000075600 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvvhci.sys
2020-03-25 10:29 – 2020-03-18 15:51 – 000056618 _____ C:WINDOWSsystem32nvinfo.pb
2020-03-25 10:29 – 2020-03-18 15:51 – 000039824 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvhdap64.dll
2020-03-20 23:20 – 2020-03-20 23:20 – 021448817 _____ C:UsersMoeDownloadscom.android.vending_19.3.26-all_0_PR_301645536-81932600_minAPI16(armeabi,armeabi-v7a,mips,mips64,x86,x86_64)(nodp i)_apkmirror.com.apk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-14 23:11 – 2019-03-19 12:52 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2020-04-14 23:04 – 2019-01-06 22:22 – 121542864 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe
2020-04-14 22:44 – 2019-01-07 00:31 – 000000000 ____D C:Program Files (x86)Steam
2020-04-14 22:09 – 2019-08-14 12:05 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2020-04-14 20:44 – 2019-08-12 13:10 – 000000000 ____D C:UsersMoeDocumentsViberDownloads
2020-04-14 19:12 – 2019-08-14 12:15 – 000840852 _____ C:WINDOWSsystem32PerfStringBackup.INI
2020-04-14 19:12 – 2019-03-19 12:50 – 000000000 ____D C:WINDOWSINF
2020-04-14 19:07 – 2019-12-12 10:32 – 000000000 ____D C:ProgramDataNVIDIA
2020-04-14 19:06 – 2019-01-06 22:25 – 00000 0000 ____D C:UsersMoeAppDataLocalLowMozilla
2020-04-14 19:05 – 2019-08-14 12:12 – 000003126 _____ C:WINDOWSsystem32TasksMSIAfterburner
2020-04-14 19:05 – 2019-08-14 12:12 – 000000006 ____H C:WINDOWSTasksSA.DAT
2020-04-14 19:05 – 2019-01-08 06:13 – 000000000 ____D C:UsersMoeAppDataLocalESET
2020-04-14 19:04 – 2019-03-19 12:37 – 000262144 _____ C:WINDOWSsystem32configBBI
2020-04-14 18:06 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSAppReadiness
2020-04-14 18:06 – 2019-01-06 22:18 – 000000000 ____D C:UsersMoeAppDataLocalPackages
2020-04-14 18:04 – 2019-03-19 12:52 – 000000000 ___HD C:WINDOWSELAMBKUP
2020-04-14 16:46 – 2019-01-07 18:15 – 000000000 ____D C:UsersMoeAppDataLocalcache
2020-04-14 16:26 – 2019-01-07 17:11 – 000000000 ____D C:UsersMoeAppDataLocalCrashDumps
2020-04-13 21:17 – 2019-08-12 13:04 – 000000000 ____D C:UsersMoeDownloadsAV Tools
2 020-04-12 21:04 – 2019-03-19 12:52 – 000000000 ___HD C:Program FilesWindowsApps
2020-04-11 23:13 – 2020-01-16 18:41 – 000000000 ____D C:UsersMoeAppDataLocalAirVPN
2020-04-11 20:02 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSsystem32NDF
2020-04-11 00:36 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSsystem32Macromed
2020-04-11 00:36 – 2019-01-06 23:09 – 000000000 ____D C:Program Files (x86)AMD
2020-04-11 00:36 – 2019-01-06 23:05 – 000000000 ____D C:Program FilesAMD
2020-04-11 00:35 – 2019-01-16 19:42 – 000000214 _____ C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job
2020-04-10 23:30 – 2019-01-06 22:25 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2020-04-10 17:38 – 2019-04-20 16:34 – 000001278 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMozilla Thunderbird.lnk
2020-04-10 17:09 – 2019-01-08 22:51 – 000000000 ____D C:UsersMoeAppDataLocalElevat edDiagnostics
2020-04-09 23:45 – 2019-08-12 13:10 – 000002278 ____H C:UsersMoeDocumentsDefault.rdp
2020-04-09 23:43 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSsystem32FxsTmp
2020-04-08 22:37 – 2019-01-06 22:25 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2020-04-07 16:53 – 2019-08-14 12:08 – 000000000 ____D C:UsersMoe
2020-04-07 16:52 – 2019-11-08 18:30 – 000000000 ____D C:WINDOWSMinidump
2020-04-06 18:02 – 2019-12-24 14:55 – 000000000 ____D C:Program FilesqBittorrent
2020-04-06 18:01 – 2019-12-24 14:56 – 000000000 ____D C:UsersMoeAppDataRoamingqBittorrent
2020-04-06 18:01 – 2019-08-12 13:04 – 000000000 ____D C:UsersMoeDownloadsComm
2020-04-05 23:00 – 2019-07-03 14:27 – 000000000 ____D C:UsersMoeDesktopMisc
2020-04-05 22:52 – 2019-01-07 18:15 – 000000000 ____D C:UsersMoeAppDataRoamingViberPC
2020-04-04 12:47 – 2019-04 -22 20:36 – 000002418 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsBrave.lnk
2020-04-03 09:02 – 2020-02-15 22:35 – 000000000 ____D C:UsersMoeDesktopBlueStacks
2020-04-02 13:26 – 2019-01-06 22:20 – 000744808 ____N (Microsoft Corporation) C:WINDOWSsystem32MpSigStub.exe
2020-03-26 13:20 – 2019-08-14 12:05 – 000629768 _____ C:WINDOWSsystem32FNTCACHE.DAT
2020-03-26 13:15 – 2019-08-12 13:04 – 000000000 ____D C:UsersMoeDownloadsMisc
2020-03-25 15:46 – 2019-10-16 21:34 – 000000000 ____D C:Program Files (x86)MonitorSoftware
2020-03-25 13:43 – 2019-03-19 14:23 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection
2020-03-25 13:43 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSSystemResources
2020-03-25 13:43 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation
2020-03-25 13:43 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSShellExperie nces
2020-03-25 13:43 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSProvisioning
2020-03-25 13:43 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSPolicyDefinitions
2020-03-25 13:43 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSbcastdvr
2020-03-25 13:40 – 2019-03-19 12:37 – 000000000 ____D C:WINDOWSCbsTemp
2020-03-25 13:19 – 2019-04-08 09:33 – 000000000 ____D C:temp
2020-03-25 10:46 – 2019-12-12 10:34 – 000000000 ____D C:UsersMoeAppDataLocalNVIDIA
2020-03-25 10:34 – 2019-12-12 10:30 – 000000000 ____D C:WINDOWSsystem32DriversNVIDIA Corporation
2020-03-25 10:34 – 2019-12-12 10:27 – 000000000 ____D C:ProgramDataNVIDIA Corporation
2020-03-25 10:34 – 2019-12-12 10:27 – 000000000 ____D C:Program FilesNVIDIA Corporation
2020-03-25 10:29 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSHelp
2020-03-25 10:21 – 2019-01-06 21:55 – 000000000 ____D C:WINDOWSsystem32Driverswd
2020-03-22 22:50 – 2019-08-12 13:04 – 000000000 ____D C:UsersMoeDownloadsUtilities

==================== Files in the root of some directories ========

2019-12-05 02:36 – 2019-12-05 03:52 – 000000128 _____ () C:UsersMoeAppDataLocalPUTTY.RND
2019-12-22 17:15 – 2019-12-24 19:40 – 000000487 _____ () C:UsersMoeAppDataLocalReclaiMe.config
2020-01-06 20:22 – 2020-01-06 20:22 – 000000017 _____ () C:UsersMoeAppDataLocalresmon.resmoncfg
2020-02-01 21:45 – 2020-02-01 21:45 – 000000000 _____ () C:UsersMoeAppDataLocal{127D5E2F-D9CB-47BB-A174-8CCF1207B1F8}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2020
Ran by Moe (14-04-2020 23:48:48)
Running from C:UsersMoeDownloadsMalware
Windows 10 Pro Version 1909 18363.752 (X64) (2019-08-14 04:12:07)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2401605411-2593107901-998236807-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-2401605411-2593107901-998236807-503 – Limited – Disabled)
Guest (S-1-5-21-2401605411-2593107901-998236807-501 – Limited – Disabled)
Moe (S-1-5-21-2401605411-2593107901-998236807-1001 – Administrator – Enabled) => C:UsersMoe
Mio (S-1-5-21-2401605411-2593107901-998236807-1003 – Limited – Enabled) => C:UsersMio
WDAGUtilityAccount (S-1-5-21-2401605411-2593107901-998236807-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)[19659004]AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)
AMD Chipset Software (HKLM-x32…AMD_Chipset_IODrivers) (Version: 2.04.04.111 – Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32…{1774a753-7604-40a0-adbd-e3dc95bea5a8}) (Version: 2.04.04.111 – Advanced Micro Devices, Inc.) Hidden
Asmedia USB Host Controller Driver (HKLM-x32…{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.56.1 – Asmedia Technology)
BlueStacks App Player (HKLM…BlueStacks) (Version: 4.180.0.1051 – BlueStack Systems, Inc.)
Brave (HKLM-x32…BraveSoftware Brave-Browser) (Version: 80.1.5.123 – Brave Software Inc)
Eddie – OpenVPN UI (HKLM-x32…AirVPN) (Version:  – AirVPN – hxxps://airvpn.org)
Epic Games Launcher Prerequisites (x64) (HKLM…{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
Glary Utilities P RO 5.137 (HKLM-x32…Glary Utilities 5) (Version: 5.137.0.163 – Glarysoft Ltd)
Google Update Helper (HKLM-x32…{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 – Google Inc.) Hidden
Intel® Network Connections 23.5.2.0 (HKLM…PROSetDX) (Version: 23.5.2.0 – Intel)
K-Lite Codec Pack 15.4.4 Standard (HKLM-x32…KLiteCodecPack_is1) (Version: 15.4.4 – KLCP)
Launcher Prerequisites (x64) (HKLM-x32…{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
LibreOffice 6.4.2.2 (HKLM…{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 – The Document Foundation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Co rporation)
Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12. 0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) – 14.14.26429 (HKLM-x32…{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 – Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) – 14.13.26020 (HKLM-x32…{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 – Microsoft Corporation)
Mozilla Firefox 75.0 (x64 en-US) (HKLM…Mozilla Firefox 75.0 (x64 en-US)) (Version: 75.0 – Mozilla)
Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 72.0 – Mozilla)
Mozilla Thunderbird 68.7.0 (x86 en-US) (HKLM-x32…Mozilla Thunderbird 68.7.0 (x86 en-US)) (Version: 68.7.0 – Mozilla)
MSI Afterburner 4.6.1 (HKLM-x32…Afterburner) (Version: 4.6.1 – MSI Co., LTD)
MSI Kombustor v4 0.6.3.3 (64-bit) (HKLM-x32…{F3D3CC6B-9AD7-4F43-8C69-40D5902FDC5C}}_is1) (Version:  – MSI / Geeks3D)
NextDNS (HKLM-x32…NextDNS) (Version: 1.0. 12 – NextDNS)
NVAPI Monitor plugin for NvContainer (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 – NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 – NVIDIA Corporation)
NVIDIA Graphics Driver 445.75 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 – NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.26 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 – NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)
Promontory_GPIO Driver (HKLM-x32…{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 – Advanced Micro Devices, Inc.) Hidden
PuTTY release 0.73 (64-bit) (HKLM…{44F7642C-AB7E-4468-B028-E8 D08A0CBB0E}) (Version: 0.73.0.0 – Simon Tatham)
qBittorrent 4.2.3 (HKLM-x32…qBittorrent) (Version: 4.2.3 – The qBittorrent project)
RivaTuner Statistics Server 7.2.2 (HKLM-x32…RTSS) (Version: 7.2.2 – Unwinder)
SP Toolbox (HKLM-x32…{CA9C70BB-19CF-49D6-92A7-6A1C052BF195}) (Version: 2.0.14.1 – Silicon Power)
Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)
TAP-Windows 9.21.2 (HKLM…TAP-Windows) (Version: 9.21.2 – )
Viber (HKLM-x32…{BFA8868B-76A2-4B64-ADE2-76CF7E3E882D}) (Version: 9.9.5.12 – Viber Media Inc.) Hidden
Viber (HKUS-1-5-21-2401605411-2593107901-998236807-1001…{144a144e-eecc-4102-bd8b-778664ebf53a}) (Version: 9.9.5.12 – Viber Media Inc.)
Web Components (HKLM-x32…{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: 3.0.6.6 – )
Winpower (HKLM-x32…Winpower) (Version: 5.6.0.5 – )
WinSCP 5.17.2 (HKUS-1-5-21-2401605411-2593107901-998236807-100 1…winscp3_is1) (Version: 5.17.2 – Martin Prikryl)

Packages:
=========
Community Showcase Everyday Art -> C:Program FilesWindowsAppsMicrosoft.CommunityShowcaseEverydayArt_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation)
Community Showcase Everyday Art 2 -> C:Program FilesWindowsAppsMicrosoft.CommunityShowcaseEverydayArt2_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation)
Community Showcase Everyday Art 3 -> C:Program FilesWindowsAppsMicrosoft.CommunityShowcaseEverydayArt3_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation)
Dark Skies by Tracy Hymas -> C:Program FilesWindowsAppsMicrosoft.DarkSkiesbyTracyHymas_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation)
Light and Dark 2 by Nick Boyer -> C:Program FilesWindowsAppsMicrosoft.LightandDark2byNickBoyer_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:Program FilesWindowsAppsMicrosoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:Program FilesWindowsAppsMicrosoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad]
Perspectives of Japan 2 by Kazuo Nakadai -> C:Program FilesWindowsAppsMicrosoft.PerspectivesofJapan2byKazuoNakadai_1.0.0.0_neutral__8wekyb3d8bbwe [2020-02-27] (Microsoft Corporation)
Subtle Details by Claudio Marinangeli -> C:Program FilesWindowsAppsMicrosoft.SubtleDetailsbyClaudioMarinangeli_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation)
uBlock Origin -> C:Program FilesWindowsApps37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-08-14] (Nik Rolls)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-2401605411-2593107901-998236807-1001_ClassesCLSID{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}InprocServer32 -> C:UsersMoeAppDataLocalProgramsWinSCPDragExt64.dll (Martin Prikryl -> Martin Prikryl)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-40 8C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} = > C:Program Files7-Zip7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:Program Files (x86)Glary Utilities 5x64ContextHandler.dll [2020-03-04] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:Program Files (x86)Glary Utilities 5x64ContextHandler.dll [2020-03-04] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-22] (Igor Pavlov) [19659016]ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSsystem32nvshext.dll [2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:Program Files (x86)Glary Utilities 5x64ContextHandler.dll [2020-03-04] (Glarysoft LTD -> Glarysoft Ltd)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Drivers32: [VIDC.RTV1] => c:windowssystem32rtvcvfw64.dll [246272 2012-09-29] () [File not signed]
HKLM…Drivers32: [VIDC.RTV1] => C:WindowsSysWOW64rtvcvfw32.dll [247296 2012-09-29] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-05-28 09:22 – 2019-03-28 11:29 – 006065152 _____ () [File not signed] C:Program Files (x86)ASUSAsusFanControlService2.00.76libprotobufd.dll
2019-10-16 21:34 – 2019-10-16 21:34 – 000045056 _____ () [File not signed] C:Program Files (x86)MonitorSoftwarejspWin.dll
2019-10-16 21:34 – 2019-10-16 21:34 – 000077824 _____ () [File not signed] C:Program Files (x86)MonitorSoftwareTrayIcon12.dll
2019-10-16 21:34 – 2019-10-16 21:34 – 000036864 _____ () [File not signed] C:Program Files (x86)MonitorSoftwarewriteSystemLogDll.dll
2019-08-13 01:52 – 2019-01-07 09:43 – 000116224 ____C () [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesWin64GFSDK_Aftermath_Lib.x64.dll
2019-08-13 01:52 – 2019-01-07 09:00 – 000883712 ____C () [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesWin64oo2core_4_win64.dll
2019-08-13 01:52 – 2019-01-07 09:43 – 000026112 ____C (Epic Games, Inc.) [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesWin64libogg_64.dll
2019-08-13 01:52 – 2019-01-07 09:00 – 001714688 ____C (Epic Games, Inc.) [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesWin64libvorbis_64.dll
2019-08-13 01:52 – 2019-01-07 09:43 – 000039936 ____C (Epic Games, Inc.) [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesWin64libvorbisfile_64.dll
2019-01-06 22:57 – 2019-02-22 00:00 – 000078336 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll
2018-12-20 12:49 – 2018-12-20 12:49 – 000372736 _____ (Intel® Corporation) [File not signed] C:Windowssystem32NCS2Setp.dll
2019-08-13 01:52 – 2019-01-07 09:00 – 001665024 ____C (NVIDIA Corporation) [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesWin64APEX_Clothing_x64.dll
2019-08-13 01:52 – 2019-01-07 09:00 – 001213440 ____C (NVIDIA Corporation) [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesWin64APEX_Destructible_x64.dll
2019-08-13 01:52 – 2019-01-07 09:00 – 001755648 ____C (NVIDIA Corporation) [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesWin64ApexFramework_x64.dll
2019-08-13 01:52 – 2019-01-07 09:43 – 000143872 ____C (NVIDIA Corporation) [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesWin64nvtt_64.dll
2019-08-13 01:52 – 2019-01-07 09:00 – 000680960 ____C (NVIDIA Corporation) [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesW in64PhysXCooking64.dll
2019-08-13 01:52 – 2019-01-07 09:00 – 004595712 ____C (NVIDIA Corporation) [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesWin64PhysXCore64.dll
2019-08-13 01:52 – 2019-01-07 09:43 – 000062464 ____C (NVIDIA Corporation) [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesWin64PhysXLoader64.dll
2019-08-13 01:52 – 2019-01-07 09:00 – 000435712 ____C (RAD Game Tools, Inc.) [File not signed] D:Steam GamessteamappscommonXCOM 2XCom2-WarOfTheChosenBinariesWin64bink2w64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:UsersPublicShared Files:VersionCache [464]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMSIServer => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-09-20 03:44 – 2019-09-20 03:44 – 000001026 _____ C:WINDOWSsystem32driversetchosts
127.0.0.1 ads.viber.com
127.0.0.1 ads.aws.viber.com
127.0.0.1 ads-d.viber.com
127.0.0.1 api.mixpanel.com
127.0.0.1 s-imp.rmp.rakuten.com
127.0.0.1 s-bid.rmp.rakuten.com
127.0.0.1 api.taboola.com

2019-01-08 22:51 – 2020-03-05 00:55 – 000000584 _____ C:WINDOWSsystem32driversetchosts.ics
24 14 3 4 214
0.0.0.1 Veritech.mshome.net # 2024 12 6 28 8 37 52 925
81

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKUS-1-5-21-2401605411-2593107901-998236807-1001Control PanelDesktop\Wallpaper -> C:UsersMoeAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper
DNS Servers: 192.0.2.42 – 192.168.1.2
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM…StartupApprovedRun32: => "Display"
HKUS-1-5-21-2401605411-2593107901-998236807-1001…StartupApprovedRun: => "GUDelayStartup"

==================== FirewallRules (Whitelisted) ======= =========

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{811DBEA4-41FA-46ED-956E-5BE25E8C3572}D:steam gamessteamappscommonxcom 2binarieswin64xcom2.exe] => (Allow) D:steam gamessteamappscommonxcom 2binarieswin64xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{6DD7ECFD-09FC-48D4-82FC-4A9DCE24F45C}D:steam gamessteamappscommonxcom 2binarieswin64xcom2.exe] => (Allow) D:steam gamessteamappscommonxcom 2binarieswin64xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{D711B4EE-3A22-4B55-9183-EA849B550882}] => (Allow) D:Steam GamessteamappscommonDarkestDungeon_windowsDarkest.exe No File
FirewallRules: [{DBB31132-12AD-43AC-96F7-98E67418B288}] => (Allow) D:Steam GamessteamappscommonDarkestDungeon_windowsDarkest.exe No File
FirewallRules: [{052ACFA7-1863-4E9A-A8F1-1EF538E0EA01}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F5AF7580-EDCC-48FF-B201-9FAB10279BCC}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0647C63A-86A3-4627-B8E2-D5B98D0587BF}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)
FirewallRules: [{7DB4BEFD-8408-4C66-AACE-A2CFB4CF87A1}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)
FirewallRules: [{8AFEDD23-1D64-492E-BDD1-9B35769BEA74}] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe No File
FirewallRules: [{D4855770-1EDB-4586-8229-A00F57CD1BA4}] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe No File
FirewallRules: [{E99CC250-9DA4-4E2D-8A0A-A3064D11D60A}] => (Allow) D:Steam GamessteamappscommonXCOM 2BinariesWin64LauncherModLauncherWPF.exe (Microsoft) [File not signed]
FirewallRules: [{B5D92BDD-D849-4F5F-A79E-2E07CF598644}] => (Allow) D:Steam GamessteamappscommonXCOM 2BinariesWin64LauncherModLauncherWPF.exe (Microsoft) [File not signed]
FirewallRules: [{D4457B75-5027-47D7-88AA-55095940C08B}] => (Allow) D:Steam GamessteamappscommonAim Labaimlab_tb.exe () [File not signed]
FirewallRules: [{5E25349C-74B8-4D15-894D-0872D2131623}] => (Allow) D:Steam GamessteamappscommonAim Labaimlab_tb.exe () [File not signed]
FirewallRules: [{D3AC31C3-D297-4E57-B817-AB5A2D631D6D}] => (Allow) D:Steam GamessteamappscommonOri DEoriDE.exe () [File not signed]
FirewallRules: [{46DB4B34-A704-49C5-8072-B323B6DD4D00}] => (Allow) D:Steam GamessteamappscommonOri DEoriDE.exe () [File not signed]
FirewallRules : [{9C8E9C26-3181-4002-BB4E-F99E176F4DED}] => (Allow) D:Steam GamessteamappscommonBATTLETECHBattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{976264D6-9196-4111-B1DA-F19DDEC10D4F}] => (Allow) D:Steam GamessteamappscommonBATTLETECHBattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{9772867D-D70E-46AA-B24A-70C4C0CEF9BC}] => (Allow) D:Steam GamessteamappscommonLords Of The FallenbinLordsOfTheFallen.exe () [File not signed]
FirewallRules: [{EAC6A44C-2782-47B9-A545-1DAF8E4EF014}] => (Allow) D:Steam GamessteamappscommonLords Of The FallenbinLordsOfTheFallen.exe () [File not signed]
FirewallRules: [{EB7CD69E-254A-4D44-AB26-1CBA8A4FDEAE}] => (Allow) D:Steam GamessteamappscommonRise of the Tomb RaiderROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{BB306D99-72DA-4465-9AF2-3C548771E27B}] => (Allow) D:Steam GamessteamappscommonRise of the Tomb RaiderROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{D2A5645D-4712-4C97-B75A-14D7D07819AA}] => (Allow) D:Steam GamessteamappscommonSniper Elite 4LauncherSniperElite4.exe () [File not signed]
FirewallRules: [{D96F3EF3-6CA0-4D2A-B20A-0A029CF591D7}] => (Allow) D:Steam GamessteamappscommonSniper Elit e 4LauncherSniperElite4.exe () [File not signed]
FirewallRules: [{68A63715-C245-4B93-B4B3-F69D124A3FC2}] => (Allow) D:Steam GamessteamappscommonValkyria ChroniclesLauncher.exe (SEGA EUROPE LIMITED -> SEGA)
FirewallRules: [{D36A331A-5598-4DB9-B711-E5988A3317D7}] => (Allow) D:Steam GamessteamappscommonValkyria ChroniclesLauncher.exe (SEGA EUROPE LIMITED -> SEGA)
FirewallRules: [{E8949901-67CA-42C7-87E7-79B4C806C2C6}] => (Allow) D:Steam GamessteamappscommonThe Witcher 3binx64witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{76356363-2932-4C9E-9CA5-100E0A18DE30}] => (Allow) D:Steam GamessteamappscommonThe Witcher 3binx64witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{0C132FB1-2D6D-48C5-BEED-617F5B392C45}D:steam gamessteamappscommonxcom 2xcom2-warofthechosenbinarieswin64xcom2.exe] => (Allow) D:steam gamessteamappscommonxcom 2xcom2-warofthechosenbinarieswin64xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{4B6AB98C-01B1-4E25-B0BD-01DEBDD6D3A1}D:steam gamessteamappscommonxcom 2xcom2-warofthechosenbinarieswin64xcom2.exe] => (Allow) D:steam gamessteamappscommonxcom 2xcom2-warofthechosenbinarieswin64xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{2816FA72-26F3-48B8-9EC2-4D971F45FD0C}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Va lve Corporation)
FirewallRules: [{865BC007-BDA4-4FAD-867E-6D78E65C2FCD}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{C23464D7-1F1D-43F5-8E5E-35524DCFFA49}D:steam gamessteamappscommonxcom 2xcom2-warofthechosenbinarieswin64xcom2.exe] => (Block) D:steam gamessteamappscommonxcom 2xcom2-warofthechosenbinarieswin64xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{23B20065-9489-44FF-A75C-DD06171E5BFC}D:steam gamessteamappscommonxcom 2xcom2-warofthechosenbinarieswin64xcom2.exe] => (Block) D:steam gamessteamappscommonxcom 2xcom2-warofthechosenbinarieswin64xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{2D1FA137-B341-4C35-B2A5-E52C52FDFE1C}] => (Allow) D:Steam GamessteamappscommonMurdered Soul SuspectBinariesWin64Murdered.exe () [File not signed]
FirewallRules: [{FBD08F31-ACA9-47EA-8274-D53DDC1B1B2B}] => (Allow) D:Steam GamessteamappscommonMurdered Soul SuspectBinariesWin64Murdered.exe () [File not signed]
FirewallRules: [TCP Query User{035A8079-8502-450A-A964-B21F3B68E629}D:steam gamessteamappscommonpubgtslgamebinarieswin64tslgame.exe] => (Allow) D:steam gamessteamappscommonpubgtslgamebinarieswin64tslgame.exe No File
FirewallRules: [UDP Query User{5F993112-977F-4B20-B86A-368D4BA1F191}D:steam gamessteamappscommonpubgtslgamebinarieswin64tslgame.exe] => (Allow) D:steam gamessteamappscommonpubgtslgamebinarieswin64tslgame.exe No File
FirewallRules: [{D2875FB9-E846-43A3-9706-34EB843C566B}] => (Allow) D:Steam GamessteamappscommonShadowOfMordorx64ShadowOfMordor.exe No File
FirewallRules: [{D038F38A-896A-4F36-BF36-FE730E412724}] => (Allow) D:Steam GamessteamappscommonShadowOfMordorx64ShadowOfMordor.exe No File
FirewallRules: [{B57937B4-8AB1-4EFE-A174-097E24A7C37D}] => (Allow) D:Steam GamessteamappscommonThe CouncilThe Council.exe (Focus Home Interactive -> Cyanide)
FirewallRules: [{8B748F3F-9D82-4BEB-AEBA-2846F4591C25}] => (Allow) D:Steam GamessteamappscommonThe CouncilThe Council.exe (Focus Home Interactive -> Cyanide)
FirewallRules: [{DAB3AA06-94F0-4814-AD8E-50D5A8326A5B}] => (Allow) D:Steam GamessteamappscommonBayonettaBayonetta.exe () [File not signed]
FirewallRules: [{F0CA2CC0-EFAC-42F0-AB1A-DB968413ED8F}] => (Allow) D:Steam GamessteamappscommonBayonettaBayonetta.exe () [File not signed]
FirewallRules: [{8B81A59D-8692-4893-953D-41D196DB463C}] => (Allow) D:Steam GamessteamappscommonGalaxy SquadGalaxy Squad.exe () [File not signed]
FirewallRules: [{68CBD691-1262-4A04-97B3-BB9B8CF7D565}] => (Allow) D:Steam GamessteamappscommonGalaxy SquadGalaxy Squad.exe () [File not signed]
FirewallRules: [{40DE5C28-BB59-47BC-B80E-8848646D58DE}] => (Allow) D:Steam Games steamappscommonVanquishVanquish.exe () [File not signed]
FirewallRules: [{8E0DD3A5-5456-44D9-9592-8FD0153D7D24}] => (Allow) D:Steam GamessteamappscommonVanquishVanquish.exe () [File not signed]
FirewallRules: [{6B2362AD-142B-4115-BCEF-60DE60B5B19A}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe No File
FirewallRules: [{863F2499-C14C-4083-9742-9D2783D2B070}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe No File
FirewallRules: [{C744DFE9-6806-434C-BB7F-EDE86FA4F322}] => (Allow) D:Steam GamessteamappscommonVC4Valkyria4_x64.exe (SEGA) [File not signed]
FirewallRules: [{74D6C340-6F46-4300-9E46-66C04C6B3994}] => (Allow) D:Steam GamessteamappscommonVC4Valkyria4_x64.exe (SEGA) [File not signed]
FirewallRules: [{B01B4D96-D0E8-44F8-AC24-690BDC3F53DA}] => (Allow) D:Steam GamessteamappscommonDivinity Original Sin 2binSupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{001F75A5-C6C4-46ED-B63A-CBB5233D8FEC}] => (Allow) D:Steam GamessteamappscommonDivinity Original Sin 2binSupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [TCP Query User{F3FED973-D866-413E-9267-980F2AD09248}D:steam gamessteamappscommondivinity original sin 2defedbineocapp.exe] => (Allow) D:steam gamessteamappscommondivinity original si n 2defedbineocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{3CD1AAED-5E7E-4D20-B357-114596BAC930}D:steam gamessteamappscommondivinity original sin 2defedbineocapp.exe] => (Allow) D:steam gamessteamappscommondivinity original sin 2defedbineocapp.exe (Larian Studios -> )
FirewallRules: [{DFED5B34-6DBA-4B80-9786-A53B2CED1851}] => (Allow) D:Steam GamessteamappscommonMutant Year ZeroZoneUE4.exe (Ayeware AB -> )
FirewallRules: [{C8E673B3-076B-4373-9004-D5A394039C54}] => (Allow) D:Steam GamessteamappscommonMutant Year ZeroZoneUE4.exe (Ayeware AB -> )
FirewallRules: [TCP Query User{01B6C91E-5CFD-4899-98E0-540B443D5B6E}D:steam gamessteamappscommonmutant year zerozoneue4binarieswin64zoneue4-win64-shipping.exe] => (Allow) D:steam gamessteamappscommonmutant year zerozoneue4binarieswin64zoneue4-win64-shipping.exe (Ayeware AB -> Epic Games, Inc.)
FirewallRules: [UDP Query User{150A7B2B-AB43-4BA5-9C7A-5C5EB607878E}D:steam gamessteamappscommonmutant year zerozoneue4binarieswin64zoneue4-win64-shipping.exe] => (Allow) D:steam gamessteamappscommonmutant year zerozoneue4binarieswin64zoneue4-win64-shipping.exe (Ayeware AB -> Epic Games, Inc.)
FirewallRules: [{4F1A33D6-E3F7-44B6-A219-63B5625ACE55}] => (Allow) C:Program Files (x86)ASUSAI Suite IIIFile TransferWi-Fi GO! AssistToolFile Transfer Server.exe No File
FirewallRules: [{1C234395-6F9E-4C75-8115-993CAA798801}] => (Allow) C:Program Files (x86)ASUSAI Suite IIIFile TransferWi-Fi GO! AssistToolFile Transfer Server.exe No File
FirewallRules: [{14B269FC-D2E8-41FB-99B3-E4FD0BBDD755}] => (Allow) C:Program Files (x86)ASUSAI Suite IIIASUSDMS.exe No File
FirewallRules: [{0DF0D9A2-96B3-4024-8B2A-204CE9A3630E}] => (Allow) C:Program Files (x86)ASUSAI Suite IIIASUSDMS.exe No File
FirewallRules: [TCP Query User{ABB0F49E-F3BE-41F4-B7EF-D23E2F0D6C6C}D:usersMoedownloadsdriverssdi_r1904sdi_x64_r1904.exe] => (Allow) D:usersMoedownloadsdriverssdi_r1904sdi_x64_r1904.exe No File
FirewallRules: [UDP Query User{829839E3-D14D-4FA2-88E1-7B48B293FCC9}D:usersMoedownloadsdriverssdi_r1904sdi_x64_r1904.exe] => (Allow) D:usersMoedownloadsdriverssdi_r1904sdi_x64_r1904.exe No File
FirewallRules: [TCP Query User{07D77B97-DCFA-491A-91B5-5488BDAF07F5}C:program fileslogitech gaming softwarelcore.exe] => (Block) C:program fileslogitech gaming softwarelcore.exe No File
FirewallRules: [UDP Query User{1D410BD2-56F4-4513-94EC-5D03CC5A00FA}C:program fileslogitech gaming softwarelcore.exe] => (Block) C:program fileslogitech gaming softwarelcore.exe No File
FirewallRules: [{62FEA8AE-7195-4ED5-B1D3-AF6B5DF789ED}] => (Allow) D:UsersMoeDownloadsCommdnsquerysniffer-x64DNSQuerySniffer.exe No File
FirewallRules: [{46ED2DA4-BB7C-4073-B051-295FB911F3E7}] => (Allow) D:UsersMoeDownloadsCommdnsquerysniffer-x64DNSQuerySniffer.exe No File
FirewallRules: [{C30D6694-FD01-409F-B361-086F067D9749}] => (Allow) D:Steam Games steamappscommonDarkestDungeon_windowsDarkest.exe No File
FirewallRules: [{CBE2D74B-B2F4-486C-AAA7-6C8493895A30}] => (Allow) D:Steam GamessteamappscommonDarkestDungeon_windowsDarkest.exe No File
FirewallRules: [TCP Query User{6B64FDBA-1826-4CFD-8DB0-E2AD4E4CB0E4}D:usersMoedownloadsdriverssdi_r1904sdi_r1904.exe] => (Allow) D:usersMoedownloadsdriverssdi_r1904sdi_r1904.exe No File
FirewallRules: [UDP Query User{332A5186-50CE-40FB-BDC1-AE87967A070D}D:usersMoedownloadsdriverssdi_r1904sdi_r1904.exe] => (Allow) D:usersMoedownloadsdriverssdi_r1904sdi_r1904.exe No File
FirewallRules: [{CC8D7DB3-53A9-4A17-BA09-2E0008E6AFF4}] => (Block) D:usersMoedownloadsdriverssdi_r1904sdi_r1904.exe No File
FirewallRules: [{1FB19917-5490-47E1-B23C-6F4D57687300}] => (Block) D:usersMoedownloadsdriverssdi_r1904sdi_r1904.exe No File
FirewallRules: [{33F1BEE5-5829-4111-AE6B-6AA07CC948C6}] => (Allow) D:Steam GamessteamappscommonMechanicusMechanicus.exe () [File not signed]
FirewallRules: [{D0B2338A-D761-4AD0-8117-6E2DE358F62F}] => (Allow) D:Steam GamessteamappscommonMechanicusMechanicus.exe () [File not signed]
FirewallRules: [{671E449B-B698-4034-996F-76C0F25C049C}] => (Allow) D:Steam GamessteamappscommonRESIDENT EVIL 2  BIOHAZARD RE2re2.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{D7B5C4B7-AF28-4D72-8779-3E1D6EC87C7F}] => (Allow) D:Steam GamessteamappscommonRESIDENT EVIL 2  BIOHAZARD RE2re2.exe (CAPCOM CO., LTD. -> )
FirewallRules: [TCP Query User{72AA3A01-6299-4977-9B5F-1F5EC24B6EFC}C:usersMoedownloadsdriverssdi_r1904sdi_x64_r1904.exe] => (Allow) C:usersMoedownloadsdriverssdi_r1904sdi_x64_r1904.exe No File
FirewallRules: [UDP Query User{1FBC964B-07BD-4243-86CC-AAC72A19F13D}C:usersMoedownloadsdriverssdi_r1904sdi_x64_r1904.exe] => (Allow) C:usersMoedownloadsdriverssdi_r1904sdi_x64_r1904.exe No File
FirewallRules: [{0B71C3D3-E32B-4F95-B1A0-A54A6A0D2ADF}] => (Block) C:usersMoedownloadsdriverssdi_r1904sdi_x64_r1904.exe No File
FirewallRules: [{220E7ECD-8DE4-4B18-85B0-618D53DDA1BD}] => (Block) C:usersMoedownloadsdriverssdi_r1904sdi_x64_r1904.exe No File
FirewallRules: [TCP Query User{2FD6C418-B00F-4BC2-A50A-63A4D8783054}C:usersMoedownloadsdriverssdi_r1904sdi_x64_r1909.exe] => (Allow) C:usersMoedownloadsdriverssdi_r1904sdi_x64_r1909.exe No File
FirewallRules: [UDP Query User{8FB5D1B1-166A-40BD-BF95-B672D98DD39C}C:usersMoedownloadsdriverssdi_r1904sdi_x64_r1909.exe] => (Allow) C:usersMoedownloadsdriverssdi_r1904sdi_x64_r1909.exe No File
FirewallRules: [{8C08F8D7-2175-46F6-B1E9-FBA5161A168F}] => (Block) C:usersMoedownloadsdriverssdi_r1904sdi_x64_r1909.exe No File
FirewallRules: [{15AF1B83-3DDF-496B-88C6-D9ECCBA029E5}] => (Block) C:usersMoedown loadsdriverssdi_r1904sdi_x64_r1909.exe No File
FirewallRules: [TCP Query User{DFA1A0EA-4DDC-417A-9C59-B2F8EF036DA9}C:usersMoedownloadsdriverssdi_r1909sdi_x64_r1909.exe] => (Allow) C:usersMoedownloadsdriverssdi_r1909sdi_x64_r1909.exe No File
FirewallRules: [UDP Query User{2E3FFA12-32D6-49AD-BB89-C63D5BB8EBD8}C:usersMoedownloadsdriverssdi_r1909sdi_x64_r1909.exe] => (Allow) C:usersMoedownloadsdriverssdi_r1909sdi_x64_r1909.exe No File
FirewallRules: [TCP Query User{C2F6B574-CF36-49B2-8932-F69D44312796}C:program files (x86)monitorsoftwarejrebinjavaw.exe] => (Allow) C:program files (x86)monitorsoftwarejrebinjavaw.exe
FirewallRules: [UDP Query User{D1559902-964D-45E2-9171-03E66A4F5349}C:program files (x86)monitorsoftwarejrebinjavaw.exe] => (Allow) C:program files (x86)monitorsoftwarejrebinjavaw.exe
FirewallRules: [{6A927535-E759-4FCD-898E-FFC4E15CF0E2}] => (Allow) C:Program Files (x86)MegaTecUPSilon 2000UPSilon.exe No File
FirewallRules: [{9C47B766-BCC4-4393-8C97-E791372C04B9}] => (Allow) C:Program Files (x86)MegaTecUPSilon 2000UPSilon.exe No File
FirewallRules: [{3B1167A9-72E2-4090-BA7F-9671868D3EFB}] => (Allow) C:Program Files (x86)MegaTecUPSilon 2000RupsMon.exe No File
FirewallRules: [{CA7A6B14-6470-43C7-94F6-9B73B1DDF448}] => (Allow) C:Program Files (x86)MegaTecUPSilon 2000RupsMon.exe No File
FirewallRules: [TCP Query User{CBA2F54C-B256-4FDD-A73A-0B74906AB27C}C:program files (x86)monitorsoftwarejrebinjavaw.exe] => (Block) C:program files (x86)monitorso ftwarejrebinjavaw.exe
FirewallRules: [UDP Query User{6342DA2D-3798-487F-ADC3-8BA4AB83C6BB}C:program files (x86)monitorsoftwarejrebinjavaw.exe] => (Block) C:program files (x86)monitorsoftwarejrebinjavaw.exe
FirewallRules: [{77087114-7B49-408D-918E-A32F4025125A}] => (Allow) D:Steam GamessteamappscommonCompany of Heroes 2RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{4F152644-5779-44D6-90A0-447CA85EEA2F}] => (Allow) D:Steam GamessteamappscommonCompany of Heroes 2RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{C4A85FBE-559C-4A36-8284-5EF091426769}] => (Allow) D:Steam GamessteamappscommonTower of TimeTowerOfTime.exe () [File not signed]
FirewallRules: [{AC89C50A-33BC-45BF-9D98-70F43445420F}] => (Allow) D:Steam GamessteamappscommonTower of TimeTowerOfTime.exe () [File not signed]
FirewallRules: [{F173B113-97EE-4CED-AE97-5D90A4F01768}] => (Allow) D:Steam GamessteamappscommonDisco Elysiumdisco.exe () [File not signed]
FirewallRules: [{2B98E10F-E3A0-4290-A300-182ADB073672}] => (Allow) D:Steam GamessteamappscommonDisco Elysiumdisco.exe () [File not signed]
FirewallRules: [TCP Query User{914AB9EC-E414-41FE-8F3B-602B8FA5613C}C:usersMoedownloadsdriverssdi_r1909sdi_x64_r1909.exe] => (Block) C:usersMoedownloadsdriverssdi_r1909sdi_x64_r1909.e xe No File
FirewallRules: [UDP Query User{AB9AB621-8A28-44C6-81C7-9EFED219D0CA}C:usersMoedownloadsdriverssdi_r1909sdi_x64_r1909.exe] => (Block) C:usersMoedownloadsdriverssdi_r1909sdi_x64_r1909.exe No File
FirewallRules: [{FF5C5247-E4DA-4197-BFFA-6B9D8AF020B1}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{61799CCB-D246-44F8-AAFF-6E4840A5B3F4}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B798057-0EAE-4E4B-86E9-B8D5C2D2AA9A}] => (Allow) D:Steam GamessteamappscommonDRAGON QUEST XIGameBinariesWin64DRAGON QUEST XI.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{D286FE86-2542-4983-A42B-AB4C2C178770}] => (Allow) D:Steam GamessteamappscommonDRAGON QUEST XIGameBinariesWin64DRAGON QUEST XI.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{6E0FC49E-0CFE-490E-A343-841DF83BACE5}] => (Allow) D:Steam GamessteamappscommonDRAGON QUEST XIGameBinariesWin64OverwriteSettings.exe () [File not signed]
FirewallRules: [{912A6F1F-2C97-4218-BBDA-1299216B4A41}] => (Allow) D:Steam GamessteamappscommonDRAGON QUEST XIGameBinariesWin64OverwriteSettings.exe () [File not signed]
FirewallRules: [{ED74F984-3273-41E9-8595-F96447EF76F0}] => (Allow) C:Program FilesFirefox Developer Editionfirefox.exe No File
FirewallRules: [{F3638262-0A6F-435B-B4CE-B8ECFD9CA1F8}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C244065-3087-4DE3-99D8-D10F399800F7}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{33C5DE23-6E72-4EDF-9B5F-FAFF06460149}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnv streamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{840BA068-FA2F-440A-8EBA-D13B8F49F665}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{90623CDE-C82C-42D1-82C4-5A9F34440057}] => (Allow) C:Program FilesBlueStacksHD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [TCP Query User{63C7EBA7-12BC-4FEF-811A-2B8464FB28C7}C:usersMoedownloadsdriverssdi_r1909sdi_x64_r2000.exe] => (Allow) C:usersMoedownloadsdriverssdi_r1909sdi_x64_r2000.exe No File
FirewallRules: [UDP Query User{19A4EE6B-D425-4C61-B98F-44FB992B4AA7}C:usersMoedownloadsdriverssdi_r1909sdi_x64_r2000.exe] => (Allow) C:usersMoedownloadsdriverssdi_r1909sdi_x64_r2000.exe No File
FirewallRules: [{2902C868-3B63-4403-8207-192FD9D902F6}] => (Block) C:usersMoedownloadsdriverssdi_r1909sdi_x64_r2000.exe No File
FirewallRules: [{AAAB189C-8BBE-4DA1-A745-DB769184A6FB}] => (Block) C:usersMoedownloadsdriverssdi_r1909sdi_x64_r2000.exe No File
FirewallRules: [TCP Query User{77C23C89-D0AD-4301-969A-7131D9705D32}C:usersMoedownloadsdriverssdi_r2000sdi_x64_r2000.exe] => (Allow) C:usersMoedownloadsdriverssdi_r2000sdi_x64_r2000.exe (www.SamLab.ws) [File not signed]
FirewallRules: [UDP Query User{48A66B99-F158-4CE8-A006-F66E464E6780}C:usersMoedownloadsdriverssdi_r2000sdi_x64_r2000.exe] => (Allow) C:usersMoedownloadsdrivers sdi_r2000sdi_x64_r2000.exe (www.SamLab.ws) [File not signed]
FirewallRules: [{3AACA906-3E00-4B3C-B87B-A86CBD6A57F4}] => (Block) C:usersMoedownloadsdriverssdi_r2000sdi_x64_r2000.exe (www.SamLab.ws) [File not signed]
FirewallRules: [{70A214C7-007B-4269-8A39-215B842AB89B}] => (Block) C:usersMoedownloadsdriverssdi_r2000sdi_x64_r2000.exe (www.SamLab.ws) [File not signed]
FirewallRules: [{BA525E5C-D7E3-4D15-83E9-0653DD29A008}] => (Allow) C:Program Files (x86)BraveSoftwareBrave-BrowserApplicationbrave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{A104ADE1-B18B-4306-9841-2F818058D836}] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]
FirewallRules: [{860ACD1D-4E17-40D5-A211-E3B481065746}] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]

==================== Restore Points =========================

12-04-2020 19:04:51 Windows Backup

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (04/14/2020 11:49:47 PM) (Source: NextDNSService) (EventID: 1) (User: )
Description: resolve: 99c0 EOF

Error: (04/14/2020 11:48:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1384,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (04/14/2020 11:20:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10540,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (04/14/2020 10:58:25 PM) (Source: NextDNSService) (EventID: 1) (User: )
Description: resolve: e837 EOF

Error: (04/14/2020 10:32:25 PM) (Source: NextDNSService) (EventID: 1) (User: )
Description: resolve: a835 EOF

Error: (04/14/2020 10:27:54 PM) (Source: ESENT) (Even tID: 455) (User: )
Description: svchost (3860,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (04/14/2020 09:18:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1520,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (04/14/2020 08:54:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7344,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

System errors:
=============
Error: (04/14/2020 11:48:20 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received f rom the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.

Error: (04/14/2020 11:36:03 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.

Error: (04/14/2020 11:30:58 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.

Error: (04/14/2020 11:19:41 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.

Error: (04/14/2020 11:13:39 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.

Error: (04/14/2020 11:04:04 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.

Error: (04/14/2020 10:57:00 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.

Error: (04/14/2020 10:48:34 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.

Windows Defender:
===================================
Date: 2020-04-12 19:12:54.226
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!rfn&threatid=2147746425&enterprise=0
Name: Trojan:Win32/Wacatac.B!rfn
ID: 2147746425
Severity: Severe
Category: Trojan
Path: file:_DeviceHarddiskVolumeShadowCopy17UsersMoeDownloadsCommVistumbler_v10-6-4Uninstall.exe
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:WindowsSystem32svchost.exe
Security intelligence Version: AV: 1.313.1357.0, AS: 1.313.1357.0, NIS: 1.313.1357.0
Engine Version: AM: 1.1.16900.4, NIS : 1.1.16900.4

Date: 2020-04-07 17:04:01.424
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {94A41A08-0FA3-44D3-8AF4-58E47D1FE6D8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-04 19:19:21.266
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {657032DD-F710-4BA3-BEE4-CA067D3ACB01}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-14 18:13:56.687
Description:
Windows Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000005
Resource:

Date: 2020-04-11 00:35:53.452
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

CodeIntegrity:
===================================

Date: 2020-04-14 18:14:38.537
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume6WindowsSystem32FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-14 18:14:38.526
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume6WindowsSystem32FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-14 18:14:38.513
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume6WindowsSystem32dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-14 18:14:38.503
Descripti on:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume6WindowsSystem32dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-14 18:14:37.876
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume6WindowsSystem32aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-14 18:14:37.840
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume6WindowsSystem32aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 7704 12/16/2019
Motherboard: ASUSTeK COMPUTER INC. CROSSHAIR VI HERO
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of m emory in use: 44%
Total physical RAM: 32697.21 MB
Available physical RAM: 18070.43 MB
Total Virtual: 37561.21 MB
Available Virtual: 18561.26 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.87 GB) (Free:115.71 GB) NTFS
Drive d: (Tank) (Fixed) (Total:894.24 GB) (Free:360.06 GB) NTFS
Drive f: (SSD 2) (Fixed) (Total:238.47 GB) (Free:238.38 GB) NTFS
Drive g: (Misc) (Fixed) (Total:1863 GB) (Free:444.85 GB) NTFS

\?Volume{1055747d-6254-4d82-91db-aa5bf72584f7} () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS
\?Volume{f5c8c03d-df71-41bf-93af-fea9f77605a8} () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==== ======================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Protective MBR) (Size: 894.3 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================